{"id":"ALSA-2024:2387","summary":"Moderate: mod_jk and mod_proxy_cluster security update","details":"The mod_jk module is a plugin for the Apache HTTP Server to connect it with the Apache Tomcat servlet engine.\n\nThe mod_proxy_cluster module is a plugin for the Apache HTTP Server that provides load-balancer functionality.\n\nSecurity Fix(es):\n\n* httpd: Apache Tomcat Connectors (mod_jk) Information Disclosure (CVE-2023-41081)\n* mod_cluster/mod_proxy_cluster: Stored Cross site Scripting (CVE-2023-6710)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.","modified":"2026-02-04T02:45:18.888214Z","published":"2024-04-30T00:00:00Z","related":["CVE-2023-41081","CVE-2023-6710"],"references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2024:2387"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2023-41081"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2023-6710"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2238847"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2254128"},{"type":"ADVISORY","url":"https://errata.almalinux.org/9/ALSA-2024-2387.html"}],"affected":[{"package":{"name":"mod_jk","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/mod_jk"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.2.49-1.el9_4"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2024:2387.json"}},{"package":{"name":"mod_proxy_cluster","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/mod_proxy_cluster"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.3.20-1.el9_4"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2024:2387.json"}}],"schema_version":"1.7.3"}