Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.53
Typemaven
Namespaceorg.apache.tomcat.embed
Nametomcat-embed-core
Version10.1.53
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version10.1.54
Latest_non_vulnerable_version11.0.22
Affected_by_vulnerabilities
0
url VCID-2s6w-bbfa-afb8
vulnerability_id VCID-2s6w-bbfa-afb8
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34483.json
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34483.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-34483
reference_id
reference_type
scores
0
value 0.00067
scoring_system epss
scoring_elements 0.21014
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-34483
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
4
reference_url https://github.com/apache/tomcat/commit/97566842589d0b80de138ca719378861fd017d68
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/97566842589d0b80de138ca719378861fd017d68
5
reference_url https://github.com/apache/tomcat/commit/f22dc2ce6cfda8609ed86816c0d78e1a9cbadb06
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/f22dc2ce6cfda8609ed86816c0d78e1a9cbadb06
6
reference_url https://github.com/apache/tomcat/commit/f9ddc24fcfcdfaea4a6953198d8636aca3e957bc
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/f9ddc24fcfcdfaea4a6953198d8636aca3e957bc
7
reference_url https://lists.apache.org/thread/j1w7304yonlr8vo1tkb5nfs7od1y228b
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T20:16:32Z/
url https://lists.apache.org/thread/j1w7304yonlr8vo1tkb5nfs7od1y228b
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-34483
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-34483
9
reference_url http://www.openwall.com/lists/oss-security/2026/04/09/26
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2026/04/09/26
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133356
reference_id 1133356
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133356
11
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133357
reference_id 1133357
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133357
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2457044
reference_id 2457044
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2457044
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34483
reference_id CVE-2026-34483
reference_type
scores
0
value Low
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34483
14
reference_url https://github.com/advisories/GHSA-rv64-5gf8-9qq8
reference_id GHSA-rv64-5gf8-9qq8
reference_type
scores
url https://github.com/advisories/GHSA-rv64-5gf8-9qq8
15
reference_url https://access.redhat.com/errata/RHSA-2026:20405
reference_id RHSA-2026:20405
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:20405
16
reference_url https://access.redhat.com/errata/RHSA-2026:20406
reference_id RHSA-2026:20406
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:20406
fixed_packages
0
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.54
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.54
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.54
1
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@11.0.21
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@11.0.21
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@11.0.21
aliases CVE-2026-34483, GHSA-rv64-5gf8-9qq8
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2s6w-bbfa-afb8
1
url VCID-nqgv-hbwa-d3en
vulnerability_id VCID-nqgv-hbwa-d3en
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34487.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34487.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-34487
reference_id
reference_type
scores
0
value 0.00073
scoring_system epss
scoring_elements 0.22253
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-34487
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
4
reference_url https://github.com/apache/tomcat/commit/301bc6efbf72feb14dacfdfa3f50372182736150
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/301bc6efbf72feb14dacfdfa3f50372182736150
5
reference_url https://github.com/apache/tomcat/commit/5eff2a773b8b728083e5195b3183df1b9e12a03d
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/5eff2a773b8b728083e5195b3183df1b9e12a03d
6
reference_url https://github.com/apache/tomcat/commit/f593292a082e5ef9336a8db2b4b522f7f3e36976
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/f593292a082e5ef9336a8db2b4b522f7f3e36976
7
reference_url https://lists.apache.org/thread/4xpkwolpkrj8v5xzp5nyovtlqp3y850h
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T17:47:28Z/
url https://lists.apache.org/thread/4xpkwolpkrj8v5xzp5nyovtlqp3y850h
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-34487
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-34487
9
reference_url http://www.openwall.com/lists/oss-security/2026/04/09/28
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2026/04/09/28
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133356
reference_id 1133356
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133356
11
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133357
reference_id 1133357
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133357
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2457038
reference_id 2457038
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2457038
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34487
reference_id CVE-2026-34487
reference_type
scores
0
value Low
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34487
14
reference_url https://github.com/advisories/GHSA-x4m4-345f-5h5g
reference_id GHSA-x4m4-345f-5h5g
reference_type
scores
url https://github.com/advisories/GHSA-x4m4-345f-5h5g
15
reference_url https://access.redhat.com/errata/RHSA-2026:20405
reference_id RHSA-2026:20405
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:20405
16
reference_url https://access.redhat.com/errata/RHSA-2026:20406
reference_id RHSA-2026:20406
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:20406
fixed_packages
0
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.54
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.54
