Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:rpm/redhat/rhpki-kra@7.3.0-14?arch=el4
Typerpm
Namespaceredhat
Namerhpki-kra
Version7.3.0-14
Qualifiers
arch el4
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-24v5-jpna-rqg9
vulnerability_id VCID-24v5-jpna-rqg9
summary 
Apache Tomcat Reveals Directories
Apache Tomcat 5 before 5.5.17 allows remote attackers to list directories via a semicolon (`;`) preceding a filename with a mapped extension, as demonstrated by URLs ending with `/;index.jsp` and `/;help.do`.
references
0
reference_url http://archives.neohapsis.com/archives/fulldisclosure/2006-07/0467.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://archives.neohapsis.com/archives/fulldisclosure/2006-07/0467.html
1
reference_url http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx
2
reference_url http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html
3
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-3835.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-3835.json
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2006-3835
reference_id
reference_type
scores
0
value 0.51511
scoring_system epss
scoring_elements 0.97946
published_at 2026-06-08T12:55:00Z
1
value 0.51511
scoring_system epss
scoring_elements 0.97945
published_at 2026-06-05T12:55:00Z
2
value 0.51511
scoring_system epss
scoring_elements 0.97942
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2006-3835
5
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/27902
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/27902
6
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/34183
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/34183
7
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
8
reference_url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
9
reference_url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E
10
reference_url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
11
reference_url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
13
reference_url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E
14
reference_url http://sunsolve.sun.com/search/document.do?assetkey=1-26-239312-1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://sunsolve.sun.com/search/document.do?assetkey=1-26-239312-1
15
reference_url http://support.avaya.com/elmodocs2/security/ASA-2007-206.htm
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://support.avaya.com/elmodocs2/security/ASA-2007-206.htm
16
reference_url http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540
17
reference_url https://web.archive.org/web/20200517122628/http://www.securityfocus.com/archive/1/500396/100/0/threaded
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200517122628/http://www.securityfocus.com/archive/1/500396/100/0/threaded
18
reference_url https://web.archive.org/web/20200517153851/http://www.securityfocus.com/archive/1/500412/100/0/threaded
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200517153851/http://www.securityfocus.com/archive/1/500412/100/0/threaded
19
reference_url https://web.archive.org/web/20200525234537/http://securitytracker.com/id?1016576
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200525234537/http://securitytracker.com/id?1016576
20
reference_url https://web.archive.org/web/20200526144006/http://www.securityfocus.com/archive/1/507729/100/0/threaded
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200526144006/http://www.securityfocus.com/archive/1/507729/100/0/threaded
21
reference_url https://web.archive.org/web/20200526152646/http://www.securityfocus.com/archive/1/468048/100/0/threaded
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200526152646/http://www.securityfocus.com/archive/1/468048/100/0/threaded
22
reference_url https://web.archive.org/web/20200526165235/http://www.securityfocus.com/bid/19106
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200526165235/http://www.securityfocus.com/bid/19106
23
reference_url http://tomcat.apache.org/security-4.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-4.html
24
reference_url http://tomcat.apache.org/security-5.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-5.html
25
reference_url http://www.redhat.com/support/errata/RHSA-2008-0261.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.redhat.com/support/errata/RHSA-2008-0261.html
26
reference_url http://www.sec-consult.com/289.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.sec-consult.com/289.html
27
reference_url http://www.securenetwork.it/ricerca/advisory/download/SN-2009-02.txt
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securenetwork.it/ricerca/advisory/download/SN-2009-02.txt
28
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=237084
reference_id 237084
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=237084
29
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3835
reference_id CVE-2006-3835
reference_type
scores
0
value Low
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3835
30
reference_url https://nvd.nist.gov/vuln/detail/CVE-2006-3835
reference_id CVE-2006-3835
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2006-3835
31
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/28254.txt
reference_id CVE-2006-3835;OSVDB-32723
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/28254.txt
32
reference_url https://www.securityfocus.com/bid/19106/info
reference_id CVE-2006-3835;OSVDB-32723
reference_type exploit
scores
url https://www.securityfocus.com/bid/19106/info
33
reference_url https://github.com/advisories/GHSA-wfj7-mhr5-pcwq
reference_id GHSA-wfj7-mhr5-pcwq
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-wfj7-mhr5-pcwq
34
reference_url https://access.redhat.com/errata/RHSA-2007:1069
reference_id RHSA-2007:1069
reference_type
scores
url https://access.redhat.com/errata/RHSA-2007:1069
fixed_packages
aliases CVE-2006-3835, GHSA-wfj7-mhr5-pcwq
risk_score 10.0
exploitability 2.0
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-24v5-jpna-rqg9
1
url VCID-2jws-wtvg-2khf
vulnerability_id VCID-2jws-wtvg-2khf
summary 
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Cross-site scripting (XSS) vulnerability in certain applications using Apache Tomcat 4.0.0 through 4.0.6 and 4.1.0 through 4.1.34 allows remote attackers to inject arbitrary web script or HTML via crafted "Accept-Language headers that do not conform to RFC 2616".
references
0
reference_url http://docs.info.apple.com/article.html?artnum=306172
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://docs.info.apple.com/article.html?artnum=306172
1
reference_url http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html
2
reference_url http://rhn.redhat.com/errata/RHSA-2008-0630.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2008-0630.html
3
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-1358.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-1358.json
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2007-1358
reference_id
reference_type
scores
0
value 0.44249
scoring_system epss
scoring_elements 0.9762
published_at 2026-06-04T12:55:00Z
1
value 0.44249
scoring_system epss
scoring_elements 0.97623
published_at 2026-06-05T12:55:00Z
2
value 0.44249
scoring_system epss
scoring_elements 0.97626
published_at 2026-06-08T12:55:00Z
3
value 0.44249
scoring_system epss
scoring_elements 0.97625
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2007-1358
5
reference_url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
6
reference_url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
7
reference_url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
8
reference_url https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00525.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00525.html
9
reference_url http://tomcat.apache.org/security-4.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-4.html
10
reference_url http://www.redhat.com/support/errata/RHSA-2008-0261.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://www.redhat.com/support/errata/RHSA-2008-0261.html
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=244803
reference_id 244803
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=244803
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1358
reference_id CVE-2007-1358
reference_type
scores
0
value Low
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1358
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2007-1358
reference_id CVE-2007-1358
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2007-1358
14
reference_url https://github.com/advisories/GHSA-xmc9-6p56-3c4v
reference_id GHSA-xmc9-6p56-3c4v
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-xmc9-6p56-3c4v
15
reference_url https://access.redhat.com/errata/RHSA-2007:0360
reference_id RHSA-2007:0360
reference_type
scores
url https://access.redhat.com/errata/RHSA-2007:0360
16
reference_url https://access.redhat.com/errata/RHSA-2007:0876
reference_id RHSA-2007:0876
reference_type
scores
url https://access.redhat.com/errata/RHSA-2007:0876
17
reference_url https://access.redhat.com/errata/RHSA-2008:0630
reference_id RHSA-2008:0630
reference_type
scores
url https://access.redhat.com/errata/RHSA-2008:0630
fixed_packages
aliases CVE-2007-1358, GHSA-xmc9-6p56-3c4v
risk_score 1.4
exploitability 0.5
weighted_severity 2.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2jws-wtvg-2khf
2
url VCID-2uww-7rjv-qkfn
vulnerability_id VCID-2uww-7rjv-qkfn
summary The MSGFunctionDemarshall function in winscard_svc.c in the PC/SC Smart Card daemon (aka PCSCD) in MUSCLE PCSC-Lite before 1.5.4 might allow local users to cause a denial of service (daemon crash) via crafted SCARD_SET_ATTRIB message data, which is improperly demarshalled and triggers a buffer over-read, a related issue to CVE-2010-0407.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-4901.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-4901.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2009-4901
reference_id
reference_type
scores
0
value 0.00094
scoring_system epss
scoring_elements 0.26236
published_at 2026-06-04T12:55:00Z
1
value 0.00094
scoring_system epss
scoring_elements 0.2634
published_at 2026-06-05T12:55:00Z
2
value 0.00094
scoring_system epss
scoring_elements 0.26332
published_at 2026-06-06T12:55:00Z
3
value 0.00094
scoring_system epss
scoring_elements 0.26289
published_at 2026-06-07T12:55:00Z
4
value 0.00094
scoring_system epss
scoring_elements 0.26232
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2009-4901
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=596426
reference_id 596426
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=596426
3
reference_url https://access.redhat.com/errata/RHSA-2010:0533
reference_id RHSA-2010:0533
reference_type
scores
url https://access.redhat.com/errata/RHSA-2010:0533
4
reference_url https://usn.ubuntu.com/969-1/
reference_id USN-969-1
reference_type
scores
url https://usn.ubuntu.com/969-1/
fixed_packages
aliases CVE-2009-4901
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2uww-7rjv-qkfn
3
url VCID-2zx1-eaw8-kfgd
vulnerability_id VCID-2zx1-eaw8-kfgd
summary A denial of service flaw was found in the bundled copy of the APR-util library Extensible Markup Language (XML) parser. A remote attacker could create a specially-crafted XML document that would cause excessive memory consumption when processed by the XML decoding engine.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1955.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1955.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2009-1955
reference_id
reference_type
scores
0
value 0.02329
scoring_system epss
scoring_elements 0.85119
published_at 2026-06-04T12:55:00Z
1
value 0.02329
scoring_system epss
scoring_elements 0.85144
published_at 2026-06-05T12:55:00Z
2
value 0.02329
scoring_system epss
scoring_elements 0.85149
published_at 2026-06-06T12:55:00Z
3
value 0.02329
scoring_system epss
scoring_elements 0.85143
published_at 2026-06-07T12:55:00Z
4
value 0.02329
scoring_system epss
scoring_elements 0.85133
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2009-1955
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1955
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1955
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=504555
reference_id 504555
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=504555
4
reference_url https://httpd.apache.org/security/json/CVE-2009-1955.json
reference_id CVE-2009-1955
reference_type
scores
0
value moderate
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2009-1955.json
5
reference_url https://security.gentoo.org/glsa/200907-03
reference_id GLSA-200907-03
reference_type
scores
url https://security.gentoo.org/glsa/200907-03
6
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/8842.pl
reference_id OSVDB-55057;CVE-2009-1955
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/8842.pl
7
reference_url https://access.redhat.com/errata/RHSA-2009:1107
reference_id RHSA-2009:1107
reference_type
scores
url https://access.redhat.com/errata/RHSA-2009:1107
8
reference_url https://access.redhat.com/errata/RHSA-2009:1108
reference_id RHSA-2009:1108
reference_type
scores
url https://access.redhat.com/errata/RHSA-2009:1108
9
reference_url https://access.redhat.com/errata/RHSA-2009:1160
reference_id RHSA-2009:1160
reference_type
scores
url https://access.redhat.com/errata/RHSA-2009:1160
10
reference_url https://usn.ubuntu.com/786-1/
reference_id USN-786-1
reference_type
scores
url https://usn.ubuntu.com/786-1/
11
reference_url https://usn.ubuntu.com/787-1/
reference_id USN-787-1
reference_type
scores
url https://usn.ubuntu.com/787-1/
fixed_packages
aliases CVE-2009-1955
risk_score 9.6
exploitability 2.0
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2zx1-eaw8-kfgd
4
url VCID-34wk-axr2-e3bc
vulnerability_id VCID-34wk-axr2-e3bc
summary A flaw in the handling of invalid Expect headers. If an attacker can influence the Expect header that a victim sends to a target site they could perform a cross-site scripting attack. It is known that some versions of Flash can set an arbitrary Expect header which can trigger this flaw. Not marked as a security issue for 2.0 or 2.2 as the cross-site scripting is only returned to the victim after the server times out a connection.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-3918.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-3918.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2006-3918
reference_id
reference_type
scores
0
value 0.91373
scoring_system epss
scoring_elements 0.99676
published_at 2026-06-08T12:55:00Z
1
value 0.91373
scoring_system epss
scoring_elements 0.99677
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2006-3918
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3918
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3918
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=200732
reference_id 200732
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=200732
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=381376
reference_id 381376
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=381376
5
reference_url https://httpd.apache.org/security/json/CVE-2006-3918.json
reference_id CVE-2006-3918
reference_type
scores
0
value moderate
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2006-3918.json
6
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/28424.txt
reference_id CVE-2006-3918;OSVDB-27488
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/28424.txt
7
reference_url https://www.securityfocus.com/bid/19661/info
reference_id CVE-2006-3918;OSVDB-27488
reference_type exploit
scores
url https://www.securityfocus.com/bid/19661/info
8
reference_url https://access.redhat.com/errata/RHSA-2006:0618
reference_id RHSA-2006:0618
reference_type
scores
url https://access.redhat.com/errata/RHSA-2006:0618
9
reference_url https://access.redhat.com/errata/RHSA-2006:0619
reference_id RHSA-2006:0619
reference_type
scores
url https://access.redhat.com/errata/RHSA-2006:0619
10
reference_url https://access.redhat.com/errata/RHSA-2006:0692
reference_id RHSA-2006:0692
reference_type
scores
url https://access.redhat.com/errata/RHSA-2006:0692
11
reference_url https://access.redhat.com/errata/RHSA-2008:0523
reference_id RHSA-2008:0523
reference_type
scores
url https://access.redhat.com/errata/RHSA-2008:0523
12
reference_url https://usn.ubuntu.com/575-1/
reference_id USN-575-1
reference_type
scores
url https://usn.ubuntu.com/575-1/
fixed_packages
aliases CVE-2006-3918
risk_score 9.6
exploitability 2.0
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-34wk-axr2-e3bc
5
url VCID-5275-kg9r-n7a2
vulnerability_id VCID-5275-kg9r-n7a2
summary A heap-based underwrite flaw was found in the way the bundled copy of the APR-util library created compiled forms of particular search patterns. An attacker could formulate a specially-crafted search keyword, that would overwrite arbitrary heap memory locations when processed by the pattern preparation engine.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0023.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0023.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2009-0023
reference_id
reference_type
scores
0
value 0.14793
scoring_system epss
scoring_elements 0.94627
published_at 2026-06-04T12:55:00Z
1
value 0.14793
scoring_system epss
scoring_elements 0.94636
published_at 2026-06-06T12:55:00Z
2
value 0.14793
scoring_system epss
scoring_elements 0.94637
published_at 2026-06-07T12:55:00Z
3
value 0.14793
scoring_system epss
scoring_elements 0.94638
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2009-0023
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0023
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0023
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=503928
reference_id 503928
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=503928
4
reference_url https://httpd.apache.org/security/json/CVE-2009-0023.json
reference_id CVE-2009-0023
reference_type
scores
0
value moderate
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2009-0023.json
5
reference_url https://security.gentoo.org/glsa/200907-03
reference_id GLSA-200907-03
reference_type
scores
url https://security.gentoo.org/glsa/200907-03
6
reference_url https://access.redhat.com/errata/RHSA-2009:1107
reference_id RHSA-2009:1107
reference_type
scores
url https://access.redhat.com/errata/RHSA-2009:1107
7
reference_url https://access.redhat.com/errata/RHSA-2009:1108
reference_id RHSA-2009:1108
reference_type
scores
url https://access.redhat.com/errata/RHSA-2009:1108
8
reference_url https://access.redhat.com/errata/RHSA-2009:1160
reference_id RHSA-2009:1160
reference_type
scores
url https://access.redhat.com/errata/RHSA-2009:1160
9
reference_url https://usn.ubuntu.com/786-1/
reference_id USN-786-1
reference_type
scores
url https://usn.ubuntu.com/786-1/
10
reference_url https://usn.ubuntu.com/787-1/
reference_id USN-787-1
reference_type
scores
url https://usn.ubuntu.com/787-1/
fixed_packages
aliases CVE-2009-0023
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5275-kg9r-n7a2
6
url VCID-63gb-krwm-xqgg
vulnerability_id VCID-63gb-krwm-xqgg
summary A flaw was found in the mod_imagemap module. On sites where mod_imagemap is enabled and an imagemap file is publicly available, a cross-site scripting attack is possible.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5000.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5000.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2007-5000
reference_id
reference_type
scores
0
value 0.78073
scoring_system epss
scoring_elements 0.99035
published_at 2026-06-04T12:55:00Z
1
value 0.78073
scoring_system epss
scoring_elements 0.99036
published_at 2026-06-08T12:55:00Z
2
value 0.78073
scoring_system epss
scoring_elements 0.99037
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2007-5000
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=419931
reference_id 419931
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=419931
4
reference_url https://httpd.apache.org/security/json/CVE-2007-5000.json
reference_id CVE-2007-5000
reference_type
scores
0
value moderate
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2007-5000.json
5
reference_url https://access.redhat.com/errata/RHSA-2008:0004
reference_id RHSA-2008:0004
reference_type
scores
url https://access.redhat.com/errata/RHSA-2008:0004
6
reference_url https://access.redhat.com/errata/RHSA-2008:0005
reference_id RHSA-2008:0005
reference_type
scores
url https://access.redhat.com/errata/RHSA-2008:0005
7
reference_url https://access.redhat.com/errata/RHSA-2008:0006
reference_id RHSA-2008:0006
reference_type
scores
url https://access.redhat.com/errata/RHSA-2008:0006
8
reference_url https://access.redhat.com/errata/RHSA-2008:0007
reference_id RHSA-2008:0007
reference_type
scores
url https://access.redhat.com/errata/RHSA-2008:0007
9
reference_url https://access.redhat.com/errata/RHSA-2008:0008
reference_id RHSA-2008:0008
reference_type
scores
url https://access.redhat.com/errata/RHSA-2008:0008
10
reference_url https://access.redhat.com/errata/RHSA-2008:0263
reference_id RHSA-2008:0263
reference_type
scores
url https://access.redhat.com/errata/RHSA-2008:0263
11
reference_url https://access.redhat.com/errata/RHSA-2008:0523
reference_id RHSA-2008:0523
reference_type
scores
url https://access.redhat.com/errata/RHSA-2008:0523
12
reference_url https://usn.ubuntu.com/575-1/
reference_id USN-575-1
reference_type
scores
url https://usn.ubuntu.com/575-1/
fixed_packages
aliases CVE-2007-5000
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-63gb-krwm-xqgg
7
url VCID-6gnc-2ggt-3fca
vulnerability_id VCID-6gnc-2ggt-3fca
