Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:apache/tomcat@4.1.13

Type apache

Namespace

Name tomcat

Version 4.1.13

Qualifiers

Subpath

Is_vulnerable false

Next_non_vulnerable_version 4.1.29

Latest_non_vulnerable_version 11.0.21

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-j2sv-62js-xbav

vulnerability_id VCID-j2sv-62js-xbav

summary Apache Tomcat 4.0.5 and earlier, when using both the invoker servlet and the default servlet, allows remote attackers to read source code for server files or bypass certain protections, a variant of CAN-2002-1148.

references

reference_url

http://issues.apache.org/bugzilla/show_bug.cgi?id=13365

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://issues.apache.org/bugzilla/show_bug.cgi?id=13365

reference_url

http://marc.info/?l=bugtraq&m=103470282514938&w=2

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://marc.info/?l=bugtraq&m=103470282514938&w=2

reference_url

http://marc.info/?l=tomcat-dev&m=103417249325526&w=2

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://marc.info/?l=tomcat-dev&m=103417249325526&w=2

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2002-1394.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2002-1394.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2002-1394

reference_id

reference_type

scores

value	0.05353
scoring_system	epss
scoring_elements	0.90092
published_at	2026-04-16T12:55:00Z

value	0.05353
scoring_system	epss
scoring_elements	0.90076
published_at	2026-04-13T12:55:00Z

value	0.05353
scoring_system	epss
scoring_elements	0.90082
published_at	2026-04-12T12:55:00Z

value	0.05353
scoring_system	epss
scoring_elements	0.90083
published_at	2026-04-11T12:55:00Z

value	0.05353
scoring_system	epss
scoring_elements	0.90074
published_at	2026-04-09T12:55:00Z

value	0.05353
scoring_system	epss
scoring_elements	0.90069
published_at	2026-04-08T12:55:00Z

value	0.05353
scoring_system	epss
scoring_elements	0.90038
published_at	2026-04-02T12:55:00Z

value	0.05353
scoring_system	epss
scoring_elements	0.90091
published_at	2026-04-21T12:55:00Z

value	0.05353
scoring_system	epss
scoring_elements	0.90093
published_at	2026-04-18T12:55:00Z

value	0.05353
scoring_system	epss
scoring_elements	0.90049
published_at	2026-04-04T12:55:00Z

value	0.05353
scoring_system	epss
scoring_elements	0.90054
published_at	2026-04-07T12:55:00Z

value	0.05353
scoring_system	epss
scoring_elements	0.90035
published_at	2026-04-01T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2002-1394

reference_url

https://archive.apache.org/dist/tomcat/tomcat-4/archive/v4.0.6/README.html

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://archive.apache.org/dist/tomcat/tomcat-4/archive/v4.0.6/README.html

reference_url

https://exchange.xforce.ibmcloud.com/vulnerabilities/10376

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://exchange.xforce.ibmcloud.com/vulnerabilities/10376

reference_url

https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@<dev.tomcat.apache.org>

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@<dev.tomcat.apache.org>

reference_url

https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@<dev.tomcat.apache.org>

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@<dev.tomcat.apache.org>

reference_url

https://web.archive.org/web/20030412075128/http://rhn.redhat.com/errata/RHSA-2003-075.html

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20030412075128/http://rhn.redhat.com/errata/RHSA-2003-075.html

reference_url

https://web.archive.org/web/20030705143220/http://www.securityfocus.com/bid/6562

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20030705143220/http://www.securityfocus.com/bid/6562

reference_url

https://web.archive.org/web/20041024213235/http://rhn.redhat.com/errata/RHSA-2003-082.html

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20041024213235/http://rhn.redhat.com/errata/RHSA-2003-082.html

reference_url

https://web.archive.org/web/20070430073829/http://www.debian.org/security/2003/dsa-225

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20070430073829/http://www.debian.org/security/2003/dsa-225