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.54
1
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@11.0.21
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@11.0.21
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@11.0.21
aliases CVE-2026-34487, GHSA-x4m4-345f-5h5g
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nqgv-hbwa-d3en
2
url VCID-z8df-aq4y-ubet
vulnerability_id VCID-z8df-aq4y-ubet
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34500.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34500.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-34500
reference_id
reference_type
scores
0
value 0.00149
scoring_system epss
scoring_elements 0.35191
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-34500
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
4
reference_url https://github.com/apache/tomcat/commit/29b56a56ce9e7d044b6162a99af0f38529b3a208
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/29b56a56ce9e7d044b6162a99af0f38529b3a208
5
reference_url https://github.com/apache/tomcat/commit/c13e60e732ea6d07087293a41ad1866c20848271
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/c13e60e732ea6d07087293a41ad1866c20848271
6
reference_url https://github.com/apache/tomcat/commit/ff589ab26e8250a2ca4286d986305318c033ff9f
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/ff589ab26e8250a2ca4286d986305318c033ff9f
7
reference_url https://lists.apache.org/thread/7rcl4zdxryc8hy3htyfyxkbqpxjtfdl2
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-10T14:21:50Z/
url https://lists.apache.org/thread/7rcl4zdxryc8hy3htyfyxkbqpxjtfdl2
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-34500
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-34500
9
reference_url https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.54
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.54
10
reference_url https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.21
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.21
11
reference_url https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.117
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.117
12
reference_url http://www.openwall.com/lists/oss-security/2026/04/09/29
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2026/04/09/29
13
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133356
reference_id 1133356
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133356
14
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133357
reference_id 1133357
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133357
15
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2457043
reference_id 2457043
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2457043
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34500
reference_id CVE-2026-34500
reference_type
scores
0
value Moderate
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34500
17
reference_url https://github.com/advisories/GHSA-24j9-x2wg-9qv6
reference_id GHSA-24j9-x2wg-9qv6
reference_type
scores
url https://github.com/advisories/GHSA-24j9-x2wg-9qv6
18
reference_url https://access.redhat.com/errata/RHSA-2026:20405
reference_id RHSA-2026:20405
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:20405
19
reference_url https://access.redhat.com/errata/RHSA-2026:20406
reference_id RHSA-2026:20406
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:20406
fixed_packages
0
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.54
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.54
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.54
1
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@11.0.21
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@11.0.21
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@11.0.21
aliases CVE-2026-34500, GHSA-24j9-x2wg-9qv6
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-z8df-aq4y-ubet
Fixing_vulnerabilities
0
url VCID-1qsf-yxnk-fqhy
vulnerability_id VCID-1qsf-yxnk-fqhy
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-29146.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-29146.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-29146
reference_id
reference_type
scores
0
value 0.12919
scoring_system epss
scoring_elements 0.94198
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-29146
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
4
reference_url https://github.com/apache/tomcat/commit/0112ed22abfccc3d54e44d91eb08804d0886acd1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/0112ed22abfccc3d54e44d91eb08804d0886acd1
5
reference_url https://github.com/apache/tomcat/commit/1fab40ccc752e22639eccfe290d5624afad7eccd
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/1fab40ccc752e22639eccfe290d5624afad7eccd
6
reference_url https://github.com/apache/tomcat/commit/55f3eb9148233054fccfdf761141c6894a050be1
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/55f3eb9148233054fccfdf761141c6894a050be1
7
reference_url https://github.com/apache/tomcat/commit/607ebc0fa522bd9e8c05517baa2d179bbd1e659c
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/607ebc0fa522bd9e8c05517baa2d179bbd1e659c
8
reference_url https://github.com/apache/tomcat/commit/6d955cceca841f2eabf2d6c46b59a8c7e1cd6eaa
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/6d955cceca841f2eabf2d6c46b59a8c7e1cd6eaa
9
reference_url https://github.com/apache/tomcat/commit/776e12b3e2b0b4507b8a3b62c187ceb0b74bf418
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/776e12b3e2b0b4507b8a3b62c187ceb0b74bf418
10
reference_url https://lists.apache.org/thread/lzt04z2pb3dc5tk85obn80xygw3z1p0w
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T18:17:02Z/
url https://lists.apache.org/thread/lzt04z2pb3dc5tk85obn80xygw3z1p0w
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-29146
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-29146
12
reference_url https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.53
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.53
13
reference_url https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.20
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.20
14
