Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/1434?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/1434?format=api", "purl": "pkg:apache/tomcat@5.5.35", "type": "apache", "namespace": "", "name": "tomcat", "version": "5.5.35", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "5.5.36", "latest_non_vulnerable_version": "11.0.21", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4565?format=api", "vulnerability_id": "VCID-n76n-ywja-rbhh", "summary": "Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-5885, CVE-2012-5886, CVE-2012-5887. Reason: This candidate is a duplicate of CVE-2012-5885, CVE-2012-5886, and CVE-2012-5887. Notes: All CVE users should reference one or more of CVE-2012-5885, CVE-2012-5886, and CVE-2012-5887 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3439.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3439.json" }, { "reference_url": "https://github.com/apache/tomcat55/commit/83adfde198d8f9305edbd240e0081a2bb7902cfd", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/apache/tomcat55/commit/83adfde198d8f9305edbd240e0081a2bb7902cfd" }, { "reference_url": "https://github.com/apache/tomcat70/commit/74a0585c82d981e80c82cd88d1cbcdb80082b77b", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/apache/tomcat70/commit/74a0585c82d981e80c82cd88d1cbcdb80082b77b" }, { "reference_url": "https://svn.apache.org/viewvc?view=rev&rev=1377807", "reference_id": "", "reference_type": "", "scores": [], "url": "https://svn.apache.org/viewvc?view=rev&rev=1377807" }, { "reference_url": "https://svn.apache.org/viewvc?view=rev&rev=1380829", "reference_id": "", "reference_type": "", "scores": [], "url": "https://svn.apache.org/viewvc?view=rev&rev=1380829" }, { "reference_url": "https://svn.apache.org/viewvc?view=rev&rev=1392248", "reference_id": "", "reference_type": "", "scores": [], "url": "https://svn.apache.org/viewvc?view=rev&rev=1392248" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1275985", "reference_id": "1275985", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1275985" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3439", "reference_id": "CVE-2012-3439", "reference_type": "", "scores": [ { "value": "Moderate", "scoring_system": "apache_tomcat", "scoring_elements": "" } ], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3439" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2012-3439", "reference_id": "CVE-2012-3439", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-3439" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1435?format=api", "purl": "pkg:apache/tomcat@5.5.36", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@5.5.36" }, { "url": "http://public2.vulnerablecode.io/api/packages/1390?format=api", "purl": "pkg:apache/tomcat@6.0.36", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-p4dn-y54m-8fd1" }, { "vulnerability": "VCID-ryha-ndms-afbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@6.0.36" }, { "url": "http://public2.vulnerablecode.io/api/packages/1326?format=api", "purl": "pkg:apache/tomcat@7.0.30", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@7.0.30" } ], "aliases": [ "CVE-2012-3439" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n76n-ywja-rbhh" } ], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4546?format=api", "vulnerability_id": "VCID-hhk9-cr54-8fgc", "summary": "Apache Tomcat 5.5.x before 5.5.35, 6.x before 6.0.34, and 7.x before 7.0.23 uses an inefficient approach for handling parameters, which allows remote attackers to cause a denial of service (CPU consumption) via a request that contains many parameters and parameter values, a different vulnerability than CVE-2011-4858.", "references": [ { "reference_url": "http://marc.info/?l=bugtraq&m=132871655717248&w=2", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://marc.info/?l=bugtraq&m=132871655717248&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=133294394108746&w=2", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://marc.info/?l=bugtraq&m=133294394108746&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=136485229118404&w=2", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://marc.info/?l=bugtraq&m=136485229118404&w=2" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2012-0074.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2012-0074.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2012-0075.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2012-0075.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2012-0076.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2012-0076.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2012-1331.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2012-1331.