summary Cross-site scripting (XSS) vulnerability in mod_autoindex.c in the Apache HTTP Server before 2.2.6, when the charset on a server-generated page is not defined, allows remote attackers to inject arbitrary web script or HTML via the P parameter using the UTF-7 charset. NOTE: it could be argued that this issue is due to a design limitation of browsers that attempt to perform automatic content type detection.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-4465.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-4465.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2007-4465
reference_id
reference_type
scores
0
value 0.02883
scoring_system epss
scoring_elements 0.86588
published_at 2026-06-06T12:55:00Z
1
value 0.02883
scoring_system epss
scoring_elements 0.86583
published_at 2026-06-07T12:55:00Z
2
value 0.02883
scoring_system epss
scoring_elements 0.86565
published_at 2026-06-04T12:55:00Z
3
value 0.02883
scoring_system epss
scoring_elements 0.86573
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2007-4465
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4465
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4465
3
reference_url http://www.vupen.com/english/advisories/2008/1697
reference_id 1697
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/
url http://www.vupen.com/english/advisories/2008/1697
4
reference_url http://www.novell.com/linux/security/advisories/2007_61_apache2.html
reference_id 2007_61_apache2.html
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/
url http://www.novell.com/linux/security/advisories/2007_61_apache2.html
5
reference_url http://www.securityfocus.com/bid/25653
reference_id 25653
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/
url http://www.securityfocus.com/bid/25653
6
reference_url http://secunia.com/advisories/26842
reference_id 26842
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/
url http://secunia.com/advisories/26842
7
reference_url http://secunia.com/advisories/26952
reference_id 26952
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/
url http://secunia.com/advisories/26952
8
reference_url http://secunia.com/advisories/27563
reference_id 27563
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/
url http://secunia.com/advisories/27563
9
reference_url http://secunia.com/advisories/27732
reference_id 27732
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/
url http://secunia.com/advisories/27732
10
reference_url http://secunia.com/advisories/28467
reference_id 28467
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/
url http://secunia.com/advisories/28467
11
reference_url http://secunia.com/advisories/28471
reference_id 28471
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/
url http://secunia.com/advisories/28471
12
reference_url http://secunia.com/advisories/28607
reference_id 28607
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/
url http://secunia.com/advisories/28607
13
reference_url http://secunia.com/advisories/28749
reference_id 28749
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/
url http://secunia.com/advisories/28749
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=289511
reference_id 289511
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=289511
15
reference_url http://secunia.com/advisories/30430
reference_id 30430
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/
url http://secunia.com/advisories/30430
16
reference_url http://securityreason.com/securityalert/3113
reference_id 3113
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/
url http://securityreason.com/securityalert/3113
17
reference_url http://secunia.com/advisories/31651
reference_id 31651
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/
url http://secunia.com/advisories/31651
18
reference_url http://secunia.com/advisories/33105
reference_id 33105
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/
url http://secunia.com/advisories/33105
19
reference_url http://secunia.com/advisories/35650
reference_id 35650
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/
url http://secunia.com/advisories/35650
20
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/36586
reference_id 36586
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/
url https://exchange.xforce.ibmcloud.com/vulnerabilities/36586
21
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=453783
reference_id 453783
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=453783
22
reference_url http://securityreason.com/achievement_securityalert/46
reference_id 46
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/
url http://securityreason.com/achievement_securityalert/46
23
reference_url http://www.mandriva.com/security/advisories?name=MDVSA-2008:014
reference_id advisories?name=MDVSA-2008:014
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/
url http://www.mandriva.com/security/advisories?name=MDVSA-2008:014
24
reference_url http://support.avaya.com/elmodocs2/security/ASA-2008-032.htm
reference_id ASA-2008-032.htm
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/
url http://support.avaya.com/elmodocs2/security/ASA-2008-032.htm
25
reference_url http://www.apache.org/dist/httpd/CHANGES_2.2.6
reference_id CHANGES_2.2.6
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/
url http://www.apache.org/dist/httpd/CHANGES_2.2.6
26
reference_url http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01539432
reference_id Document.jsp?objectID=c01539432
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/
url http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01539432
27
reference_url https://security.gentoo.org/glsa/200711-06
reference_id GLSA-200711-06
reference_type
scores
url https://security.gentoo.org/glsa/200711-06
28
reference_url http://security.gentoo.org/glsa/glsa-200711-06.xml
reference_id glsa-200711-06.xml
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/
url http://security.gentoo.org/glsa/glsa-200711-06.xml
29
reference_url http://securitytracker.com/id?1019194
reference_id id?1019194
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/
url http://securitytracker.com/id?1019194
30
reference_url http://www.fujitsu.com/global/support/software/security/products-f/interstage-200807e.html
reference_id interstage-200807e.html
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/
url http://www.fujitsu.com/global/support/software/security/products-f/interstage-200807e.html
31
reference_url http://marc.info/?l=bugtraq&m=124654546101607&w=2
reference_id ?l=bugtraq&m=124654546101607&w=2
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/
url http://marc.info/?l=bugtraq&m=124654546101607&w=2
32
reference_url http://marc.info/?l=bugtraq&m=125631037611762&w=2
reference_id ?l=bugtraq&m=125631037611762&w=2
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/
url http://marc.info/?l=bugtraq&m=125631037611762&w=2
33
reference_url http://lists.apple.com/archives/security-announce/2008//May/msg00001.html
reference_id msg00001.html
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/
url http://lists.apple.com/archives/security-announce/2008//May/msg00001.html
34
reference_url http://www.redhat.com/archives/fedora-package-announce/2007-September/msg00320.html
reference_id msg00320.html
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/
url http://www.redhat.com/archives/fedora-package-announce/2007-September/msg00320.html
35
reference_url https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00353.html
reference_id msg00353.html
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/
url https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00353.html
36
reference_url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10929
reference_id oval%3Aorg.mitre.oval%3Adef%3A10929
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/
url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10929
37
reference_url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6089
reference_id oval%3Aorg.mitre.oval%3Adef%3A6089
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/
url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6089
38
reference_url https://access.redhat.com/errata/RHSA-2007:0911
reference_id RHSA-2007:0911
reference_type
scores
url https://access.redhat.com/errata/RHSA-2007:0911
39
reference_url http://www.redhat.com/support/errata/RHSA-2007-0911.html
reference_id RHSA-2007-0911.html
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/
url http://www.redhat.com/support/errata/RHSA-2007-0911.html
40
reference_url https://access.redhat.com/errata/RHSA-2008:0004
reference_id RHSA-2008:0004
reference_type
scores
url https://access.redhat.com/errata/RHSA-2008:0004
41
reference_url http://www.redhat.com/support/errata/RHSA-2008-0004.html
reference_id RHSA-2008-0004.html
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/
url http://www.redhat.com/support/errata/RHSA-2008-0004.html
42
reference_url https://access.redhat.com/errata/RHSA-2008:0005
reference_id RHSA-2008:0005
reference_type
scores
url https://access.redhat.com/errata/RHSA-2008:0005
43
reference_url http://www.redhat.com/support/errata/RHSA-2008-0005.html
reference_id RHSA-2008-0005.html
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/
url http://www.redhat.com/support/errata/RHSA-2008-0005.html
44
reference_url https://access.redhat.com/errata/RHSA-2008:0006
reference_id RHSA-2008:0006
reference_type
scores
url https://access.redhat.com/errata/RHSA-2008:0006
45
reference_url http://www.redhat.com/support/errata/RHSA-2008-0006.html
reference_id RHSA-2008-0006.html
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/
url http://www.redhat.com/support/errata/RHSA-2008-0006.html
46
reference_url https://access.redhat.com/errata/RHSA-2008:0008
reference_id RHSA-2008:0008
reference_type
scores
url https://access.redhat.com/errata/RHSA-2008:0008
47
reference_url http://www.redhat.com/support/errata/RHSA-2008-0008.html
reference_id RHSA-2008-0008.html
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/
url http://www.redhat.com/support/errata/RHSA-2008-0008.html
48
reference_url https://access.redhat.com/errata/RHSA-2008:0523
reference_id RHSA-2008:0523
reference_type
scores
url https://access.redhat.com/errata/RHSA-2008:0523
49
reference_url http://bugs.gentoo.org/show_bug.cgi?id=186219
reference_id show_bug.cgi?id=186219
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/
url http://bugs.gentoo.org/show_bug.cgi?id=186219
50
reference_url http://www.us-cert.gov/cas/techalerts/TA08-150A.html
reference_id TA08-150A.html
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/
url http://www.us-cert.gov/cas/techalerts/TA08-150A.html
51
reference_url http://www.securityfocus.com/archive/1/479237/100/0/threaded
reference_id threaded
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/
url http://www.securityfocus.com/archive/1/479237/100/0/threaded
52
reference_url http://www.ubuntu.com/usn/usn-575-1
reference_id usn-575-1
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/
url http://www.ubuntu.com/usn/usn-575-1
53
reference_url https://usn.ubuntu.com/575-1/
reference_id USN-575-1
reference_type
scores
url https://usn.ubuntu.com/575-1/
fixed_packages
aliases CVE-2007-4465
risk_score 2.8
exploitability 0.5
weighted_severity 5.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6gnc-2ggt-3fca
8
url VCID-7787-4bwm-efgq
vulnerability_id VCID-7787-4bwm-efgq
summary 
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, 6.0.0 through 6.0.18, and possibly earlier versions normalizes the target pathname before filtering the query string when using the RequestDispatcher method, which allows remote attackers to bypass intended access restrictions and conduct directory traversal attacks via .. (dot dot) sequences and the WEB-INF directory in a Request.
references
0
reference_url http://jvn.jp/en/jp/JVN63832775/index.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://jvn.jp/en/jp/JVN63832775/index.html
1
reference_url http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html
2
reference_url http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html
3
reference_url http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html
4
reference_url http://marc.info/?l=bugtraq&m=127420533226623&w=2
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://marc.info/?l=bugtraq&m=127420533226623&w=2
5
reference_url http://marc.info/?l=bugtraq&m=129070310906557&w=2
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://marc.info/?l=bugtraq&m=129070310906557&w=2
6
reference_url http://marc.info/?l=bugtraq&m=136485229118404&w=2
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://marc.info/?l=bugtraq&m=136485229118404&w=2
7
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-5515.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-5515.json
8
reference_url https://api.first.org/data/v1/epss?cve=CVE-2008-5515
reference_id
reference_type
scores
0
value 0.71831
scoring_system epss
scoring_elements 0.98756
published_at 2026-06-08T12:55:00Z
1
value 0.72859
scoring_system epss
scoring_elements 0.98795
published_at 2026-06-04T12:55:00Z
2
value 0.72859
scoring_system epss
scoring_elements 0.98796
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2008-5515
9
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
10
reference_url https://github.com/apache/tomcat/commit/6b61911f94d6d8d49ee933c5f1882a7e7c336d2c
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/6b61911f94d6d8d49ee933c5f1882a7e7c336d2c
11
reference_url https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E
13
reference_url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
14
reference_url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E
15
reference_url https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E
16
reference_url https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E
17
reference_url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
18
reference_url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E
19
reference_url https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@%3Cdev.tomcat.apache.org%3E
20
reference_url https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E
21
reference_url https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3Cdev.tomcat.apache.org%3E
22
reference_url https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E
23
reference_url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
24
reference_url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E
25
reference_url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10422
reference_id
reference_type
scores
url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10422
26
reference_url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19452
reference_id
reference_type
scores
url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19452
27
reference_url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6445
reference_id
reference_type
scores
url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6445
28
reference_url https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:10422
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:10422
29
reference_url https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:19452
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:19452
30
reference_url https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:6445
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:6445
31
reference_url https://svn.apache.org/viewvc?view=rev&rev=734734
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=734734
32
reference_url https://svn.apache.org/viewvc?view=rev&rev=782757
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=782757
33
reference_url https://svn.apache.org/viewvc?view=rev&rev=782763
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=782763
34
reference_url https://svn.apache.org/viewvc?view=rev&rev=783291
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=783291
35
reference_url https://svn.apache.org/viewvc?view=rev&rev=783292
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=783292
36
reference_url http://support.apple.com/kb/HT4077
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://support.apple.com/kb/HT4077
37
reference_url https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01156.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01156.html
38
reference_url https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01216.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01216.html
39
reference_url https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01246.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01246.html
40
reference_url http://tomcat.apache.org/security-4.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-4.html
41
reference_url http://tomcat.apache.org/security-5.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-5.html
42
reference_url http://tomcat.apache.org/security-6.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-6.html
43
reference_url http://www.debian.org/security/2011/dsa-2207
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2011/dsa-2207
44
reference_url http://www.fujitsu.com/global/support/software/security/products-f/interstage-200902e.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.fujitsu.com/global/support/software/security/products-f/interstage-200902e.html
45
reference_url http://www.mandriva.com/security/advisories?name=MDVSA-2009:136
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.mandriva.com/security/advisories?name=MDVSA-2009:136
46
reference_url http://www.mandriva.com/security/advisories?name=MDVSA-2009:138
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.mandriva.com/security/advisories?name=MDVSA-2009:138
47
reference_url http://www.mandriva.com/security/advisories?name=MDVSA-2010:176
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.mandriva.com/security/advisories?name=MDVSA-2010:176
48
reference_url http://www.vmware.com/security/advisories/VMSA-2009-0016.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.vmware.com/security/advisories/VMSA-2009-0016.html
49
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=504753
reference_id 504753
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=504753
50
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5515
reference_id CVE-2008-5515
reference_type
scores
0
value Important
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5515
51
reference_url https://nvd.nist.gov/vuln/detail/CVE-2008-5515
reference_id CVE-2008-5515
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2008-5515
52
reference_url https://github.com/advisories/GHSA-9737-qmgc-hfr9
reference_id GHSA-9737-qmgc-hfr9
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-9737-qmgc-hfr9
53
reference_url https://security.gentoo.org/glsa/201206-24
reference_id GLSA-201206-24
reference_type
scores
url https://security.gentoo.org/glsa/201206-24
54
reference_url https://access.redhat.com/errata/RHSA-2009:1143
reference_id RHSA-2009:1143
reference_type
scores
url https://access.redhat.com/errata/RHSA-2009:1143
55
reference_url https://access.redhat.com/errata/RHSA-2009:1144
reference_id RHSA-2009:1144
reference_type
scores
url https://access.redhat.com/errata/RHSA-2009:1144
56
reference_url https://access.redhat.com/errata/RHSA-2009:1145
reference_id RHSA-2009:1145
reference_type
scores
url https://access.redhat.com/errata/RHSA-2009:1145
57
reference_url https://access.redhat.com/errata/RHSA-2009:1146
reference_id RHSA-2009:1146
reference_type
scores
url https://access.redhat.com/errata/RHSA-2009:1146
58
reference_url https://access.redhat.com/errata/RHSA-2009:1454
reference_id RHSA-2009:1454
reference_type
scores
url https://access.redhat.com/errata/RHSA-2009:1454
59
reference_url https://access.redhat.com/errata/RHSA-2009:1506
reference_id RHSA-2009:1506
reference_type
scores
url https://access.redhat.com/errata/RHSA-2009:1506
60
reference_url https://access.redhat.com/errata/RHSA-2009:1563
reference_id RHSA-2009:1563
reference_type
scores
url https://access.redhat.com/errata/RHSA-2009:1563
61
reference_url https://access.redhat.com/errata/RHSA-2009:1616
reference_id RHSA-2009:1616
reference_type
scores
url https://access.redhat.com/errata/RHSA-2009:1616
62
reference_url https://access.redhat.com/errata/RHSA-2009:1617
reference_id RHSA-2009:1617
reference_type
scores
url https://access.redhat.com/errata/RHSA-2009:1617
63
reference_url https://usn.ubuntu.com/788-1/
reference_id USN-788-1
reference_type
scores
url https://usn.ubuntu.com/788-1/
fixed_packages
aliases CVE-2008-5515, GHSA-9737-qmgc-hfr9
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7787-4bwm-efgq
9
url VCID-7nz2-dvhg-eud7
vulnerability_id VCID-7nz2-dvhg-eud7
summary A flaw was found in the Apache HTTP Server mod_proxy module. On sites where a reverse proxy is configured, a remote attacker could send a carefully crafted request that would cause the Apache child process handling that request to crash. On sites where a forward proxy is configured, an attacker could cause a similar crash if a user could be persuaded to visit a malicious site using the proxy. This could lead to a denial of service if using a threaded Multi-Processing Module.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3847.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3847.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2007-3847
reference_id
reference_type
scores
0
value 0.23276
scoring_system epss
scoring_elements 0.96049
published_at 2026-06-04T12:55:00Z
1
value 0.23276
scoring_system epss
scoring_elements 0.96053
published_at 2026-06-05T12:55:00Z
2
value 0.23276
scoring_system epss
scoring_elements 0.96057
published_at 2026-06-06T12:55:00Z
3
value 0.23276
scoring_system epss
scoring_elements 0.96058
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2007-3847
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3847
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3847
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=250731
reference_id 250731
