{"id":"RLSA-2024:7457","summary":"Moderate: mod_jk bug fix update","details":"The mod_jk module is an Apache HTTP Server plug-in that enables the Apache HTTP Server to connect with the Apache Tomcat servlet engine.\n\nBug Fix(es):\n\n* Rebase to upstream 1.2.50 release (JIRA:Rocky Linux-58855)\n\nSecurity fix(es):\n\n* mod_jk: information Disclosure / DoS (CVE-2024-46544) (JIRA:Rocky Linux-59800)","modified":"2025-10-07T17:38:18.537370Z","published":"2025-05-07T19:13:09.903227Z","upstream":["CVE-2024-46544"],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2024:7457"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2314194"}],"affected":[{"package":{"name":"mod_jk","ecosystem":"Rocky Linux:9","purl":"pkg:rpm/rocky-linux/mod_jk?distro=rocky-linux-9&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.2.50-1.el9_4.1"}],"database_specific":{"yum_repository":"AppStream"}}],"database_specific":{"source":"https://storage.googleapis.com/resf-osv-data/RLSA-2024:7457.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]}