Search for packages
| purl | pkg:rpm/redhat/mod_jk@1.2.41-2.redhat_4.ep6?arch=el7 |
| Next non-vulnerable version | None. |
| Latest non-vulnerable version | None. |
| Risk | 4.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-k4kb-21tp-4kc8
Aliases: CVE-2015-3183 |
An HTTP request smuggling attack was possible due to a bug in parsing of chunked requests. A malicious client could force the server to misinterpret the request length, allowing cache poisoning or credential hijacking if an intermediary proxy is in use. | There are no reported fixed by versions. |
|
VCID-snj8-2smt-3kdv
Aliases: CVE-2016-3110 GHSA-68qq-3phh-53j7 |
mod_cluster Denial of Service vulnerability mod_cluster, as used in Red Hat JBoss Web Server 2.1, allows remote attackers to cause a denial of service (Apache http server crash) via an MCMP message containing a series of = (equals) characters after a legitimate element. | There are no reported fixed by versions. |
|
VCID-y2dr-h2d9-xbaa
Aliases: CVE-2016-4459 |
mod_cluster: Buffer overflow in mod_manager when sending request with long JVMRoute | There are no reported fixed by versions. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-01T14:40:19.887833+00:00 | RedHat Importer | Affected by | VCID-k4kb-21tp-4kc8 | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3183.json | 38.0.0 |
| 2026-04-01T14:35:33.692034+00:00 | RedHat Importer | Affected by | VCID-snj8-2smt-3kdv | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3110.json | 38.0.0 |
| 2026-04-01T14:34:14.073046+00:00 | RedHat Importer | Affected by | VCID-y2dr-h2d9-xbaa | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4459.json | 38.0.0 |