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1616907
reference_id	1616907
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1616907

reference_url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1394

reference_id

CVE-2002-1394

reference_type

scores

value	Important
scoring_system	apache_tomcat
scoring_elements

url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1394

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2002-1394

reference_id

CVE-2002-1394

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2002-1394

reference_url

https://github.com/advisories/GHSA-8v5p-2cpv-c2x6

reference_id

GHSA-8v5p-2cpv-c2x6

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-8v5p-2cpv-c2x6

reference_url	https://access.redhat.com/errata/RHSA-2003:075
reference_id	RHSA-2003:075
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2003:075

reference_url	https://access.redhat.com/errata/RHSA-2003:082
reference_id	RHSA-2003:082
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2003:082

fixed_packages

url	pkg:apache/tomcat@4.1.13
purl	pkg:apache/tomcat@4.1.13
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@4.1.13

aliases CVE-2002-1394, GHSA-8v5p-2cpv-c2x6

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-j2sv-62js-xbav

url VCID-ssnx-gz8e-87ab

vulnerability_id VCID-ssnx-gz8e-87ab

summary Cross-site scripting vulnerability in Apache Tomcat 4.0.3 allows remote attackers to execute script as other web users via script in a URL with the /servlet/ mapping, which does not filter the script when an exception is thrown by the servlet.

references

reference_url	http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0014.html
reference_id
reference_type
scores
url	http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0014.html

reference_url	http://marc.info/?l=bugtraq&m=102631703811297&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=bugtraq&m=102631703811297&w=2

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2002-0682

reference_id

reference_type

scores

value	0.83058
scoring_system	epss
scoring_elements	0.9926
published_at	2026-04-21T12:55:00Z

value	0.83058
scoring_system	epss
scoring_elements	0.99258
published_at	2026-04-13T12:55:00Z

value	0.83058
scoring_system	epss
scoring_elements	0.99259
published_at	2026-04-16T12:55:00Z

value	0.83058
scoring_system	epss
scoring_elements	0.99249
published_at	2026-04-01T12:55:00Z

value	0.83058
scoring_system	epss
scoring_elements	0.99251
published_at	2026-04-02T12:55:00Z

value	0.83058
scoring_system	epss
scoring_elements	0.99253
published_at	2026-04-04T12:55:00Z

value	0.83058
scoring_system	epss
scoring_elements	0.99256
published_at	2026-04-07T12:55:00Z

value	0.83058
scoring_system	epss
scoring_elements	0.99257
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2002-0682

reference_url	https://exchange.xforce.ibmcloud.com/vulnerabilities/9520
reference_id
reference_type
scores
url	https://exchange.xforce.ibmcloud.com/vulnerabilities/9520

reference_url	https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E

reference_url	https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E

reference_url	http://www.osvdb.org/4973
reference_id
reference_type
scores
url	http://www.osvdb.org/4973

reference_url	http://www.securityfocus.com/bid/5193
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/5193

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.0.3:::::::*
reference_id	cpe:2.3:a:apache:tomcat:4.0.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.0.3:::::::*

reference_url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0682

reference_id

CVE-2002-0682

reference_type

scores

value	Moderate
scoring_system	apache_tomcat
scoring_elements

url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0682

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2002-0682

reference_id

CVE-2002-0682

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2002-0682

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/21604.txt
reference_id	CVE-2002-0682;OSVDB-4973
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/21604.txt

reference_url	https://www.securityfocus.com/bid/5193/info
reference_id	CVE-2002-0682;OSVDB-4973
reference_type	exploit
scores
url	https://www.securityfocus.com/bid/5193/info

fixed_packages

url	pkg:apache/tomcat@4.1.13
purl	pkg:apache/tomcat@4.1.13
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@4.1.13

aliases CVE-2002-0682

risk_score 10.0

exploitability 2.0

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ssnx-gz8e-87ab

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@4.1.13

Package Instance