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=250731
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=441845
reference_id 441845
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=441845
5
reference_url https://httpd.apache.org/security/json/CVE-2007-3847.json
reference_id CVE-2007-3847
reference_type
scores
0
value moderate
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2007-3847.json
6
reference_url https://security.gentoo.org/glsa/200711-06
reference_id GLSA-200711-06
reference_type
scores
url https://security.gentoo.org/glsa/200711-06
7
reference_url https://access.redhat.com/errata/RHSA-2007:0746
reference_id RHSA-2007:0746
reference_type
scores
url https://access.redhat.com/errata/RHSA-2007:0746
8
reference_url https://access.redhat.com/errata/RHSA-2007:0747
reference_id RHSA-2007:0747
reference_type
scores
url https://access.redhat.com/errata/RHSA-2007:0747
9
reference_url https://access.redhat.com/errata/RHSA-2007:0911
reference_id RHSA-2007:0911
reference_type
scores
url https://access.redhat.com/errata/RHSA-2007:0911
10
reference_url https://access.redhat.com/errata/RHSA-2008:0005
reference_id RHSA-2008:0005
reference_type
scores
url https://access.redhat.com/errata/RHSA-2008:0005
11
reference_url https://usn.ubuntu.com/575-1/
reference_id USN-575-1
reference_type
scores
url https://usn.ubuntu.com/575-1/
fixed_packages
aliases CVE-2007-3847
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7nz2-dvhg-eud7
10
url VCID-8tcp-wqqz-suaa
vulnerability_id VCID-8tcp-wqqz-suaa
summary PerlRun.pm in Apache mod_perl before 1.30, and RegistryCooker.pm in mod_perl 2.x, does not properly escape PATH_INFO before use in a regular expression, which allows remote attackers to cause a denial of service (resource consumption) via a crafted URI.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-1349.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-1349.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2007-1349
reference_id
reference_type
scores
0
value 0.13645
scoring_system epss
scoring_elements 0.94394
published_at 2026-06-08T12:55:00Z
1
value 0.18225
scoring_system epss
scoring_elements 0.95321
published_at 2026-06-04T12:55:00Z
2
value 0.18225
scoring_system epss
scoring_elements 0.95329
published_at 2026-06-05T12:55:00Z
3
value 0.18225
scoring_system epss
scoring_elements 0.95331
published_at 2026-06-06T12:55:00Z
4
value 0.18225
scoring_system epss
scoring_elements 0.95333
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2007-1349
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1349
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1349
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=240423
reference_id 240423
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=240423
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=433549
reference_id 433549
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=433549
5
reference_url https://security.gentoo.org/glsa/200705-04
reference_id GLSA-200705-04
reference_type
scores
url https://security.gentoo.org/glsa/200705-04
6
reference_url https://access.redhat.com/errata/RHSA-2007:0395
reference_id RHSA-2007:0395
reference_type
scores
url https://access.redhat.com/errata/RHSA-2007:0395
7
reference_url https://access.redhat.com/errata/RHSA-2007:0396
reference_id RHSA-2007:0396
reference_type
scores
url https://access.redhat.com/errata/RHSA-2007:0396
8
reference_url https://access.redhat.com/errata/RHSA-2007:0486
reference_id RHSA-2007:0486
reference_type
scores
url https://access.redhat.com/errata/RHSA-2007:0486
9
reference_url https://access.redhat.com/errata/RHSA-2008:0263
reference_id RHSA-2008:0263
reference_type
scores
url https://access.redhat.com/errata/RHSA-2008:0263
10
reference_url https://access.redhat.com/errata/RHSA-2008:0523
reference_id RHSA-2008:0523
reference_type
scores
url https://access.redhat.com/errata/RHSA-2008:0523
11
reference_url https://access.redhat.com/errata/RHSA-2008:0627
reference_id RHSA-2008:0627
reference_type
scores
url https://access.redhat.com/errata/RHSA-2008:0627
12
reference_url https://access.redhat.com/errata/RHSA-2008:0630
reference_id RHSA-2008:0630
reference_type
scores
url https://access.redhat.com/errata/RHSA-2008:0630
13
reference_url https://usn.ubuntu.com/488-1/
reference_id USN-488-1
reference_type
scores
url https://usn.ubuntu.com/488-1/
fixed_packages
aliases CVE-2007-1349
risk_score 0.1
exploitability 0.5
weighted_severity 0.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8tcp-wqqz-suaa
11
url VCID-8u1f-zan6-13cx
vulnerability_id VCID-8u1f-zan6-13cx
summary A bug was found in the mod_cache module. On sites where caching is enabled, a remote attacker could send a carefully crafted request that would cause the Apache child process handling that request to crash. This could lead to a denial of service if using a threaded Multi-Processing Module.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-1863.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-1863.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2007-1863
reference_id
reference_type
scores
0
value 0.27987
scoring_system epss
scoring_elements 0.96561
published_at 2026-06-04T12:55:00Z
1
value 0.27987
scoring_system epss
scoring_elements 0.96564
published_at 2026-06-05T12:55:00Z
2
value 0.27987
scoring_system epss
scoring_elements 0.96568
published_at 2026-06-06T12:55:00Z
3
value 0.27987
scoring_system epss
scoring_elements 0.9657
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2007-1863
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1863
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1863
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=244658
reference_id 244658
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=244658
4
reference_url https://httpd.apache.org/security/json/CVE-2007-1863.json
reference_id CVE-2007-1863
reference_type
scores
0
value moderate
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2007-1863.json
5
reference_url https://security.gentoo.org/glsa/200711-06
reference_id GLSA-200711-06
reference_type
scores
url https://security.gentoo.org/glsa/200711-06
6
reference_url https://access.redhat.com/errata/RHSA-2007:0533
reference_id RHSA-2007:0533
reference_type
scores
url https://access.redhat.com/errata/RHSA-2007:0533
7
reference_url https://access.redhat.com/errata/RHSA-2007:0534
reference_id RHSA-2007:0534
reference_type
scores
url https://access.redhat.com/errata/RHSA-2007:0534
8
reference_url https://access.redhat.com/errata/RHSA-2007:0556
reference_id RHSA-2007:0556
reference_type
scores
url https://access.redhat.com/errata/RHSA-2007:0556
9
reference_url https://access.redhat.com/errata/RHSA-2007:0557
reference_id RHSA-2007:0557
reference_type
scores
url https://access.redhat.com/errata/RHSA-2007:0557
10
reference_url https://usn.ubuntu.com/499-1/
reference_id USN-499-1
reference_type
scores
url https://usn.ubuntu.com/499-1/
fixed_packages
aliases CVE-2007-1863
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8u1f-zan6-13cx
12
url VCID-96zk-7c51-vke8
vulnerability_id VCID-96zk-7c51-vke8
summary A NULL pointer dereference flaw was found in the mod_proxy_ftp module. A malicious FTP server to which requests are being proxied could use this flaw to crash an httpd child process via a malformed reply to the EPSV or PASV commands, resulting in a limited denial of service.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3094.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3094.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2009-3094
reference_id
reference_type
scores
0
value 0.02833
scoring_system epss
scoring_elements 0.86455
published_at 2026-06-04T12:55:00Z
1
value 0.02833
scoring_system epss
scoring_elements 0.86478
published_at 2026-06-05T12:55:00Z
2
value 0.02833
scoring_system epss
scoring_elements 0.86479
published_at 2026-06-06T12:55:00Z
3
value 0.02833
scoring_system epss
scoring_elements 0.86474
published_at 2026-06-07T12:55:00Z
4
value 0.02833
scoring_system epss
scoring_elements 0.86461
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2009-3094
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3094
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3094
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=521619
reference_id 521619
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=521619
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=545951
reference_id 545951
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=545951
5
reference_url https://httpd.apache.org/security/json/CVE-2009-3094.json
reference_id CVE-2009-3094
reference_type
scores
0
value low
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2009-3094.json
6
reference_url https://usn.ubuntu.com/860-1/
reference_id USN-860-1
reference_type
scores
url https://usn.ubuntu.com/860-1/
fixed_packages
aliases CVE-2009-3094
risk_score 1.1
exploitability 0.5
weighted_severity 2.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-96zk-7c51-vke8
13
url VCID-9gy4-bvsv-4yag
vulnerability_id VCID-9gy4-bvsv-4yag
summary Double free vulnerability in Perl 5.8.8 allows context-dependent attackers to cause a denial of service (memory corruption and crash) via a crafted regular expression containing UTF8 characters. NOTE: this issue might only be present on certain operating systems.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1927.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1927.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2008-1927
reference_id
reference_type
scores
0
value 0.0236
scoring_system epss
scoring_elements 0.85216
published_at 2026-06-04T12:55:00Z
1
value 0.0236
scoring_system epss
scoring_elements 0.8524
published_at 2026-06-07T12:55:00Z
2
value 0.0236
scoring_system epss
scoring_elements 0.85246
published_at 2026-06-06T12:55:00Z
3
value 0.0236
scoring_system epss
scoring_elements 0.85228
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2008-1927
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1927
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1927
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=443928
reference_id 443928
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=443928
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=454792
reference_id 454792
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=454792
5
reference_url https://security.gentoo.org/glsa/200805-17
reference_id GLSA-200805-17
reference_type
scores
url https://security.gentoo.org/glsa/200805-17
6
reference_url https://access.redhat.com/errata/RHSA-2008:0522
reference_id RHSA-2008:0522
reference_type
scores
url https://access.redhat.com/errata/RHSA-2008:0522
7
reference_url https://access.redhat.com/errata/RHSA-2008:0532
reference_id RHSA-2008:0532
reference_type
scores
url https://access.redhat.com/errata/RHSA-2008:0532
8
reference_url https://usn.ubuntu.com/700-1/
reference_id USN-700-1
reference_type
scores
url https://usn.ubuntu.com/700-1/
fixed_packages
aliases CVE-2008-1927
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9gy4-bvsv-4yag
14
url VCID-bhfc-b64s-yue4
vulnerability_id VCID-bhfc-b64s-yue4
summary A flaw was found in the mod_proxy_ftp module. In a reverse proxy configuration, a remote attacker could use this flaw to bypass intended access restrictions by creating a carefully-crafted HTTP Authorization header, allowing the attacker to send arbitrary commands to the FTP server.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3095.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3095.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2009-3095
reference_id
reference_type
scores
0
value 0.03845
scoring_system epss
scoring_elements 0.884
published_at 2026-06-04T12:55:00Z
1
value 0.03845
scoring_system epss
scoring_elements 0.88418
published_at 2026-06-05T12:55:00Z
2
value 0.03845
scoring_system epss
scoring_elements 0.8842
published_at 2026-06-06T12:55:00Z
3
value 0.03845
scoring_system epss
scoring_elements 0.88419
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2009-3095
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3095
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3095
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=522209
reference_id 522209
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=522209
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=545951
reference_id 545951
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=545951
5
reference_url https://httpd.apache.org/security/json/CVE-2009-3095.json
reference_id CVE-2009-3095
reference_type
scores
0
value low
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2009-3095.json
6
reference_url https://usn.ubuntu.com/860-1/
reference_id USN-860-1
reference_type
scores
url https://usn.ubuntu.com/860-1/
fixed_packages
aliases CVE-2009-3095
risk_score 1.1
exploitability 0.5
weighted_severity 2.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bhfc-b64s-yue4
15
url VCID-crhe-rt8j-wycu
vulnerability_id VCID-crhe-rt8j-wycu
summary 
Exposure of Sensitive Information to an Unauthorized Actor
Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18, when FORM authentication is used, allows remote attackers to enumerate valid usernames via requests to /j_security_check with malformed URL encoding of passwords, related to improper error checking in the (1) MemoryRealm, (2) DataSourceRealm, and (3) JDBCRealm authentication realms, as demonstrated by a % (percent) value for the j_password parameter.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0580.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0580.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2009-0580
reference_id
reference_type
scores
0
value 0.88173
scoring_system epss
scoring_elements 0.99505
published_at 2026-06-04T12:55:00Z
1
value 0.88173
scoring_system epss
scoring_elements 0.99507
published_at 2026-06-05T12:55:00Z
2
value 0.88173
scoring_system epss
scoring_elements 0.99506
published_at 2026-06-06T12:55:00Z
3
value 0.89573
scoring_system epss
scoring_elements 0.99574
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2009-0580
2
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/50930
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/50930
3
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
4
reference_url https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E
5
reference_url https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E
6
reference_url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
7
reference_url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E
8
reference_url https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E
9
reference_url https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E
10
reference_url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
11
reference_url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@%3Cdev.tomcat.apache.org%3E
13
reference_url https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E
14
reference_url https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3Cdev.tomcat.apache.org%3E
15
reference_url https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E
16
reference_url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
17
reference_url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E
18
reference_url https://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html
19
reference_url https://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html
20
reference_url https://marc.info/?l=bugtraq&m=127420533226623&w=2
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://marc.info/?l=bugtraq&m=127420533226623&w=2
21
reference_url https://marc.info/?l=bugtraq&m=129070310906557&w=2
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://marc.info/?l=bugtraq&m=129070310906557&w=2
22
reference_url https://marc.info/?l=bugtraq&m=133469267822771&w=2
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://marc.info/?l=bugtraq&m=133469267822771&w=2
23
reference_url https://marc.info/?l=bugtraq&m=136485229118404&w=2
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://marc.info/?l=bugtraq&m=136485229118404&w=2
24
reference_url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18915
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18915
25
reference_url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6628
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6628
26
reference_url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9101
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9101
27
reference_url https://svn.apache.org/viewvc?rev=747840&view=rev
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://svn.apache.org/viewvc?rev=747840&view=rev
28
reference_url https://svn.apache.org/viewvc?rev=781379&view=rev
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://svn.apache.org/viewvc?rev=781379&view=rev
29
reference_url https://svn.apache.org/viewvc?rev=781382&view=rev
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://svn.apache.org/viewvc?rev=781382&view=rev
30
reference_url https://svn.apache.org/viewvc?view=rev&rev=747840
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=747840
31
reference_url https://svn.apache.org/viewvc?view=rev&rev=781379
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=781379
32
reference_url https://svn.apache.org/viewvc?view=rev&rev=781382
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=781382
33
reference_url https://tomcat.apache.org/security-4.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-4.html
34
reference_url https://tomcat.apache.org/security-5.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-5.html
35
reference_url https://tomcat.apache.org/security-6.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-6.html
36
reference_url https://www.debian.org/security/2011/dsa-2207
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2011/dsa-2207
37
reference_url https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01156.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01156.html
38
reference_url https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01216.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01216.html
39
reference_url https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01246.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01246.html
40
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=503978
reference_id 503978
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=503978
41
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0580
reference_id CVE-2009-0580
reference_type
scores
0
value Low
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0580
42
reference_url https://nvd.nist.gov/vuln/detail/CVE-2009-0580
reference_id CVE-2009-0580
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2009-0580
43
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/33023.txt
reference_id CVE-2009-0580;OSVDB-55055
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/33023.txt
44
reference_url https://www.securityfocus.com/bid/35196/info
reference_id CVE-2009-0580;OSVDB-55055
reference_type exploit
scores
url https://www.securityfocus.com/bid/35196/info
45
reference_url https://github.com/advisories/GHSA-w227-xcfx-3pj8
reference_id GHSA-w227-xcfx-3pj8
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-w227-xcfx-3pj8
46
reference_url https://security.gentoo.org/glsa/201206-24
reference_id GLSA-201206-24
reference_type
scores
url https://security.gentoo.org/glsa/201206-24
47
reference_url https://access.redhat.com/errata/RHSA-2009:1143
reference_id RHSA-2009:1143
reference_type
scores
url https://access.redhat.com/errata/RHSA-2009:1143
48
reference_url https://access.redhat.com/errata/RHSA-2009:1144
reference_id RHSA-2009:1144
reference_type
scores
url https://access.redhat.com/errata/RHSA-2009:1144
49
reference_url https://access.redhat.com/errata/RHSA-2009:1145
reference_id RHSA-2009:1145
reference_type
scores
url https://access.redhat.com/errata/RHSA-2009:1145
50
reference_url https://access.redhat.com/errata/RHSA-2009:1146
reference_id RHSA-2009:1146
reference_type
scores
url https://access.redhat.com/errata/RHSA-2009:1146
51
reference_url https://access.redhat.com/errata/RHSA-2009:1454
reference_id RHSA-2009:1454
reference_type
scores
url https://access.redhat.com/errata/RHSA-2009:1454
52
reference_url https://access.redhat.com/errata/RHSA-2009:1506
reference_id RHSA-2009:1506
reference_type
scores
url https://access.redhat.com/errata/RHSA-2009:1506
53
reference_url https://access.redhat.com/errata/RHSA-2009:1563
reference_id RHSA-2009:1563
reference_type
scores
url https://access.redhat.com/errata/RHSA-2009:1563
54
reference_url https://access.redhat.com/errata/RHSA-2009:1616
reference_id RHSA-2009:1616
reference_type
scores
url https://access.redhat.com/errata/RHSA-2009:1616
55
reference_url https://usn.ubuntu.com/788-1/
reference_id USN-788-1
reference_type
scores
url https://usn.ubuntu.com/788-1/
fixed_packages
aliases CVE-2009-0580, GHSA-w227-xcfx-3pj8
risk_score 10.0
exploitability 2.0
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-crhe-rt8j-wycu
16
url VCID-duum-yhkc-83dp
vulnerability_id VCID-duum-yhkc-83dp
summary A flaw was found in the handling of wildcards in the path of a FTP URL with mod_proxy_ftp. If mod_proxy_ftp is enabled to support FTP-over-HTTP, requests containing globbing characters could lead to cross-site scripting (XSS) attacks.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2939.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2939.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2008-2939
reference_id
reference_type
scores
0
value 0.6456
scoring_system epss
scoring_elements 0.98473
published_at 2026-06-04T12:55:00Z
1
value 0.6456
scoring_system epss
scoring_elements 0.98476
published_at 2026-06-08T12:55:00Z
2
value 0.6456
scoring_system epss
scoring_elements 0.98477
