Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:apache/tomcat@5.5.21
Typeapache
Namespace
Nametomcat
Version5.5.21
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version5.5.30
Latest_non_vulnerable_version11.0.21
Affected_by_vulnerabilities
0
url VCID-87p8-zvvf-y7dm
vulnerability_id VCID-87p8-zvvf-y7dm
summary Directory traversal vulnerability in Apache HTTP Server and Tomcat 5.x before 5.5.22 and 6.x before 6.0.10, when using certain proxy modules (mod_proxy, mod_rewrite, mod_jk), allows remote attackers to read arbitrary files via a .. (dot dot) sequence with combinations of (1) "/" (slash), (2) "\" (backslash), and (3) URL-encoded backslash (%5C) characters in the URL, which are valid separators in Tomcat but not in Apache.
references
0
reference_url http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx
reference_id
reference_type
scores
url http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx
1
reference_url http://docs.info.apple.com/article.html?artnum=306172
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://docs.info.apple.com/article.html?artnum=306172
2
reference_url http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795
reference_id
reference_type
scores
url http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795
3
reference_url http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html
4
reference_url http://lists.vmware.com/pipermail/security-announce/2008/000003.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.vmware.com/pipermail/security-announce/2008/000003.html
5
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-0450.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-0450.json
6
reference_url https://api.first.org/data/v1/epss?cve=CVE-2007-0450
reference_id
reference_type
scores
0
value 0.91133
scoring_system epss
scoring_elements 0.99647
published_at 2026-04-16T12:55:00Z
1
value 0.91133
scoring_system epss
scoring_elements 0.99646
published_at 2026-04-13T12:55:00Z
2
value 0.91133
scoring_system epss
scoring_elements 0.99645
published_at 2026-04-11T12:55:00Z
3
value 0.91133
scoring_system epss
scoring_elements 0.99644
published_at 2026-04-07T12:55:00Z
4
value 0.91133
scoring_system epss
scoring_elements 0.99642
published_at 2026-04-02T12:55:00Z
5
value 0.91133
scoring_system epss
scoring_elements 0.99643
published_at 2026-04-04T12:55:00Z
6
value 0.91133
scoring_system epss
scoring_elements 0.99649
published_at 2026-04-21T12:55:00Z
7
value 0.91133
scoring_system epss
scoring_elements 0.99648
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2007-0450
7
reference_url http://secunia.com/advisories/24732
reference_id
reference_type
scores
url http://secunia.com/advisories/24732
8
reference_url http://secunia.com/advisories/25106
reference_id
reference_type
scores
url http://secunia.com/advisories/25106
9
reference_url http://secunia.com/advisories/25280
reference_id
reference_type
scores
url http://secunia.com/advisories/25280
10
reference_url http://secunia.com/advisories/26235
reference_id
reference_type
scores
url http://secunia.com/advisories/26235
11
reference_url http://secunia.com/advisories/26660
reference_id
reference_type
scores
url http://secunia.com/advisories/26660
12
reference_url http://secunia.com/advisories/27037
reference_id
reference_type
scores
url http://secunia.com/advisories/27037
13
reference_url http://secunia.com/advisories/28365
reference_id
reference_type
scores
url http://secunia.com/advisories/28365
14
reference_url http://secunia.com/advisories/30899
reference_id
reference_type
scores
url http://secunia.com/advisories/30899
15
reference_url http://secunia.com/advisories/30908
reference_id
reference_type
scores
url http://secunia.com/advisories/30908
16
reference_url http://secunia.com/advisories/33668
reference_id
reference_type
scores
url http://secunia.com/advisories/33668
17
reference_url http://security.gentoo.org/glsa/glsa-200705-03.xml
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://security.gentoo.org/glsa/glsa-200705-03.xml
18
reference_url http://securityreason.com/securityalert/2446
reference_id
reference_type
scores
url http://securityreason.com/securityalert/2446
19
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/32988
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/32988
20
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
21
reference_url https://github.com/apache/tomcat/commit/0c5ec5b958f1b59840ee155a23ab409755b039f6
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/0c5ec5b958f1b59840ee155a23ab409755b039f6
22
