Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/org.apache.tomcat/tomcat@7.0.21
Typemaven
Namespaceorg.apache.tomcat
Nametomcat
Version7.0.21
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version9.0.117
Latest_non_vulnerable_version11.0.21
Affected_by_vulnerabilities
0
url VCID-hxj6-mupf-abbc
vulnerability_id VCID-hxj6-mupf-abbc
summary Apache Tomcat 6.0.30 through 6.0.33 and 7.x before 7.0.22 does not properly perform certain caching and recycling operations involving request objects, which allows remote attackers to obtain unintended read access to IP address and HTTP header information in opportunistic circumstances by reading TCP data.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3375.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3375.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-3375
reference_id
reference_type
scores
0
value 0.02015
scoring_system epss
scoring_elements 0.83692
published_at 2026-04-04T12:55:00Z
1
value 0.02015
scoring_system epss
scoring_elements 0.83764
published_at 2026-04-16T12:55:00Z
2
value 0.02015
scoring_system epss
scoring_elements 0.8373
published_at 2026-04-13T12:55:00Z
3
value 0.02015
scoring_system epss
scoring_elements 0.83735
published_at 2026-04-12T12:55:00Z
4
value 0.02015
scoring_system epss
scoring_elements 0.83741
published_at 2026-04-11T12:55:00Z
5
value 0.02015
scoring_system epss
scoring_elements 0.83725
published_at 2026-04-09T12:55:00Z
6
value 0.02015
scoring_system epss
scoring_elements 0.83718
published_at 2026-04-08T12:55:00Z
7
value 0.02015
scoring_system epss
scoring_elements 0.83665
published_at 2026-04-01T12:55:00Z
8
value 0.02015
scoring_system epss
scoring_elements 0.83678
published_at 2026-04-02T12:55:00Z
9
value 0.02015
scoring_system epss
scoring_elements 0.83695
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-3375
2
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
3
reference_url https://github.com/apache/tomcat70/commit/9eae334e9492f55a841e6eb7ab302ff11d03ab21
reference_id
reference_type
scores
url https://github.com/apache/tomcat70/commit/9eae334e9492f55a841e6eb7ab302ff11d03ab21
4
reference_url https://github.com/apache/tomcat/commit/9eae334e9492f55a841e6eb7ab302ff11d03ab21
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/9eae334e9492f55a841e6eb7ab302ff11d03ab21
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2011-3375
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2011-3375
6
reference_url https://svn.apache.org/viewvc?view=rev&rev=1176592
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1176592
7
reference_url https://svn.apache.org/viewvc?view=rev&rev=1185998
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1185998
8
reference_url http://tomcat.apache.org/security-6.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-6.html
9
reference_url http://tomcat.apache.org/security-7.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-7.html
10
reference_url http://www.debian.org/security/2012/dsa-2401
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2012/dsa-2401
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=782624
reference_id 782624
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=782624
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3375
reference_id CVE-2011-3375
reference_type
scores
0
value Important
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3375
13
reference_url https://github.com/advisories/GHSA-rp8h-vr48-4j8p
reference_id GHSA-rp8h-vr48-4j8p
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-rp8h-vr48-4j8p
14
reference_url https://security.gentoo.org/glsa/201206-24
reference_id GLSA-201206-24
reference_type
scores
url https://security.gentoo.org/glsa/201206-24
15
reference_url https://access.redhat.com/errata/RHSA-2012:0681
reference_id RHSA-2012:0681
reference_type
scores
url https://access.redhat.com/errata/RHSA-2012:0681
16
reference_url https://access.redhat.com/errata/RHSA-2012:0682
reference_id RHSA-2012:0682
reference_type
scores
url https://access.redhat.com/errata/RHSA-2012:0682
17
reference_url https://usn.ubuntu.com/1359-1/
reference_id USN-1359-1
reference_type
scores
url https://usn.ubuntu.com/1359-1/
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@7.0.22
purl pkg:maven/org.apache.tomcat/tomcat@7.0.22
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-hhk9-cr54-8fgc
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@7.0.22
aliases CVE-2011-3375, GHSA-rp8h-vr48-4j8p
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hxj6-mupf-abbc
1
url VCID-j2j9-avuw-n3eq
vulnerability_id VCID-j2j9-avuw-n3eq
summary org/apache/catalina/core/DefaultInstanceManager.java in Apache Tomcat 7.x before 7.0.22 does not properly restrict ContainerServlets in the Manager application, which allows local users to gain privileges by using an untrusted web application to access the Manager application's functionality.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3376.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3376.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-3376
reference_id
reference_type
scores
0
value 0.00299
scoring_system epss
scoring_elements 0.53296
published_at 2026-04-16T12:55:00Z
1
value 0.00299
scoring_system epss
scoring_elements 0.53175
published_at 2026-04-01T12:55:00Z
2
value 0.00299
scoring_system epss
scoring_elements 0.53199
published_at 2026-04-02T12:55:00Z
3
value 0.00299
scoring_system epss
scoring_elements 0.53224
published_at 2026-04-04T12:55:00Z
4
value 0.00299
scoring_system epss
scoring_elements 0.53192
published_at 2026-04-07T12:55:00Z
5
value 0.00299
scoring_system epss
scoring_elements 0.53245
published_at 2026-04-08T12:55:00Z
6
value 0.00299
scoring_system epss
scoring_elements 0.53239
published_at 2026-04-09T12:55:00Z
7
value 0.00299
scoring_system epss
scoring_elements 0.5329
published_at 2026-04-11T12:55:00Z
8
value 0.00299
scoring_system epss
scoring_elements 0.53275
published_at 2026-04-12T12:55:00Z
9
value 0.00299
scoring_system epss
scoring_elements 0.53258
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-3376
2
reference_url https://svn.apache.org/viewvc?view=rev&rev=1176588
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1176588
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=752371
reference_id 752371
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=752371
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3376
reference_id CVE-2011-3376
reference_type
scores
0
value Low
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3376
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@7.0.22
purl pkg:maven/org.apache.tomcat/tomcat@7.0.22
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-hhk9-cr54-8fgc
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@7.0.22
aliases CVE-2011-3376
risk_score 1.4
exploitability 0.5
weighted_severity 2.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-j2j9-avuw-n3eq
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@7.0.21