Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:apache/tomcat@3.3.1
Typeapache
Namespace
Nametomcat
Version3.3.1
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version4.1.3
Latest_non_vulnerable_version11.0.21
Affected_by_vulnerabilities
0
url VCID-6yk2-f8d5-cyc3
vulnerability_id VCID-6yk2-f8d5-cyc3
summary Jakarta Tomcat before 3.3.1a, when used with JDK 1.3.1 or earlier, uses trusted privileges when processing the web.xml file, which could allow remote attackers to read portions of some files through the web.xml file.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2003-0043
reference_id
reference_type
scores
0
value 0.02261
scoring_system epss
scoring_elements 0.84644
published_at 2026-04-21T12:55:00Z
1
value 0.02261
scoring_system epss
scoring_elements 0.84543
published_at 2026-04-01T12:55:00Z
2
value 0.02261
scoring_system epss
scoring_elements 0.84558
published_at 2026-04-02T12:55:00Z
3
value 0.02261
scoring_system epss
scoring_elements 0.8458
published_at 2026-04-04T12:55:00Z
4
value 0.02261
scoring_system epss
scoring_elements 0.84584
published_at 2026-04-07T12:55:00Z
5
value 0.02261
scoring_system epss
scoring_elements 0.84605
published_at 2026-04-08T12:55:00Z
6
value 0.02261
scoring_system epss
scoring_elements 0.84611
published_at 2026-04-09T12:55:00Z
7
value 0.02261
scoring_system epss
scoring_elements 0.8463
published_at 2026-04-11T12:55:00Z
8
value 0.02261
scoring_system epss
scoring_elements 0.84625
published_at 2026-04-12T12:55:00Z
9
value 0.02261
scoring_system epss
scoring_elements 0.84621
published_at 2026-04-13T12:55:00Z
10
value 0.02261
scoring_system epss
scoring_elements 0.84641
published_at 2026-04-16T12:55:00Z
11
value 0.02261
scoring_system epss
scoring_elements 0.84642
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2003-0043
1
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/11195
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/11195
2
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
3
reference_url https://web.archive.org/web/20030804165204/http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/RELEASE-NOTES-3.3.1a.txt
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20030804165204/http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/RELEASE-NOTES-3.3.1a.txt
4
reference_url https://web.archive.org/web/20030810045410/http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20030810045410/http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a
5
reference_url https://web.archive.org/web/20030819144200/http://www.ciac.org/ciac/bulletins/n-060.shtml
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20030819144200/http://www.ciac.org/ciac/bulletins/n-060.shtml
6
reference_url https://web.archive.org/web/20131213024606/http://www.securityfocus.com/bid/6722
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20131213024606/http://www.securityfocus.com/bid/6722
7
reference_url https://web.archive.org/web/20140627151430/http://www.securityfocus.com/advisories/5111
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20140627151430/http://www.securityfocus.com/advisories/5111
8
reference_url http://www.debian.org/security/2003/dsa-246
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2003/dsa-246
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0043
reference_id CVE-2003-0043
reference_type
scores
0
value Important
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0043
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2003-0043
reference_id CVE-2003-0043
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2003-0043
11
reference_url https://github.com/advisories/GHSA-cvx5-7vc7-rg77
reference_id GHSA-cvx5-7vc7-rg77
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-cvx5-7vc7-rg77
fixed_packages
aliases CVE-2003-0043, GHSA-cvx5-7vc7-rg77
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6yk2-f8d5-cyc3
1
url VCID-shq7-jxup-5fgk
vulnerability_id VCID-shq7-jxup-5fgk
summary Jakarta Tomcat before 3.3.1a, when used with JDK 1.3.1 or earlier, allows remote attackers to list directories even with an index.html or other file present, or obtain unprocessed source code for a JSP file, via a URL containing a null character.
