Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:apache/tomcat@5.5.20
Typeapache
Namespace
Nametomcat
Version5.5.20
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version5.5.30
Latest_non_vulnerable_version11.0.21
Affected_by_vulnerabilities
0
url VCID-8w1a-ww52-x7em
vulnerability_id VCID-8w1a-ww52-x7em
summary The doRead method in Apache Tomcat 4.1.32 through 4.1.34 and 5.5.10 through 5.5.20 does not return a -1 to indicate when a certain error condition has occurred, which can cause Tomcat to send POST content from one request to a different request.
references
0
reference_url http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000010.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000010.html
1
reference_url http://jvn.jp/en/jp/JVN66905322/index.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://jvn.jp/en/jp/JVN66905322/index.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-4308.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-4308.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2008-4308
reference_id
reference_type
scores
0
value 0.07599
scoring_system epss
scoring_elements 0.91867
published_at 2026-04-21T12:55:00Z
1
value 0.07599
scoring_system epss
scoring_elements 0.9181
published_at 2026-04-01T12:55:00Z
2
value 0.07599
scoring_system epss
scoring_elements 0.91819
published_at 2026-04-02T12:55:00Z
3
value 0.07599
scoring_system epss
scoring_elements 0.91825
published_at 2026-04-04T12:55:00Z
4
value 0.07599
scoring_system epss
scoring_elements 0.91833
published_at 2026-04-07T12:55:00Z
5
value 0.07599
scoring_system epss
scoring_elements 0.91845
published_at 2026-04-08T12:55:00Z
6
value 0.07599
scoring_system epss
scoring_elements 0.91851
published_at 2026-04-09T12:55:00Z
7
value 0.07599
scoring_system epss
scoring_elements 0.91855
published_at 2026-04-11T12:55:00Z
8
value 0.07599
scoring_system epss
scoring_elements 0.91856
published_at 2026-04-12T12:55:00Z
9
value 0.07599
scoring_system epss
scoring_elements 0.91852
published_at 2026-04-13T12:55:00Z
10
value 0.07599
scoring_system epss
scoring_elements 0.91871
published_at 2026-04-16T12:55:00Z
11
value 0.07599
scoring_system epss
scoring_elements 0.91868
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2008-4308
4
reference_url http://secunia.com/advisories/34057
reference_id
reference_type
scores
url http://secunia.com/advisories/34057
5
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
6
reference_url https://issues.apache.org/bugzilla/show_bug.cgi?id=40771
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://issues.apache.org/bugzilla/show_bug.cgi?id=40771
7
reference_url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
8
reference_url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E
9
reference_url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
10
reference_url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E
11
reference_url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E
13
reference_url https://web.archive.org/web/20090228052951/http://secunia.com/advisories/34057
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20090228052951/http://secunia.com/advisories/34057
14
reference_url https://web.archive.org/web/20111229174634/http://www.securityfocus.com/archive/1/501250
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20111229174634/http://www.securityfocus.com/archive/1/501250
15
reference_url https://web.archive.org/web/20201207165808/http://www.securityfocus.com/bid/33913
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20201207165808/http://www.securityfocus.com/bid/33913
16
reference_url http://www.securityfocus.com/archive/1/501250
reference_id
reference_type
scores
url http://www.securityfocus.com/archive/1/501250
17
reference_url http://www.securityfocus.com/bid/33913
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/33913
18
reference_url http://www.vupen.com/english/advisories/2009/0541
reference_id
reference_type
scores
url http://www.vupen.com/english/advisories/2009/0541
19
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=488040
reference_id 488040
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=488040
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.32:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:tomcat:4.1.32:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.32:*:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.33:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:tomcat:4.1.33:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.33:*:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.34:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:tomcat:4.1.34:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.34:*:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.10:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:tomcat:5.5.