reference_url https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.116
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.116
15
reference_url https://www.herodevs.com/vulnerability-directory/cve-2026-29146
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.herodevs.com/vulnerability-directory/cve-2026-29146
16
reference_url http://www.openwall.com/lists/oss-security/2026/04/09/24
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2026/04/09/24
17
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133356
reference_id 1133356
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133356
18
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133357
reference_id 1133357
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133357
19
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2457020
reference_id 2457020
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2457020
20
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-29146
reference_id CVE-2026-29146
reference_type
scores
0
value Important
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-29146
21
reference_url https://github.com/advisories/GHSA-h468-7pvh-8vr8
reference_id GHSA-h468-7pvh-8vr8
reference_type
scores
url https://github.com/advisories/GHSA-h468-7pvh-8vr8
22
reference_url https://access.redhat.com/errata/RHSA-2026:20405
reference_id RHSA-2026:20405
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:20405
23
reference_url https://access.redhat.com/errata/RHSA-2026:20406
reference_id RHSA-2026:20406
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:20406
fixed_packages
0
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.116
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.116
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-nqgv-hbwa-d3en
1
vulnerability VCID-z8df-aq4y-ubet
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.116
1
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.53
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.53
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6w-bbfa-afb8
1
vulnerability VCID-nqgv-hbwa-d3en
2
vulnerability VCID-z8df-aq4y-ubet
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.53
2
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@11.0.20
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@11.0.20
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6w-bbfa-afb8
1
vulnerability VCID-nqgv-hbwa-d3en
2
vulnerability VCID-z8df-aq4y-ubet
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@11.0.20
aliases CVE-2026-29146, GHSA-h468-7pvh-8vr8
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1qsf-yxnk-fqhy
1
url VCID-8qk1-ufax-eugz
vulnerability_id VCID-8qk1-ufax-eugz
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-29145.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-29145.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-29145
reference_id
reference_type
scores
0
value 0.00028
scoring_system epss
scoring_elements 0.08602
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-29145
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
4
reference_url https://github.com/apache/tomcat/commit/721591f7bff424c693f26adc18ae9b9abac3655b
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/721591f7bff424c693f26adc18ae9b9abac3655b
5
reference_url https://github.com/apache/tomcat/commit/d1406df5ae0326f39f54c3f64ac30d8fca55cd5b
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/d1406df5ae0326f39f54c3f64ac30d8fca55cd5b
6
reference_url https://github.com/apache/tomcat/commit/fe26667cd2385045ac73f4dea086cc9971209b90
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/fe26667cd2385045ac73f4dea086cc9971209b90
7
reference_url https://lists.apache.org/thread/yz5fxmhd2j43wgqykssdo7kltws57jfz
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T18:10:50Z/
url https://lists.apache.org/thread/yz5fxmhd2j43wgqykssdo7kltws57jfz
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-29145
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-29145
9
reference_url https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.53
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.53
10
reference_url https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.20
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.20
11
reference_url https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.116
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.116
12
reference_url http://www.openwall.com/lists/oss-security/2026/04/09/23
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2026/04/09/23
13
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133356
reference_id 1133356
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133356
14
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133357
reference_id 1133357
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133357
15
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2457037
reference_id 2457037
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2457037
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-29145
reference_id CVE-2026-29145
reference_type
scores
0
value Moderate
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-29145
17
reference_url https://github.com/advisories/GHSA-95jq-rwvf-vjx4
reference_id GHSA-95jq-rwvf-vjx4
reference_type
scores
url https://github.com/advisories/GHSA-95jq-rwvf-vjx4
18
reference_url https://access.redhat.com/errata/RHSA-2026:20405
reference_id RHSA-2026:20405
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:20405
19
reference_url https://access.redhat.com/errata/RHSA-2026:20406
reference_id RHSA-2026:20406
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:20406
fixed_packages
0
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.116
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.116
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-nqgv-hbwa-d3en
1
vulnerability VCID-z8df-aq4y-ubet
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.116
1
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.53
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.53
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6w-bbfa-afb8