reference_url https://github.com/apache/tomcat/commit/1735d7f55094c3775c7d94e4f8568336dbe1a738
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/1735d7f55094c3775c7d94e4f8568336dbe1a738
23
reference_url https://github.com/apache/tomcat/commit/19ec1ccd17fbb98511bc1c12b255253c4f48b85f
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/19ec1ccd17fbb98511bc1c12b255253c4f48b85f
24
reference_url https://github.com/apache/tomcat/commit/ec7ff880dbc28b313bf3a2b1914f6f0371489793
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/ec7ff880dbc28b313bf3a2b1914f6f0371489793
25
reference_url https://lists.apache.org/thread.html/277d42b48b6e9aef50949c0dcc79ce21693091d73da246b3c1981925@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/277d42b48b6e9aef50949c0dcc79ce21693091d73da246b3c1981925@%3Cdev.tomcat.apache.org%3E
26
reference_url https://lists.apache.org/thread.html/277d42b48b6e9aef50949c0dcc79ce21693091d73da246b3c1981925%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/277d42b48b6e9aef50949c0dcc79ce21693091d73da246b3c1981925%40%3Cdev.tomcat.apache.org%3E
27
reference_url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
28
reference_url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E
29
reference_url https://lists.apache.org/thread.html/5b7a23e245c93235c503900da854a143596d901bf1a1f67e851a5de4@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/5b7a23e245c93235c503900da854a143596d901bf1a1f67e851a5de4@%3Cdev.tomcat.apache.org%3E
30
reference_url https://lists.apache.org/thread.html/5b7a23e245c93235c503900da854a143596d901bf1a1f67e851a5de4%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/5b7a23e245c93235c503900da854a143596d901bf1a1f67e851a5de4%40%3Cdev.tomcat.apache.org%3E
31
reference_url https://lists.apache.org/thread.html/8d2a579bbd977c225c70cb23b0ec54865fb0dab5da3eff1e060c9935@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/8d2a579bbd977c225c70cb23b0ec54865fb0dab5da3eff1e060c9935@%3Cdev.tomcat.apache.org%3E
32
reference_url https://lists.apache.org/thread.html/8d2a579bbd977c225c70cb23b0ec54865fb0dab5da3eff1e060c9935%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/8d2a579bbd977c225c70cb23b0ec54865fb0dab5da3eff1e060c9935%40%3Cdev.tomcat.apache.org%3E
33
reference_url https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d@%3Cdev.tomcat.apache.org%3E
34
reference_url https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d%40%3Cdev.tomcat.apache.org%3E
35
reference_url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
36
reference_url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E
37
reference_url https://lists.apache.org/thread.html/r5c616dfc49156e4b06ffab842800c80f4425924d0f20c452c127a53c@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r5c616dfc49156e4b06ffab842800c80f4425924d0f20c452c127a53c@%3Cdev.tomcat.apache.org%3E
38
reference_url https://lists.apache.org/thread.html/r5c616dfc49156e4b06ffab842800c80f4425924d0f20c452c127a53c%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r5c616dfc49156e4b06ffab842800c80f4425924d0f20c452c127a53c%40%3Cdev.tomcat.apache.org%3E
39
reference_url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
40
reference_url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E
41
reference_url https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d@%3Cdev.tomcat.apache.org%3E
42
reference_url https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d%40%3Cdev.tomcat.apache.org%3E
43
reference_url https://nvd.nist.gov/vuln/detail/CVE-2007-0450
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2007-0450
44
reference_url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10643
reference_id
reference_type
scores
url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10643
45
reference_url http://sunsolve.sun.com/search/document.do?assetkey=1-26-239312-1
reference_id
reference_type
scores
url http://sunsolve.sun.com/search/document.do?assetkey=1-26-239312-1
46
reference_url http://support.avaya.com/elmodocs2/security/ASA-2007-206.htm
reference_id
reference_type
scores
url http://support.avaya.com/elmodocs2/security/ASA-2007-206.htm
47
reference_url http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540
reference_id
reference_type
scores
url http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540
48
reference_url http://tomcat.apache.org/security-4.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-4.html
49
reference_url http://tomcat.apache.org/security-5.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-5.html
50
reference_url http://tomcat.apache.org/security-6.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-6.html
51
