Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:maven/org.apache.tomcat/tomcat-coyote@7-alpha0

Type maven

Namespace org.apache.tomcat

Name tomcat-coyote

Version 7-alpha0

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 7.0.107

Latest_non_vulnerable_version 11.0.20

Affected_by_vulnerabilities

url VCID-bxg6-fsmd-6qae

vulnerability_id VCID-bxg6-fsmd-6qae

summary The readObject method in the DiskFileItem class in Apache Tomcat and JBoss Web, as used in Red Hat JBoss Enterprise Application Platform 6.1.0 and Red Hat JBoss Portal 6.0.0, allows remote attackers to write to arbitrary files via a NULL byte in a file name in a serialized instance, a similar issue to CVE-2013-2186. NOTE: this issue is reportedly disputed by the Apache Tomcat team, although Red Hat considers it a vulnerability. The dispute appears to regard whether it is the responsibility of applications to avoid providing untrusted data to be deserialized, or whether this class should inherently protect against this issue

references

reference_url

http://openwall.com/lists/oss-security/2014/10/24/12

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://openwall.com/lists/oss-security/2014/10/24/12

reference_url

http://rhn.redhat.com/errata/RHSA-2013-1193.html

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://rhn.redhat.com/errata/RHSA-2013-1193.html

reference_url

http://rhn.redhat.com/errata/RHSA-2013-1194.html

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://rhn.redhat.com/errata/RHSA-2013-1194.html

reference_url

http://rhn.redhat.com/errata/RHSA-2013-1265.html

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://rhn.redhat.com/errata/RHSA-2013-1265.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2185.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2185.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2013-2185

reference_id

reference_type

scores

value	0.05286
scoring_system	epss
scoring_elements	0.89969
published_at	2026-04-02T12:55:00Z

value	0.05286
scoring_system	epss
scoring_elements	0.90025
published_at	2026-04-16T12:55:00Z

value	0.05286
scoring_system	epss
scoring_elements	0.89981
published_at	2026-04-04T12:55:00Z

value	0.05286
scoring_system	epss
scoring_elements	0.89987
published_at	2026-04-07T12:55:00Z

value	0.05286
scoring_system	epss
scoring_elements	0.90003
published_at	2026-04-08T12:55:00Z

value	0.05286
scoring_system	epss
scoring_elements	0.90009
published_at	2026-04-13T12:55:00Z

value	0.05286
scoring_system	epss
scoring_elements	0.90015
published_at	2026-04-12T12:55:00Z

value	0.05286
scoring_system	epss
scoring_elements	0.90017
published_at	2026-04-11T12:55:00Z

value	0.05286
scoring_system	epss
scoring_elements	0.90023
published_at	2026-04-21T12:55:00Z

value	0.05286
scoring_system	epss
scoring_elements	0.90026
published_at	2026-04-18T12:55:00Z

value	0.05286
scoring_system	epss
scoring_elements	0.89967
published_at	2026-04-01T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2013-2185

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-2185
reference_id
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-2185

reference_url

https://github.com/apache/tomcat

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat

reference_url	https://github.com/apache/tomcat/commit/e246e5fc13307da0a5d3bbf860d64d97be1c40f8
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/e246e5fc13307da0a5d3bbf860d64d97be1c40f8

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2013-2185

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2013-2185

reference_url

http://www.openwall.com/lists/oss-security/2013/09/05/4

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2013/09/05/4

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=974813
reference_id	974813
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=974813

reference_url

https://github.com/advisories/GHSA-v6c7-8qx5-8gmp

reference_id

GHSA-v6c7-8qx5-8gmp

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-v6c7-8qx5-8gmp

reference_url	https://access.redhat.com/errata/RHSA-2013:1193
reference_id	RHSA-2013:1193
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2013:1193

reference_url	https://access.redhat.com/errata/RHSA-2013:1194
reference_id	RHSA-2013:1194
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2013:1194

reference_url	https://access.redhat.com/errata/RHSA-2013:1265
reference_id	RHSA-2013:1265
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2013:1265

