Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-hkjk-hbt1-q7cd

Summary mod_jk: information Disclosure / DoS

Aliases

alias	CVE-2024-46544

Fixed_packages

url	pkg:deb/debian/libapache-mod-jk@1:1.2.48-1%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/libapache-mod-jk@1:1.2.48-1%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libapache-mod-jk@1:1.2.48-1%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/libapache-mod-jk@1:1.2.48-1%2Bdeb11u2?distro=trixie
purl	pkg:deb/debian/libapache-mod-jk@1:1.2.48-1%2Bdeb11u2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libapache-mod-jk@1:1.2.48-1%252Bdeb11u2%3Fdistro=trixie

url	pkg:deb/debian/libapache-mod-jk@1:1.2.48-2%2Bdeb12u2
purl	pkg:deb/debian/libapache-mod-jk@1:1.2.48-2%2Bdeb12u2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libapache-mod-jk@1:1.2.48-2%252Bdeb12u2

url	pkg:deb/debian/libapache-mod-jk@1:1.2.48-2%2Bdeb12u2?distro=trixie
purl	pkg:deb/debian/libapache-mod-jk@1:1.2.48-2%2Bdeb12u2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libapache-mod-jk@1:1.2.48-2%252Bdeb12u2%3Fdistro=trixie

url	pkg:deb/debian/libapache-mod-jk@1:1.2.50-1?distro=trixie
purl	pkg:deb/debian/libapache-mod-jk@1:1.2.50-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libapache-mod-jk@1:1.2.50-1%3Fdistro=trixie

Affected_packages

url pkg:deb/debian/libapache-mod-jk@1:1.2.5-2sarge1

purl pkg:deb/debian/libapache-mod-jk@1:1.2.5-2sarge1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2n2t-jyg7-gbev

vulnerability	VCID-43bm-gb6c-9ugb

vulnerability	VCID-9p71-wr2h-4qdp

vulnerability	VCID-hkjk-hbt1-q7cd

vulnerability	VCID-k4yh-s3ds-m7er

vulnerability	VCID-neum-zker-wbe2

vulnerability	VCID-y2ux-nm69-uuam

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libapache-mod-jk@1:1.2.5-2sarge1

url pkg:deb/debian/libapache-mod-jk@1:1.2.18-3

purl pkg:deb/debian/libapache-mod-jk@1:1.2.18-3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2n2t-jyg7-gbev

vulnerability	VCID-43bm-gb6c-9ugb

vulnerability	VCID-9p71-wr2h-4qdp

vulnerability	VCID-hkjk-hbt1-q7cd

vulnerability	VCID-k4yh-s3ds-m7er

vulnerability	VCID-neum-zker-wbe2

vulnerability	VCID-y2ux-nm69-uuam

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libapache-mod-jk@1:1.2.18-3

url pkg:deb/debian/libapache-mod-jk@1:1.2.18-3etch2

purl pkg:deb/debian/libapache-mod-jk@1:1.2.18-3etch2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2n2t-jyg7-gbev

vulnerability	VCID-43bm-gb6c-9ugb

vulnerability	VCID-9p71-wr2h-4qdp

vulnerability	VCID-hkjk-hbt1-q7cd

vulnerability	VCID-k4yh-s3ds-m7er

vulnerability	VCID-neum-zker-wbe2

vulnerability	VCID-y2ux-nm69-uuam

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libapache-mod-jk@1:1.2.18-3etch2

url pkg:deb/debian/libapache-mod-jk@1:1.2.26-2%2Blenny1

purl pkg:deb/debian/libapache-mod-jk@1:1.2.26-2%2Blenny1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2n2t-jyg7-gbev

vulnerability	VCID-43bm-gb6c-9ugb

vulnerability	VCID-hkjk-hbt1-q7cd

vulnerability	VCID-k4yh-s3ds-m7er

vulnerability	VCID-neum-zker-wbe2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libapache-mod-jk@1:1.2.26-2%252Blenny1