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0074", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2012:0074" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0075", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2012:0075" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0076", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2012:0076" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:1331", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2012:1331" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0022.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0022.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-0022", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.23418", "scoring_system": "epss", "scoring_elements": "0.95962", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.23418", "scoring_system": "epss", "scoring_elements": "0.95959", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.23418", "scoring_system": "epss", "scoring_elements": "0.95965", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.23418", "scoring_system": "epss", "scoring_elements": "0.95968", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.23418", "scoring_system": "epss", "scoring_elements": "0.95977", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.23418", "scoring_system": "epss", "scoring_elements": "0.9595", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.23418", "scoring_system": "epss", "scoring_elements": "0.95983", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.23418", "scoring_system": "epss", "scoring_elements": "0.95984", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.23418", "scoring_system": "epss", "scoring_elements": "0.95985", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.23418", "scoring_system": "epss", "scoring_elements": "0.95945", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.23418", "scoring_system": "epss", "scoring_elements": "0.95938", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.23418", "scoring_system": "epss", "scoring_elements": "0.9593", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-0022" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72425", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72425" }, { "reference_url": "https://github.com/apache/tomcat", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/tomcat" }, { "reference_url": "https://github.com/apache/tomcat55/commit/0314fe7743cb72e469cb395ccaaf2793a2ea0355", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/tomcat55/commit/0314fe7743cb72e469cb395ccaaf2793a2ea0355" }, { "reference_url": "https://github.com/apache/tomcat55/commit/7a1cfb6bd2f849806e7c060dda8648409ad8714e", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/tomcat55/commit/7a1cfb6bd2f849806e7c060dda8648409ad8714e" }, { "reference_url": "https://github.com/apache/tomcat55/commit/b05497eff4311a9657de6dfc53511d0309eb9db4", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/tomcat55/commit/b05497eff4311a9657de6dfc53511d0309eb9db4" }, { "reference_url": "https://github.com/apache/tomcat70/commit/0351f661e9219a0682df1d2a9265c518438279c6", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/apache/tomcat70/commit/0351f661e9219a0682df1d2a9265c518438279c6" }, { "reference_url": "https://github.com/apache/tomcat70/commit/0569aa6a01a74d51b93fd0027288358825fc03d5", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/apache/tomcat70/commit/0569aa6a01a74d51b93fd0027288358825fc03d5" }, { "reference_url": "https://github.com/apache/tomcat70/commit/0c5d3a903598abd7c7ebe1b00e27a6574339c417", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/apache/tomcat70/commit/0c5d3a903598abd7c7ebe1b00e27a6574339c417" }, { "reference_url": "https://github.com/apache/tomcat70/commit/233dcc857e0faf8bc94325be5fb287aa70ee944f", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/apache/tomcat70/commit/233dcc857e0faf8bc94325be5fb287aa70ee944f" }, { "reference_url": "https://github.com/apache/tomcat70/commit/597edaab8863df03f7bdc4eafb39e754fd3cd322", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/apache/tomcat70/commit/597edaab8863df03f7bdc4eafb39e754fd3cd322" }, { "reference_url": "https://github.com/apache/tomcat70/commit/5fd94ded5ebc57926974064d9b1e82e8f44c743c", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/apache/tomcat70/commit/5fd94ded5ebc57926974064d9b1e82e8f44c743c" }, { "reference_url": "https://github.com/apache/tomcat70/commit/7b05232350c11370ab9385185a57ccd1fe7da09f", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/apache/tomcat70/commit/7b05232350c11370ab9385185a57ccd1fe7da09f" }, { "reference_url": "https://