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.10:*:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.11:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:tomcat:5.5.11:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.11:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.12:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:tomcat:5.5.12:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.12:*:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.13:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:tomcat:5.5.13:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.13:*:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.14:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:tomcat:5.5.14:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.14:*:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.15:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:tomcat:5.5.15:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.15:*:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.16:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:tomcat:5.5.16:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.16:*:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.17:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:tomcat:5.5.17:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.17:*:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.18:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:tomcat:5.5.18:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.18:*:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.19:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:tomcat:5.5.19:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.19:*:*:*:*:*:*:*
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.20:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:tomcat:5.5.20:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.20:*:*:*:*:*:*:*
34
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4308
reference_id CVE-2008-4308
reference_type
scores
0
value Low
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4308
35
reference_url https://nvd.nist.gov/vuln/detail/CVE-2008-4308
reference_id CVE-2008-4308
reference_type
scores
0
value 2.6
scoring_system cvssv2
scoring_elements AV:N/AC:H/Au:N/C:P/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2008-4308
36
reference_url https://github.com/advisories/GHSA-7g59-hm8v-cwmc
reference_id GHSA-7g59-hm8v-cwmc
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-7g59-hm8v-cwmc
fixed_packages
0
url pkg:apache/tomcat@5.5.21
purl pkg:apache/tomcat@5.5.21
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-87p8-zvvf-y7dm
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@5.5.21
aliases CVE-2008-4308, GHSA-7g59-hm8v-cwmc
risk_score 1.4
exploitability 0.5
weighted_severity 2.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8w1a-ww52-x7em
1
url VCID-qdck-q54n-rkcv
vulnerability_id VCID-qdck-q54n-rkcv
summary The SingleSignOn Valve (org.apache.catalina.authenticator.SingleSignOn) in Apache Tomcat before 5.5.21 does not set the secure flag for the JSESSIONIDSSO cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0128.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0128.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2008-0128
reference_id
reference_type
scores
0
value 0.03858
scoring_system epss
scoring_elements 0.88224
published_at 2026-04-21T12:55:00Z
1
value 0.03858
scoring_system epss
scoring_elements 0.88153
published_at 2026-04-01T12:55:00Z
2
value 0.03858
scoring_system epss
scoring_elements 0.88162
published_at 2026-04-02T12:55:00Z
3
value 0.03858
scoring_system epss
scoring_elements 0.88178
published_at 2026-04-04T12:55:00Z
4
value 0.03858
scoring_system epss
scoring_elements 0.88184
published_at 2026-04-07T12:55:00Z
5
value 0.03858
scoring_system epss
scoring_elements 0.88203
published_at 2026-04-08T12:55:00Z
6
value 0.03858
scoring_system epss
scoring_elements 0.88209
published_at 2026-04-09T12:55:00Z
7
value 0.03858
scoring_system epss
scoring_elements 0.8822
published_at 2026-04-11T12:55:00Z
8
value 0.03858
scoring_system epss
scoring_elements 0.88213
published_at 2026-04-12T12:55:00Z
9
value 0.03858
scoring_system epss
scoring_elements 0.88212
published_at 2026-04-13T12:55:00Z
10
value 0.03858
scoring_system epss
scoring_elements 0.88226
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2008-0128
2
reference_url https://svn.apache.org/viewvc?view=rev&rev=684900
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=684900
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=429821
reference_id 429821
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=429821
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0128
reference_id CVE-2008-0128
reference_type
scores
0
value Moderate
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0128
5
reference_url https://access.redhat.com/errata/RHSA-2008:0630
reference_id RHSA-2008:0630
reference_type
scores
url https://access.redhat.com/errata/RHSA-2008:0630
fixed_packages
0
url pkg:apache/tomcat@5.5.21
purl pkg:apache/tomcat@5.5.21
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-87p8-zvvf-y7dm
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@5.5.21
1
url pkg:apache/tomcat@6.0.9
purl pkg:apache/tomcat@6.0.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-87p8-zvvf-y7dm
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@6.0.9
aliases CVE-2008-0128
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qdck-q54n-rkcv
2
url VCID-qxkf-4ddv-j3b7
vulnerability_id VCID-qxkf-4ddv-j3b7
summary Cross-site scripting (XSS) vulnerability in certain applications using Apache Tomcat 4.0.0 through 4.0.6 and 4.1.0 through 4.1.34 allows remote attackers to inject arbitrary web script or HTML via crafted "Accept-Language headers that do not conform to RFC 2616".