reference_url http://www.fujitsu.com/global/support/software/security/products-f/interstage-200702e.html
reference_id
reference_type
scores
url http://www.fujitsu.com/global/support/software/security/products-f/interstage-200702e.html
52
reference_url http://www.mandriva.com/security/advisories?name=MDKSA-2007:241
reference_id
reference_type
scores
url http://www.mandriva.com/security/advisories?name=MDKSA-2007:241
53
reference_url http://www.novell.com/linux/security/advisories/2007_15_sr.html
reference_id
reference_type
scores
url http://www.novell.com/linux/security/advisories/2007_15_sr.html
54
reference_url http://www.novell.com/linux/security/advisories/2007_5_sr.html
reference_id
reference_type
scores
url http://www.novell.com/linux/security/advisories/2007_5_sr.html
55
reference_url http://www.redhat.com/support/errata/RHSA-2007-0327.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.redhat.com/support/errata/RHSA-2007-0327.html
56
reference_url http://www.redhat.com/support/errata/RHSA-2007-0360.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.redhat.com/support/errata/RHSA-2007-0360.html
57
reference_url http://www.redhat.com/support/errata/RHSA-2008-0261.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.redhat.com/support/errata/RHSA-2008-0261.html
58
reference_url http://www.sec-consult.com/287.html
reference_id
reference_type
scores
url http://www.sec-consult.com/287.html
59
reference_url http://www.sec-consult.com/fileadmin/Advisories/20070314-0-apache_tomcat_directory_traversal.txt
reference_id
reference_type
scores
url http://www.sec-consult.com/fileadmin/Advisories/20070314-0-apache_tomcat_directory_traversal.txt
60
reference_url http://www.securityfocus.com/archive/1/462791/100/0/threaded
reference_id
reference_type
scores
url http://www.securityfocus.com/archive/1/462791/100/0/threaded
61
reference_url http://www.securityfocus.com/archive/1/485938/100/0/threaded
reference_id
reference_type
scores
url http://www.securityfocus.com/archive/1/485938/100/0/threaded
62
reference_url http://www.securityfocus.com/archive/1/500396/100/0/threaded
reference_id
reference_type
scores
url http://www.securityfocus.com/archive/1/500396/100/0/threaded
63
reference_url http://www.securityfocus.com/archive/1/500412/100/0/threaded
reference_id
reference_type
scores
url http://www.securityfocus.com/archive/1/500412/100/0/threaded
64
reference_url http://www.securityfocus.com/bid/22960
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/22960
65
reference_url http://www.securityfocus.com/bid/25159
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/25159
66
reference_url http://www.vupen.com/english/advisories/2007/0975
reference_id
reference_type
scores
url http://www.vupen.com/english/advisories/2007/0975
67
reference_url http://www.vupen.com/english/advisories/2007/2732
reference_id
reference_type
scores
url http://www.vupen.com/english/advisories/2007/2732
68
reference_url http://www.vupen.com/english/advisories/2007/3087
reference_id
reference_type
scores
url http://www.vupen.com/english/advisories/2007/3087
69
reference_url http://www.vupen.com/english/advisories/2007/3386
reference_id
reference_type
scores
url http://www.vupen.com/english/advisories/2007/3386
70
reference_url http://www.vupen.com/english/advisories/2008/0065
reference_id
reference_type
scores
url http://www.vupen.com/english/advisories/2008/0065
71
reference_url http://www.vupen.com/english/advisories/2008/1979/references
reference_id
reference_type
scores
url http://www.vupen.com/english/advisories/2008/1979/references
72
reference_url http://www.vupen.com/english/advisories/2009/0233
reference_id
reference_type
scores
url http://www.vupen.com/english/advisories/2009/0233
73
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=237080
reference_id 237080
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=237080
74
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:-:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:-:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:-:*:*:*:*:*:*:*
75
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*
76
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0450
reference_id CVE-2007-0450
reference_type
scores
0
value Important
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0450
77
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/29739.txt
reference_id CVE-2007-0450;OSVDB-34769
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/29739.txt
78
reference_url https://www.securityfocus.com/bid/22960/info
reference_id CVE-2007-0450;OSVDB-34769