fixed_packages

url pkg:maven/org.apache.tomcat/tomcat-coyote@7.0.34

purl pkg:maven/org.apache.tomcat/tomcat-coyote@7.0.34

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3r3s-q21j-c3au

vulnerability	VCID-a8gk-n8bq-87cp

vulnerability	VCID-eb37-mkxf-7fgw

vulnerability	VCID-gv12-4ruf-kfhq

vulnerability	VCID-kzzv-rhya-j7dd

vulnerability	VCID-nvbx-q971-skgm

vulnerability	VCID-yfx4-4gsc-2kgh

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-coyote@7.0.34

url pkg:maven/org.apache.tomcat/tomcat-coyote@7.0.40

purl pkg:maven/org.apache.tomcat/tomcat-coyote@7.0.40

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3r3s-q21j-c3au

vulnerability	VCID-a8gk-n8bq-87cp

vulnerability	VCID-eb37-mkxf-7fgw

vulnerability	VCID-gv12-4ruf-kfhq

vulnerability	VCID-kzzv-rhya-j7dd

vulnerability	VCID-nvbx-q971-skgm

vulnerability	VCID-yfx4-4gsc-2kgh

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-coyote@7.0.40

aliases CVE-2013-2185, GHSA-v6c7-8qx5-8gmp

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bxg6-fsmd-6qae

url VCID-gv12-4ruf-kfhq

vulnerability_id VCID-gv12-4ruf-kfhq

summary MultipartStream.java in Apache Commons FileUpload before 1.3.1, as used in Apache Tomcat, JBoss Web, and other products, allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted Content-Type header that bypasses a loop's intended exit conditions.

references

reference_url

http://advisories.mageia.org/MGASA-2014-0110.html

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://advisories.mageia.org/MGASA-2014-0110.html

reference_url

http://jvndb.jvn.jp/jvndb/JVNDB-2014-000017

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://jvndb.jvn.jp/jvndb/JVNDB-2014-000017

reference_url

http://jvn.jp/en/jp/JVN14876762/index.html

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://jvn.jp/en/jp/JVN14876762/index.html

reference_url

http://mail-archives.apache.org/mod_mbox/commons-dev/201402.mbox/%3C52F373FC.9030907@apache.org%3E

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://mail-archives.apache.org/mod_mbox/commons-dev/201402.mbox/%3C52F373FC.9030907@apache.org%3E

reference_url	http://mail-archives.apache.org/mod_mbox/www-announce/201402.mbox/%3C52F373FC.9030907@apache.org%3E
reference_id
reference_type
scores
url	http://mail-archives.apache.org/mod_mbox/www-announce/201402.mbox/%3C52F373FC.9030907@apache.org%3E

reference_url

http://marc.info/?l=bugtraq&m=143136844732487&w=2

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://marc.info/?l=bugtraq&m=143136844732487&w=2

reference_url

http://packetstormsecurity.com/files/127215/VMware-Security-Advisory-2014-0007.html

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://packetstormsecurity.com/files/127215/VMware-Security-Advisory-2014-0007.html

reference_url

http://rhn.redhat.com/errata/RHSA-2014-0252.html

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://rhn.redhat.com/errata/RHSA-2014-0252.html

reference_url

http://rhn.redhat.com/errata/RHSA-2014-0253.html

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://rhn.redhat.com/errata/RHSA-2014-0253.html

reference_url

http://rhn.redhat.com/errata/RHSA-2014-0400.html

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://rhn.redhat.com/errata/RHSA-2014-0400.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0050.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0050.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-0050

reference_id

reference_type

scores

value	0.92712
scoring_system	epss
scoring_elements	0.99754
published_at	2026-04-21T12:55:00Z

value	0.92712
scoring_system	epss
scoring_elements	0.99751
published_at	2026-04-04T12:55:00Z

value	0.92712
scoring_system	epss
scoring_elements	0.99753
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-0050

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=1062337

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=1062337

reference_url

http://seclists.org/fulldisclosure/2014/Dec/23

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://seclists.org/fulldisclosure/2014/Dec/23

reference_url

http://secunia.com/advisories/57915

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://secunia.com/advisories/57915

reference_url

http://secunia.com/advisories/58075

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://secunia.com/advisories/58075

reference_url

http://secunia.com/advisories/58976

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://secunia.com/advisories/58976

reference_url

http://secunia.com/advisories/59039

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://secunia.com/advisories/59039

reference_url

http://secunia.com/advisories/59041

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://secunia.com/advisories/59041

reference_url

http://secunia.com/advisories/59183

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://secunia.com/advisories/59183

reference_url

http://secunia.com/advisories/59184

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://secunia.com/advisories/59184

reference_url

http://secunia.com/advisories/59185

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://secunia.com/advisories/59185

reference_url

http://secunia.com/advisories/59187

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://secunia.com/advisories/59187

reference_url

http://secunia.com/advisories/59232

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://secunia.com/advisories/59232

reference_url

http://secunia.com/advisories/59399

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://secunia.com/advisories/59399

reference_url

http://secunia.com/advisories/59492

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://secunia.com/advisories/59492

reference_url

http://secunia.com/advisories/59500

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://secunia.com/advisories/59500

reference_url

http://secunia.com/advisories/59725

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://secunia.com/advisories/59725

reference_url

http://secunia.com/advisories/60475

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://secunia.com/advisories/60475

reference_url

http://secunia.com/advisories/60753

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://secunia.com/advisories/60753

reference_url

https://github.com/apache/commons-fileupload

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/commons-fileupload

reference_url

https://github.com/apache/commons-fileupload/commit/c61ff05b3241cb14d989b67209e57aa71540417a

