Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:apache/tomcat@7.0.21
Typeapache
Namespace
Nametomcat
Version7.0.21
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version7.0.30
Latest_non_vulnerable_version11.0.21
Affected_by_vulnerabilities
0
url VCID-hxj6-mupf-abbc
vulnerability_id VCID-hxj6-mupf-abbc
summary Apache Tomcat 6.0.30 through 6.0.33 and 7.x before 7.0.22 does not properly perform certain caching and recycling operations involving request objects, which allows remote attackers to obtain unintended read access to IP address and HTTP header information in opportunistic circumstances by reading TCP data.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3375.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3375.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-3375
reference_id
reference_type
scores
0
value 0.02015
scoring_system epss
scoring_elements 0.83692
published_at 2026-04-04T12:55:00Z
1
value 0.02015
scoring_system epss
scoring_elements 0.83764
published_at 2026-04-16T12:55:00Z
2
value 0.02015
scoring_system epss
scoring_elements 0.8373
published_at 2026-04-13T12:55:00Z
3
value 0.02015
scoring_system epss
scoring_elements 0.83735
published_at 2026-04-12T12:55:00Z
4
value 0.02015
scoring_system epss
scoring_elements 0.83741
published_at 2026-04-11T12:55:00Z
5
value 0.02015
scoring_system epss
scoring_elements 0.83725
published_at 2026-04-09T12:55:00Z
6
value 0.02015
scoring_system epss
scoring_elements 0.83718
published_at 2026-04-08T12:55:00Z
7
value 0.02015
scoring_system epss
scoring_elements 0.83665
published_at 2026-04-01T12:55:00Z
8
value 0.02015
scoring_system epss
scoring_elements 0.83678
published_at 2026-04-02T12:55:00Z
9
value 0.02015
scoring_system epss
scoring_elements 0.83695
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-3375
2
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
3
reference_url https://github.com/apache/tomcat70/commit/9eae334e9492f55a841e6eb7ab302ff11d03ab21
reference_id
reference_type
scores
url https://github.com/apache/tomcat70/commit/9eae334e9492f55a841e6eb7ab302ff11d03ab21
4
reference_url https://github.com/apache/tomcat/commit/9eae334e9492f55a841e6eb7ab302ff11d03ab21
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/9eae334e9492f55a841e6eb7ab302ff11d03ab21
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2011-3375
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2011-3375
6
reference_url https://svn.apache.org/viewvc?view=rev&rev=1176592
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1176592
7
reference_url https://svn.apache.org/viewvc?view=rev&rev=1185998
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1185998
8
reference_url http://tomcat.apache.org/security-6.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-6.html
9
reference_url http://tomcat.apache.org/security-7.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-7.html
10
reference_url http://www.debian.org/security/2012/dsa-2401
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2012/dsa-2401
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=782624
reference_id 782624
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=782624
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3375
reference_id CVE-2011-3375
reference_type
scores
0
value Important
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3375
13
reference_url https://github.com/advisories/GHSA-rp8h-vr48-4j8p
reference_id GHSA-rp8h-vr48-4j8p
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-rp8h-vr48-4j8p
14
reference_url https://security.gentoo.org/glsa/201206-24
reference_id GLSA-201206-24
reference_type
scores
url https://security.gentoo.org/glsa/201206-24
15
reference_url https://access.redhat.com/errata/RHSA-2012:0681
reference_id RHSA-2012:0681
reference_type
scores
url https://access.redhat.com/errata/RHSA-2012:0681
16
reference_url https://access.redhat.com/errata/RHSA-2012:0682
reference_id RHSA-2012:0682
reference_type
scores
url https://access.redhat.com/errata/RHSA-2012:0682
17
reference_url https://usn.ubuntu.com/1359-1/
reference_id USN-1359-1
reference_type
scores
url https://usn.ubuntu.com/1359-1/
fixed_packages
0
url pkg:apache/tomcat@7.0.22
purl pkg:apache/tomcat@7.0.22
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-hhk9-cr54-8fgc
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@7.0.22
aliases CVE-2011-3375, GHSA-rp8h-vr48-4j8p
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hxj6-mupf-abbc
1
url VCID-j2j9-avuw-n3eq
vulnerability_id VCID-j2j9-avuw-n3eq
summary org/apache/catalina/core/DefaultInstanceManager.java in Apache Tomcat 7.x before 7.0.22 does not properly restrict ContainerServlets in the Manager application, which allows local users to gain privileges by using an untrusted web application to access the Manager application's functionality.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3376.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3376.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-3376
reference_id
reference_type
scores
0
value 0.00299
scoring_system epss
scoring_elements 0.53296
published_at 2026-04-16T12:55:00Z
1
