{"id":"MGASA-2015-0254","summary":"Updated apache-mod_jk package fixes security vulnerability","details":"An information disclosure flaw due to incorrect JkMount/JkUnmount\ndirectives processing was found in the Apache 2 module mod_jk to forward\nrequests from the Apache web server to Tomcat. A JkUnmount rule for a\nsubtree of a previous JkMount rule could be ignored. This could allow a\nremote attacker to potentially access a private artifact in a tree that\nwould otherwise not be accessible to them (CVE-2014-8111).\n","modified":"2026-04-16T06:24:09.536727322Z","published":"2015-07-01T13:23:59Z","upstream":["CVE-2014-8111"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2015-0254.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=16078"},{"type":"WEB","url":"https://www.debian.org/security/2015/dsa-3278"}],"affected":[{"package":{"name":"apache-mod_jk","ecosystem":"Mageia:4","purl":"pkg:rpm/mageia/apache-mod_jk?arch=source&distro=mageia-4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.2.37-6.2.mga4"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2015-0254.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}