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2008-2939
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2939
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2939
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=458250
reference_id 458250
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=458250
4
reference_url https://httpd.apache.org/security/json/CVE-2008-2939.json
reference_id CVE-2008-2939
reference_type
scores
0
value low
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2008-2939.json
5
reference_url https://access.redhat.com/errata/RHSA-2008:0967
reference_id RHSA-2008:0967
reference_type
scores
url https://access.redhat.com/errata/RHSA-2008:0967
6
reference_url https://usn.ubuntu.com/731-1/
reference_id USN-731-1
reference_type
scores
url https://usn.ubuntu.com/731-1/
fixed_packages
aliases CVE-2008-2939
risk_score 1.1
exploitability 0.5
weighted_severity 2.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-duum-yhkc-83dp
17
url VCID-e7vc-57g8-1bg8
vulnerability_id VCID-e7vc-57g8-1bg8
summary A workaround was added in the mod_proxy_ftp module. On sites where mod_proxy_ftp is enabled and a forward proxy is configured, a cross-site scripting attack is possible against Web browsers which do not correctly derive the response character set following the rules in RFC 2616.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0005.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0005.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2008-0005
reference_id
reference_type
scores
0
value 0.02726
scoring_system epss
scoring_elements 0.8622
published_at 2026-06-04T12:55:00Z
1
value 0.02726
scoring_system epss
scoring_elements 0.8624
published_at 2026-06-05T12:55:00Z
2
value 0.02726
scoring_system epss
scoring_elements 0.86243
published_at 2026-06-06T12:55:00Z
3
value 0.02726
scoring_system epss
scoring_elements 0.86239
published_at 2026-06-07T12:55:00Z
4
value 0.02726
scoring_system epss
scoring_elements 0.86228
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2008-0005
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0005
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0005
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=427739
reference_id 427739
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=427739
4
reference_url https://httpd.apache.org/security/json/CVE-2008-0005.json
reference_id CVE-2008-0005
reference_type
scores
0
value low
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2008-0005.json
5
reference_url https://security.gentoo.org/glsa/200803-19
reference_id GLSA-200803-19
reference_type
scores
url https://security.gentoo.org/glsa/200803-19
6
reference_url https://access.redhat.com/errata/RHSA-2008:0004
reference_id RHSA-2008:0004
reference_type
scores
url https://access.redhat.com/errata/RHSA-2008:0004
7
reference_url https://access.redhat.com/errata/RHSA-2008:0005
reference_id RHSA-2008:0005
reference_type
scores
url https://access.redhat.com/errata/RHSA-2008:0005
8
reference_url https://access.redhat.com/errata/RHSA-2008:0006
reference_id RHSA-2008:0006
reference_type
scores
url https://access.redhat.com/errata/RHSA-2008:0006
9
reference_url https://access.redhat.com/errata/RHSA-2008:0007
reference_id RHSA-2008:0007
reference_type
scores
url https://access.redhat.com/errata/RHSA-2008:0007
10
reference_url https://access.redhat.com/errata/RHSA-2008:0008
reference_id RHSA-2008:0008
reference_type
scores
url https://access.redhat.com/errata/RHSA-2008:0008
11
reference_url https://usn.ubuntu.com/575-1/
reference_id USN-575-1
reference_type
scores
url https://usn.ubuntu.com/575-1/
fixed_packages
aliases CVE-2008-0005
risk_score 1.1
exploitability 0.5
weighted_severity 2.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e7vc-57g8-1bg8
18
url VCID-g837-8mzy-h3be
vulnerability_id VCID-g837-8mzy-h3be
summary A flaw in apr_palloc() in the bundled copy of APR could cause heap overflows in programs that try to apr_palloc() a user controlled size. The Apache HTTP Server itself does not pass unsanitized user-provided sizes to this function, so it could only be triggered through some other application which uses apr_palloc() in a vulnerable way.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2412.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2412.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2009-2412
reference_id
reference_type
scores
0
value 0.07751
scoring_system epss
scoring_elements 0.92088
published_at 2026-06-04T12:55:00Z
1
value 0.07751
scoring_system epss
scoring_elements 0.921
published_at 2026-06-05T12:55:00Z
2
value 0.07751
scoring_system epss
scoring_elements 0.92097
published_at 2026-06-06T12:55:00Z
3
value 0.07751
scoring_system epss
scoring_elements 0.92095
published_at 2026-06-07T12:55:00Z
4
value 0.10322
scoring_system epss
scoring_elements 0.93326
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2009-2412
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2412
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2412
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=515698
reference_id 515698
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=515698
4
reference_url https://httpd.apache.org/security/json/CVE-2009-2412.json
reference_id CVE-2009-2412
reference_type
scores
0
value low
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2009-2412.json
5
reference_url https://security.gentoo.org/glsa/200909-03
reference_id GLSA-200909-03
reference_type
scores
url https://security.gentoo.org/glsa/200909-03
6
reference_url https://access.redhat.com/errata/RHSA-2009:1204
reference_id RHSA-2009:1204
reference_type
scores
url https://access.redhat.com/errata/RHSA-2009:1204
7
reference_url https://access.redhat.com/errata/RHSA-2009:1205
reference_id RHSA-2009:1205
reference_type
scores
url https://access.redhat.com/errata/RHSA-2009:1205
8
reference_url https://access.redhat.com/errata/RHSA-2009:1462
reference_id RHSA-2009:1462
reference_type
scores
url https://access.redhat.com/errata/RHSA-2009:1462
9
reference_url https://usn.ubuntu.com/813-1/
reference_id USN-813-1
reference_type
scores
url https://usn.ubuntu.com/813-1/
10
reference_url https://usn.ubuntu.com/813-2/
reference_id USN-813-2
reference_type
scores
url https://usn.ubuntu.com/813-2/
11
reference_url https://usn.ubuntu.com/813-3/
reference_id USN-813-3
reference_type
scores
url https://usn.ubuntu.com/813-3/
fixed_packages
aliases CVE-2009-2412
risk_score 1.1
exploitability 0.5
weighted_severity 2.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-g837-8mzy-h3be
19
url VCID-gbrc-zarh-43bs
vulnerability_id VCID-gbrc-zarh-43bs
summary A flaw was found in the handling of excessive interim responses from an origin server when using mod_proxy_http. A remote attacker could cause a denial of service or high memory usage.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2364.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2364.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2008-2364
reference_id
reference_type
scores
0
value 0.02213
scoring_system epss
scoring_elements 0.84768
published_at 2026-06-04T12:55:00Z
1
value 0.02213
scoring_system epss
scoring_elements 0.84792
published_at 2026-06-05T12:55:00Z
2
value 0.02213
scoring_system epss
scoring_elements 0.84796
published_at 2026-06-06T12:55:00Z
3
value 0.02213
scoring_system epss
scoring_elements 0.84791
published_at 2026-06-07T12:55:00Z
4
value 0.02213
scoring_system epss
scoring_elements 0.84779
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2008-2364
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2364
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2364
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=451615
reference_id 451615
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=451615
4
reference_url https://httpd.apache.org/security/json/CVE-2008-2364.json
reference_id CVE-2008-2364
reference_type
scores
0
value moderate
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2008-2364.json
5
reference_url https://security.gentoo.org/glsa/200807-06
reference_id GLSA-200807-06
reference_type
scores
url https://security.gentoo.org/glsa/200807-06
6
reference_url https://access.redhat.com/errata/RHSA-2008:0967
reference_id RHSA-2008:0967
reference_type
scores
url https://access.redhat.com/errata/RHSA-2008:0967
7
reference_url https://usn.ubuntu.com/731-1/
reference_id USN-731-1
reference_type
scores
url https://usn.ubuntu.com/731-1/
fixed_packages
aliases CVE-2008-2364
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gbrc-zarh-43bs
20
url VCID-hxw9-84e2-gfez
vulnerability_id VCID-hxw9-84e2-gfez
summary A denial of service flaw was found in the mod_deflate module. This module continued to compress large files until compression was complete, even if the network connection that requested the content was closed before compression completed. This would cause mod_deflate to consume large amounts of CPU if mod_deflate was enabled for a large file.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1891.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1891.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2009-1891
reference_id
reference_type
scores
0
value 0.18846
scoring_system epss
scoring_elements 0.95424
published_at 2026-06-04T12:55:00Z
1
value 0.18846
scoring_system epss
scoring_elements 0.95431
published_at 2026-06-05T12:55:00Z
2
value 0.18846
scoring_system epss
scoring_elements 0.95434
published_at 2026-06-06T12:55:00Z
3
value 0.18846
scoring_system epss
scoring_elements 0.95436
published_at 2026-06-07T12:55:00Z
4
value 0.20968
scoring_system epss
scoring_elements 0.95758
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2009-1891
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1891
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1891
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=509125
reference_id 509125
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=509125
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=534712
reference_id 534712
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=534712
5
reference_url https://httpd.apache.org/security/json/CVE-2009-1891.json
reference_id CVE-2009-1891
reference_type
scores
0
value low
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2009-1891.json
6
reference_url https://security.gentoo.org/glsa/200907-04
reference_id GLSA-200907-04
reference_type
scores
url https://security.gentoo.org/glsa/200907-04
7
reference_url https://access.redhat.com/errata/RHSA-2009:1148
reference_id RHSA-2009:1148
reference_type
scores
url https://access.redhat.com/errata/RHSA-2009:1148
8
reference_url https://access.redhat.com/errata/RHSA-2009:1155
reference_id RHSA-2009:1155
reference_type
scores
url https://access.redhat.com/errata/RHSA-2009:1155
9
reference_url https://access.redhat.com/errata/RHSA-2009:1160
reference_id RHSA-2009:1160
reference_type
scores
url https://access.redhat.com/errata/RHSA-2009:1160
10
reference_url https://access.redhat.com/errata/RHSA-2009:1205
reference_id RHSA-2009:1205
reference_type
scores
url https://access.redhat.com/errata/RHSA-2009:1205
11
reference_url https://usn.ubuntu.com/802-1/
reference_id USN-802-1
reference_type
scores
url https://usn.ubuntu.com/802-1/
fixed_packages
aliases CVE-2009-1891
risk_score 1.1
exploitability 0.5
weighted_severity 2.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hxw9-84e2-gfez
21
url VCID-j9tr-zf8z-2ka8
vulnerability_id VCID-j9tr-zf8z-2ka8
summary A flaw was found in the mod_status module. On sites where mod_status is enabled and the status pages were publicly accessible, a cross-site scripting attack is possible. Note that the server-status page is not enabled by default and it is best practice to not make this publicly available.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6388.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6388.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2007-6388
reference_id
reference_type
scores
0
value 0.84619
scoring_system epss
scoring_elements 0.99348
published_at 2026-06-04T12:55:00Z
1
value 0.84619
scoring_system epss
scoring_elements 0.9935
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2007-6388
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=427228
reference_id 427228
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=427228
4
reference_url https://httpd.apache.org/security/json/CVE-2007-6388.json
reference_id CVE-2007-6388
reference_type
scores
0
value moderate
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2007-6388.json
5
reference_url https://access.redhat.com/errata/RHSA-2008:0004
reference_id RHSA-2008:0004
reference_type
scores
url https://access.redhat.com/errata/RHSA-2008:0004
6
reference_url https://access.redhat.com/errata/RHSA-2008:0005
reference_id RHSA-2008:0005
reference_type
scores
url https://access.redhat.com/errata/RHSA-2008:0005
7
reference_url https://access.redhat.com/errata/RHSA-2008:0006
reference_id RHSA-2008:0006
reference_type
scores
url https://access.redhat.com/errata/RHSA-2008:0006
8
reference_url https://access.redhat.com/errata/RHSA-2008:0007
reference_id RHSA-2008:0007
reference_type
scores
url https://access.redhat.com/errata/RHSA-2008:0007
9
reference_url https://access.redhat.com/errata/RHSA-2008:0008
reference_id RHSA-2008:0008
reference_type
scores
url https://access.redhat.com/errata/RHSA-2008:0008
10
reference_url https://access.redhat.com/errata/RHSA-2008:0263
reference_id RHSA-2008:0263
reference_type
scores
url https://access.redhat.com/errata/RHSA-2008:0263
11
reference_url https://access.redhat.com/errata/RHSA-2008:0523
reference_id RHSA-2008:0523
reference_type
scores
url https://access.redhat.com/errata/RHSA-2008:0523
12
reference_url https://usn.ubuntu.com/575-1/
reference_id USN-575-1
reference_type
scores
url https://usn.ubuntu.com/575-1/
fixed_packages
aliases CVE-2007-6388
risk_score 9.6
exploitability 2.0
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-j9tr-zf8z-2ka8
22
url VCID-kua1-kn4q-7kd2
vulnerability_id VCID-kua1-kn4q-7kd2
summary
references
0
reference_url http://docs.info.apple.com/article.html?artnum=306172
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://docs.info.apple.com/article.html?artnum=306172
1
reference_url http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html
2
reference_url http://lists.vmware.com/pipermail/security-announce/2008/000003.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.vmware.com/pipermail/security-announce/2008/000003.html
3
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-0450.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-0450.json
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2007-0450
reference_id
reference_type
scores
0
value 0.90452
scoring_system epss
scoring_elements 0.99626
published_at 2026-06-06T12:55:00Z
1
value 0.90452
scoring_system epss
scoring_elements 0.99625
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2007-0450
5
reference_url http://security.gentoo.org/glsa/glsa-200705-03.xml
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://security.gentoo.org/glsa/glsa-200705-03.xml
6
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/32988
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/32988
7
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
8
reference_url https://github.com/apache/tomcat/commit/0c5ec5b958f1b59840ee155a23ab409755b039f6
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/0c5ec5b958f1b59840ee155a23ab409755b039f6
9
reference_url https://github.com/apache/tomcat/commit/1735d7f55094c3775c7d94e4f8568336dbe1a738
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/1735d7f55094c3775c7d94e4f8568336dbe1a738
10
reference_url https://github.com/apache/tomcat/commit/19ec1ccd17fbb98511bc1c12b255253c4f48b85f
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/19ec1ccd17fbb98511bc1c12b255253c4f48b85f
11
reference_url https://github.com/apache/tomcat/commit/ec7ff880dbc28b313bf3a2b1914f6f0371489793
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/ec7ff880dbc28b313bf3a2b1914f6f0371489793
12
reference_url https://lists.apache.org/thread.html/277d42b48b6e9aef50949c0dcc79ce21693091d73da246b3c1981925@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/277d42b48b6e9aef50949c0dcc79ce21693091d73da246b3c1981925@%3Cdev.tomcat.apache.org%3E
13
reference_url https://lists.apache.org/thread.html/277d42b48b6e9aef50949c0dcc79ce21693091d73da246b3c1981925%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/277d42b48b6e9aef50949c0dcc79ce21693091d73da246b3c1981925%40%3Cdev.tomcat.apache.org%3E
14
reference_url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
15
reference_url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E
16
reference_url https://lists.apache.org/thread.html/5b7a23e245c93235c503900da854a143596d901bf1a1f67e851a5de4@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/5b7a23e245c93235c503900da854a143596d901bf1a1f67e851a5de4@%3Cdev.tomcat.apache.org%3E
17
reference_url https://lists.apache.org/thread.html/5b7a23e245c93235c503900da854a143596d901bf1a1f67e851a5de4%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/5b7a23e245c93235c503900da854a143596d901bf1a1f67e851a5de4%40%3Cdev.tomcat.apache.org%3E
18
reference_url https://lists.apache.org/thread.html/8d2a579bbd977c225c70cb23b0ec54865fb0dab5da3eff1e060c9935@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/8d2a579bbd977c225c70cb23b0ec54865fb0dab5da3eff1e060c9935@%3Cdev.tomcat.apache.org%3E
19
reference_url https://lists.apache.org/thread.html/8d2a579bbd977c225c70cb23b0ec54865fb0dab5da3eff1e060c9935%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/8d2a579bbd977c225c70cb23b0ec54865fb0dab5da3eff1e060c9935%40%3Cdev.tomcat.apache.org%3E
20
reference_url https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d@%3Cdev.tomcat.apache.org%3E
21
reference_url https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d%40%3Cdev.tomcat.apache.org%3E
22
reference_url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
23
reference_url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E
24
reference_url https://lists.apache.org/thread.html/r5c616dfc49156e4b06ffab842800c80f4425924d0f20c452c127a53c@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r5c616dfc49156e4b06ffab842800c80f4425924d0f20c452c127a53c@%3Cdev.tomcat.apache.org%3E
25
reference_url https://lists.apache.org/thread.html/r5c616dfc49156e4b06ffab842800c80f4425924d0f20c452c127a53c%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r5c616dfc49156e4b06ffab842800c80f4425924d0f20c452c127a53c%40%3Cdev.tomcat.apache.org%3E
26
reference_url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
27
reference_url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E
28
reference_url https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d@%3Cdev.tomcat.apache.org%3E
29
reference_url https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d%40%3Cdev.tomcat.apache.org%3E
30
reference_url https://nvd.nist.gov/vuln/detail/CVE-2007-0450
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2007-0450
31
reference_url http://tomcat.apache.org/security-4.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-4.html
32
reference_url http://tomcat.apache.org/security-5.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-5.html
33
reference_url http://tomcat.apache.org/security-6.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-6.html
34
reference_url http://www.redhat.com/support/errata/RHSA-2007-0327.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.redhat.com/support/errata/RHSA-2007-0327.html
35
reference_url http://www.redhat.com/support/errata/RHSA-2007-0360.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.redhat.com/support/errata/RHSA-2007-0360.html
36
reference_url http://www.redhat.com/support/errata/RHSA-2008-0261.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.redhat.com/support/errata/RHSA-2008-0261.html
37
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=237080
reference_id 237080
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=237080
38
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0450
reference_id CVE-2007-0450
reference_type
scores
0
value Important
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0450
39
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/29739.txt
reference_id CVE-2007-0450;OSVDB-34769
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/29739.txt
40
reference_url https://www.securityfocus.com/bid/22960/info
reference_id CVE-2007-0450;OSVDB-34769
reference_type exploit
scores
url https://www.securityfocus.com/bid/22960/info
41
reference_url https://github.com/advisories/GHSA-4prh-gqw8-rgh5
reference_id GHSA-4prh-gqw8-rgh5
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-4prh-gqw8-rgh5
42
reference_url https://security.gentoo.org/glsa/200705-03
reference_id GLSA-200705-03
reference_type
scores
url https://security.gentoo.org/glsa/200705-03
43
reference_url https://access.redhat.com/errata/RHSA-2007:0360
reference_id RHSA-2007:0360
reference_type
scores
url https://access.redhat.com/errata/RHSA-2007:0360
44
reference_url https://access.redhat.com/errata/RHSA-2007:1069
reference_id RHSA-2007:1069
reference_type
scores
url https://access.redhat.com/errata/RHSA-2007:1069
fixed_packages
aliases CVE-2007-0450, GHSA-4prh-gqw8-rgh5
risk_score 10.0
exploitability 2.0
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kua1-kn4q-7kd2
23
url VCID-kxc3-vz2c-wqca
vulnerability_id VCID-kxc3-vz2c-wqca
summary 
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Absolute path traversal vulnerability in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0, 5.0.0, 5.5.0 through 5.5.25, and 6.0.0 through 6.0.14, under certain configurations, allows remote authenticated users to read arbitrary files via a WebDAV write request that specifies an entity with a SYSTEM tag.