references
0
reference_url http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx
reference_id
reference_type
scores
url http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx
1
reference_url http://docs.info.apple.com/article.html?artnum=306172
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://docs.info.apple.com/article.html?artnum=306172
2
reference_url http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795
reference_id
reference_type
scores
url http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795
3
reference_url http://jvn.jp/jp/JVN%2316535199/index.html
reference_id
reference_type
scores
url http://jvn.jp/jp/JVN%2316535199/index.html
4
reference_url http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html
5
reference_url http://osvdb.org/34881
reference_id
reference_type
scores
url http://osvdb.org/34881
6
reference_url http://rhn.redhat.com/errata/RHSA-2008-0630.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2008-0630.html
7
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-1358.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-1358.json
8
reference_url https://api.first.org/data/v1/epss?cve=CVE-2007-1358
reference_id
reference_type
scores
0
value 0.39862
scoring_system epss
scoring_elements 0.97324
published_at 2026-04-13T12:55:00Z
1
value 0.39862
scoring_system epss
scoring_elements 0.97323
published_at 2026-04-12T12:55:00Z
2
value 0.39862
scoring_system epss
scoring_elements 0.97322
published_at 2026-04-11T12:55:00Z
3
value 0.39862
scoring_system epss
scoring_elements 0.9732
published_at 2026-04-09T12:55:00Z
4
value 0.39862
scoring_system epss
scoring_elements 0.97313
published_at 2026-04-07T12:55:00Z
5
value 0.39862
scoring_system epss
scoring_elements 0.97312
published_at 2026-04-04T12:55:00Z
6
value 0.39862
scoring_system epss
scoring_elements 0.97307
published_at 2026-04-02T12:55:00Z
7
value 0.39862
scoring_system epss
scoring_elements 0.97301
published_at 2026-04-01T12:55:00Z
8
value 0.39862
scoring_system epss
scoring_elements 0.97335
published_at 2026-04-21T12:55:00Z
9
value 0.39862
scoring_system epss
scoring_elements 0.97332
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2007-1358
9
reference_url http://secunia.com/advisories/25721
reference_id
reference_type
scores
url http://secunia.com/advisories/25721
10
reference_url http://secunia.com/advisories/26235
reference_id
reference_type
scores
url http://secunia.com/advisories/26235
11
reference_url http://secunia.com/advisories/26660
reference_id
reference_type
scores
url http://secunia.com/advisories/26660
12
reference_url http://secunia.com/advisories/27037
reference_id
reference_type
scores
url http://secunia.com/advisories/27037
13
reference_url http://secunia.com/advisories/27727
reference_id
reference_type
scores
url http://secunia.com/advisories/27727
14
reference_url http://secunia.com/advisories/30899
reference_id
reference_type
scores
url http://secunia.com/advisories/30899
15
reference_url http://secunia.com/advisories/30908
reference_id
reference_type
scores
url http://secunia.com/advisories/30908
16
reference_url http://secunia.com/advisories/31493
reference_id
reference_type
scores
url http://secunia.com/advisories/31493
17
reference_url http://secunia.com/advisories/33668
reference_id
reference_type
scores
url http://secunia.com/advisories/33668
18
reference_url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
19
reference_url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E
20
reference_url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
21
reference_url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E
22
reference_url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
23
reference_url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E
24
reference_url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10679
reference_id
reference_type
scores
url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10679
25
reference_url http://sunsolve.sun.com/search/document.do?assetkey=1-26-239312-1
reference_id
reference_type
scores
url http://sunsolve.sun.com/search/document.do?assetkey=1-26-239312-1
26
reference_url http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540
reference_id
reference_type
scores
url http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540
27
reference_url https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00525.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00525.html
28
reference_url http://tomcat.apache.org/security-4.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-4.html
29
reference_url http://www.fujitsu.com/global/support/software/security/products-f/interstage-200704e.html
reference_id
reference_type
scores
url http://www.fujitsu.com/global/support/software/security/products-f/interstage-200704e.html
30
reference_url http://www.redhat.com/support/errata/RHSA-2008-0261.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://www.redhat.com/support/errata/RHSA-2008-0261.html
31
reference_url http://www.securityfocus.com/archive/1/471719/100/0/threaded
reference_id
reference_type
scores
url http://www.securityfocus.com/archive/1/471719/100/0/threaded