reference_type exploit
scores
url https://www.securityfocus.com/bid/22960/info
79
reference_url https://github.com/advisories/GHSA-4prh-gqw8-rgh5
reference_id GHSA-4prh-gqw8-rgh5
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-4prh-gqw8-rgh5
80
reference_url https://security.gentoo.org/glsa/200705-03
reference_id GLSA-200705-03
reference_type
scores
url https://security.gentoo.org/glsa/200705-03
81
reference_url https://access.redhat.com/errata/RHSA-2007:0360
reference_id RHSA-2007:0360
reference_type
scores
url https://access.redhat.com/errata/RHSA-2007:0360
82
reference_url https://access.redhat.com/errata/RHSA-2007:1069
reference_id RHSA-2007:1069
reference_type
scores
url https://access.redhat.com/errata/RHSA-2007:1069
fixed_packages
0
url pkg:apache/tomcat@5.5.22
purl pkg:apache/tomcat@5.5.22
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6epr-2hbd-skcz
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@5.5.22
1
url pkg:apache/tomcat@6.0.10
purl pkg:apache/tomcat@6.0.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-27q8-96un-9fbk
1
vulnerability VCID-6epr-2hbd-skcz
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@6.0.10
aliases CVE-2007-0450, GHSA-4prh-gqw8-rgh5
risk_score 10.0
exploitability 2.0
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-87p8-zvvf-y7dm
Fixing_vulnerabilities
0
url VCID-8w1a-ww52-x7em
vulnerability_id VCID-8w1a-ww52-x7em
summary The doRead method in Apache Tomcat 4.1.32 through 4.1.34 and 5.5.10 through 5.5.20 does not return a -1 to indicate when a certain error condition has occurred, which can cause Tomcat to send POST content from one request to a different request.
references
0
reference_url http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000010.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000010.html
1
reference_url http://jvn.jp/en/jp/JVN66905322/index.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://jvn.jp/en/jp/JVN66905322/index.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-4308.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-4308.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2008-4308
reference_id
reference_type
scores
0
value 0.07599
scoring_system epss
scoring_elements 0.91867
published_at 2026-04-21T12:55:00Z
1
value 0.07599
scoring_system epss
scoring_elements 0.9181
published_at 2026-04-01T12:55:00Z
2
value 0.07599
scoring_system epss
scoring_elements 0.91819
published_at 2026-04-02T12:55:00Z
3
value 0.07599
scoring_system epss
scoring_elements 0.91825
published_at 2026-04-04T12:55:00Z
4
value 0.07599
scoring_system epss
scoring_elements 0.91833
published_at 2026-04-07T12:55:00Z
5
value 0.07599
scoring_system epss
scoring_elements 0.91845
published_at 2026-04-08T12:55:00Z
6
value 0.07599
scoring_system epss
scoring_elements 0.91851
published_at 2026-04-09T12:55:00Z
7
value 0.07599
scoring_system epss
scoring_elements 0.91855
published_at 2026-04-11T12:55:00Z
8
value 0.07599
scoring_system epss
scoring_elements 0.91856
published_at 2026-04-12T12:55:00Z
9
value 0.07599
scoring_system epss
scoring_elements 0.91852
published_at 2026-04-13T12:55:00Z
10
value 0.07599
scoring_system epss
scoring_elements 0.91871
published_at 2026-04-16T12:55:00Z
11
value 0.07599
scoring_system epss
scoring_elements 0.91868
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2008-4308
4
reference_url http://secunia.com/advisories/34057
reference_id
reference_type
scores
url http://secunia.com/advisories/34057
5
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
6
reference_url https://issues.apache.org/bugzilla/show_bug.cgi?id=40771
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://issues.apache.org/bugzilla/show_bug.cgi?id=40771
7
reference_url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
8
reference_url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E
9
reference_url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
10
reference_url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E
11
reference_url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E
13
reference_url https://web.archive.org/web/20090228052951/http://secunia.com/advisories/34057
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20090228052951/http://secunia.com/advisories/34057
14
reference_url https://web.archive.org/web/20111229174634/http://www.securityfocus.com/archive/1/501250
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20111229174634/http://www.securityfocus.com/archive/1/501250
15
reference_url https://web.archive.org/web/20201207165808/http://www.securityfocus.com/bid/33913
