Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:apache/tomcat@6.0.12
Typeapache
Namespace
Nametomcat
Version6.0.12
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version6.0.24
Latest_non_vulnerable_version11.0.21
Affected_by_vulnerabilities
0
url VCID-886n-1vzv-syc6
vulnerability_id VCID-886n-1vzv-syc6
summary Multiple cross-site scripting (XSS) vulnerabilities in the Manager application in Apache Tomcat 6.0.12 through 6.0.29 and 7.0.0 through 7.0.4 allow remote attackers to inject arbitrary web script or HTML via the (1) orderBy or (2) sort parameter to sessionsList.jsp, or unspecified input to (3) sessionDetail.jsp or (4) java/org/apache/catalina/manager/JspHelper.java, related to use of untrusted web applications.
references
0
reference_url http://archives.neohapsis.com/archives/fulldisclosure/2010-11/0285.html
reference_id
reference_type
scores
url http://archives.neohapsis.com/archives/fulldisclosure/2010-11/0285.html
1
reference_url http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html
reference_id
reference_type
scores
url http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html
2
reference_url http://marc.info/?l=bugtraq&m=139344343412337&w=2
reference_id
reference_type
scores
url http://marc.info/?l=bugtraq&m=139344343412337&w=2
3
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4172.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4172.json
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2010-4172
reference_id
reference_type
scores
0
value 0.11901
scoring_system epss
scoring_elements 0.93712
published_at 2026-04-02T12:55:00Z
1
value 0.11901
scoring_system epss
scoring_elements 0.93772
published_at 2026-04-21T12:55:00Z
2
value 0.11901
scoring_system epss
scoring_elements 0.93769
published_at 2026-04-18T12:55:00Z
3
value 0.11901
scoring_system epss
scoring_elements 0.93763
published_at 2026-04-16T12:55:00Z
4
value 0.11901
scoring_system epss
scoring_elements 0.93741
published_at 2026-04-13T12:55:00Z
5
value 0.11901
scoring_system epss
scoring_elements 0.93703
published_at 2026-04-01T12:55:00Z
6
value 0.11901
scoring_system epss
scoring_elements 0.9374
published_at 2026-04-12T12:55:00Z
7
value 0.11901
scoring_system epss
scoring_elements 0.93736
published_at 2026-04-09T12:55:00Z
8
value 0.11901
scoring_system epss
scoring_elements 0.93734
published_at 2026-04-08T12:55:00Z
9
value 0.11901
scoring_system epss
scoring_elements 0.93725
published_at 2026-04-07T12:55:00Z
10
value 0.11901
scoring_system epss
scoring_elements 0.93722
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2010-4172
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=656246
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=656246
6
reference_url http://secunia.com/advisories/42337
reference_id
reference_type
scores
url http://secunia.com/advisories/42337
7
reference_url http://secunia.com/advisories/43019
reference_id
reference_type
scores
url http://secunia.com/advisories/43019
8
reference_url http://secunia.com/advisories/45022
reference_id
reference_type
scores
url http://secunia.com/advisories/45022
9
reference_url http://secunia.com/advisories/57126
reference_id
reference_type
scores
url http://secunia.com/advisories/57126
10
reference_url http://securitytracker.com/id?1024764
reference_id
reference_type
scores
url http://securitytracker.com/id?1024764
11
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/63422
reference_id
reference_type
scores
url https://exchange.xforce.ibmcloud.com/vulnerabilities/63422
12
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
13
reference_url https://github.com/apache/tomcat/commit/5971f9392edc6d70808b2599b062b050fcd11d23
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/5971f9392edc6d70808b2599b062b050fcd11d23
14
reference_url https://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html
15
reference_url https://marc.info/?l=bugtraq&m=139344343412337&w=2
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://marc.info/?l=bugtraq&m=139344343412337&w=2
16
reference_url https://svn.apache.org/viewvc?view=rev&rev=1037778
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1037778
17
reference_url https://svn.apache.org/viewvc?view=rev&rev=1037779
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1037779
18
reference_url https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.5
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.5
19
reference_url http://support.apple.com/kb/HT5002
reference_id
reference_type
scores
url http://support.apple.com/kb/HT5002
20
reference_url http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5098550.html
reference_id
reference_type
scores
url http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5098550.html
21
reference_url http://svn.apache.org/viewvc?view=revision&revision=1037778
reference_id
reference_type
scores
url http://svn.apache.org/viewvc?view=revision&revision=1037778
22
reference_url http://svn.apache.org/viewvc?view=revision&revision=1037779
reference_id
reference_type
scores
url http://svn.apache.org/viewvc?view=revision&revision=1037779
23
reference_url https://www.redhat.com/support/errata/RHSA-2011-0896.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.redhat.com/support/errata/RHSA-2011-0896.html
24
reference_url https://www.redhat.com/support/errata/RHSA-2011-0897.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.redhat.com/support/errata/RHSA-2011-0897.html
25
reference_url https://www.securityfocus.com/archive/1/514866/100/0/threaded
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.securityfocus.com/archive/1/514866/100/0/threaded
26
reference_url https://www.ubuntu.com/usn/USN-1048-1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.ubuntu.com/usn/USN-1048-1
27
reference_url https://www.vupen.com/english/advisories/2010/3047
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.vupen.com/english/advisories/2010/3047
28
reference_url https://www.vupen.com/english/advisories/2011/0203
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.vupen.com/english/advisories/2011/0203
29
reference_url http://tomcat.apache.org/security-6.html
reference_id
reference_type
scores
url http://tomcat.apache.org/security-6.html
30
reference_url http://tomcat.apache.org/security-7.html
reference_id
reference_type
scores
url http://tomcat.apache.org/security-7.html
31
reference_url http://www.redhat.com/support/errata/RHSA-2011-0791.html
reference_id
reference_type
scores
url http://www.redhat.com/support/errata/RHSA-2011-0791.html
32
reference_url http://www.redhat.com/support/errata/RHSA-2011-0896.html
reference_id
reference_type
scores
url http://www.redhat.com/support/errata/RHSA-2011-0896.html