references
0
reference_url http://geronimo.apache.org/2007/10/18/potential-vulnerability-in-apache-tomcat-webdav-servlet.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://geronimo.apache.org/2007/10/18/potential-vulnerability-in-apache-tomcat-webdav-servlet.html
1
reference_url http://issues.apache.org/jira/browse/GERONIMO-3549
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://issues.apache.org/jira/browse/GERONIMO-3549
2
reference_url http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html
3
reference_url http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html
4
reference_url http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html
5
reference_url http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html
6
reference_url http://mail-archives.apache.org/mod_mbox/tomcat-users/200710.mbox/%3C47135C2D.1000705@apache.org%3E
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://mail-archives.apache.org/mod_mbox/tomcat-users/200710.mbox/%3C47135C2D.1000705@apache.org%3E
7
reference_url http://marc.info/?l=bugtraq&m=139344343412337&w=2
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://marc.info/?l=bugtraq&m=139344343412337&w=2
8
reference_url http://marc.info/?l=full-disclosure&m=119239530508382
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://marc.info/?l=full-disclosure&m=119239530508382
9
reference_url http://rhn.redhat.com/errata/RHSA-2008-0630.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2008-0630.html
10
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5461.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5461.json
11
reference_url https://api.first.org/data/v1/epss?cve=CVE-2007-5461
reference_id
reference_type
scores
0
value 0.06505
scoring_system epss
scoring_elements 0.91281
published_at 2026-06-07T12:55:00Z
1
value 0.06505
scoring_system epss
scoring_elements 0.91284
published_at 2026-06-06T12:55:00Z
2
value 0.06505
scoring_system epss
scoring_elements 0.91277
published_at 2026-06-08T12:55:00Z
3
value 0.06505
scoring_system epss
scoring_elements 0.91271
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2007-5461
12
reference_url http://security.gentoo.org/glsa/glsa-200804-10.xml
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://security.gentoo.org/glsa/glsa-200804-10.xml
13
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/37243
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/37243
14
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
15
reference_url https://github.com/apache/tomcat/commit/1e7b31e24801777f4de45d565f6a20a5377dd22c
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/1e7b31e24801777f4de45d565f6a20a5377dd22c
16
reference_url https://github.com/apache/tomcat/commit/901292cf9d7d8225f8a3b96c7583e2bd8b41772d
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/901292cf9d7d8225f8a3b96c7583e2bd8b41772d
17
reference_url https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E
18
reference_url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
19
reference_url https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E
20
reference_url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
21
reference_url https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@%3Cdev.tomcat.apache.org%3E
22
reference_url https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3Cdev.tomcat.apache.org%3E
23
reference_url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
24
reference_url http://support.apple.com/kb/HT2163
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://support.apple.com/kb/HT2163
25
reference_url http://support.apple.com/kb/HT3216
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://support.apple.com/kb/HT3216
26
reference_url https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00525.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00525.html
27
reference_url http://tomcat.apache.org/security-4.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-4.html
28
reference_url http://tomcat.apache.org/security-5.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-5.html
29
reference_url http://tomcat.apache.org/security-6.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-6.html
30
reference_url http://www.debian.org/security/2008/dsa-1447
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2008/dsa-1447
31
reference_url http://www.debian.org/security/2008/dsa-1453
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2008/dsa-1453
32
reference_url http://www.redhat.com/support/errata/RHSA-2008-0042.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://www.redhat.com/support/errata/RHSA-2008-0042.html
33
reference_url http://www.redhat.com/support/errata/RHSA-2008-0195.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://www.redhat.com/support/errata/RHSA-2008-0195.html
34
reference_url http://www.redhat.com/support/errata/RHSA-2008-0261.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://www.redhat.com/support/errata/RHSA-2008-0261.html
35
reference_url http://www.redhat.com/support/errata/RHSA-2008-0862.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://www.redhat.com/support/errata/RHSA-2008-0862.html
36
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=333791
reference_id 333791
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=333791
37
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5461
reference_id CVE-2007-5461
reference_type
scores
0
value Important
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5461
38
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/4552.pl
reference_id CVE-2007-5461
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/4552.pl
39
reference_url https://nvd.nist.gov/vuln/detail/CVE-2007-5461
reference_id CVE-2007-5461
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2007-5461
40
reference_url https://github.com/advisories/GHSA-v5p2-vg3c-pmrr
reference_id GHSA-v5p2-vg3c-pmrr
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-v5p2-vg3c-pmrr
41
reference_url https://security.gentoo.org/glsa/200804-10
reference_id GLSA-200804-10
reference_type
scores
url https://security.gentoo.org/glsa/200804-10
42
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/4530.pl
reference_id OSVDB-38187;CVE-2007-5461
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/4530.pl
43
reference_url https://access.redhat.com/errata/RHSA-2008:0042
reference_id RHSA-2008:0042
reference_type
scores
url https://access.redhat.com/errata/RHSA-2008:0042
44
reference_url https://access.redhat.com/errata/RHSA-2008:0151
reference_id RHSA-2008:0151
reference_type
scores
url https://access.redhat.com/errata/RHSA-2008:0151
45
reference_url https://access.redhat.com/errata/RHSA-2008:0158
reference_id RHSA-2008:0158
reference_type
scores
url https://access.redhat.com/errata/RHSA-2008:0158
46
reference_url https://access.redhat.com/errata/RHSA-2008:0195
reference_id RHSA-2008:0195
reference_type
scores
url https://access.redhat.com/errata/RHSA-2008:0195
47
reference_url https://access.redhat.com/errata/RHSA-2008:0213
reference_id RHSA-2008:0213
reference_type
scores
url https://access.redhat.com/errata/RHSA-2008:0213
48
reference_url https://access.redhat.com/errata/RHSA-2008:0630
reference_id RHSA-2008:0630
reference_type
scores
url https://access.redhat.com/errata/RHSA-2008:0630
fixed_packages
aliases CVE-2007-5461, GHSA-v5p2-vg3c-pmrr
risk_score 10.0
exploitability 2.0
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kxc3-vz2c-wqca
24
url VCID-q44z-7zkg-8yf9
vulnerability_id VCID-q44z-7zkg-8yf9
summary The Apache HTTP server did not verify that a process was an Apache child process before sending it signals. A local attacker with the ability to run scripts on the HTTP server could manipulate the scoreboard and cause arbitrary processes to be terminated which could lead to a denial of service.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3304.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3304.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2007-3304
reference_id
reference_type
scores
0
value 0.00098
scoring_system epss
scoring_elements 0.26916
published_at 2026-06-04T12:55:00Z
1
value 0.00098
scoring_system epss
scoring_elements 0.27018
published_at 2026-06-05T12:55:00Z
2
value 0.00098
scoring_system epss
scoring_elements 0.27011
published_at 2026-06-06T12:55:00Z
3
value 0.00098
scoring_system epss
scoring_elements 0.26973
published_at 2026-06-07T12:55:00Z
4
value 0.00098
scoring_system epss
scoring_elements 0.26924
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2007-3304
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3304
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3304
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=245111
reference_id 245111
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=245111
4
reference_url https://httpd.apache.org/security/json/CVE-2007-3304.json
reference_id CVE-2007-3304
reference_type
scores
0
value moderate
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2007-3304.json
5
reference_url https://security.gentoo.org/glsa/200711-06
reference_id GLSA-200711-06
reference_type
scores
url https://security.gentoo.org/glsa/200711-06
6
reference_url https://access.redhat.com/errata/RHSA-2007:0532
reference_id RHSA-2007:0532
reference_type
scores
url https://access.redhat.com/errata/RHSA-2007:0532
7
reference_url https://access.redhat.com/errata/RHSA-2007:0556
reference_id RHSA-2007:0556
reference_type
scores
url https://access.redhat.com/errata/RHSA-2007:0556
8
reference_url https://access.redhat.com/errata/RHSA-2007:0557
reference_id RHSA-2007:0557
reference_type
scores
url https://access.redhat.com/errata/RHSA-2007:0557
9
reference_url https://access.redhat.com/errata/RHSA-2007:0662
reference_id RHSA-2007:0662
reference_type
scores
url https://access.redhat.com/errata/RHSA-2007:0662
10
reference_url https://access.redhat.com/errata/RHSA-2008:0263
reference_id RHSA-2008:0263
reference_type
scores
url https://access.redhat.com/errata/RHSA-2008:0263
11
reference_url https://access.redhat.com/errata/RHSA-2008:0523
reference_id RHSA-2008:0523
reference_type
scores
url https://access.redhat.com/errata/RHSA-2008:0523
12
reference_url https://usn.ubuntu.com/499-1/
reference_id USN-499-1
reference_type
scores
url https://usn.ubuntu.com/499-1/
fixed_packages
aliases CVE-2007-3304
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-q44z-7zkg-8yf9
25
url VCID-q9d7-7krq-mfdq
vulnerability_id VCID-q9d7-7krq-mfdq
summary A flaw was found in the mod_status module. On sites where the server-status page is publicly accessible and ExtendedStatus is enabled this could lead to a cross-site scripting attack. Note that the server-status page is not enabled by default and it is best practice to not make this publicly available.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-5752.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-5752.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2006-5752
reference_id
reference_type
scores
0
value 0.18368
scoring_system epss
scoring_elements 0.9535
published_at 2026-06-04T12:55:00Z
1
value 0.18368
scoring_system epss
scoring_elements 0.95358
published_at 2026-06-05T12:55:00Z
2
value 0.18368
scoring_system epss
scoring_elements 0.95361
published_at 2026-06-06T12:55:00Z
3
value 0.18368
scoring_system epss
scoring_elements 0.95363
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2006-5752
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5752
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5752
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=245112
reference_id 245112
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=245112
4
reference_url https://httpd.apache.org/security/json/CVE-2006-5752.json
reference_id CVE-2006-5752
reference_type
scores
0
value moderate
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2006-5752.json
5
reference_url https://security.gentoo.org/glsa/200711-06
reference_id GLSA-200711-06
reference_type
scores
url https://security.gentoo.org/glsa/200711-06
6
reference_url https://access.redhat.com/errata/RHSA-2007:0532
reference_id RHSA-2007:0532
reference_type
scores
url https://access.redhat.com/errata/RHSA-2007:0532
7
reference_url https://access.redhat.com/errata/RHSA-2007:0533
reference_id RHSA-2007:0533
reference_type
scores
url https://access.redhat.com/errata/RHSA-2007:0533
8
reference_url https://access.redhat.com/errata/RHSA-2007:0534
reference_id RHSA-2007:0534
reference_type
scores
url https://access.redhat.com/errata/RHSA-2007:0534
9
reference_url https://access.redhat.com/errata/RHSA-2007:0556
reference_id RHSA-2007:0556
reference_type
scores
url https://access.redhat.com/errata/RHSA-2007:0556
10
reference_url https://access.redhat.com/errata/RHSA-2007:0557
reference_id RHSA-2007:0557
reference_type
scores
url https://access.redhat.com/errata/RHSA-2007:0557
11
reference_url https://access.redhat.com/errata/RHSA-2008:0263
reference_id RHSA-2008:0263
reference_type
scores
url https://access.redhat.com/errata/RHSA-2008:0263
12
reference_url https://access.redhat.com/errata/RHSA-2008:0523
reference_id RHSA-2008:0523
reference_type
scores
url https://access.redhat.com/errata/RHSA-2008:0523
13
reference_url https://usn.ubuntu.com/499-1/
reference_id USN-499-1
reference_type
scores
url https://usn.ubuntu.com/499-1/
fixed_packages
aliases CVE-2006-5752
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-q9d7-7krq-mfdq
26
url VCID-qdvn-uc56-6fds
vulnerability_id VCID-qdvn-uc56-6fds
summary 
Exposure of Sensitive Information in Apache Tomcat
Apache Tomcat 6.0.0 through 6.0.14, 5.5.0 through 5.5.25, and 4.1.0 through 4.1.36 does not properly handle (1) double quote (") characters or (2) %5C (encoded backslash) sequences in a cookie value, which might cause sensitive information such as session IDs to be leaked to remote attackers and enable session hijacking attacks.  NOTE: this issue exists because of an incomplete fix for CVE-2007-3385.