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20201207165808/http://www.securityfocus.com/bid/33913
16
reference_url http://www.securityfocus.com/archive/1/501250
reference_id
reference_type
scores
url http://www.securityfocus.com/archive/1/501250
17
reference_url http://www.securityfocus.com/bid/33913
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/33913
18
reference_url http://www.vupen.com/english/advisories/2009/0541
reference_id
reference_type
scores
url http://www.vupen.com/english/advisories/2009/0541
19
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=488040
reference_id 488040
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=488040
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.32:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:tomcat:4.1.32:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.32:*:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.33:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:tomcat:4.1.33:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.33:*:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.34:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:tomcat:4.1.34:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.34:*:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.10:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:tomcat:5.5.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.10:*:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.11:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:tomcat:5.5.11:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.11:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.12:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:tomcat:5.5.12:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.12:*:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.13:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:tomcat:5.5.13:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.13:*:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.14:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:tomcat:5.5.14:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.14:*:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.15:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:tomcat:5.5.15:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.15:*:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.16:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:tomcat:5.5.16:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.16:*:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.17:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:tomcat:5.5.17:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.17:*:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.18:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:tomcat:5.5.18:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.18:*:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.19:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:tomcat:5.5.19:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.19:*:*:*:*:*:*:*
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.20:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:tomcat:5.5.20:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.20:*:*:*:*:*:*:*
34
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4308
reference_id CVE-2008-4308
reference_type
scores
0
value Low
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4308
35
reference_url https://nvd.nist.gov/vuln/detail/CVE-2008-4308
reference_id CVE-2008-4308
reference_type
scores
0
value 2.6
scoring_system cvssv2
scoring_elements AV:N/AC:H/Au:N/C:P/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2008-4308
36
reference_url https://github.com/advisories/GHSA-7g59-hm8v-cwmc
reference_id GHSA-7g59-hm8v-cwmc
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-7g59-hm8v-cwmc
fixed_packages
0
url pkg:apache/tomcat@4.1.35
purl pkg:apache/tomcat@4.1.35
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@4.1.35
1
url pkg:apache/tomcat@5.5.21
purl pkg:apache/tomcat@5.5.21
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-87p8-zvvf-y7dm
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@5.5.21
aliases CVE-2008-4308, GHSA-7g59-hm8v-cwmc
risk_score 1.4
exploitability 0.5
weighted_severity 2.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8w1a-ww52-x7em
1
url VCID-qdck-q54n-rkcv
vulnerability_id VCID-qdck-q54n-rkcv
summary The SingleSignOn Valve (org.apache.catalina.authenticator.SingleSignOn) in Apache Tomcat before 5.5.21 does not set the secure flag for the JSESSIONIDSSO cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0128.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0128.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2008-0128