url pkg:deb/debian/libapache-mod-jk@1:1.2.30-1squeeze1

purl pkg:deb/debian/libapache-mod-jk@1:1.2.30-1squeeze1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2n2t-jyg7-gbev

vulnerability	VCID-43bm-gb6c-9ugb

vulnerability	VCID-hkjk-hbt1-q7cd

vulnerability	VCID-neum-zker-wbe2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libapache-mod-jk@1:1.2.30-1squeeze1

url pkg:deb/debian/libapache-mod-jk@1:1.2.30-1squeeze2

purl pkg:deb/debian/libapache-mod-jk@1:1.2.30-1squeeze2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2n2t-jyg7-gbev

vulnerability	VCID-43bm-gb6c-9ugb

vulnerability	VCID-hkjk-hbt1-q7cd

vulnerability	VCID-neum-zker-wbe2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libapache-mod-jk@1:1.2.30-1squeeze2

url pkg:deb/debian/libapache-mod-jk@1:1.2.37-1%2Bdeb7u1

purl pkg:deb/debian/libapache-mod-jk@1:1.2.37-1%2Bdeb7u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2n2t-jyg7-gbev

vulnerability	VCID-43bm-gb6c-9ugb

vulnerability	VCID-hkjk-hbt1-q7cd

vulnerability	VCID-neum-zker-wbe2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libapache-mod-jk@1:1.2.37-1%252Bdeb7u1

url pkg:deb/debian/libapache-mod-jk@1:1.2.37-4

purl pkg:deb/debian/libapache-mod-jk@1:1.2.37-4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2n2t-jyg7-gbev

vulnerability	VCID-43bm-gb6c-9ugb

vulnerability	VCID-hkjk-hbt1-q7cd

vulnerability	VCID-neum-zker-wbe2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libapache-mod-jk@1:1.2.37-4

url pkg:deb/debian/libapache-mod-jk@1:1.2.37-4%2Bdeb8u1

purl pkg:deb/debian/libapache-mod-jk@1:1.2.37-4%2Bdeb8u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2n2t-jyg7-gbev

vulnerability	VCID-43bm-gb6c-9ugb

vulnerability	VCID-hkjk-hbt1-q7cd

vulnerability	VCID-neum-zker-wbe2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libapache-mod-jk@1:1.2.37-4%252Bdeb8u1

url pkg:deb/debian/libapache-mod-jk@1:1.2.46-0%2Bdeb9u1

purl pkg:deb/debian/libapache-mod-jk@1:1.2.46-0%2Bdeb9u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-43bm-gb6c-9ugb

vulnerability	VCID-hkjk-hbt1-q7cd

vulnerability	VCID-neum-zker-wbe2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libapache-mod-jk@1:1.2.46-0%252Bdeb9u1

url pkg:deb/debian/libapache-mod-jk@1:1.2.46-1%2Bdeb10u1

purl pkg:deb/debian/libapache-mod-jk@1:1.2.46-1%2Bdeb10u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-hkjk-hbt1-q7cd

vulnerability	VCID-neum-zker-wbe2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libapache-mod-jk@1:1.2.46-1%252Bdeb10u1

url pkg:deb/debian/libapache-mod-jk@1:1.2.48-1%2Bdeb11u1

purl pkg:deb/debian/libapache-mod-jk@1:1.2.48-1%2Bdeb11u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-hkjk-hbt1-q7cd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libapache-mod-jk@1:1.2.48-1%252Bdeb11u1

url pkg:rpm/redhat/jbcs-httpd24-mod_jk@1.2.50-3.redhat_1?arch=el7jbcs

purl pkg:rpm/redhat/jbcs-httpd24-mod_jk@1.2.50-3.redhat_1?arch=el7jbcs

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-hkjk-hbt1-q7cd

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jbcs-httpd24-mod_jk@1.2.50-3.redhat_1%3Farch=el7jbcs