32
reference_url http://www.securityfocus.com/archive/1/500396/100/0/threaded
reference_id
reference_type
scores
url http://www.securityfocus.com/archive/1/500396/100/0/threaded
33
reference_url http://www.securityfocus.com/archive/1/500412/100/0/threaded
reference_id
reference_type
scores
url http://www.securityfocus.com/archive/1/500412/100/0/threaded
34
reference_url http://www.securityfocus.com/bid/24524
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/24524
35
reference_url http://www.securityfocus.com/bid/25159
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/25159
36
reference_url http://www.securitytracker.com/id?1018269
reference_id
reference_type
scores
url http://www.securitytracker.com/id?1018269
37
reference_url http://www.vupen.com/english/advisories/2007/1729
reference_id
reference_type
scores
url http://www.vupen.com/english/advisories/2007/1729
38
reference_url http://www.vupen.com/english/advisories/2007/2732
reference_id
reference_type
scores
url http://www.vupen.com/english/advisories/2007/2732
39
reference_url http://www.vupen.com/english/advisories/2007/3087
reference_id
reference_type
scores
url http://www.vupen.com/english/advisories/2007/3087
40
reference_url http://www.vupen.com/english/advisories/2007/3386
reference_id
reference_type
scores
url http://www.vupen.com/english/advisories/2007/3386
41
reference_url http://www.vupen.com/english/advisories/2008/1979/references
reference_id
reference_type
scores
url http://www.vupen.com/english/advisories/2008/1979/references
42
reference_url http://www.vupen.com/english/advisories/2009/0233
reference_id
reference_type
scores
url http://www.vupen.com/english/advisories/2009/0233
43
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=244803
reference_id 244803
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=244803
44
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*
45
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.0.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:tomcat:4.0.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.0.0:*:*:*:*:*:*:*
46
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.0.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:tomcat:4.0.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.0.1:*:*:*:*:*:*:*
47
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.0.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:tomcat:4.0.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.0.2:*:*:*:*:*:*:*
48
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.0.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:tomcat:4.0.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.0.3:*:*:*:*:*:*:*
49
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.0.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:tomcat:4.0.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.0.4:*:*:*:*:*:*:*
50
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.0.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:tomcat:4.0.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.0.5:*:*:*:*:*:*:*
51
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.0.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:tomcat:4.0.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.0.6:*:*:*:*:*:*:*
52
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:tomcat:4.1.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.0:*:*:*:*:*:*:*
53
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1358
reference_id CVE-2007-1358
reference_type
scores
0
value Low
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1358
54
reference_url https://nvd.nist.gov/vuln/detail/CVE-2007-1358
reference_id CVE-2007-1358
reference_type
scores
0
value 2.6
scoring_system cvssv2
scoring_elements AV:N/AC:H/Au:N/C:N/I:P/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2007-1358
55
reference_url https://github.com/advisories/GHSA-xmc9-6p56-3c4v
reference_id GHSA-xmc9-6p56-3c4v
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-xmc9-6p56-3c4v
56
reference_url https://access.redhat.com/errata/RHSA-2007:0360
reference_id RHSA-2007:0360
reference_type
scores
url https://access.redhat.com/errata/RHSA-2007:0360
57
reference_url https://access.redhat.com/errata/RHSA-2007:0876
reference_id RHSA-2007:0876
reference_type
scores
url https://access.redhat.com/errata/RHSA-2007:0876
58
reference_url https://access.redhat.com/errata/RHSA-2008:0630
reference_id RHSA-2008:0630
reference_type
scores
url https://access.redhat.com/errata/RHSA-2008:0630
fixed_packages
0
url pkg:apache/tomcat@5.5.21
purl pkg:apache/tomcat@5.5.21
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-87p8-zvvf-y7dm
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@5.5.21
1
url pkg:apache/tomcat@6.0.6
purl pkg:apache/tomcat@6.0.6
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@6.0.6
aliases CVE-2007-1358, GHSA-xmc9-6p56-3c4v
risk_score 1.4
exploitability 0.5
weighted_severity 2.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qxkf-4ddv-j3b7
Fixing_vulnerabilities
Risk_score3.1
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:apache/tomcat@5.5.20