references
0
reference_url http://jvn.jp/jp/JVN%2309470767/index.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://jvn.jp/jp/JVN%2309470767/index.html
1
reference_url http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html
2
reference_url http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html
3
reference_url http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html
4
reference_url http://marc.info/?l=bugtraq&m=139344343412337&w=2
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://marc.info/?l=bugtraq&m=139344343412337&w=2
5
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5333.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5333.json
6
reference_url https://api.first.org/data/v1/epss?cve=CVE-2007-5333
reference_id
reference_type
scores
0
value 0.81599
scoring_system epss
scoring_elements 0.99204
published_at 2026-06-05T12:55:00Z
1
value 0.81599
scoring_system epss
scoring_elements 0.99205
published_at 2026-06-06T12:55:00Z
2
value 0.87527
scoring_system epss
scoring_elements 0.99479
published_at 2026-06-08T12:55:00Z
3
value 0.87527
scoring_system epss
scoring_elements 0.9948
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2007-5333
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=532111
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=532111
8
reference_url http://secunia.com/advisories/28878
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/28878
9
reference_url http://secunia.com/advisories/28884
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/28884
10
reference_url http://secunia.com/advisories/28915
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/28915
11
reference_url http://secunia.com/advisories/29711
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/29711
12
reference_url http://secunia.com/advisories/30676
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/30676
13
reference_url http://secunia.com/advisories/30802
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/30802
14
reference_url http://secunia.com/advisories/32036
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/32036
15
reference_url http://secunia.com/advisories/32222
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/32222
16
reference_url http://secunia.com/advisories/33330
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/33330
17
reference_url http://secunia.com/advisories/37460
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/37460
18
reference_url http://secunia.com/advisories/44183
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/44183
19
reference_url http://secunia.com/advisories/57126
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/57126
20
reference_url http://security.gentoo.org/glsa/glsa-200804-10.xml
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://security.gentoo.org/glsa/glsa-200804-10.xml
21
reference_url http://securityreason.com/securityalert/3636
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://securityreason.com/securityalert/3636
22
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
23
reference_url https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E
24
reference_url https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E
25
reference_url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
26
reference_url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E
27
reference_url https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E
28
reference_url https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E
29
reference_url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
30
reference_url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E
31
reference_url https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@%3Cdev.tomcat.apache.org%3E
32
reference_url https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E
33
reference_url https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3Cdev.tomcat.apache.org%3E
34
reference_url https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E
35
reference_url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
36
reference_url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E
37
reference_url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11177
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11177
38
reference_url http://support.apple.com/kb/HT2163
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://support.apple.com/kb/HT2163
39
reference_url http://support.apple.com/kb/HT3216
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://support.apple.com/kb/HT3216
40
reference_url https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00315.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00315.html
41
reference_url https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00460.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00460.html
42
reference_url http://tomcat.apache.org/security-4.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-4.html
43
reference_url http://tomcat.apache.org/security-5.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-5.html
44
reference_url http://tomcat.apache.org/security-6.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-6.html
45
reference_url http://www-01.ibm.com/support/docview.wss?uid=swg24018932
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www-01.ibm.com/support/docview.wss?uid=swg24018932
46
reference_url http://www-01.ibm.com/support/docview.wss?uid=swg27012047
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www-01.ibm.com/support/docview.wss?uid=swg27012047
47
reference_url http://www-01.ibm.com/support/docview.wss?uid=swg27012048
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www-01.ibm.com/support/docview.wss?uid=swg27012048
48
reference_url http://www-1.ibm.com/support/docview.wss?uid=swg1IZ20133
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www-1.ibm.com/support/docview.wss?uid=swg1IZ20133
49
reference_url http://www-1.ibm.com/support/docview.wss?uid=swg1IZ20991
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www-1.ibm.com/support/docview.wss?uid=swg1IZ20991
50
reference_url http://www.mandriva.com/security/advisories?name=MDVSA-2009:018
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.mandriva.com/security/advisories?name=MDVSA-2009:018
51
reference_url http://www.mandriva.com/security/advisories?name=MDVSA-2010:176
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.mandriva.com/security/advisories?name=MDVSA-2010:176
52
reference_url http://www.redhat.com/docs/en-US/JBoss_Enterprise_Application_Platform/4.2.0.cp08/html-single/Release_Notes/index.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.redhat.com/docs/en-US/JBoss_Enterprise_Application_Platform/4.2.0.cp08/html-single/Release_Notes/index.html
53
reference_url http://www.securityfocus.com/archive/1/487822/100/0/threaded
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/archive/1/487822/100/0/threaded
54
reference_url http://www.securityfocus.com/archive/1/507985/100/0/threaded
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/archive/1/507985/100/0/threaded
55
reference_url http://www.securityfocus.com/bid/27706
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/27706
56
reference_url http://www.securityfocus.com/bid/31681
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/31681
57
reference_url http://www.vmware.com/security/advisories/VMSA-2008-0010.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.vmware.com/security/advisories/VMSA-2008-0010.html
58
reference_url http://www.vmware.com/security/advisories/VMSA-2009-0016.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.vmware.com/security/advisories/VMSA-2009-0016.html
59
reference_url http://www.vupen.com/english/advisories/2008/0488
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.vupen.com/english/advisories/2008/0488
60
reference_url http://www.vupen.com/english/advisories/2008/1856/references
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.vupen.com/english/advisories/2008/1856/references
61
reference_url http://www.vupen.com/english/advisories/2008/1981/references
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.vupen.com/english/advisories/2008/1981/references
62
reference_url http://www.vupen.com/english/advisories/2008/2690
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.vupen.com/english/advisories/2008/2690
63
reference_url http://www.vupen.com/english/advisories/2008/2780
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.vupen.com/english/advisories/2008/2780
64
reference_url http://www.vupen.com/english/advisories/2009/3316
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.vupen.com/english/advisories/2009/3316
65
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=427766
reference_id 427766
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=427766
66
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5333
reference_id CVE-2007-5333
reference_type
scores
0
value Low
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5333
67
reference_url https://nvd.nist.gov/vuln/detail/CVE-2007-5333
reference_id CVE-2007-5333
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2007-5333
68
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/31130.txt
reference_id CVE-2007-5333;OSVDB-41435
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/31130.txt
69
reference_url https://www.securityfocus.com/bid/27706/info
reference_id CVE-2007-5333;OSVDB-41435
reference_type exploit
scores
url https://www.securityfocus.com/bid/27706/info
70
reference_url https://github.com/advisories/GHSA-cww4-vj5r-rx57
reference_id GHSA-cww4-vj5r-rx57
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-cww4-vj5r-rx57
71
reference_url https://security.gentoo.org/glsa/200804-10
reference_id GLSA-200804-10
reference_type
scores
url https://security.gentoo.org/glsa/200804-10
72
reference_url https://access.redhat.com/errata/RHSA-2009:1454
reference_id RHSA-2009:1454
reference_type
scores
url https://access.redhat.com/errata/RHSA-2009:1454
73
reference_url https://access.redhat.com/errata/RHSA-2009:1563
reference_id RHSA-2009:1563
reference_type
scores
url https://access.redhat.com/errata/RHSA-2009:1563
74
reference_url https://access.redhat.com/errata/RHSA-2009:1616
reference_id RHSA-2009:1616
reference_type
scores
url https://access.redhat.com/errata/RHSA-2009:1616
fixed_packages
aliases CVE-2007-5333, GHSA-cww4-vj5r-rx57
risk_score 10.0
exploitability 2.0
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qdvn-uc56-6fds
27
url VCID-qrbz-jgfy-qqhm
vulnerability_id VCID-qrbz-jgfy-qqhm
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0128.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0128.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2008-0128
reference_id
reference_type
scores
0
value 0.03966
scoring_system epss
scoring_elements 0.88585
published_at 2026-06-04T12:55:00Z
1
value 0.03966
scoring_system epss
scoring_elements 0.88603
published_at 2026-06-08T12:55:00Z
2
value 0.03966
scoring_system epss
scoring_elements 0.88605
published_at 2026-06-06T12:55:00Z
3
value 0.03966
scoring_system epss
scoring_elements 0.88604
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2008-0128
2
reference_url https://svn.apache.org/viewvc?view=rev&rev=684900
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=684900
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=429821
reference_id 429821
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=429821
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0128
reference_id CVE-2008-0128
reference_type
scores
0
value Moderate
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0128
5
reference_url https://access.redhat.com/errata/RHSA-2008:0630
reference_id RHSA-2008:0630
reference_type
scores
url https://access.redhat.com/errata/RHSA-2008:0630
fixed_packages
aliases CVE-2008-0128
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qrbz-jgfy-qqhm
28
url VCID-qz87-x4zb-rud7
vulnerability_id VCID-qz87-x4zb-rud7
summary 
Exposure of Sensitive Information to an Unauthorized Actor
Apache Tomcat 6.0.0 to 6.0.13, 5.5.0 to 5.5.24, 5.0.0 to 5.0.30, 4.1.0 to 4.1.36, and 3.3 to 3.3.2 treats single quotes ("'") as delimiters in cookies, which might cause sensitive information such as session IDs to be leaked and allow remote attackers to conduct session hijacking attacks.
references
0
reference_url http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx
1
reference_url http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html
2
reference_url http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html
3
reference_url http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html
4
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3382.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3382.json
5
reference_url https://api.first.org/data/v1/epss?cve=CVE-2007-3382
reference_id
reference_type
scores
0
value 0.81412
scoring_system epss
scoring_elements 0.99194
published_at 2026-06-04T12:55:00Z
1
value 0.81412
scoring_system epss
scoring_elements 0.99196
published_at 2026-06-08T12:55:00Z
2
value 0.81412
scoring_system epss
scoring_elements 0.99195
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2007-3382
6
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/36006
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/36006
7
reference_url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
8
reference_url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
9
reference_url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
10
reference_url http://support.apple.com/kb/HT2163
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://support.apple.com/kb/HT2163
11
reference_url https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00525.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00525.html
12
reference_url http://tomcat.apache.org/security-6.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-6.html
13
reference_url http://www.debian.org/security/2008/dsa-1447
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2008/dsa-1447
14
reference_url http://www.debian.org/security/2008/dsa-1453
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2008/dsa-1453
15
reference_url http://www.redhat.com/support/errata/RHSA-2007-0871.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.redhat.com/support/errata/RHSA-2007-0871.html
16
reference_url http://www.redhat.com/support/errata/RHSA-2007-0950.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.redhat.com/support/errata/RHSA-2007-0950.html
17
reference_url http://www.redhat.com/support/errata/RHSA-2008-0195.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.redhat.com/support/errata/RHSA-2008-0195.html
18
reference_url http://www.redhat.com/support/errata/RHSA-2008-0261.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.redhat.com/support/errata/RHSA-2008-0261.html
19
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=247972
reference_id 247972
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=247972
20
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3382
reference_id CVE-2007-3382
reference_type
scores
0
value Low
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3382
21
reference_url https://nvd.nist.gov/vuln/detail/CVE-2007-3382
reference_id CVE-2007-3382
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2007-3382
22
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/30496.txt
reference_id CVE-2007-3382;OSVDB-37070
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/30496.txt
23
reference_url https://www.securityfocus.com/bid/25316/info
reference_id CVE-2007-3382;OSVDB-37070
reference_type exploit
scores
url https://www.securityfocus.com/bid/25316/info
24
reference_url https://github.com/advisories/GHSA-qff8-g48j-pwpw
reference_id GHSA-qff8-g48j-pwpw
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-qff8-g48j-pwpw
25
reference_url https://access.redhat.com/errata/RHSA-2007:0871
reference_id RHSA-2007:0871
reference_type
scores
url https://access.redhat.com/errata/RHSA-2007:0871
26
reference_url https://access.redhat.com/errata/RHSA-2007:0876
reference_id RHSA-2007:0876
reference_type
scores
url https://access.redhat.com/errata/RHSA-2007:0876
27
reference_url https://access.redhat.com/errata/RHSA-2007:0950
reference_id RHSA-2007:0950
reference_type
scores
url https://access.redhat.com/errata/RHSA-2007:0950
28
reference_url https://access.redhat.com/errata/RHSA-2007:1069
reference_id RHSA-2007:1069
reference_type
scores
url https://access.redhat.com/errata/RHSA-2007:1069
29
reference_url https://access.redhat.com/errata/RHSA-2008:0195
reference_id RHSA-2008:0195
reference_type
scores
url https://access.redhat.com/errata/RHSA-2008:0195
fixed_packages
aliases CVE-2007-3382, GHSA-qff8-g48j-pwpw
risk_score 10.0
exploitability 2.0
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qz87-x4zb-rud7
29
url VCID-r9vj-qa89-hqan
vulnerability_id VCID-r9vj-qa89-hqan
summary An off-by-one overflow flaw was found in the way the bundled copy of the APR-util library processed a variable list of arguments. An attacker could provide a specially-crafted string as input for the formatted output conversion routine, which could, on big-endian platforms, potentially lead to the disclosure of sensitive information or a denial of service.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1956.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1956.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2009-1956
reference_id
reference_type
scores
0
value 0.05415
scoring_system epss
scoring_elements 0.90307
published_at 2026-06-04T12:55:00Z
1
value 0.05415
scoring_system epss
scoring_elements 0.90323
published_at 2026-06-05T12:55:00Z
2
value 0.05415
scoring_system epss
scoring_elements 0.90321
published_at 2026-06-06T12:55:00Z
3
value 0.05415
scoring_system epss
scoring_elements 0.90319
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2009-1956
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1956
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1956
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=504390
reference_id 504390
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=504390
4
reference_url https://httpd.apache.org/security/json/CVE-2009-1956.json
reference_id CVE-2009-1956
reference_type
scores
0
value moderate
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2009-1956.json
5
reference_url https://security.gentoo.org/glsa/200907-03
reference_id GLSA-200907-03
reference_type
scores
url https://security.gentoo.org/glsa/200907-03
6
reference_url https://access.redhat.com/errata/RHSA-2009:1107
reference_id RHSA-2009:1107
reference_type
scores
url https://access.redhat.com/errata/RHSA-2009:1107
7
reference_url https://access.redhat.com/errata/RHSA-2009:1108
reference_id RHSA-2009:1108
reference_type
scores
url https://access.redhat.com/errata/RHSA-2009:1108
8
reference_url https://usn.ubuntu.com/786-1/
reference_id USN-786-1
reference_type
scores
url https://usn.ubuntu.com/786-1/
9
reference_url https://usn.ubuntu.com/787-1/
reference_id USN-787-1
reference_type
scores
url https://usn.ubuntu.com/787-1/
fixed_packages
aliases CVE-2009-1956
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r9vj-qa89-hqan
30
url VCID-rdr4-db3y-p3cz
vulnerability_id VCID-rdr4-db3y-p3cz
summary 
Improper Input Validation
Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18, when the Java AJP connector and mod_jk load balancing are used, allows remote attackers to cause a denial of service (application outage) via a crafted request with invalid headers, related to temporary blocking of connectors that have encountered errors, as demonstrated by an error involving a malformed HTTP Host header.
references
0
reference_url http://jvn.jp/en/jp/JVN87272440/index.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://jvn.jp/en/jp/JVN87272440/index.html
1
reference_url http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html
2
reference_url http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html
3
reference_url http://marc.info/?l=bugtraq&m=127420533226623&w=2
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://marc.info/?l=bugtraq&m=127420533226623&w=2
4
reference_url http://marc.info/?l=bugtraq&m=129070310906557&w=2
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://marc.info/?l=bugtraq&m=129070310906557&w=2
5
reference_url http://marc.info/?l=bugtraq&m=133469267822771&w=2
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://marc.info/?l=bugtraq&m=133469267822771&w=2
6
reference_url http://marc.info/?l=bugtraq&m=136485229118404&w=2
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://marc.info/?l=bugtraq&m=136485229118404&w=2
7
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0033.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0033.json
8
reference_url https://api.first.org/data/v1/epss?cve=CVE-2009-0033
reference_id
reference_type
scores
0
value 0.13832
scoring_system epss
scoring_elements 0.94436
published_at 2026-06-06T12:55:00Z
1
value 0.13832
scoring_system epss
scoring_elements 0.94425
published_at 2026-06-04T12:55:00Z
2
value 0.13832
scoring_system epss
scoring_elements 0.94433
published_at 2026-06-05T12:55:00Z
3
value 0.17506
scoring_system epss
scoring_elements 0.95211
published_at 2026-06-08T12:55:00Z
4
value 0.17506
scoring_system epss
scoring_elements 0.95212
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2009-0033
9
reference_url http://securitytracker.com/id?1022331
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://securitytracker.com/id?1022331
10
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/50928
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/50928
11
reference_url https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E
13
reference_url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
14
reference_url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E
15
reference_url https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E
16
reference_url https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E
17
reference_url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
18
reference_url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E
19
reference_url https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@%3Cdev.tomcat.apache.org%3E
20
reference_url https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E
21
reference_url https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3Cdev.tomcat.apache.org%3E
22
reference_url https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E
23
reference_url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
24
reference_url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E
25
reference_url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10231
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10231
26
reference_url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19110
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19110
27
reference_url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5739
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5739
28
reference_url https://svn.apache.org/viewvc?view=rev&rev=742915
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=742915
29
reference_url https://svn.apache.org/viewvc?view=rev&rev=781362
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=781362
30
reference_url http://sunsolve.sun.com/search/document.do?assetkey=1-26-263529-1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://sunsolve.sun.com/search/document.do?assetkey=1-26-263529-1
31
reference_url http://support.apple.com/kb/HT4077
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://support.apple.com/kb/HT4077
32
reference_url http://svn.apache.org/viewvc?rev=742915&view=rev
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://svn.apache.org/viewvc?rev=742915&view=rev
33
reference_url http://svn.apache.org/viewvc?rev=781362&view=rev
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://svn.apache.org/viewvc?rev=781362&view=rev
34
reference_url https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01156.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01156.html
35
reference_url https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01216.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01216.html
36
reference_url https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01246.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01246.html
37
reference_url http://tomcat.apache.org/security-4.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-4.html
38
reference_url http://tomcat.apache.org/security-5.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-5.html
39
reference_url http://tomcat.apache.org/security-6.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-6.html
40
reference_url http://www.debian.org/security/2011/dsa-2207
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2011/dsa-2207
41
reference_url http://www.mandriva.com/security/advisories?name=MDVSA-2009:136
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.mandriva.com/security/advisories?name=MDVSA-2009:136
42
reference_url http://www.mandriva.com/security/advisories?name=MDVSA-2009:138
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.mandriva.com/security/advisories?name=MDVSA-2009:138
43
reference_url http://www.mandriva.com/security/advisories?name=MDVSA-2010:176
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.mandriva.com/security/advisories?name=MDVSA-2010:176
44
reference_url http://www.securityfocus.com/archive/1/504044/100/0/threaded
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/archive/1/504044/100/0/threaded
45
reference_url http://www.securityfocus.com/archive/1/507985/100/0/threaded
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/archive/1/507985/100/0/threaded
46
reference_url http://www.securityfocus.com/bid/35193
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/35193
47
reference_url http://www.vmware.com/security/advisories/VMSA-2009-0016.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.vmware.com/security/advisories/VMSA-2009-0016.html
48
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=493381
reference_id 493381
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=493381
49
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0033
reference_id CVE-2009-0033
reference_type
scores
0
value Important
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0033
50
reference_url https://nvd.nist.gov/vuln/detail/CVE-2009-0033
reference_id CVE-2009-0033
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2009-0033
51
reference_url https://github.com/advisories/GHSA-5cw4-ggx9-36vg
reference_id GHSA-5cw4-ggx9-36vg
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-5cw4-ggx9-36vg
52
reference_url https://security.gentoo.org/glsa/201206-24
reference_id GLSA-201206-24
reference_type
scores
url https://security.gentoo.org/glsa/201206-24
53
reference_url https://access.redhat.com/errata/RHSA-2009:1454
reference_id RHSA-2009:1454
reference_type
scores
url https://access.redhat.com/errata/RHSA-2009:1454
54
reference_url https://access.redhat.com/errata/RHSA-2009:1506
reference_id RHSA-2009:1506
reference_type
scores
url https://access.redhat.com/errata/RHSA-2009:1506
55
reference_url https://access.redhat.com/errata/RHSA-2009:1563
reference_id RHSA-2009:1563
reference_type
scores
url https://access.redhat.com/errata/RHSA-2009:1563
56
reference_url https://access.redhat.com/errata/RHSA-2009:1616
reference_id RHSA-2009:1616
reference_type
scores
url https://access.redhat.com/errata/RHSA-2009:1616
57
reference_url https://access.redhat.com/errata/RHSA-2009:1617
reference_id RHSA-2009:1617
reference_type
scores
url https://access.redhat.com/errata/RHSA-2009:1617
58
reference_url https://usn.ubuntu.com/788-1/
reference_id USN-788-1
reference_type
scores
url https://usn.ubuntu.com/788-1/
fixed_packages
aliases CVE-2009-0033, GHSA-5cw4-ggx9-36vg
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rdr4-db3y-p3cz
31
url VCID-sdqm-5fw4-b3dp
vulnerability_id VCID-sdqm-5fw4-b3dp
summary Multiple buffer overflows in the MSGFunctionDemarshall function in winscard_svc.c in the PC/SC Smart Card daemon (aka PCSCD) in MUSCLE PCSC-Lite before 1.5.4 allow local users to gain privileges via crafted message data, which is improperly demarshalled.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0407.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0407.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2010-0407
reference_id
reference_type
scores
0
value 0.00031
scoring_system epss
scoring_elements 0.09378
published_at 2026-06-04T12:55:00Z
1
value 0.00031
scoring_system epss
scoring_elements 0.09423
published_at 2026-06-05T12:55:00Z
2
value 0.00031
scoring_system epss
scoring_elements 0.0944
published_at 2026-06-06T12:55:00Z
3
value 0.00031
scoring_system epss
scoring_elements 0.09425
published_at 2026-06-07T12:55:00Z
4
value 0.00031
scoring_system epss
scoring_elements 0.09366
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2010-0407
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0407
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0407
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=596426
reference_id 596426
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=596426
4
reference_url https://access.redhat.com/errata/RHSA-2010:0533
reference_id RHSA-2010:0533
reference_type
scores
url https://access.redhat.com/errata/RHSA-2010:0533
5
reference_url https://usn.ubuntu.com/969-1/
reference_id USN-969-1
reference_type
scores
url https://usn.ubuntu.com/969-1/
fixed_packages
aliases CVE-2010-0407
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sdqm-5fw4-b3dp
32
url VCID-t4mh-zvhq-27du
vulnerability_id VCID-t4mh-zvhq-27du
summary 
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16, when a RequestDispatcher is used, performs path normalization before removing the query string from the URI, which allows remote attackers to conduct directory traversal attacks and read arbitrary files via a .. (dot dot) in a request parameter.