url pkg:rpm/redhat/jbcs-httpd24-mod_jk@1.2.50-3.redhat_1?arch=el8jbcs

purl pkg:rpm/redhat/jbcs-httpd24-mod_jk@1.2.50-3.redhat_1?arch=el8jbcs

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-hkjk-hbt1-q7cd

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jbcs-httpd24-mod_jk@1.2.50-3.redhat_1%3Farch=el8jbcs

url pkg:rpm/redhat/mod_jk@1.2.50-1.el9_0?arch=1

purl pkg:rpm/redhat/mod_jk@1.2.50-1.el9_0?arch=1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-hkjk-hbt1-q7cd

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/mod_jk@1.2.50-1.el9_0%3Farch=1

url pkg:rpm/redhat/mod_jk@1.2.50-1.el9_2?arch=1

purl pkg:rpm/redhat/mod_jk@1.2.50-1.el9_2?arch=1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-hkjk-hbt1-q7cd

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/mod_jk@1.2.50-1.el9_2%3Farch=1

url pkg:rpm/redhat/mod_jk@1.2.50-1.el9_4?arch=1

purl pkg:rpm/redhat/mod_jk@1.2.50-1.el9_4?arch=1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-hkjk-hbt1-q7cd

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/mod_jk@1.2.50-1.el9_4%3Farch=1

References

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-46544.json

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-46544.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-46544

reference_id

reference_type

scores

value	0.00039
scoring_system	epss
scoring_elements	0.11637
published_at	2026-04-18T12:55:00Z

value	0.00039
scoring_system	epss
scoring_elements	0.11839
published_at	2026-04-11T12:55:00Z

value	0.00039
scoring_system	epss
scoring_elements	0.118
published_at	2026-04-12T12:55:00Z

value	0.00039
scoring_system	epss
scoring_elements	0.11774
published_at	2026-04-13T12:55:00Z

value	0.00039
scoring_system	epss
scoring_elements	0.1186
published_at	2026-04-02T12:55:00Z

value	0.00039
scoring_system	epss
scoring_elements	0.11904
published_at	2026-04-04T12:55:00Z

value	0.00039
scoring_system	epss
scoring_elements	0.11691
published_at	2026-04-07T12:55:00Z

value	0.00039
scoring_system	epss
scoring_elements	0.11776
published_at	2026-04-08T12:55:00Z

value	0.00039
scoring_system	epss
scoring_elements	0.11829
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-46544

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-46544
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-46544

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1082713
reference_id	1082713
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1082713

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2314194
reference_id	2314194
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2314194

reference_url

https://lists.apache.org/thread/q1gp7cc38hs1r8gj8gfnopwznd5fpr4d

reference_id

q1gp7cc38hs1r8gj8gfnopwznd5fpr4d

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-23T17:36:05Z/

url

https://lists.apache.org/thread/q1gp7cc38hs1r8gj8gfnopwznd5fpr4d

reference_url	https://access.redhat.com/errata/RHSA-2024:6927
reference_id	RHSA-2024:6927
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:6927

reference_url	https://access.redhat.com/errata/RHSA-2024:6928
reference_id	RHSA-2024:6928
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:6928

reference_url	https://access.redhat.com/errata/RHSA-2024:7457
reference_id	RHSA-2024:7457
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:7457

reference_url	https://access.redhat.com/errata/RHSA-2024:8928
reference_id	RHSA-2024:8928
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8928

reference_url	https://access.redhat.com/errata/RHSA-2024:8929
reference_id	RHSA-2024:8929
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8929

Weaknesses

cwe_id	276
name	Incorrect Default Permissions
description	During installation, installed file permissions are set to allow anyone to modify those files.

Exploits

Severity_range_score 5.9 - 6.1

Exploitability 0.5

Weighted_severity 5.3

Risk_score 2.6

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hkjk-hbt1-q7cd

Vulnerability Instance