USN-6826-1
- Source
- https://ubuntu.com/security/notices/USN-6826-1
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-6826-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/USN-6826-1
- Related
- Published
- 2024-06-11T12:37:39.605046Z
- Modified
- 2024-06-11T12:37:39.605046Z
- Summary
- libapache-mod-jk vulnerability
- Details
-
Karl von Randow discovered that mod_jk was vulnerable to an authentication bypass. If the configuration did not provide explicit mounts for all possible proxied requests, an attacker could possibly use this vulnerability to bypass security constraints configured in httpd.
- References
Affected packages
Ubuntu:Pro:16.04:LTS / libapache-mod-jk
Package
- Name
- libapache-mod-jk
- Purl
- pkg:deb/ubuntu/libapache-mod-jk?arch=src?distro=esm-apps/xenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1:1.2.41-1ubuntu0.1~esm1
Ecosystem specific
{
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
"binaries": [
{
"binary_version": "1:1.2.41-1ubuntu0.1~esm1",
"binary_name": "libapache-mod-jk-doc"
},
{
"binary_version": "1:1.2.41-1ubuntu0.1~esm1",
"binary_name": "libapache2-mod-jk"
},
{
"binary_version": "1:1.2.41-1ubuntu0.1~esm1",
"binary_name": "libapache2-mod-jk-dbgsym"
}
]
}
Ubuntu:Pro:18.04:LTS / libapache-mod-jk
Package
- Name
- libapache-mod-jk
- Purl
- pkg:deb/ubuntu/libapache-mod-jk?arch=src?distro=esm-apps/bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1:1.2.43-1ubuntu0.1~esm1
Ecosystem specific
{
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
"binaries": [
{
"binary_version": "1:1.2.43-1ubuntu0.1~esm1",
"binary_name": "libapache-mod-jk-doc"
},
{
"binary_version": "1:1.2.43-1ubuntu0.1~esm1",
"binary_name": "libapache2-mod-jk"
},
{
"binary_version": "1:1.2.43-1ubuntu0.1~esm1",
"binary_name": "libapache2-mod-jk-dbgsym"
}
]
}
Ubuntu:20.04:LTS / libapache-mod-jk
Package
- Name
- libapache-mod-jk
- Purl
- pkg:deb/ubuntu/libapache-mod-jk?arch=src?distro=focal
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1:1.2.46-1ubuntu0.1
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"binary_version": "1:1.2.46-1ubuntu0.1",
"binary_name": "libapache-mod-jk-doc"
},
{
"binary_version": "1:1.2.46-1ubuntu0.1",
"binary_name": "libapache2-mod-jk"
},
{
"binary_version": "1:1.2.46-1ubuntu0.1",
"binary_name": "libapache2-mod-jk-dbgsym"
}
]
}
Ubuntu:22.04:LTS / libapache-mod-jk
Package
- Name
- libapache-mod-jk
- Purl
- pkg:deb/ubuntu/libapache-mod-jk?arch=src?distro=jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1:1.2.48-1ubuntu0.1
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"binary_version": "1:1.2.48-1ubuntu0.1",
"binary_name": "libapache-mod-jk-doc"
},
{
"binary_version": "1:1.2.48-1ubuntu0.1",
"binary_name": "libapache2-mod-jk"
},
{
"binary_version": "1:1.2.48-1ubuntu0.1",
"binary_name": "libapache2-mod-jk-dbgsym"
}
]
}
Ubuntu:23.10 / libapache-mod-jk
Package
- Name
- libapache-mod-jk
- Purl
- pkg:deb/ubuntu/libapache-mod-jk?arch=src?distro=mantic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1:1.2.48-2ubuntu0.1
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"binary_version": "1:1.2.48-2ubuntu0.1",
"binary_name": "libapache-mod-jk-doc"
},
{
"binary_version": "1:1.2.48-2ubuntu0.1",
"binary_name": "libapache2-mod-jk"
},
{
"binary_version": "1:1.2.48-2ubuntu0.1",
"binary_name": "libapache2-mod-jk-dbgsym"
}
]
}