jbcs-httpd24-mod_proxy_cluster vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the jbcs-httpd24-mod_proxy_cluster package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability	Vulnerable Version
L HTTP Response Splitting	<0:1.3.22-3.el7jbcs
H Improper Authentication	<0:1.3.22-4.el7jbcs
H Reachable Assertion	<0:1.3.22-4.el7jbcs
H Excessive Platform Resource Consumption within a Loop	<0:1.3.22-4.el7jbcs
H Improper Access Control	<0:1.3.22-4.el7jbcs
H Improper Output Neutralization for Logs	<0:1.3.22-4.el7jbcs
M Session Fixation	*
L Authentication Bypass	*
M Allocation of Resources Without Limits or Throttling	*
M Incorrect Authorization	*
L Information Exposure	<0:1.3.22-3.el7jbcs
L NULL Pointer Dereference	<0:1.3.22-3.el7jbcs
M Incorrect Default Permissions	<0:1.3.20-10.el7jbcs
M Improper Input Validation	<0:1.3.20-10.el7jbcs
M Detection of Error Condition Without Action	<0:1.3.20-4.el7jbcs
M Resource Exhaustion	<0:1.3.20-4.el7jbcs
M Improper Validation of Certificate with Host Mismatch	<0:1.3.20-4.el7jbcs
M Missing Release of Resource after Effective Lifetime	<0:1.3.20-4.el7jbcs
M Improper Certificate Validation	<0:1.3.20-4.el7jbcs
M Misinterpretation of Input	<0:1.3.20-4.el7jbcs
H Inclusion of Functionality from Untrusted Control Sphere	<0:1.3.20-8.el7jbcs
H Improper Encoding or Escaping of Output	<0:1.3.20-8.el7jbcs
H Improper Input Validation	<0:1.3.20-8.el7jbcs
H NULL Pointer Dereference	<0:1.3.20-8.el7jbcs
H Inclusion of Functionality from Untrusted Control Sphere	<0:1.3.20-8.el7jbcs
H Improper Encoding or Escaping of Output	<0:1.3.20-8.el7jbcs
H Improper Encoding or Escaping of Output	<0:1.3.20-8.el7jbcs
H Improper Encoding or Escaping of Output	<0:1.3.20-8.el7jbcs
M Detection of Error Condition Without Action	<0:1.3.20-4.el7jbcs
M Resource Exhaustion	<0:1.3.20-4.el7jbcs
M Improper Validation of Certificate with Host Mismatch	<0:1.3.20-4.el7jbcs
M Missing Release of Resource after Effective Lifetime	<0:1.3.20-4.el7jbcs
M Improper Certificate Validation	<0:1.3.20-4.el7jbcs
M Misinterpretation of Input	<0:1.3.20-4.el7jbcs
M Missing Required Cryptographic Step	<0:1.3.20-3.el7jbcs
M Missing Encryption of Sensitive Data	<0:1.3.20-3.el7jbcs
M Information Exposure	<0:1.3.20-3.el7jbcs
M Out-of-bounds Read	<0:1.3.20-3.el7jbcs
M Cross-site Scripting (XSS)	<0:1.3.20-3.el7jbcs

Vulnerability

Vulnerable Version

HTTP Response Splitting

<0:1.3.22-3.el7jbcs

Improper Authentication

<0:1.3.22-4.el7jbcs

Reachable Assertion

<0:1.3.22-4.el7jbcs

Excessive Platform Resource Consumption within a Loop

<0:1.3.22-4.el7jbcs

Improper Access Control

<0:1.3.22-4.el7jbcs