Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/org.apache.tomcat/tomcat@3.3.1
Typemaven
Namespaceorg.apache.tomcat
Nametomcat
Version3.3.1
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version9.0.117
Latest_non_vulnerable_version11.0.21
Affected_by_vulnerabilities
0
url VCID-6yk2-f8d5-cyc3
vulnerability_id VCID-6yk2-f8d5-cyc3
summary Jakarta Tomcat before 3.3.1a, when used with JDK 1.3.1 or earlier, uses trusted privileges when processing the web.xml file, which could allow remote attackers to read portions of some files through the web.xml file.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2003-0043
reference_id
reference_type
scores
0
value 0.02261
scoring_system epss
scoring_elements 0.84644
published_at 2026-04-21T12:55:00Z
1
value 0.02261
scoring_system epss
scoring_elements 0.84543
published_at 2026-04-01T12:55:00Z
2
value 0.02261
scoring_system epss
scoring_elements 0.84558
published_at 2026-04-02T12:55:00Z
3
value 0.02261
scoring_system epss
scoring_elements 0.8458
published_at 2026-04-04T12:55:00Z
4
value 0.02261
scoring_system epss
scoring_elements 0.84584
published_at 2026-04-07T12:55:00Z
5
value 0.02261
scoring_system epss
scoring_elements 0.84605
published_at 2026-04-08T12:55:00Z
6
value 0.02261
scoring_system epss
scoring_elements 0.84611
published_at 2026-04-09T12:55:00Z
7
value 0.02261
scoring_system epss
scoring_elements 0.8463
published_at 2026-04-11T12:55:00Z
8
value 0.02261
scoring_system epss
scoring_elements 0.84625
published_at 2026-04-12T12:55:00Z
9
value 0.02261
scoring_system epss
scoring_elements 0.84621
published_at 2026-04-13T12:55:00Z
10
value 0.02261
scoring_system epss
scoring_elements 0.84641
published_at 2026-04-16T12:55:00Z
11
value 0.02261
scoring_system epss
scoring_elements 0.84642
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2003-0043
1
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/11195
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/11195
2
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
3
reference_url https://web.archive.org/web/20030804165204/http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/RELEASE-NOTES-3.3.1a.txt
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20030804165204/http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/RELEASE-NOTES-3.3.1a.txt
4
reference_url https://web.archive.org/web/20030810045410/http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20030810045410/http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a
5
reference_url https://web.archive.org/web/20030819144200/http://www.ciac.org/ciac/bulletins/n-060.shtml
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20030819144200/http://www.ciac.org/ciac/bulletins/n-060.shtml
6
reference_url https://web.archive.org/web/20131213024606/http://www.securityfocus.com/bid/6722
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20131213024606/http://www.securityfocus.com/bid/6722
7
reference_url https://web.archive.org/web/20140627151430/http://www.securityfocus.com/advisories/5111
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20140627151430/http://www.securityfocus.com/advisories/5111
8
reference_url http://www.debian.org/security/2003/dsa-246
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2003/dsa-246
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0043
reference_id CVE-2003-0043
reference_type
scores
0
value Important
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0043
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2003-0043
reference_id CVE-2003-0043
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2003-0043
11
reference_url https://github.com/advisories/GHSA-cvx5-7vc7-rg77
reference_id GHSA-cvx5-7vc7-rg77
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-cvx5-7vc7-rg77
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@3.3.1a
purl pkg:maven/org.apache.tomcat/tomcat@3.3.1a
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6ss8-442a-3baf
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@3.3.1a
aliases CVE-2003-0043, GHSA-cvx5-7vc7-rg77
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6yk2-f8d5-cyc3
1
url VCID-shq7-jxup-5fgk
vulnerability_id VCID-shq7-jxup-5fgk
summary Jakarta Tomcat before 3.3.1a, when used with JDK 1.3.1 or earlier, allows remote attackers to list directories even with an index.html or other file present, or obtain unprocessed source code for a JSP file, via a URL containing a null character.
references
0
reference_url http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a
1
reference_url http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/
reference_id
reference_type
scores
url http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/
2
reference_url http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/RELEASE-NOTES-3.3.1a.txt
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/RELEASE-NOTES-3.3.1a.txt
3
reference_url http://marc.info/?l=bugtraq&m=104394568616290&w=2
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://marc.info/?l=bugtraq&m=104394568616290&w=2
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2003-0042
reference_id
reference_type
scores
0
value 0.55831
scoring_system epss
scoring_elements 0.981
published_at 2026-04-16T12:55:00Z
1
value 0.55831
scoring_system epss
scoring_elements 0.98095
published_at 2026-04-13T12:55:00Z
2
value 0.55831
scoring_system epss
scoring_elements 0.98094
published_at 2026-04-12T12:55:00Z
3
value 0.55831
scoring_system epss
scoring_elements 0.98089
published_at 2026-04-09T12:55:00Z
4
value 0.55831
scoring_system epss
scoring_elements 0.98084
published_at 2026-04-07T12:55:00Z
5
value 0.55831
scoring_system epss
scoring_elements 0.98083
published_at 2026-04-04T12:55:00Z
6
value 0.55831
scoring_system epss
scoring_elements 0.98076
published_at 2026-04-01T12:55:00Z
7
value 0.55831
scoring_system epss
scoring_elements 0.9808
published_at 2026-04-02T12:55:00Z
8
value 0.55831
scoring_system epss
scoring_elements 0.98099
published_at 2026-04-21T12:55:00Z
9
value 0.55831
scoring_system epss
scoring_elements 0.98103
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2003-0042
5
reference_url http://secunia.com/advisories/7972
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/7972
6
reference_url http://secunia.com/advisories/7977
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/7977
7
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/11194
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/11194
8
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
9
reference_url http://www.ciac.org/ciac/bulletins/n-060.shtml
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.ciac.org/ciac/bulletins/n-060.shtml
10
reference_url http://www.debian.org/security/2003/dsa-246
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2003/dsa-246
11
reference_url http://www.securityfocus.com/advisories/5111
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/advisories/5111
12
reference_url http://www.securityfocus.com/bid/6721
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/6721
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0042
reference_id CVE-2003-0042
reference_type
scores
0
value Important
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0042
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2003-0042
reference_id CVE-2003-0042
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2003-0042
15
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/22205.txt
reference_id CVE-2003-0042;OSVDB-12232
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/22205.txt
16
reference_url https://www.securityfocus.com/bid/6721/info
reference_id CVE-2003-0042;OSVDB-12232
reference_type exploit
scores
url https://www.securityfocus.com/bid/6721/info
17
reference_url https://github.com/advisories/GHSA-qfw2-wvrw-mvw4
reference_id GHSA-qfw2-wvrw-mvw4
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-qfw2-wvrw-mvw4
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@3.3.1a
purl pkg:maven/org.apache.tomcat/tomcat@3.3.1a
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6ss8-442a-3baf
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@3.3.1a
aliases CVE-2003-0042, GHSA-qfw2-wvrw-mvw4
risk_score 10.0
exploitability 2.0
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-shq7-jxup-5fgk
Fixing_vulnerabilities
Risk_score10.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@3.3.1