references
0
reference_url http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a
1
reference_url http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/
reference_id
reference_type
scores
url http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/
2
reference_url http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/RELEASE-NOTES-3.3.1a.txt
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/RELEASE-NOTES-3.3.1a.txt
3
reference_url http://marc.info/?l=bugtraq&m=104394568616290&w=2
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://marc.info/?l=bugtraq&m=104394568616290&w=2
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2003-0042
reference_id
reference_type
scores
0
value 0.55831
scoring_system epss
scoring_elements 0.981
published_at 2026-04-16T12:55:00Z
1
value 0.55831
scoring_system epss
scoring_elements 0.98095
published_at 2026-04-13T12:55:00Z
2
value 0.55831
scoring_system epss
scoring_elements 0.98094
published_at 2026-04-12T12:55:00Z
3
value 0.55831
scoring_system epss
scoring_elements 0.98089
published_at 2026-04-09T12:55:00Z
4
value 0.55831
scoring_system epss
scoring_elements 0.98084
published_at 2026-04-07T12:55:00Z
5
value 0.55831
scoring_system epss
scoring_elements 0.98083
published_at 2026-04-04T12:55:00Z
6
value 0.55831
scoring_system epss
scoring_elements 0.98076
published_at 2026-04-01T12:55:00Z
7
value 0.55831
scoring_system epss
scoring_elements 0.9808
published_at 2026-04-02T12:55:00Z
8
value 0.55831
scoring_system epss
scoring_elements 0.98099
published_at 2026-04-21T12:55:00Z
9
value 0.55831
scoring_system epss
scoring_elements 0.98103
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2003-0042
5
reference_url http://secunia.com/advisories/7972
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/7972
6
reference_url http://secunia.com/advisories/7977
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/7977
7
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/11194
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/11194
8
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
9
reference_url http://www.ciac.org/ciac/bulletins/n-060.shtml
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.ciac.org/ciac/bulletins/n-060.shtml
10
reference_url http://www.debian.org/security/2003/dsa-246
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2003/dsa-246
11
reference_url http://www.securityfocus.com/advisories/5111
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/advisories/5111
12
reference_url http://www.securityfocus.com/bid/6721
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/6721
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0042
reference_id CVE-2003-0042
reference_type
scores
0
value Important
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0042
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2003-0042
reference_id CVE-2003-0042
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2003-0042
15
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/22205.txt
reference_id CVE-2003-0042;OSVDB-12232
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/22205.txt
16
reference_url https://www.securityfocus.com/bid/6721/info
reference_id CVE-2003-0042;OSVDB-12232
reference_type exploit
scores
url https://www.securityfocus.com/bid/6721/info
17
reference_url https://github.com/advisories/GHSA-qfw2-wvrw-mvw4
reference_id GHSA-qfw2-wvrw-mvw4
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-qfw2-wvrw-mvw4
fixed_packages
aliases CVE-2003-0042, GHSA-qfw2-wvrw-mvw4
risk_score 10.0
exploitability 2.0
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-shq7-jxup-5fgk
Fixing_vulnerabilities
0
url VCID-9rpn-zb26-yfdk
vulnerability_id VCID-9rpn-zb26-yfdk
summary Jakarta Tomcat before 3.3.1a on certain Windows systems may allow remote attackers to cause a denial of service (thread hang and resource consumption) via a request for a JSP page containing an MS-DOS device name, such as aux.jsp.
references
0
reference_url http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/RELEASE-NOTES-3.3.1a.txt
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/RELEASE-NOTES-3.3.1a.txt
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2003-0045
reference_id
reference_type
scores
0
value 0.01508
scoring_system epss
scoring_elements 0.81219
published_at 2026-04-21T12:55:00Z
1
value 0.01508
scoring_system epss
scoring_elements 0.8119
published_at 2026-04-12T12:55:00Z
2
value 0.01508
scoring_system epss
scoring_elements 0.81183
published_at 2026-04-13T12:55:00Z
3
value 0.01508
scoring_system epss
scoring_elements 0.8122
published_at 2026-04-16T12:55:00Z
4
value 0.01508
scoring_system epss
scoring_elements 0.81221
published_at 2026-04-18T12:55:00Z
5
value 0.01508
scoring_system epss
scoring_elements 0.81119
published_at 2026-04-01T12:55:00Z
6
value 0.01508
scoring_system epss
scoring_elements 0.81127
published_at 2026-04-02T12:55:00Z
7
value 0.01508
scoring_system epss
scoring_elements 0.81151
published_at 2026-04-07T12:55:00Z
8
value 0.01508
scoring_system epss
scoring_elements 0.81178
published_at 2026-04-08T12:55:00Z
9
value 0.01508
scoring_system epss
scoring_elements 0.81184
published_at 2026-04-09T12:55:00Z
10
value 0.01508
scoring_system epss
scoring_elements 0.81203
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2003-0045
2
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/12102
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/12102
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0045
reference_id CVE-2003-0045
reference_type
scores
0
value Important
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0045
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2003-0045
reference_id CVE-2003-0045
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2003-0045
5
reference_url https://github.com/advisories/GHSA-w97x-xfxf-f9xj
reference_id GHSA-w97x-xfxf-f9xj
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-w97x-xfxf-f9xj
fixed_packages
0
url pkg:apache/tomcat@3.3.1
purl pkg:apache/tomcat@3.3.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6yk2-f8d5-cyc3
1
vulnerability VCID-shq7-jxup-5fgk
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@3.3.1
aliases CVE-2003-0045, GHSA-w97x-xfxf-f9xj
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9rpn-zb26-yfdk
Risk_score10.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:apache/tomcat@3.3.1