Skip to main content

Tomcat Connectors

3 CVEs product

Monthly

CVE-2024-46544 MEDIUM This Month

Incorrect Default Permissions vulnerability in Apache Tomcat Connectors allows local users to view and modify shared memory containing mod_jk configuration which may lead to information disclosure. Rated medium severity (CVSS 5.9), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft Tomcat Apache Information Disclosure Denial Of Service +3
NVD
CVSS 3.1
5.9
EPSS
0.3%
CVE-2023-41081 HIGH This Week

Important: Authentication Bypass CVE-2023-41081 The mod_jk component of Apache Tomcat Connectors in some circumstances, such as when a configuration included "JkOptions +ForwardDirectories" but the. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Tomcat Apache Authentication Bypass Tomcat Connectors
NVD
CVSS 3.1
7.5
EPSS
1.3%
CVE-2014-8111 MEDIUM This Month

Apache Tomcat Connectors (mod_jk) before 1.2.41 ignores JkUnmount rules for subtrees of previous JkMount rules, which allows remote attackers to access otherwise restricted artifacts via unspecified. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Tomcat Information Disclosure Apache Tomcat Connectors
NVD
CVSS 2.0
5.0
EPSS
3.7%
EPSS 0% CVSS 5.9
MEDIUM This Month

Incorrect Default Permissions vulnerability in Apache Tomcat Connectors allows local users to view and modify shared memory containing mod_jk configuration which may lead to information disclosure. Rated medium severity (CVSS 5.9), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft Tomcat Apache +5
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Important: Authentication Bypass CVE-2023-41081 The mod_jk component of Apache Tomcat Connectors in some circumstances, such as when a configuration included "JkOptions +ForwardDirectories" but the. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Tomcat Apache Authentication Bypass +1
NVD
EPSS 4% CVSS 5.0
MEDIUM This Month

Apache Tomcat Connectors (mod_jk) before 1.2.41 ignores JkUnmount rules for subtrees of previous JkMount rules, which allows remote attackers to access otherwise restricted artifacts via unspecified. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Tomcat Information Disclosure Apache +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy