CVE-2018-11759 Apache Tomcat JK (mod_jk) Connector path traversal
Bug #1835405 reported by
Conrad Kostecki
This bug affects 4 people
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
libapache-mod-jk (Ubuntu) |
Confirmed
|
Undecided
|
Unassigned |
Bug Description
Ubuntu 18.04 is affected, since it shipps a vurnable version.
You can bypass the authentication with a simicolon.
Could be get an update from 18.10 and newer, which already got 1.2.46, which fixes this?
CVE References
To post a comment you must log in.
Status changed to 'Confirmed' because the bug affects multiple users.