Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:maven/org.apache.tomcat/tomcat@5.5.32

Type maven

Namespace org.apache.tomcat

Name tomcat

Version 5.5.32

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 9.0.117

Latest_non_vulnerable_version 11.0.21

Affected_by_vulnerabilities

url VCID-618c-ar98-qfcr

vulnerability_id VCID-618c-ar98-qfcr

summary native/unix/native/jsvc-unix.c in jsvc in the Daemon component 1.0.3 through 1.0.6 in Apache Commons, as used in Apache Tomcat 5.5.32 through 5.5.33, 6.0.30 through 6.0.32, and 7.0.x before 7.0.20 on Linux, does not drop capabilities, which allows remote attackers to bypass read permissions for files via a request to an application.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-2729.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-2729.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2011-2729

reference_id

reference_type

scores

value	0.08784
scoring_system	epss
scoring_elements	0.92531
published_at	2026-04-16T12:55:00Z

value	0.08784
scoring_system	epss
scoring_elements	0.92479
published_at	2026-04-01T12:55:00Z

value	0.08784
scoring_system	epss
scoring_elements	0.92485
published_at	2026-04-02T12:55:00Z

value	0.08784
scoring_system	epss
scoring_elements	0.92494
published_at	2026-04-04T12:55:00Z

value	0.08784
scoring_system	epss
scoring_elements	0.92497
published_at	2026-04-07T12:55:00Z

value	0.08784
scoring_system	epss
scoring_elements	0.92509
published_at	2026-04-08T12:55:00Z

value	0.08784
scoring_system	epss
scoring_elements	0.92514
published_at	2026-04-09T12:55:00Z

value	0.08784
scoring_system	epss
scoring_elements	0.9252
published_at	2026-04-13T12:55:00Z

value	0.08784
scoring_system	epss
scoring_elements	0.92521
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2011-2729

reference_url	https://svn.apache.org/viewvc?view=rev&rev=1153379
reference_id
reference_type
scores
url	https://svn.apache.org/viewvc?view=rev&rev=1153379

reference_url	https://svn.apache.org/viewvc?view=rev&rev=1153824
reference_id
reference_type
scores
url	https://svn.apache.org/viewvc?view=rev&rev=1153824

reference_url	https://svn.apache.org/viewvc?view=rev&rev=1159346
reference_id
reference_type
scores
url	https://svn.apache.org/viewvc?view=rev&rev=1159346

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=730400
reference_id	730400
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=730400

reference_url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2729

reference_id

CVE-2011-2729

reference_type

scores

value	Important
scoring_system	apache_tomcat
scoring_elements

url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2729

reference_url	https://security.gentoo.org/glsa/201206-24
reference_id	GLSA-201206-24
reference_type
scores
url	https://security.gentoo.org/glsa/201206-24

reference_url	https://access.redhat.com/errata/RHSA-2011:1291
reference_id	RHSA-2011:1291
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2011:1291

reference_url	https://access.redhat.com/errata/RHSA-2011:1292
reference_id	RHSA-2011:1292
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2011:1292

reference_url	https://usn.ubuntu.com/1298-1/
reference_id	USN-1298-1
reference_type
scores
url	https://usn.ubuntu.com/1298-1/

fixed_packages

url pkg:maven/org.apache.tomcat/tomcat@5.5.34

purl pkg:maven/org.apache.tomcat/tomcat@5.5.34

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-hhk9-cr54-8fgc

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@5.5.34

url pkg:maven/org.apache.tomcat/tomcat@6.0.33

purl pkg:maven/org.apache.tomcat/tomcat@6.0.33

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-a9bd-d31y-k7g6

vulnerability	VCID-hhk9-cr54-8fgc

vulnerability	VCID-hxj6-mupf-abbc

vulnerability	VCID-quwu-ep21-cyew

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@6.0.33

url pkg:maven/org.apache.tomcat/tomcat@7.0.20

purl pkg:maven/org.apache.tomcat/tomcat@7.0.20

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-quwu-ep21-cyew

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@7.0.20

aliases CVE-2011-2729

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-618c-ar98-qfcr

Fixing_vulnerabilities

Risk_score 4.0

Resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@5.5.32

Package Instance