reference_id
reference_type
scores
0
value 0.03858
scoring_system epss
scoring_elements 0.88224
published_at 2026-04-21T12:55:00Z
1
value 0.03858
scoring_system epss
scoring_elements 0.88153
published_at 2026-04-01T12:55:00Z
2
value 0.03858
scoring_system epss
scoring_elements 0.88162
published_at 2026-04-02T12:55:00Z
3
value 0.03858
scoring_system epss
scoring_elements 0.88178
published_at 2026-04-04T12:55:00Z
4
value 0.03858
scoring_system epss
scoring_elements 0.88184
published_at 2026-04-07T12:55:00Z
5
value 0.03858
scoring_system epss
scoring_elements 0.88203
published_at 2026-04-08T12:55:00Z
6
value 0.03858
scoring_system epss
scoring_elements 0.88209
published_at 2026-04-09T12:55:00Z
7
value 0.03858
scoring_system epss
scoring_elements 0.8822
published_at 2026-04-11T12:55:00Z
8
value 0.03858
scoring_system epss
scoring_elements 0.88213
published_at 2026-04-12T12:55:00Z
9
value 0.03858
scoring_system epss
scoring_elements 0.88212
published_at 2026-04-13T12:55:00Z
10
value 0.03858
scoring_system epss
scoring_elements 0.88226
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2008-0128
2
reference_url https://svn.apache.org/viewvc?view=rev&rev=684900
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=684900
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=429821
reference_id 429821
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=429821
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0128
reference_id CVE-2008-0128
reference_type
scores
0
value Moderate
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0128
5
reference_url https://access.redhat.com/errata/RHSA-2008:0630
reference_id RHSA-2008:0630
reference_type
scores
url https://access.redhat.com/errata/RHSA-2008:0630
fixed_packages
0
url pkg:apache/tomcat@4.1.39
purl pkg:apache/tomcat@4.1.39
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4rcx-xfn5-7kdb
1
vulnerability VCID-bung-pa58-ayfv
2
vulnerability VCID-dcrp-rae1-zfcm
3
vulnerability VCID-mnf8-t3ew-4fgb
4
vulnerability VCID-r84b-7ay9-ekcm
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@4.1.39
1
url pkg:apache/tomcat@5.5.21
purl pkg:apache/tomcat@5.5.21
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-87p8-zvvf-y7dm
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@5.5.21
2
url pkg:apache/tomcat@6.0.9
purl pkg:apache/tomcat@6.0.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-87p8-zvvf-y7dm
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@6.0.9
aliases CVE-2008-0128
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qdck-q54n-rkcv
2
url VCID-qxkf-4ddv-j3b7
vulnerability_id VCID-qxkf-4ddv-j3b7
summary Cross-site scripting (XSS) vulnerability in certain applications using Apache Tomcat 4.0.0 through 4.0.6 and 4.1.0 through 4.1.34 allows remote attackers to inject arbitrary web script or HTML via crafted "Accept-Language headers that do not conform to RFC 2616".
references
0
reference_url http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx
reference_id
reference_type
scores
url http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx
1
reference_url http://docs.info.apple.com/article.html?artnum=306172
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://docs.info.apple.com/article.html?artnum=306172
2
reference_url http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795
reference_id
reference_type
scores
url http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795
3
reference_url http://jvn.jp/jp/JVN%2316535199/index.html
reference_id
reference_type
scores
url http://jvn.jp/jp/JVN%2316535199/index.html
4
reference_url http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html
5
reference_url http://osvdb.org/34881
reference_id
reference_type
scores
url http://osvdb.org/34881
6
reference_url http://rhn.redhat.com/errata/RHSA-2008-0630.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2008-0630.html
7
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-1358.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-1358.json
8
reference_url https://api.first.org/data/v1/epss?cve=CVE-2007-1358
reference_id
reference_type
scores
0
value 0.39862
scoring_system epss
scoring_elements 0.97324
published_at 2026-04-13T12:55:00Z
1
value 0.39862
scoring_system epss
scoring_elements 0.97323
published_at 2026-04-12T12:55:00Z
2
value 0.39862
scoring_system epss
scoring_elements 0.97322
published_at 2026-04-11T12:55:00Z
3
value 0.39862
scoring_system epss
scoring_elements 0.9732
