VDB

GCVE-110-MAGEIA-2015-11

GCVE-110-MAGEIA-2015-11
Advisory Published
Vulnetix · Advisory published January 7, 2015
Updated apache packages fix security vulnerability: mod_lua.c in the mod_lua module in the Apache HTTP Server through 2.4.10 does not support an httpd configuration in which the same Lua authorization provider is used with different arguments within different contexts, which allows remote attackers to bypass intended access restrictions in opportunistic circumstances by leveraging multiple Require directives, as demonstrated by a configuration that specifies authorization for one group to access a certain directory, and authorization for a second group to access a second directory (CVE-2014-8109).

Affected Products

VendorProductVersionsPlatforms
Mageiaapache0 (affected), 2.4.7-5.5.mga4 (unaffected), 0 (affected), 2.4.7-5.5.mga4 (unaffected)
Mageiadrakx-net0 (affected), 2.14-1.mga4 (unaffected)

Browse GCVE Records

73,442 records in the GCVE database · Updated July 17, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›