Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:maven/org.apache.tomcat/tomcat@11.0.19

Type maven

Namespace org.apache.tomcat

Name tomcat

Version 11.0.19

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 11.0.21

Latest_non_vulnerable_version 11.0.21

Affected_by_vulnerabilities

url VCID-maw6-4qs5-ykae

vulnerability_id VCID-maw6-4qs5-ykae

summary

Improper Input Validation vulnerability.

This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.14, from 10.1.0-M1 through 10.1.49, from 9.0.0-M1 through 9.0.112.

The following versions were EOL at the time the CVE was created but are 
known to be affected: 8.5.0 through 8.5.100. Older EOL versions are not affected.
Tomcat did not validate that the host name provided via the SNI 
extension was the same as the host name provided in the HTTP host header 
field. If Tomcat was configured with more than one virtual host and the 
TLS configuration for one of those hosts did not require client 
certificate authentication but another one did, it was possible for a 
client to bypass the client certificate authentication by sending 
different host names in the SNI extension and the HTTP host header field.



The vulnerability only applies if client certificate authentication is 
only enforced at the Connector. It does not apply if client certificate 
authentication is enforced at the web application.


Users are recommended to upgrade to version 11.0.15 or later, 10.1.50 or later or 9.0.113 or later, which fix the issue.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-66614.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-66614.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-66614

reference_id

reference_type

scores

value	0.00043
scoring_system	epss
scoring_elements	0.13221
published_at	2026-04-21T12:55:00Z

value	0.00043
scoring_system	epss
scoring_elements	0.13128
published_at	2026-04-18T12:55:00Z

value	0.00043
scoring_system	epss
scoring_elements	0.13222
published_at	2026-04-13T12:55:00Z

value	0.00043
scoring_system	epss
scoring_elements	0.1327
published_at	2026-04-12T12:55:00Z

value	0.00043
scoring_system	epss
scoring_elements	0.13349
published_at	2026-04-02T12:55:00Z

value	0.00043
scoring_system	epss
scoring_elements	0.13413
published_at	2026-04-04T12:55:00Z

value	0.00043
scoring_system	epss
scoring_elements	0.13309
published_at	2026-04-11T12:55:00Z

value	0.00043
scoring_system	epss
scoring_elements	0.13341
published_at	2026-04-09T12:55:00Z

value	0.00043
scoring_system	epss
scoring_elements	0.1329
published_at	2026-04-08T12:55:00Z

value	0.00043
scoring_system	epss
scoring_elements	0.13209
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-66614

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/apache/tomcat

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	6.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat

reference_url	https://github.com/apache/tomcat/commit/021d1f833e38b683a44688f7b28f1f27e8e37c36
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/021d1f833e38b683a44688f7b28f1f27e8e37c36

reference_url

https://github.com/apache/tomcat/commit/152c14885d45f5e0a8b59bd9f93c289cfe20ce30

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	6.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/152c14885d45f5e0a8b59bd9f93c289cfe20ce30

reference_url

https://github.com/apache/tomcat/commit/258a591b61f8cf5c22109e21e5a2a38b63454fd2

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	6.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/258a591b61f8cf5c22109e21e5a2a38b63454fd2

reference_url	https://github.com/apache/tomcat/commit/4d0615a5c718c260d6d4e0b944a050f09a490c02
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/4d0615a5c718c260d6d4e0b944a050f09a490c02

reference_url

https://github.com/apache/tomcat/commit/5053fa82a1b2b52756810601227984a8b71888a4

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	6.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/5053fa82a1b2b52756810601227984a8b71888a4

reference_url

https://github.com/apache/tomcat/commit/9276b5e783c8cd5b3fe2bb716306b65004bdd940

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	6.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/9276b5e783c8cd5b3fe2bb716306b65004bdd940

reference_url	https://github.com/apache/tomcat/commit/95f7778248cac46d03e6af04de9c72a598be3a53
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/95f7778248cac46d03e6af04de9c72a598be3a53

reference_url

https://github.com/apache/tomcat/commit/972f9a5e2a07674d92610c478aac1b205d60724e

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	6.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/972f9a5e2a07674d92610c478aac1b205d60724e

reference_url

https://github.com/apache/tomcat/commit/a4aa74232e826028cd2f7ba0445caf8a8b52c509

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	6.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/a4aa74232e826028cd2f7ba0445caf8a8b52c509

reference_url

https://lists.apache.org/thread/vw6lxtlh2qbqwpb61wd3sv1flm2nttw7

reference_id

reference_type

scores

value	7.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	6.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-21T21:17:26Z/

url

https://lists.apache.org/thread/vw6lxtlh2qbqwpb61wd3sv1flm2nttw7

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2025-66614

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	6.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2025-66614

reference_url

https://tomcat.apache.org/security-10.html

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	6.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://tomcat.apache.org/security-10.html