published_at 2026-04-09T12:55:00Z
4
value 0.39862
scoring_system epss
scoring_elements 0.97313
published_at 2026-04-07T12:55:00Z
5
value 0.39862
scoring_system epss
scoring_elements 0.97312
published_at 2026-04-04T12:55:00Z
6
value 0.39862
scoring_system epss
scoring_elements 0.97307
published_at 2026-04-02T12:55:00Z
7
value 0.39862
scoring_system epss
scoring_elements 0.97301
published_at 2026-04-01T12:55:00Z
8
value 0.39862
scoring_system epss
scoring_elements 0.97335
published_at 2026-04-21T12:55:00Z
9
value 0.39862
scoring_system epss
scoring_elements 0.97332
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2007-1358
9
reference_url http://secunia.com/advisories/25721
reference_id
reference_type
scores
url http://secunia.com/advisories/25721
10
reference_url http://secunia.com/advisories/26235
reference_id
reference_type
scores
url http://secunia.com/advisories/26235
11
reference_url http://secunia.com/advisories/26660
reference_id
reference_type
scores
url http://secunia.com/advisories/26660
12
reference_url http://secunia.com/advisories/27037
reference_id
reference_type
scores
url http://secunia.com/advisories/27037
13
reference_url http://secunia.com/advisories/27727
reference_id
reference_type
scores
url http://secunia.com/advisories/27727
14
reference_url http://secunia.com/advisories/30899
reference_id
reference_type
scores
url http://secunia.com/advisories/30899
15
reference_url http://secunia.com/advisories/30908
reference_id
reference_type
scores
url http://secunia.com/advisories/30908
16
reference_url http://secunia.com/advisories/31493
reference_id
reference_type
scores
url http://secunia.com/advisories/31493
17
reference_url http://secunia.com/advisories/33668
reference_id
reference_type
scores
url http://secunia.com/advisories/33668
18
reference_url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
19
reference_url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E
20
reference_url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
21
reference_url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E
22
reference_url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
23
reference_url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E
24
reference_url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10679
reference_id
reference_type
scores
url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10679
25
reference_url http://sunsolve.sun.com/search/document.do?assetkey=1-26-239312-1
reference_id
reference_type
scores
url http://sunsolve.sun.com/search/document.do?assetkey=1-26-239312-1
26
reference_url http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540
reference_id
reference_type
scores
url http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540
27
reference_url https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00525.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00525.html
28
reference_url http://tomcat.apache.org/security-4.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-4.html
29
reference_url http://www.fujitsu.com/global/support/software/security/products-f/interstage-200704e.html
reference_id
reference_type
scores
url http://www.fujitsu.com/global/support/software/security/products-f/interstage-200704e.html
30
reference_url http://www.redhat.com/support/errata/RHSA-2008-0261.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://www.redhat.com/support/errata/RHSA-2008-0261.html
31
reference_url http://www.securityfocus.com/archive/1/471719/100/0/threaded
reference_id
reference_type
scores
url http://www.securityfocus.com/archive/1/471719/100/0/threaded
32
reference_url http://www.securityfocus.com/archive/1/500396/100/0/threaded
reference_id
reference_type
scores
url http://www.securityfocus.com/archive/1/500396/100/0/threaded
33
reference_url http://www.securityfocus.com/archive/1/500412/100/0/threaded
reference_id
reference_type
scores
url http://www.securityfocus.com/archive/1/500412/100/0/threaded
34
reference_url http://www.securityfocus.com/bid/24524
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/24524
35
reference_url http://www.securityfocus.com/bid/25159
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/25159
36
reference_url http://www.securitytracker.com/id?1018269
reference_id
reference_type
scores
url http://www.securitytracker.com/id?1018269
37
reference_url http://www.vupen.com/english/advisories/2007/1729
reference_id
reference_type
scores
url http://www.vupen.com/english/advisories/2007/1729
38
reference_url http://www.vupen.com/english/advisories/2007/2732
reference_id
reference_type