references
0
reference_url http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html
2
reference_url http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html
3
reference_url http://marc.info/?l=bugtraq&m=123376588623823&w=2
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://marc.info/?l=bugtraq&m=123376588623823&w=2
4
reference_url http://marc.info/?l=bugtraq&m=139344343412337&w=2
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://marc.info/?l=bugtraq&m=139344343412337&w=2
5
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2370.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2370.json
6
reference_url https://api.first.org/data/v1/epss?cve=CVE-2008-2370
reference_id
reference_type
scores
0
value 0.87959
scoring_system epss
scoring_elements 0.99495
published_at 2026-06-04T12:55:00Z
1
value 0.87959
scoring_system epss
scoring_elements 0.99497
published_at 2026-06-07T12:55:00Z
2
value 0.87959
scoring_system epss
scoring_elements 0.99496
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2008-2370
7
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/44156
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/44156
8
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
9
reference_url https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E
10
reference_url https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E
11
reference_url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E
13
reference_url https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E
14
reference_url https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E
15
reference_url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
16
reference_url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E
17
reference_url https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@%3Cdev.tomcat.apache.org%3E
18
reference_url https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E
19
reference_url https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3Cdev.tomcat.apache.org%3E
20
reference_url https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E
21
reference_url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
22
reference_url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E
23
reference_url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10577
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10577
24
reference_url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5876
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5876
25
reference_url https://svn.apache.org/viewvc?view=rev&rev=673839
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=673839
26
reference_url https://svn.apache.org/viewvc?view=rev&rev=680949
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=680949
27
reference_url https://svn.apache.org/viewvc?view=rev&rev=680950
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=680950
28
reference_url http://support.apple.com/kb/HT3216
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://support.apple.com/kb/HT3216
29
reference_url http://support.avaya.com/elmodocs2/security/ASA-2008-401.htm
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://support.avaya.com/elmodocs2/security/ASA-2008-401.htm
30
reference_url https://web.archive.org/web/20080827150120/http://securityreason.com/securityalert/4099
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20080827150120/http://securityreason.com/securityalert/4099
31
reference_url https://web.archive.org/web/20090201124618/http://secunia.com/advisories/31381
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20090201124618/http://secunia.com/advisories/31381
32
reference_url https://web.archive.org/web/20090201124623/http://secunia.com/advisories/31639
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20090201124623/http://secunia.com/advisories/31639
33
reference_url https://web.archive.org/web/20090201124633/http://secunia.com/advisories/31891
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20090201124633/http://secunia.com/advisories/31891
34
reference_url https://web.archive.org/web/20090201124638/http://secunia.com/advisories/32120
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20090201124638/http://secunia.com/advisories/32120
35
reference_url https://web.archive.org/web/20090201124957/http://secunia.com/advisories/31982
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20090201124957/http://secunia.com/advisories/31982
36
reference_url https://web.archive.org/web/20090201125002/http://secunia.com/advisories/32266
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20090201125002/http://secunia.com/advisories/32266
37
reference_url https://web.archive.org/web/20090201141000/http://secunia.com/advisories/32222
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20090201141000/http://secunia.com/advisories/32222
38
reference_url https://web.archive.org/web/20090207111236/http://secunia.com/advisories/33797
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20090207111236/http://secunia.com/advisories/33797
39
reference_url https://web.archive.org/web/20090225175903/http://secunia.com/advisories/33999
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20090225175903/http://secunia.com/advisories/33999
40
reference_url https://web.archive.org/web/20090228074535/http://secunia.com/advisories/31379
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20090228074535/http://secunia.com/advisories/31379
41
reference_url https://web.archive.org/web/20090228074540/http://secunia.com/advisories/34013
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20090228074540/http://secunia.com/advisories/34013
42
reference_url https://web.archive.org/web/20090308065055/http://secunia.com/advisories/31865
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20090308065055/http://secunia.com/advisories/31865
43
reference_url https://web.archive.org/web/20090811003155/http://secunia.com/advisories/35393
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20090811003155/http://secunia.com/advisories/35393
44
reference_url https://web.archive.org/web/20090828023853/http://secunia.com/advisories/36249
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20090828023853/http://secunia.com/advisories/36249
45
reference_url https://web.archive.org/web/20100706231759/http://secunia.com/advisories/37460
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20100706231759/http://secunia.com/advisories/37460
46
reference_url https://web.archive.org/web/20110714083521/http://www.securitytracker.com/id?1020623
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20110714083521/http://www.securitytracker.com/id?1020623
47
reference_url https://web.archive.org/web/20110714174318/http://www.securityfocus.com/bid/30494
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20110714174318/http://www.securityfocus.com/bid/30494
48
reference_url https://web.archive.org/web/20120719164745/http://www.securityfocus.com/archive/1/495022/100/0/threaded
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20120719164745/http://www.securityfocus.com/archive/1/495022/100/0/threaded
49
reference_url https://web.archive.org/web/20120724210029/http://www.securityfocus.com/bid/31681
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20120724210029/http://www.securityfocus.com/bid/31681
50
reference_url https://web.archive.org/web/20140723000733/http://secunia.com/advisories/57126
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20140723000733/http://secunia.com/advisories/57126
51
reference_url https://web.archive.org/web/20150621204350/http://www.securityfocus.com/archive/1/507985/100/0/threaded
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20150621204350/http://www.securityfocus.com/archive/1/507985/100/0/threaded
52
reference_url https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00712.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00712.html
53
reference_url https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00859.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00859.html
54
reference_url https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00889.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00889.html
55
reference_url http://tomcat.apache.org/security-4.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-4.html
56
reference_url http://tomcat.apache.org/security-5.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-5.html
57
reference_url http://tomcat.apache.org/security-6.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-6.html
58
reference_url http://www.fujitsu.com/global/support/software/security/products-f/interstage-200902e.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.fujitsu.com/global/support/software/security/products-f/interstage-200902e.html
59
reference_url http://www.mandriva.com/security/advisories?name=MDVSA-2008:188
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.mandriva.com/security/advisories?name=MDVSA-2008:188
60
reference_url http://www.redhat.com/support/errata/RHSA-2008-0648.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.redhat.com/support/errata/RHSA-2008-0648.html
61
reference_url http://www.redhat.com/support/errata/RHSA-2008-0862.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.redhat.com/support/errata/RHSA-2008-0862.html
62
reference_url http://www.redhat.com/support/errata/RHSA-2008-0864.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.redhat.com/support/errata/RHSA-2008-0864.html
63
reference_url http://www.vmware.com/security/advisories/VMSA-2009-0002.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.vmware.com/security/advisories/VMSA-2009-0002.html
64
reference_url http://www.vmware.com/security/advisories/VMSA-2009-0016.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.vmware.com/security/advisories/VMSA-2009-0016.html
65
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=457934
reference_id 457934
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=457934
66
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2370
reference_id CVE-2008-2370
reference_type
scores
0
value Important
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2370
67
reference_url https://nvd.nist.gov/vuln/detail/CVE-2008-2370
reference_id CVE-2008-2370
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2008-2370
68
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/32137.txt
reference_id CVE-2008-2370;OSVDB-47463
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/32137.txt
69
reference_url https://www.securityfocus.com/bid/30494/info
reference_id CVE-2008-2370;OSVDB-47463
reference_type exploit
scores
url https://www.securityfocus.com/bid/30494/info
70
reference_url https://github.com/advisories/GHSA-m8h8-6rvg-f4mg
reference_id GHSA-m8h8-6rvg-f4mg
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-m8h8-6rvg-f4mg
fixed_packages
aliases CVE-2008-2370, GHSA-m8h8-6rvg-f4mg
risk_score 10.0
exploitability 2.0
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-t4mh-zvhq-27du
33
url VCID-uwuf-vukf-cqck
vulnerability_id VCID-uwuf-vukf-cqck
summary 
Apache Tomcat Mishandles Character Sequence in Cookies
Apache Tomcat 6.0.0 to 6.0.13, 5.5.0 to 5.5.24, 5.0.0 to 5.0.30, 4.1.0 to 4.1.36, and 3.3 to 3.3.2 does not properly handle the `\"` character sequence in a cookie value, which might cause sensitive information such as session IDs to be leaked to remote attackers and enable session hijacking attacks.
references
0
reference_url http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx
1
reference_url http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795
2
reference_url http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01192554
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01192554
3
reference_url http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html
4
reference_url http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html
5
reference_url http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html
6
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3385.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3385.json
7
reference_url https://api.first.org/data/v1/epss?cve=CVE-2007-3385
reference_id
reference_type
scores
0
value 0.74714
scoring_system epss
scoring_elements 0.98882
published_at 2026-06-07T12:55:00Z
1
value 0.74714
scoring_system epss
scoring_elements 0.98883
published_at 2026-06-06T12:55:00Z
2
value 0.74714
scoring_system epss
scoring_elements 0.9888
published_at 2026-06-04T12:55:00Z
3
value 0.74714
scoring_system epss
scoring_elements 0.98881
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2007-3385
8
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/35999
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/35999
9
reference_url https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E
10
reference_url https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E
11
reference_url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E
13
reference_url https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E
14
reference_url https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E
15
reference_url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
16
reference_url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E
17
reference_url https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@%3Cdev.tomcat.apache.org%3E
18
reference_url https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E
19
reference_url https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3Cdev.tomcat.apache.org%3E
20
reference_url https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E
21
reference_url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
22
reference_url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E
23
reference_url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9549
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9549
24
reference_url http://support.apple.com/kb/HT2163
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://support.apple.com/kb/HT2163
25
reference_url http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540
26
reference_url https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00525.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00525.html
27
reference_url http://tomcat.apache.org/security-6.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-6.html
28
reference_url http://www-01.ibm.com/support/docview.wss?uid=swg1IZ55562
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www-01.ibm.com/support/docview.wss?uid=swg1IZ55562
29
reference_url http://www.debian.org/security/2008/dsa-1447
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2008/dsa-1447
30
reference_url http://www.debian.org/security/2008/dsa-1453
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2008/dsa-1453
31
reference_url http://www.kb.cert.org/vuls/id/993544
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.kb.cert.org/vuls/id/993544
32
reference_url http://www.mandriva.com/security/advisories?name=MDKSA-2007:241
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.mandriva.com/security/advisories?name=MDKSA-2007:241
33
reference_url http://www.redhat.com/support/errata/RHSA-2007-0871.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.redhat.com/support/errata/RHSA-2007-0871.html
34
reference_url http://www.redhat.com/support/errata/RHSA-2007-0950.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.redhat.com/support/errata/RHSA-2007-0950.html
35
reference_url http://www.redhat.com/support/errata/RHSA-2008-0195.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.redhat.com/support/errata/RHSA-2008-0195.html
36
reference_url http://www.redhat.com/support/errata/RHSA-2008-0261.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.redhat.com/support/errata/RHSA-2008-0261.html
37
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=247976
reference_id 247976
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=247976
38
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3385
reference_id CVE-2007-3385
reference_type
scores
0
value Low
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3385
39
reference_url https://nvd.nist.gov/vuln/detail/CVE-2007-3385
reference_id CVE-2007-3385
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2007-3385
40
reference_url https://github.com/advisories/GHSA-6j8f-66vh-39mj
reference_id GHSA-6j8f-66vh-39mj
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-6j8f-66vh-39mj
41
reference_url https://access.redhat.com/errata/RHSA-2007:0871
reference_id RHSA-2007:0871
reference_type
scores
url https://access.redhat.com/errata/RHSA-2007:0871
42
reference_url https://access.redhat.com/errata/RHSA-2007:0876
reference_id RHSA-2007:0876
reference_type
scores
url https://access.redhat.com/errata/RHSA-2007:0876
43
reference_url https://access.redhat.com/errata/RHSA-2007:0950
reference_id RHSA-2007:0950
reference_type
scores
url https://access.redhat.com/errata/RHSA-2007:0950
44
reference_url https://access.redhat.com/errata/RHSA-2007:1069
reference_id RHSA-2007:1069
reference_type
scores
url https://access.redhat.com/errata/RHSA-2007:1069
45
reference_url https://access.redhat.com/errata/RHSA-2008:0195
reference_id RHSA-2008:0195
reference_type
scores
url https://access.redhat.com/errata/RHSA-2008:0195
fixed_packages
aliases CVE-2007-3385, GHSA-6j8f-66vh-39mj
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uwuf-vukf-cqck
34
url VCID-vage-19ug-kkh9
vulnerability_id VCID-vage-19ug-kkh9
summary Buffer overflow in the polymorphic opcode support in the Regular Expression Engine (regcomp.c) in Perl 5.8 allows context-dependent attackers to execute arbitrary code by switching from byte to Unicode (UTF) characters in a regular expression.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5116.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5116.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2007-5116
reference_id
reference_type
scores
0
value 0.08802
scoring_system epss
scoring_elements 0.92671
published_at 2026-06-04T12:55:00Z
1
value 0.08802
scoring_system epss
scoring_elements 0.92683
published_at 2026-06-05T12:55:00Z
2
value 0.08802
scoring_system epss
scoring_elements 0.92679
published_at 2026-06-06T12:55:00Z
3
value 0.08802
scoring_system epss
scoring_elements 0.92674
published_at 2026-06-07T12:55:00Z
4
value 0.08802
scoring_system epss
scoring_elements 0.92672
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2007-5116
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5116
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5116
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=323571
reference_id 323571
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=323571
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=450794
reference_id 450794
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=450794
5
reference_url https://security.gentoo.org/glsa/200711-28
reference_id GLSA-200711-28
reference_type
scores
url https://security.gentoo.org/glsa/200711-28
6
reference_url https://security.gentoo.org/glsa/201412-11
reference_id GLSA-201412-11
reference_type
scores
url https://security.gentoo.org/glsa/201412-11
7
reference_url https://access.redhat.com/errata/RHSA-2007:0966
reference_id RHSA-2007:0966
reference_type
scores
url https://access.redhat.com/errata/RHSA-2007:0966
8
reference_url https://access.redhat.com/errata/RHSA-2007:1011
reference_id RHSA-2007:1011
reference_type
scores
url https://access.redhat.com/errata/RHSA-2007:1011
9
reference_url https://usn.ubuntu.com/552-1/
reference_id USN-552-1
reference_type
scores
url https://usn.ubuntu.com/552-1/
fixed_packages
aliases CVE-2007-5116
risk_score 0.1
exploitability 0.5
weighted_severity 0.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vage-19ug-kkh9
35
url VCID-w6ay-nzvg-zbff
vulnerability_id VCID-w6ay-nzvg-zbff
summary 
Apache Tomcat Vulnerable to Denial of Service (DoS) via Simultaneous Requests
Apache Tomcat 5.5.0 to 5.5.11 allows remote attackers to cause a denial of service (CPU consumption) via a large number of simultaneous requests to list a web directory that has a large number of files.