github.com/apache/tomcat70/commit/9649a2147ce04753bb0bbe2be8e66444670c6db5", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/apache/tomcat70/commit/9649a2147ce04753bb0bbe2be8e66444670c6db5" }, { "reference_url": "https://github.com/apache/tomcat70/commit/a2fede48c2d8130db216ea2261c376d723021aa4", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/apache/tomcat70/commit/a2fede48c2d8130db216ea2261c376d723021aa4" }, { "reference_url": "https://github.com/apache/tomcat70/commit/a4bfa01d4e6fd677f6831ab7b3e513c8b94c6185", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/apache/tomcat70/commit/a4bfa01d4e6fd677f6831ab7b3e513c8b94c6185" }, { "reference_url": "https://github.com/apache/tomcat70/commit/c2508191c17acd5e530d80a623a4ac28a8b23128", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/apache/tomcat70/commit/c2508191c17acd5e530d80a623a4ac28a8b23128" }, { "reference_url": "https://github.com/apache/tomcat70/commit/c7950cf9f2d7790a40113d2b50e52cbb337a8fe9", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/apache/tomcat70/commit/c7950cf9f2d7790a40113d2b50e52cbb337a8fe9" }, { "reference_url": "https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16925", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16925" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18934", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18934" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:16925", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:16925" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:18934", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:18934" }, { "reference_url": "https://svn.apache.org/viewvc?view=rev&rev=1189899", "reference_id": "", "reference_type": "", "scores": [], "url": "https://svn.apache.org/viewvc?view=rev&rev=1189899" }, { "reference_url": "https://svn.apache.org/viewvc?view=rev&rev=1190372", "reference_id": "", "reference_type": "", "scores": [], "url": "https://svn.apache.org/viewvc?view=rev&rev=1190372" }, { "reference_url": "https://svn.apache.org/viewvc?view=rev&rev=1190482", "reference_id": "", "reference_type": "", "scores": [], "url": "https://svn.apache.org/viewvc?view=rev&rev=1190482" }, { "reference_url": "https://svn.apache.org/viewvc?view=rev&rev=1194917", "reference_id": "", "reference_type": "", "scores": [], "url": "https://svn.apache.org/viewvc?view=rev&rev=1194917" }, { "reference_url": "https://svn.apache.org/viewvc?view=rev&rev=1195225", "reference_id": "", "reference_type": "", "scores": [], "url": "https://svn.apache.org/viewvc?view=rev&rev=1195225" }, { "reference_url": "https://svn.apache.org/viewvc?view=rev&rev=1195226", "reference_id": "", "reference_type": "", "scores": [], "url": "https://svn.apache.org/viewvc?view=rev&rev=1195226" }, { "reference_url": "https://svn.apache.org/viewvc?view=rev&rev=1195537", "reference_id": "", "reference_type": "", "scores": [], "url": "https://svn.apache.org/viewvc?view=rev&rev=1195537" }, { "reference_url": "https://svn.apache.org/viewvc?view=rev&rev=1195909", "reference_id": "", "reference_type": "", "scores": [], "url": "https://svn.apache.org/viewvc?view=rev&rev=1195909" }, { "reference_url": "https://svn.apache.org/viewvc?view=rev&rev=1195944", "reference_id": "", "reference_type": "", "scores": [], "url": "https://svn.apache.org/viewvc?view=rev&rev=1195944" }, { "reference_url": "https://svn.apache.org/viewvc?view=rev&rev=1195951", "reference_id": "", "reference_type": "", "scores": [], "url": "https://svn.apache.org/viewvc?view=rev&rev=1195951" }, { "reference_url": "https://svn.apache.org/viewvc?view=rev&rev=1195977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://svn.apache.org/viewvc?view=rev&rev=1195977" }, { "reference_url": "https://svn.apache.org/viewvc?view=rev&rev=1198641", "reference_id": "", "reference_type": "", "scores": [], "url": "https://svn.apache.org/viewvc?view=rev&rev=1198641" }, { "reference_url": "https://svn.apache.org/viewvc?view=rev&rev=1200601", "reference_id": "", "reference_type": "", "scores": [], "url": "https://svn.apache.org/viewvc?view=rev&rev=1200601" }, { "reference_url": "https://svn.apache.org/viewvc?view=rev&rev=1206324", "reference_id": "", "reference_type": "", "scores": [], "url": "https://svn.apache.org/viewvc?view=rev&rev=1206324" }, { "reference_url": "https://svn.apache.org/viewvc?view=rev&rev=1221282", "reference_id": "", "reference_type": "", "scores": [], "url": "https://svn.apache.org/viewvc?view=rev&rev=1221282" }, { "reference_url": "https://svn.apache.org/viewvc?view=rev&rev=1224640", "reference_id": "", "reference_type": "", "scores": [], "url": "https://svn.apache.org/viewvc?view=rev&rev=1224640" }, { "reference_url": "https://svn.apache.org/viewvc?view=rev&rev=1228191", "reference_id": "", "reference_type": "", "scores": [], "url": "https://svn.apache.org/viewvc?view=rev&rev=1228191" }, { "reference_url": "https://svn.apache.org/viewvc?view=rev&rev=1229027", "reference_id": "", "reference_type": "", "scores": [], "url": "https://svn.apache.org/viewvc?view=rev&rev=1229027" }, { "reference_url": "http://tomcat.apache.org/security-5.