1
vulnerability VCID-nqgv-hbwa-d3en
2
vulnerability VCID-z8df-aq4y-ubet
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.53
2
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@11.0.20
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@11.0.20
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6w-bbfa-afb8
1
vulnerability VCID-nqgv-hbwa-d3en
2
vulnerability VCID-z8df-aq4y-ubet
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@11.0.20
aliases CVE-2026-29145, GHSA-95jq-rwvf-vjx4
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8qk1-ufax-eugz
2
url VCID-gw94-yyjd-17er
vulnerability_id VCID-gw94-yyjd-17er
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25854.json
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25854.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-25854
reference_id
reference_type
scores
0
value 0.00033
scoring_system epss
scoring_elements 0.1023
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-25854
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
4
reference_url https://github.com/apache/tomcat/commit/4c5d306001b780c9316aea5ff6502c524fb20695
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/4c5d306001b780c9316aea5ff6502c524fb20695
5
reference_url https://github.com/apache/tomcat/commit/5fb910f9a9dafa37a0c0965a1bd62a21dcf437f2
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/5fb910f9a9dafa37a0c0965a1bd62a21dcf437f2
6
reference_url https://github.com/apache/tomcat/commit/c5a45ae68d07f7a07be2a875e5b6772d66c4e5d0
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/c5a45ae68d07f7a07be2a875e5b6772d66c4e5d0
7
reference_url https://lists.apache.org/thread/ghct3b6o74bp2vm7q875s1zh0dqrz3h0
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-10T18:21:57Z/
url https://lists.apache.org/thread/ghct3b6o74bp2vm7q875s1zh0dqrz3h0
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-25854
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-25854
9
reference_url http://www.openwall.com/lists/oss-security/2026/04/09/21
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2026/04/09/21
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133356
reference_id 1133356
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133356
11
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133357
reference_id 1133357
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133357
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2457039
reference_id 2457039
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2457039
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25854
reference_id CVE-2026-25854
reference_type
scores
0
value Low
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25854
14
reference_url https://github.com/advisories/GHSA-9m3c-qcxr-9x87
reference_id GHSA-9m3c-qcxr-9x87
reference_type
scores
url https://github.com/advisories/GHSA-9m3c-qcxr-9x87
15
reference_url https://access.redhat.com/errata/RHSA-2026:20405
reference_id RHSA-2026:20405
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:20405
16
reference_url https://access.redhat.com/errata/RHSA-2026:20406
reference_id RHSA-2026:20406
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:20406
fixed_packages
0
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.116
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.116
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-nqgv-hbwa-d3en
1
vulnerability VCID-z8df-aq4y-ubet
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.116
1
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.53
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.53
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6w-bbfa-afb8
1
vulnerability VCID-nqgv-hbwa-d3en
2
vulnerability VCID-z8df-aq4y-ubet
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.53
2
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@11.0.20
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@11.0.20
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6w-bbfa-afb8
1
vulnerability VCID-nqgv-hbwa-d3en
2
vulnerability VCID-z8df-aq4y-ubet
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@11.0.20
aliases CVE-2026-25854, GHSA-9m3c-qcxr-9x87
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gw94-yyjd-17er
3
url VCID-j493-xan3-myfm
vulnerability_id VCID-j493-xan3-myfm
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-29129.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-29129.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-29129
reference_id
reference_type
scores
0
value 0.00033
scoring_system epss
scoring_elements 0.10136
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-29129
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
4
reference_url https://github.com/apache/tomcat/commit/5cfa876d73f1ff5f4dc8309c4320f684cbeff74e
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/5cfa876d73f1ff5f4dc8309c4320f684cbeff74e
5
reference_url https://github.com/apache/tomcat/commit/6db238562ec36ab1106db4d04843f8b33e7a0c06
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/6db238562ec36ab1106db4d04843f8b33e7a0c06
6
reference_url https://github.com/apache/tomcat/commit/8d69b33764dba81dce89e3a768de6093a35620ae
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/8d69b33764dba81dce89e3a768de6093a35620ae
7
reference_url https://lists.apache.org/thread/r4h1t6f8xhxsxfm6c2z5cprolsosho3f
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T18:05:39Z/
url https://lists.apache.org/thread/r4h1t6f8xhxsxfm6c2z5cprolsosho3f
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-29129
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-29129
9
reference_url https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.53
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.53
10
reference_url https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.20
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.20
11
reference_url https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.116
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.116
12
reference_url http://www.openwall.com/lists/oss-security/2026/04/09/22