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/commons-fileupload/commit/c61ff05b3241cb14d989b67209e57aa71540417a

reference_url

https://github.com/apache/tomcat/commit/29384723d8d9645b87e05be9fa369a4deeb78b9c

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/29384723d8d9645b87e05be9fa369a4deeb78b9c

reference_url

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755

reference_url

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05376917

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05376917

reference_url

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722

reference_url

https://svn.apache.org/viewvc?view=revision&revision=1565143

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://svn.apache.org/viewvc?view=revision&revision=1565143

reference_url

https://svn.apache.org/viewvc?view=revision&revision=1565163

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://svn.apache.org/viewvc?view=revision&revision=1565163

reference_url

https://svn.apache.org/viewvc?view=revision&revision=1565169

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://svn.apache.org/viewvc?view=revision&revision=1565169

reference_url	https://svn.apache.org/viewvc?view=rev&rev=1565163
reference_id
reference_type
scores
url	https://svn.apache.org/viewvc?view=rev&rev=1565163

reference_url	https://svn.apache.org/viewvc?view=rev&rev=1565169
reference_id
reference_type
scores
url	https://svn.apache.org/viewvc?view=rev&rev=1565169

reference_url

https://tomcat.apache.org/security-7.html

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://tomcat.apache.org/security-7.html

reference_url

https://tomcat.apache.org/security-8.html

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://tomcat.apache.org/security-8.html

reference_url	http://struts.apache.org/docs/s2-020.html
reference_id
reference_type
scores
url	http://struts.apache.org/docs/s2-020.html

reference_url

http://svn.apache.org/r1565143

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://svn.apache.org/r1565143

reference_url	http://svn.apache.org/viewvc?view=revision&revision=1565143
reference_id
reference_type
scores
url	http://svn.apache.org/viewvc?view=revision&revision=1565143

reference_url	https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0050
reference_id
reference_type
scores
url	https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0050

reference_url

http://tomcat.apache.org/security-7.html

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://tomcat.apache.org/security-7.html

reference_url

http://tomcat.apache.org/security-8.html

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://tomcat.apache.org/security-8.html

reference_url

http://www-01.ibm.com/support/docview.wss?uid=swg21669554

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www-01.ibm.com/support/docview.wss?uid=swg21669554

reference_url

http://www-01.ibm.com/support/docview.wss?uid=swg21675432

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www-01.ibm.com/support/docview.wss?uid=swg21675432

reference_url

http://www-01.ibm.com/support/docview.wss?uid=swg21676091

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www-01.ibm.com/support/docview.wss?uid=swg21676091

reference_url

http://www-01.ibm.com/support/docview.wss?uid=swg21676092

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www-01.ibm.com/support/docview.wss?uid=swg21676092

reference_url

http://www-01.ibm.com/support/docview.wss?uid=swg21676401

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www-01.ibm.com/support/docview.wss?uid=swg21676401

reference_url

http://www-01.ibm.com/support/docview.wss?uid=swg21676403

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www-01.ibm.com/support/docview.wss?uid=swg21676403

reference_url

http://www-01.ibm.com/support/docview.wss?uid=swg21676405

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www-01.ibm.com/support/docview.wss?uid=swg21676405

reference_url

http://www-01.ibm.com/support/docview.wss?uid=swg21676410

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www-01.ibm.com/support/docview.wss?uid=swg21676410

reference_url

http://www-01.ibm.com/support/docview.wss?uid=swg21676656

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www-01.ibm.com/support/docview.wss?uid=swg21676656

reference_url

http://www-01.ibm.com/support/docview.wss?uid=swg21676853

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www-01.ibm.com/support/docview.wss?uid=swg21676853

reference_url

http://www-01.ibm.com/support/docview.wss?uid=swg21677691

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www-01.ibm.com/support/docview.wss?uid=swg21677691

reference_url

http://www-01.ibm.com/support/docview.wss?uid=swg21677724

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www-01.ibm.com/support/docview.wss?uid=swg21677724

reference_url

http://www-01.ibm.com/support/docview.wss?uid=swg21681214

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www-01.ibm.com/support/docview.wss?uid=swg21681214

reference_url

http://www.debian.org/security/2014/dsa-2856

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www.debian.org/security/2014/dsa-2856