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://tomcat.apache.org/security-5.html" }, { "reference_url": "http://tomcat.apache.org/security-6.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://tomcat.apache.org/security-6.html" }, { "reference_url": "http://tomcat.apache.org/security-7.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://tomcat.apache.org/security-7.html" }, { "reference_url": "http://www.debian.org/security/2012/dsa-2401", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.debian.org/security/2012/dsa-2401" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=783359", "reference_id": "783359", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=783359" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0022", "reference_id": "CVE-2012-0022", "reference_type": "", "scores": [ { "value": "Important", "scoring_system": "apache_tomcat", "scoring_elements": "" } ], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0022" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2012-0022", "reference_id": "CVE-2012-0022", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-0022" }, { "reference_url": "https://github.com/advisories/GHSA-8h2q-qm9x-55jc", "reference_id": "GHSA-8h2q-qm9x-55jc", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-8h2q-qm9x-55jc" }, { "reference_url": "https://security.gentoo.org/glsa/201206-24", "reference_id": "GLSA-201206-24", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201206-24" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0077", "reference_id": "RHSA-2012:0077", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0077" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0078", "reference_id": "RHSA-2012:0078", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0078" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0325", "reference_id": "RHSA-2012:0325", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0325" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0345", "reference_id": "RHSA-2012:0345", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0345" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0474", "reference_id": "RHSA-2012:0474", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0474" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0475", "reference_id": "RHSA-2012:0475", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0475" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0679", "reference_id": "RHSA-2012:0679", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0679" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0680", "reference_id": "RHSA-2012:0680", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0680" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0681", "reference_id": "RHSA-2012:0681", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0681" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0682", "reference_id": "RHSA-2012:0682", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0682" }, { "reference_url": "https://usn.ubuntu.com/1359-1/", "reference_id": "USN-1359-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1359-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1434?format=api", "purl": "pkg:apache/tomcat@5.5.35", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-n76n-ywja-rbhh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@5.5.35" }, { "url": "http://public2.vulnerablecode.io/api/packages/1393?format=api", "purl": "pkg:apache/tomcat@6.0.35", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fpuc-fe6m-47c6" }, { "vulnerability": "VCID-mwk8-b5c9-kbb9" }, { "vulnerability": "VCID-n76n-ywja-rbhh" }, { "vulnerability": "VCID-ta1m-dh8x-nubc" }, { "vulnerability": "VCID-vd1s-m27a-8ucc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@6.0.35" }, { "url": "http://public2.vulnerablecode.io/api/packages/1239?format=api", "purl": "pkg:apache/tomcat@7.0.23", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-f77q-v5xp-e7dy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@7.0.23" } ], "aliases": [ "CVE-2012-0022", "GHSA-8h2q-qm9x-55jc" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hhk9-cr54-8fgc" } ], "risk_score": "3.1", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@5.5.35" }