references
0
reference_url http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-3510.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-3510.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2005-3510
reference_id
reference_type
scores
0
value 0.20508
scoring_system epss
scoring_elements 0.95679
published_at 2026-06-06T12:55:00Z
1
value 0.20508
scoring_system epss
scoring_elements 0.9567
published_at 2026-06-04T12:55:00Z
2
value 0.20508
scoring_system epss
scoring_elements 0.95676
published_at 2026-06-05T12:55:00Z
3
value 0.20508
scoring_system epss
scoring_elements 0.95681
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2005-3510
3
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
4
reference_url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
5
reference_url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E
6
reference_url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
7
reference_url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E
8
reference_url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
9
reference_url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E
10
reference_url http://sunsolve.sun.com/search/document.do?assetkey=1-26-239312-1
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://sunsolve.sun.com/search/document.do?assetkey=1-26-239312-1
11
reference_url http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540
12
reference_url https://web.archive.org/web/20200228054210/http://www.securityfocus.com/archive/1/415782/30/0/threaded
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200228054210/http://www.securityfocus.com/archive/1/415782/30/0/threaded
13
reference_url https://web.archive.org/web/20200229175931/http://www.securityfocus.com/bid/15325
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200229175931/http://www.securityfocus.com/bid/15325
14
reference_url https://web.archive.org/web/20200517122628/http://www.securityfocus.com/archive/1/500396/100/0/threaded
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200517122628/http://www.securityfocus.com/archive/1/500396/100/0/threaded
15
reference_url https://web.archive.org/web/20200517153851/http://www.securityfocus.com/archive/1/500412/100/0/threaded
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200517153851/http://www.securityfocus.com/archive/1/500412/100/0/threaded
16
reference_url https://web.archive.org/web/20200922015809/http://securitytracker.com/id?1015147
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200922015809/http://securitytracker.com/id?1015147
17
reference_url http://tomcat.apache.org/security-4.html
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-4.html
18
reference_url http://tomcat.apache.org/security-5.html
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-5.html
19
reference_url http://www.redhat.com/support/errata/RHSA-2006-0161.html
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.redhat.com/support/errata/RHSA-2006-0161.html
20
reference_url http://www.redhat.com/support/errata/RHSA-2008-0261.html
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.redhat.com/support/errata/RHSA-2008-0261.html
21
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=237085
reference_id 237085
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=237085
22
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3510
reference_id CVE-2005-3510
reference_type
scores
0
value Important
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3510
23
reference_url https://nvd.nist.gov/vuln/detail/CVE-2005-3510
reference_id CVE-2005-3510
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2005-3510
24
reference_url https://github.com/advisories/GHSA-8f4w-jwqv-5cxc
reference_id GHSA-8f4w-jwqv-5cxc
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-8f4w-jwqv-5cxc
25
reference_url https://access.redhat.com/errata/RHSA-2006:0161
reference_id RHSA-2006:0161
reference_type
scores
url https://access.redhat.com/errata/RHSA-2006:0161
26
reference_url https://access.redhat.com/errata/RHSA-2007:1069
reference_id RHSA-2007:1069
reference_type
scores
url https://access.redhat.com/errata/RHSA-2007:1069
fixed_packages
aliases CVE-2005-3510, GHSA-8f4w-jwqv-5cxc
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-w6ay-nzvg-zbff
36
url VCID-wg7f-pjmn-uudk
vulnerability_id VCID-wg7f-pjmn-uudk
summary 
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Cross-site scripting (XSS) vulnerability in Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16 allows remote attackers to inject arbitrary web script or HTML via a crafted string that is used in the message argument to the HttpServletResponse.sendError method.
references
0
reference_url http://community.ca.com/blogs/casecurityresponseblog/archive/2009/06/15/ca20090615-02-ca-service-desk-tomcat-cross-site-scripting-vulnerability.aspx
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://community.ca.com/blogs/casecurityresponseblog/archive/2009/06/15/ca20090615-02-ca-service-desk-tomcat-cross-site-scripting-vulnerability.aspx
1
reference_url http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html
2
reference_url http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html
3
reference_url http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html
4
reference_url http://marc.info/?l=bugtraq&m=123376588623823&w=2
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://marc.info/?l=bugtraq&m=123376588623823&w=2
5
reference_url http://marc.info/?l=bugtraq&m=139344343412337&w=2
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://marc.info/?l=bugtraq&m=139344343412337&w=2
6
reference_url https://access.redhat.com/errata/RHSA-2008:0648
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2008:0648
7
reference_url https://access.redhat.com/errata/RHSA-2008:0862
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2008:0862
8
reference_url https://access.redhat.com/errata/RHSA-2008:0864
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2008:0864
9
reference_url https://access.redhat.com/errata/RHSA-2008:0877
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2008:0877
10
reference_url https://access.redhat.com/errata/RHSA-2008:1007
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2008:1007
11
reference_url https://access.redhat.com/errata/RHSA-2010:0602
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2010:0602
12
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1232.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1232.json
13
reference_url https://api.first.org/data/v1/epss?cve=CVE-2008-1232
reference_id
reference_type
scores
0
value 0.38145
scoring_system epss
scoring_elements 0.9731
published_at 2026-06-05T12:55:00Z
1
value 0.38145
scoring_system epss
scoring_elements 0.97306
published_at 2026-06-04T12:55:00Z
2
value 0.38145
scoring_system epss
scoring_elements 0.97312
published_at 2026-06-07T12:55:00Z
3
value 0.38145
scoring_system epss
scoring_elements 0.97313
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2008-1232
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=457597
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=457597
15
reference_url http://secunia.com/advisories/31379
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/31379
16
reference_url http://secunia.com/advisories/31381
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/31381
17
reference_url http://secunia.com/advisories/31639
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/31639
18
reference_url http://secunia.com/advisories/31865
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/31865
19
reference_url http://secunia.com/advisories/31891
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/31891
20
reference_url http://secunia.com/advisories/31982
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/31982
21
reference_url http://secunia.com/advisories/32120
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/32120
22
reference_url http://secunia.com/advisories/32222
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/32222
23
reference_url http://secunia.com/advisories/32266
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/32266
24
reference_url http://secunia.com/advisories/33797
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/33797
25
reference_url http://secunia.com/advisories/33999
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/33999
26
reference_url http://secunia.com/advisories/34013
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/34013
27
reference_url http://secunia.com/advisories/35474
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/35474
28
reference_url http://secunia.com/advisories/36108
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/36108
29
reference_url http://secunia.com/advisories/37460
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/37460
30
reference_url http://secunia.com/advisories/57126
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/57126
31
reference_url http://securityreason.com/securityalert/4098
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://securityreason.com/securityalert/4098
32
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/44155
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/44155
33
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
34
reference_url https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E
35
reference_url https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E
36
reference_url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
37
reference_url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E
38
reference_url https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E
39
reference_url https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E
40
reference_url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
41
reference_url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E
42
reference_url https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@%3Cdev.tomcat.apache.org%3E
43
reference_url https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E
44
reference_url https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3Cdev.tomcat.apache.org%3E
45
reference_url https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E
46
reference_url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
47
reference_url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E
48
reference_url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11181
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11181
49
reference_url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5985
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5985
50
reference_url https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=209500
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=209500
51
reference_url https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=214095
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=214095
52
reference_url https://svn.apache.org/viewvc?view=rev&rev=673834
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=673834
53
reference_url https://svn.apache.org/viewvc?view=rev&rev=680947
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=680947
54
reference_url http://support.apple.com/kb/HT3216
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://support.apple.com/kb/HT3216
55
reference_url http://support.avaya.com/elmodocs2/security/ASA-2008-401.htm
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://support.avaya.com/elmodocs2/security/ASA-2008-401.htm
56
reference_url https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00712.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00712.html
57
reference_url https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00859.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00859.html
58
reference_url https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00889.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00889.html
59
reference_url http://tomcat.apache.org/security-4.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-4.html
60
reference_url http://tomcat.apache.org/security-5.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-5.html
61
reference_url http://tomcat.apache.org/security-6.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-6.html
62
reference_url http://www.mandriva.com/security/advisories?name=MDVSA-2008:188
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.mandriva.com/security/advisories?name=MDVSA-2008:188
63
reference_url http://www.redhat.com/support/errata/RHSA-2008-0648.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.redhat.com/support/errata/RHSA-2008-0648.html
64
reference_url http://www.redhat.com/support/errata/RHSA-2008-0862.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.redhat.com/support/errata/RHSA-2008-0862.html
65
reference_url http://www.redhat.com/support/errata/RHSA-2008-0864.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.redhat.com/support/errata/RHSA-2008-0864.html
66
reference_url http://www.securityfocus.com/archive/1/495021/100/0/threaded
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/archive/1/495021/100/0/threaded
67
reference_url http://www.securityfocus.com/archive/1/504351/100/0/threaded
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/archive/1/504351/100/0/threaded
68
reference_url http://www.securityfocus.com/archive/1/505556/100/0/threaded
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/archive/1/505556/100/0/threaded
69
reference_url http://www.securityfocus.com/archive/1/507985/100/0/threaded
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/archive/1/507985/100/0/threaded
70
reference_url http://www.securityfocus.com/bid/30496
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/30496
71
reference_url http://www.securityfocus.com/bid/31681
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/31681
72
reference_url http://www.securitytracker.com/id?1020622
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securitytracker.com/id?1020622
73
reference_url http://www.vmware.com/security/advisories/VMSA-2009-0002.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.vmware.com/security/advisories/VMSA-2009-0002.html
74
reference_url http://www.vmware.com/security/advisories/VMSA-2009-0016.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.vmware.com/security/advisories/VMSA-2009-0016.html
75
reference_url http://www.vupen.com/english/advisories/2008/2305
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.vupen.com/english/advisories/2008/2305
76
reference_url http://www.vupen.com/english/advisories/2008/2780
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.vupen.com/english/advisories/2008/2780
77
reference_url http://www.vupen.com/english/advisories/2008/2823
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.vupen.com/english/advisories/2008/2823
78
reference_url http://www.vupen.com/english/advisories/2009/0320
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.vupen.com/english/advisories/2009/0320
79
reference_url http://www.vupen.com/english/advisories/2009/0503
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.vupen.com/english/advisories/2009/0503
80
reference_url http://www.vupen.com/english/advisories/2009/1609
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.vupen.com/english/advisories/2009/1609
81
reference_url http://www.vupen.com/english/advisories/2009/2194
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.vupen.com/english/advisories/2009/2194
82
reference_url http://www.vupen.com/english/advisories/2009/3316
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.vupen.com/english/advisories/2009/3316
83
reference_url https://access.redhat.com/security/cve/CVE-2008-1232
reference_id CVE-2008-1232
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2008-1232
84
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1232
reference_id CVE-2008-1232
reference_type
scores
0
value Low
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1232
85
reference_url https://nvd.nist.gov/vuln/detail/CVE-2008-1232
reference_id CVE-2008-1232
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2008-1232
86
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/32138.txt
reference_id CVE-2008-1232;OSVDB-47462
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/32138.txt
87
reference_url https://www.securityfocus.com/bid/30496/info
reference_id CVE-2008-1232;OSVDB-47462
reference_type exploit
scores
url https://www.securityfocus.com/bid/30496/info
88
reference_url https://github.com/advisories/GHSA-q74x-qqhr-f8rx
reference_id GHSA-q74x-qqhr-f8rx
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-q74x-qqhr-f8rx
fixed_packages
aliases CVE-2008-1232, GHSA-q74x-qqhr-f8rx
risk_score 10.0
exploitability 2.0
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wg7f-pjmn-uudk
37
url VCID-ywm9-1fbh-5qen
vulnerability_id VCID-ywm9-1fbh-5qen
summary A flaw in the core subrequest process code was fixed, to always provide a shallow copy of the headers_in array to the subrequest, instead of a pointer to the parent request's array as it had for requests without request bodies. This meant all modules such as mod_headers which may manipulate the input headers for a subrequest would poison the parent request in two ways, one by modifying the parent request, which might not be intended, and second by leaving pointers to modified header fields in memory allocated to the subrequest scope, which could be freed before the main request processing was finished, resulting in a segfault or in revealing data from another request on threaded servers, such as the worker or winnt MPMs.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0434.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0434.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2010-0434
reference_id
reference_type
scores
0
value 0.0539
scoring_system epss
scoring_elements 0.90285
published_at 2026-06-04T12:55:00Z
1
value 0.0539
scoring_system epss
scoring_elements 0.903
published_at 2026-06-06T12:55:00Z
2
value 0.0539
scoring_system epss
scoring_elements 0.90298
published_at 2026-06-07T12:55:00Z
3
value 0.0539
scoring_system epss
scoring_elements 0.90297
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2010-0434
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0434
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0434
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=570171
reference_id 570171
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=570171
4
reference_url https://httpd.apache.org/security/json/CVE-2010-0434.json
reference_id CVE-2010-0434
reference_type
scores
0
value low
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2010-0434.json
5
reference_url https://security.gentoo.org/glsa/201206-25
reference_id GLSA-201206-25
reference_type
scores
url https://security.gentoo.org/glsa/201206-25
6
reference_url https://access.redhat.com/errata/RHSA-2010:0168
reference_id RHSA-2010:0168
reference_type
scores
url https://access.redhat.com/errata/RHSA-2010:0168
7
reference_url https://access.redhat.com/errata/RHSA-2010:0175
reference_id RHSA-2010:0175
reference_type
scores
url https://access.redhat.com/errata/RHSA-2010:0175
8
reference_url https://access.redhat.com/errata/RHSA-2010:0396
reference_id RHSA-2010:0396
reference_type
scores
url https://access.redhat.com/errata/RHSA-2010:0396
9
reference_url https://usn.ubuntu.com/908-1/
reference_id USN-908-1
reference_type
scores
url https://usn.ubuntu.com/908-1/
fixed_packages
aliases CVE-2010-0434
risk_score 1.1
exploitability 0.5
weighted_severity 2.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ywm9-1fbh-5qen
38
url VCID-zam7-79x3-ekg3
vulnerability_id VCID-zam7-79x3-ekg3
summary 
Improper Neutralization
Jakarta Tomcat 5.0.19 (Coyote/1.1) and Tomcat 4.1.24 (Coyote/1.0) allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Length header, which causes Tomcat to incorrectly handle and forward the body of the request in a way that causes the receiving server to process it as a separate HTTP request, aka "HTTP Request Smuggling."
references
0
reference_url http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx
1
reference_url http://docs.info.apple.com/article.html?artnum=306172
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://docs.info.apple.com/article.html?artnum=306172
2
reference_url http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html
3
reference_url http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html
4
reference_url http://lists.vmware.com/pipermail/security-announce/2008/000003.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.vmware.com/pipermail/security-announce/2008/000003.html
5
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2090.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2090.json
6
reference_url https://api.first.org/data/v1/epss?cve=CVE-2005-2090
reference_id
reference_type
scores
0
value 0.71377
scoring_system epss
scoring_elements 0.98739
published_at 2026-06-08T12:55:00Z
1
value 0.71377
scoring_system epss
scoring_elements 0.9874
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2005-2090
7
reference_url http://seclists.org/lists/bugtraq/2005/Jun/0025.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://seclists.org/lists/bugtraq/2005/Jun/0025.html
8
reference_url http://securitytracker.com/id?1014365
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://securitytracker.com/id?1014365
9
reference_url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
10
reference_url https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E
11
reference_url https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E
13
reference_url https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E
14
reference_url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
15
reference_url https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E
16
reference_url https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E
17
reference_url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
18
reference_url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10499
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10499
19
reference_url http://sunsolve.sun.com/search/document.do?assetkey=1-26-239312-1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://sunsolve.sun.com/search/document.do?assetkey=1-26-239312-1
20
reference_url http://support.avaya.com/elmodocs2/security/ASA-2007-206.htm
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://support.avaya.com/elmodocs2/security/ASA-2007-206.htm
21
reference_url http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540
22
reference_url http://tomcat.apache.org/security-4.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-4.html
23
reference_url http://tomcat.apache.org/security-5.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-5.html
24
reference_url http://tomcat.apache.org/security-6.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-6.html
25
reference_url http://www.fujitsu.com/global/support/software/security/products-f/interstage-200703e.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.fujitsu.com/global/support/software/security/products-f/interstage-200703e.html
26
reference_url http://www.redhat.com/support/errata/RHSA-2007-0327.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.redhat.com/support/errata/RHSA-2007-0327.html
27
reference_url http://www.redhat.com/support/errata/RHSA-2007-0360.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.redhat.com/support/errata/RHSA-2007-0360.html
28
reference_url http://www.redhat.com/support/errata/RHSA-2008-0261.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.redhat.com/support/errata/RHSA-2008-0261.html
29
reference_url http://www.securiteam.com/securityreviews/5GP0220G0U.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securiteam.com/securityreviews/5GP0220G0U.html
30
reference_url http://www.securityfocus.com/archive/1/485938/100/0/threaded
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/archive/1/485938/100/0/threaded
31
reference_url http://www.securityfocus.com/archive/1/500396/100/0/threaded
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/archive/1/500396/100/0/threaded
32
reference_url http://www.securityfocus.com/archive/1/500412/100/0/threaded
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/archive/1/500412/100/0/threaded
33
reference_url http://www.securityfocus.com/bid/13873
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/13873
34
reference_url http://www.securityfocus.com/bid/25159
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/25159
35
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=237079
reference_id 237079
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=237079
36
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2090
reference_id CVE-2005-2090
reference_type
scores
0
value Important
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2090
37
reference_url https://nvd.nist.gov/vuln/detail/CVE-2005-2090
reference_id CVE-2005-2090
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2005-2090
38
reference_url https://github.com/advisories/GHSA-f2gq-p6qv-ccw4
reference_id GHSA-f2gq-p6qv-ccw4
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-f2gq-p6qv-ccw4
39
reference_url https://access.redhat.com/errata/RHSA-2007:0360
reference_id RHSA-2007:0360
reference_type
scores
url https://access.redhat.com/errata/RHSA-2007:0360
40
reference_url https://access.redhat.com/errata/RHSA-2007:1069
reference_id RHSA-2007:1069
reference_type
scores
url https://access.redhat.com/errata/RHSA-2007:1069
fixed_packages
aliases CVE-2005-2090, GHSA-f2gq-p6qv-ccw4
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zam7-79x3-ekg3
Fixing_vulnerabilities
Risk_score10.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rhpki-kra@7.3.0-14%3Farch=el4