reference_url

https://tomcat.apache.org/security-11.html

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	6.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://tomcat.apache.org/security-11.html

reference_url

https://tomcat.apache.org/security-9.html

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	6.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://tomcat.apache.org/security-9.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2440430
reference_id	2440430
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2440430

reference_url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-66614

reference_id

CVE-2025-66614

reference_type

scores

value	Moderate
scoring_system	apache_tomcat
scoring_elements

url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-66614

reference_url

https://github.com/advisories/GHSA-fpj8-gq4v-p354

reference_id

GHSA-fpj8-gq4v-p354

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-fpj8-gq4v-p354

reference_url	https://access.redhat.com/errata/RHSA-2026:6569
reference_id	RHSA-2026:6569
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6569

reference_url	https://access.redhat.com/errata/RHSA-2026:8334
reference_id	RHSA-2026:8334
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8334

fixed_packages

url pkg:maven/org.apache.tomcat/tomcat@11.0.20

purl pkg:maven/org.apache.tomcat/tomcat@11.0.20

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2rmy-13ym-3bgm

vulnerability	VCID-8e1c-rbkg-v7c2

vulnerability	VCID-abt4-b2cv-eygv

vulnerability	VCID-d1fm-vbd1-n7au

vulnerability	VCID-yrzk-1dbk-muhy

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@11.0.20

aliases CVE-2025-66614, GHSA-fpj8-gq4v-p354

risk_score 4.1

exploitability 0.5

weighted_severity 8.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-maw6-4qs5-ykae

url VCID-rsxs-u5cc-rkgj

vulnerability_id VCID-rsxs-u5cc-rkgj

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-32990.json

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-32990.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-32990

reference_id

reference_type

scores

value	0.00041
scoring_system	epss
scoring_elements	0.12443
published_at	2026-04-11T12:55:00Z

value	0.00041
scoring_system	epss
scoring_elements	0.12364
published_at	2026-04-13T12:55:00Z

value	0.00041
scoring_system	epss
scoring_elements	0.12404
published_at	2026-04-12T12:55:00Z

value	0.00186
scoring_system	epss
scoring_elements	0.40399
published_at	2026-04-16T12:55:00Z

value	0.00186
scoring_system	epss
scoring_elements	0.40293
published_at	2026-04-21T12:55:00Z

value	0.00186
scoring_system	epss
scoring_elements	0.40368
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-32990

reference_url

https://github.com/apache/tomcat

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat

reference_url

https://github.com/apache/tomcat/commit/021d1f833e38b683a44688f7b28f1f27e8e37c36

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/021d1f833e38b683a44688f7b28f1f27e8e37c36

reference_url

https://github.com/apache/tomcat/commit/4d0615a5c718c260d6d4e0b944a050f09a490c02

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/4d0615a5c718c260d6d4e0b944a050f09a490c02

reference_url

https://github.com/apache/tomcat/commit/95f7778248cac46d03e6af04de9c72a598be3a53

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/95f7778248cac46d03e6af04de9c72a598be3a53

reference_url

https://lists.apache.org/thread/1nl9zqft0ksqlhlkd3j4obyjz1ghoyn7

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T18:38:40Z/

url

https://lists.apache.org/thread/1nl9zqft0ksqlhlkd3j4obyjz1ghoyn7

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2026-32990

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2026-32990

reference_url

https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.53

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.53

reference_url

https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.20

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.20

reference_url

https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.116

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.116

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133356
reference_id	1133356
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133356

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133357
reference_id	1133357
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133357

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2457025
reference_id	2457025
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2457025

reference_url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32990

reference_id

CVE-2026-32990

reference_type

scores

value	Moderate
scoring_system	apache_tomcat
scoring_elements

url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32990

reference_url

https://www.herodevs.com/vulnerability-directory/cve-2026-32990

reference_id

CVE-2026-32990

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://www.herodevs.com/vulnerability-directory/cve-2026-32990

reference_url

https://github.com/advisories/GHSA-8mc5-53m5-3qj2

reference_id

GHSA-8mc5-53m5-3qj2

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-8mc5-53m5-3qj2

fixed_packages

url pkg:maven/org.apache.tomcat/tomcat@11.0.20

purl pkg:maven/org.apache.tomcat/tomcat@11.0.20

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2rmy-13ym-3bgm

vulnerability	VCID-8e1c-rbkg-v7c2

vulnerability	VCID-abt4-b2cv-eygv

vulnerability	VCID-d1fm-vbd1-n7au

vulnerability	VCID-yrzk-1dbk-muhy

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@11.0.20

aliases CVE-2026-32990, GHSA-8mc5-53m5-3qj2

risk_score 3.3

exploitability 0.5

weighted_severity 6.6

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rsxs-u5cc-rkgj

Fixing_vulnerabilities

Risk_score 4.1

Resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@11.0.19

Package Instance