value 0.00299
scoring_system epss
scoring_elements 0.53175
published_at 2026-04-01T12:55:00Z
2
value 0.00299
scoring_system epss
scoring_elements 0.53199
published_at 2026-04-02T12:55:00Z
3
value 0.00299
scoring_system epss
scoring_elements 0.53224
published_at 2026-04-04T12:55:00Z
4
value 0.00299
scoring_system epss
scoring_elements 0.53192
published_at 2026-04-07T12:55:00Z
5
value 0.00299
scoring_system epss
scoring_elements 0.53245
published_at 2026-04-08T12:55:00Z
6
value 0.00299
scoring_system epss
scoring_elements 0.53239
published_at 2026-04-09T12:55:00Z
7
value 0.00299
scoring_system epss
scoring_elements 0.5329
published_at 2026-04-11T12:55:00Z
8
value 0.00299
scoring_system epss
scoring_elements 0.53275
published_at 2026-04-12T12:55:00Z
9
value 0.00299
scoring_system epss
scoring_elements 0.53258
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-3376
2
reference_url https://svn.apache.org/viewvc?view=rev&rev=1176588
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1176588
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=752371
reference_id 752371
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=752371
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3376
reference_id CVE-2011-3376
reference_type
scores
0
value Low
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3376
fixed_packages
0
url pkg:apache/tomcat@7.0.22
purl pkg:apache/tomcat@7.0.22
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-hhk9-cr54-8fgc
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@7.0.22
aliases CVE-2011-3376
risk_score 1.4
exploitability 0.5
weighted_severity 2.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-j2j9-avuw-n3eq
Fixing_vulnerabilities
0
url VCID-quwu-ep21-cyew
vulnerability_id VCID-quwu-ep21-cyew
summary Certain AJP protocol connector implementations in Apache Tomcat 7.0.0 through 7.0.20, 6.0.0 through 6.0.33, 5.5.0 through 5.5.33, and possibly other versions allow remote attackers to spoof AJP requests, bypass authentication, and obtain sensitive information by causing the connector to interpret a request body as a new request.
references
0
reference_url http://marc.info/?l=bugtraq&m=132215163318824&w=2
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://marc.info/?l=bugtraq&m=132215163318824&w=2
1
reference_url http://marc.info/?l=bugtraq&m=133469267822771&w=2
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://marc.info/?l=bugtraq&m=133469267822771&w=2
2
reference_url http://marc.info/?l=bugtraq&m=136485229118404&w=2
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://marc.info/?l=bugtraq&m=136485229118404&w=2
3
reference_url http://marc.info/?l=bugtraq&m=139344343412337&w=2
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://marc.info/?l=bugtraq&m=139344343412337&w=2
4
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3190.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3190.json
5
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-3190
reference_id
reference_type
scores
0
value 0.00872
scoring_system epss
scoring_elements 0.75249
published_at 2026-04-16T12:55:00Z
1
value 0.00872
scoring_system epss
scoring_elements 0.75167
published_at 2026-04-01T12:55:00Z
2
value 0.00872
scoring_system epss
scoring_elements 0.7517
published_at 2026-04-02T12:55:00Z
3
value 0.00872
scoring_system epss
scoring_elements 0.75201
published_at 2026-04-04T12:55:00Z
4
value 0.00872
scoring_system epss
scoring_elements 0.75177
published_at 2026-04-07T12:55:00Z
5
value 0.00872
scoring_system epss
scoring_elements 0.75212
published_at 2026-04-08T12:55:00Z
6
value 0.00872
scoring_system epss
scoring_elements 0.75224
published_at 2026-04-09T12:55:00Z
7
value 0.00872
scoring_system epss
scoring_elements 0.75245
published_at 2026-04-11T12:55:00Z
8
value 0.00872
scoring_system epss
scoring_elements 0.75222
published_at 2026-04-12T12:55:00Z
9
value 0.00872
scoring_system epss
scoring_elements 0.75211
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-3190
6
reference_url http://securityreason.com/securityalert/8362
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://securityreason.com/securityalert/8362
7
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/69472
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/69472
8
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
9
reference_url https://github.com/apache/tomcat55/commit/be3eb28f82250a5c81a1c42216570ebf892aefac
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat55/commit/be3eb28f82250a5c81a1c42216570ebf892aefac
10
reference_url https://github.com/apache/tomcat70/commit/90ec9675fa080e22df5f9e3e7019a19eb2faec14
reference_id
reference_type
scores
url https://github.com/apache/tomcat70/commit/90ec9675fa080e22df5f9e3e7019a19eb2faec14
11
reference_url https://github.com/apache/tomcat/commit/a2538ce78f83b7376c48d12d8247600079d789b1
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/a2538ce78f83b7376c48d12d8247600079d789b1
12
reference_url https://issues.apache.org/bugzilla/show_bug.cgi?id=51698
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://issues.apache.org/bugzilla/show_bug.cgi?id=51698
13