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2026/04/09/22
13
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133356
reference_id 1133356
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133356
14
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133357
reference_id 1133357
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133357
15
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2457031
reference_id 2457031
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2457031
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-29129
reference_id CVE-2026-29129
reference_type
scores
0
value Low
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-29129
17
reference_url https://github.com/advisories/GHSA-69cc-cv78-qc8g
reference_id GHSA-69cc-cv78-qc8g
reference_type
scores
url https://github.com/advisories/GHSA-69cc-cv78-qc8g
fixed_packages
0
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.116
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.116
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-nqgv-hbwa-d3en
1
vulnerability VCID-z8df-aq4y-ubet
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.116
1
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.53
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.53
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6w-bbfa-afb8
1
vulnerability VCID-nqgv-hbwa-d3en
2
vulnerability VCID-z8df-aq4y-ubet
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.53
2
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@11.0.20
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@11.0.20
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6w-bbfa-afb8
1
vulnerability VCID-nqgv-hbwa-d3en
2
vulnerability VCID-z8df-aq4y-ubet
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@11.0.20
aliases CVE-2026-29129, GHSA-69cc-cv78-qc8g
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-j493-xan3-myfm
4
url VCID-nsp7-e9m6-juhv
vulnerability_id VCID-nsp7-e9m6-juhv
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-32990.json
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-32990.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-32990
reference_id
reference_type
scores
0
value 0.00208
scoring_system epss
scoring_elements 0.43213
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-32990
2
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
3
reference_url https://github.com/apache/tomcat/commit/021d1f833e38b683a44688f7b28f1f27e8e37c36
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/021d1f833e38b683a44688f7b28f1f27e8e37c36
4
reference_url https://github.com/apache/tomcat/commit/4d0615a5c718c260d6d4e0b944a050f09a490c02
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/4d0615a5c718c260d6d4e0b944a050f09a490c02
5
reference_url https://github.com/apache/tomcat/commit/95f7778248cac46d03e6af04de9c72a598be3a53
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/95f7778248cac46d03e6af04de9c72a598be3a53
6
reference_url https://lists.apache.org/thread/1nl9zqft0ksqlhlkd3j4obyjz1ghoyn7
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T18:38:40Z/
url https://lists.apache.org/thread/1nl9zqft0ksqlhlkd3j4obyjz1ghoyn7
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-32990
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-32990
8
reference_url https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.53
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.53
9
reference_url https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.20
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.20
10
reference_url https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.116
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.116
11
reference_url https://www.herodevs.com/vulnerability-directory/cve-2026-32990
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.herodevs.com/vulnerability-directory/cve-2026-32990
12
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133356
reference_id 1133356
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133356
13
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133357
reference_id 1133357
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133357
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2457025
reference_id 2457025
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2457025
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32990
reference_id CVE-2026-32990
reference_type
scores
0
value Moderate
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32990
16
reference_url https://github.com/advisories/GHSA-8mc5-53m5-3qj2
reference_id GHSA-8mc5-53m5-3qj2
reference_type
scores
url https://github.com/advisories/GHSA-8mc5-53m5-3qj2
17
reference_url https://access.redhat.com/errata/RHSA-2026:12194
reference_id RHSA-2026:12194
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:12194
18
reference_url https://access.redhat.com/errata/RHSA-2026:12195
reference_id RHSA-2026:12195
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:12195
fixed_packages
0
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.116
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.116
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-nqgv-hbwa-d3en
1
vulnerability VCID-z8df-aq4y-ubet
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.116
1
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.53
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.53
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6w-bbfa-afb8
1
vulnerability VCID-nqgv-hbwa-d3en
2
vulnerability VCID-z8df-aq4y-ubet
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.53
2
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@11.0.20
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@11.0.20
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6w-bbfa-afb8
1
vulnerability VCID-nqgv-hbwa-d3en
2
vulnerability VCID-z8df-aq4y-ubet
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@11.0.20
aliases CVE-2026-32990, GHSA-8mc5-53m5-3qj2
risk_score 3.3
exploitability 0.5
weighted_severity 6.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nsp7-e9m6-juhv
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.53