CVE-2018-11759 Apache Tomcat JK (mod_jk) Connector path traversal
Bug #1835405 reported by
Conrad Kostecki
This bug affects 4 people
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| libapache-mod-jk (Ubuntu) |
Confirmed
|
Undecided
|
Unassigned | ||
Bug Description
Ubuntu 18.04 is affected, since it shipps a vurnable version.
You can bypass the authentication with a simicolon.
Could be get an update from 18.10 and newer, which already got 1.2.46, which fixes this?
CVE References
Revision history for this message
| Launchpad Janitor (janitor) wrote | #1 |
| Changed in libapache-mod-jk (Ubuntu): | |
| status: | New → Confirmed |
To post a comment you must log in.
Status changed to 'Confirmed' because the bug affects multiple users.