scores
url http://www.vupen.com/english/advisories/2007/2732
39
reference_url http://www.vupen.com/english/advisories/2007/3087
reference_id
reference_type
scores
url http://www.vupen.com/english/advisories/2007/3087
40
reference_url http://www.vupen.com/english/advisories/2007/3386
reference_id
reference_type
scores
url http://www.vupen.com/english/advisories/2007/3386
41
reference_url http://www.vupen.com/english/advisories/2008/1979/references
reference_id
reference_type
scores
url http://www.vupen.com/english/advisories/2008/1979/references
42
reference_url http://www.vupen.com/english/advisories/2009/0233
reference_id
reference_type
scores
url http://www.vupen.com/english/advisories/2009/0233
43
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=244803
reference_id 244803
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=244803
44
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*
45
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.0.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:tomcat:4.0.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.0.0:*:*:*:*:*:*:*
46
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.0.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:tomcat:4.0.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.0.1:*:*:*:*:*:*:*
47
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.0.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:tomcat:4.0.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.0.2:*:*:*:*:*:*:*
48
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.0.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:tomcat:4.0.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.0.3:*:*:*:*:*:*:*
49
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.0.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:tomcat:4.0.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.0.4:*:*:*:*:*:*:*
50
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.0.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:tomcat:4.0.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.0.5:*:*:*:*:*:*:*
51
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.0.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:tomcat:4.0.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.0.6:*:*:*:*:*:*:*
52
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:tomcat:4.1.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.0:*:*:*:*:*:*:*
53
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1358
reference_id CVE-2007-1358
reference_type
scores
0
value Low
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1358
54
reference_url https://nvd.nist.gov/vuln/detail/CVE-2007-1358
reference_id CVE-2007-1358
reference_type
scores
0
value 2.6
scoring_system cvssv2
scoring_elements AV:N/AC:H/Au:N/C:N/I:P/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2007-1358
55
reference_url https://github.com/advisories/GHSA-xmc9-6p56-3c4v
reference_id GHSA-xmc9-6p56-3c4v
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-xmc9-6p56-3c4v
56
reference_url https://access.redhat.com/errata/RHSA-2007:0360
reference_id RHSA-2007:0360
reference_type
scores
url https://access.redhat.com/errata/RHSA-2007:0360
57
reference_url https://access.redhat.com/errata/RHSA-2007:0876
reference_id RHSA-2007:0876
reference_type
scores
url https://access.redhat.com/errata/RHSA-2007:0876
58
reference_url https://access.redhat.com/errata/RHSA-2008:0630
reference_id RHSA-2008:0630
reference_type
scores
url https://access.redhat.com/errata/RHSA-2008:0630
fixed_packages
0
url pkg:apache/tomcat@4.1.36
purl pkg:apache/tomcat@4.1.36
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-27q8-96un-9fbk
1
vulnerability VCID-6p3e-4u8s-17ep
2
vulnerability VCID-7969-7a8h-zyhh
3
vulnerability VCID-88v7-kc2y-bfd7
4
vulnerability VCID-mp3r-5531-uqg5
5
vulnerability VCID-p45v-qpgg-qqfj
6
vulnerability VCID-peya-mr7j-vugf
7
vulnerability VCID-tcju-3rvu-wkht
8
vulnerability VCID-v94p-bxm3-akfd
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@4.1.36
1
url pkg:apache/tomcat@5.5.21
purl pkg:apache/tomcat@5.5.21
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-87p8-zvvf-y7dm
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@5.5.21
2
url pkg:apache/tomcat@6.0.6
purl pkg:apache/tomcat@6.0.6
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@6.0.6
aliases CVE-2007-1358, GHSA-xmc9-6p56-3c4v
risk_score 1.4
exploitability 0.5
weighted_severity 2.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qxkf-4ddv-j3b7
Risk_score10.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:apache/tomcat@5.5.21