33
reference_url http://www.redhat.com/support/errata/RHSA-2011-0897.html
reference_id
reference_type
scores
url http://www.redhat.com/support/errata/RHSA-2011-0897.html
34
reference_url http://www.securityfocus.com/archive/1/514866/100/0/threaded
reference_id
reference_type
scores
url http://www.securityfocus.com/archive/1/514866/100/0/threaded
35
reference_url http://www.securityfocus.com/bid/45015
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/45015
36
reference_url http://www.ubuntu.com/usn/USN-1048-1
reference_id
reference_type
scores
url http://www.ubuntu.com/usn/USN-1048-1
37
reference_url http://www.vupen.com/english/advisories/2010/3047
reference_id
reference_type
scores
url http://www.vupen.com/english/advisories/2010/3047
38
reference_url http://www.vupen.com/english/advisories/2011/0203
reference_id
reference_type
scores
url http://www.vupen.com/english/advisories/2011/0203
39
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.12:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:tomcat:6.0.12:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.12:*:*:*:*:*:*:*
40
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.13:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:tomcat:6.0.13:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.13:*:*:*:*:*:*:*
41
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.14:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:tomcat:6.0.14:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.14:*:*:*:*:*:*:*
42
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.15:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:tomcat:6.0.15:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.15:*:*:*:*:*:*:*
43
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.16:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:tomcat:6.0.16:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.16:*:*:*:*:*:*:*
44
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.17:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:tomcat:6.0.17:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.17:*:*:*:*:*:*:*
45
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.18:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:tomcat:6.0.18:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.18:*:*:*:*:*:*:*
46
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.19:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:tomcat:6.0.19:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.19:*:*:*:*:*:*:*
47
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.20:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:tomcat:6.0.20:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.20:*:*:*:*:*:*:*
48
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.24:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:tomcat:6.0.24:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.24:*:*:*:*:*:*:*
49
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.26:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:tomcat:6.0.26:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.26:*:*:*:*:*:*:*
50
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.27:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:tomcat:6.0.27:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.27:*:*:*:*:*:*:*
51
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.28:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:tomcat:6.0.28:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.28:*:*:*:*:*:*:*
52
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.29:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:tomcat:6.0.29:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.29:*:*:*:*:*:*:*
53
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:tomcat:7.0.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.0:*:*:*:*:*:*:*
54
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.0:beta:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:tomcat:7.0.0:beta:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.0:beta:*:*:*:*:*:*
55
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:tomcat:7.0.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.1:*:*:*:*:*:*:*
56
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:tomcat:7.0.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.2:*:*:*:*:*:*:*
57
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:tomcat:7.0.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.3:*:*:*:*:*:*:*
58
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:tomcat:7.0.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.4:*:*:*:*:*:*:*
59
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4172
reference_id CVE-2010-4172
reference_type
scores
0
value Low
scoring_system apache_tomcat
scoring_elements
1
value Moderate
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4172
60
reference_url https://nvd.nist.gov/vuln/detail/CVE-2010-4172
reference_id CVE-2010-4172
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:P/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2010-4172
61
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/35011.txt
reference_id CVE-2010-4172;OSVDB-69456
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/35011.txt
62
reference_url https://www.securityfocus.com/bid/45015/info
reference_id CVE-2010-4172;OSVDB-69456
reference_type exploit
scores
url https://www.securityfocus.com/bid/45015/info
63
reference_url https://github.com/advisories/GHSA-c78g-qwpw-2jgv
reference_id GHSA-c78g-qwpw-2jgv
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-c78g-qwpw-2jgv
64
reference_url https://security.gentoo.org/glsa/201206-24
reference_id GLSA-201206-24
reference_type
scores
url https://security.gentoo.org/glsa/201206-24
65
reference_url https://usn.ubuntu.com/1048-1/
reference_id USN-1048-1
reference_type
scores
url https://usn.ubuntu.com/1048-1/
fixed_packages
0
url pkg:apache/tomcat@6.0.30
purl pkg:apache/tomcat@6.0.30
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-618c-ar98-qfcr
1
vulnerability VCID-7ej8-5f77-cybb
2
vulnerability VCID-hxj6-mupf-abbc
3
vulnerability VCID-ta1m-dh8x-nubc
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@6.0.30
1
url pkg:apache/tomcat@7.0.5
purl pkg:apache/tomcat@7.0.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-dhun-hj5q-dfch
1
vulnerability VCID-kyb8-rvyw-s7b1
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@7.0.5
aliases CVE-2010-4172, GHSA-c78g-qwpw-2jgv
risk_score 10.0
exploitability 2.0
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-886n-1vzv-syc6
Fixing_vulnerabilities
Risk_score10.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:apache/tomcat@6.0.12