reference_url https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E
14
reference_url https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E
15
reference_url https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@%3Cdev.tomcat.apache.org%3E
16
reference_url https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3Cdev.tomcat.apache.org%3E
17
reference_url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14933
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14933
18
reference_url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19465
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19465
19
reference_url https://svn.apache.org/viewvc?view=rev&rev=1162958
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1162958
20
reference_url https://svn.apache.org/viewvc?view=rev&rev=1162959
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1162959
21
reference_url https://svn.apache.org/viewvc?view=rev&rev=1162960
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1162960
22
reference_url https://web.archive.org/web/20130121232525/http://www.securityfocus.com/archive/1/519466/100/0/threaded
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20130121232525/http://www.securityfocus.com/archive/1/519466/100/0/threaded
23
reference_url https://web.archive.org/web/20130314002148/http://www.securityfocus.com/bid/49353
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20130314002148/http://www.securityfocus.com/bid/49353
24
reference_url https://web.archive.org/web/20131214094052/http://www.securitytracker.com/id?1025993
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20131214094052/http://www.securitytracker.com/id?1025993
25
reference_url http://www.debian.org/security/2012/dsa-2401
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2012/dsa-2401
26
reference_url http://www.mandriva.com/security/advisories?name=MDVSA-2011:156
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.mandriva.com/security/advisories?name=MDVSA-2011:156
27
reference_url http://www.securityfocus.com/archive/1/519466/100/0/threaded
reference_id
reference_type
scores
url http://www.securityfocus.com/archive/1/519466/100/0/threaded
28
reference_url http://www.securityfocus.com/bid/49353
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/49353
29
reference_url http://www.securitytracker.com/id?1025993
reference_id
reference_type
scores
url http://www.securitytracker.com/id?1025993
30
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=734868
reference_id 734868
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=734868
31
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3190
reference_id CVE-2011-3190
reference_type
scores
0
value Important
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3190
32
reference_url https://nvd.nist.gov/vuln/detail/CVE-2011-3190
reference_id CVE-2011-3190
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2011-3190
33
reference_url https://github.com/advisories/GHSA-c38m-v4m2-524v
reference_id GHSA-c38m-v4m2-524v
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-c38m-v4m2-524v
34
reference_url https://security.gentoo.org/glsa/201206-24
reference_id GLSA-201206-24
reference_type
scores
url https://security.gentoo.org/glsa/201206-24
35
reference_url https://access.redhat.com/errata/RHSA-2011:1780
reference_id RHSA-2011:1780
reference_type
scores
url https://access.redhat.com/errata/RHSA-2011:1780
36
reference_url https://access.redhat.com/errata/RHSA-2012:0679
reference_id RHSA-2012:0679
reference_type
scores
url https://access.redhat.com/errata/RHSA-2012:0679
37
reference_url https://access.redhat.com/errata/RHSA-2012:0680
reference_id RHSA-2012:0680
reference_type
scores
url https://access.redhat.com/errata/RHSA-2012:0680
38
reference_url https://access.redhat.com/errata/RHSA-2012:0681
reference_id RHSA-2012:0681
reference_type
scores
url https://access.redhat.com/errata/RHSA-2012:0681
39
reference_url https://access.redhat.com/errata/RHSA-2012:0682
reference_id RHSA-2012:0682
reference_type
scores
url https://access.redhat.com/errata/RHSA-2012:0682
40
reference_url https://usn.ubuntu.com/1252-1/
reference_id USN-1252-1
reference_type
scores
url https://usn.ubuntu.com/1252-1/
fixed_packages
0
url pkg:apache/tomcat@5.5.34
purl pkg:apache/tomcat@5.5.34
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-hhk9-cr54-8fgc
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@5.5.34
1
url pkg:apache/tomcat@6.0.35
purl pkg:apache/tomcat@6.0.35
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fpuc-fe6m-47c6
1
vulnerability VCID-mwk8-b5c9-kbb9
2
vulnerability VCID-n76n-ywja-rbhh
3
vulnerability VCID-ta1m-dh8x-nubc
4
vulnerability VCID-vd1s-m27a-8ucc
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@6.0.35
2
url pkg:apache/tomcat@7.0.21
purl pkg:apache/tomcat@7.0.21
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-hxj6-mupf-abbc
1
vulnerability VCID-j2j9-avuw-n3eq
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@7.0.21
aliases CVE-2011-3190, GHSA-c38m-v4m2-524v
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-quwu-ep21-cyew
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:apache/tomcat@7.0.21