reference_url

http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS14-015/index.html

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS14-015/index.html

reference_url

http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS14-016/index.html

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS14-016/index.html

reference_url

http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS14-017/index.html

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS14-017/index.html

reference_url

http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-350733.htm

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-350733.htm

reference_url

http://www.mandriva.com/security/advisories?name=MDVSA-2015:084

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www.mandriva.com/security/advisories?name=MDVSA-2015:084

reference_url

http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html

reference_url

http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html

reference_url

http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html

reference_url

http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html

reference_url

http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html

reference_url

http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html

reference_url

http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html

reference_url

http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html

reference_url

http://www.securityfocus.com/archive/1/532549/100/0/threaded

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www.securityfocus.com/archive/1/532549/100/0/threaded

reference_url

http://www.securityfocus.com/archive/1/534161/100/0/threaded

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www.securityfocus.com/archive/1/534161/100/0/threaded

reference_url

http://www.securityfocus.com/bid/65400

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www.securityfocus.com/bid/65400

reference_url

http://www.ubuntu.com/usn/USN-2130-1

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www.ubuntu.com/usn/USN-2130-1

reference_url

http://www.vmware.com/security/advisories/VMSA-2014-0007.html

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www.vmware.com/security/advisories/VMSA-2014-0007.html

reference_url

http://www.vmware.com/security/advisories/VMSA-2014-0008.html

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www.vmware.com/security/advisories/VMSA-2014-0008.html

reference_url

http://www.vmware.com/security/advisories/VMSA-2014-0012.html

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www.vmware.com/security/advisories/VMSA-2014-0012.html

reference_url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0050

reference_id

CVE-2014-0050

reference_type

scores

value	Important
scoring_system	apache_tomcat
scoring_elements

url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0050

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2014-0050

reference_id

CVE-2014-0050

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2014-0050

reference_url

http://blog.spiderlabs.com/2014/02/cve-2014-0050-exploit-with-boundaries-loops-without-boundaries.html

reference_id

CVE-2014-0050-EXPLOIT-WITH-BOUNDARIES-LOOPS-WITHOUT-BOUNDARIES.HTML

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://blog.spiderlabs.com/2014/02/cve-2014-0050-exploit-with-boundaries-loops-without-boundaries.html

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/31615.rb
reference_id	CVE-2014-0050;OSVDB-102945
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/31615.rb

reference_url

https://github.com/advisories/GHSA-xx68-jfcg-xmmf

reference_id

GHSA-xx68-jfcg-xmmf

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/advisories/GHSA-xx68-jfcg-xmmf

reference_url	https://security.gentoo.org/glsa/201412-29
reference_id	GLSA-201412-29
reference_type
scores
url	https://security.gentoo.org/glsa/201412-29

reference_url	https://security.gentoo.org/glsa/202107-39
reference_id	GLSA-202107-39
reference_type
scores
url	https://security.gentoo.org/glsa/202107-39

reference_url	https://access.redhat.com/errata/RHSA-2014:0252
reference_id	RHSA-2014:0252
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:0252

reference_url	https://access.redhat.com/errata/RHSA-2014:0253
reference_id	RHSA-2014:0253
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:0253

reference_url	https://access.redhat.com/errata/RHSA-2014:0373
reference_id	RHSA-2014:0373
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:0373

reference_url	https://access.redhat.com/errata/RHSA-2014:0400
reference_id	RHSA-2014:0400
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:0400

reference_url	https://access.redhat.com/errata/RHSA-2014:0401
reference_id	RHSA-2014:0401
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:0401

reference_url	https://access.redhat.com/errata/RHSA-2014:0429
reference_id	RHSA-2014:0429
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:0429

reference_url	https://access.redhat.com/errata/RHSA-2014:0452
reference_id	RHSA-2014:0452
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:0452

reference_url	https://access.redhat.com/errata/RHSA-2014:0459
reference_id	RHSA-2014:0459
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:0459

reference_url	https://access.redhat.com/errata/RHSA-2014:0473
reference_id	RHSA-2014:0473
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:0473

reference_url	https://access.redhat.com/errata/RHSA-2014:0525
reference_id	RHSA-2014:0525
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:0525

100

reference_url	https://access.redhat.com/errata/RHSA-2014:0526
reference_id	RHSA-2014:0526
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:0526

101

reference_url	https://access.redhat.com/errata/RHSA-2014:0527
reference_id	RHSA-2014:0527
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:0527

102

reference_url	https://access.redhat.com/errata/RHSA-2014:0528
reference_id	RHSA-2014:0528
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:0528

103

reference_url	https://access.redhat.com/errata/RHSA-2015:1009
reference_id	RHSA-2015:1009
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1009

104

reference_url	https://usn.ubuntu.com/2130-1/
reference_id	USN-2130-1
reference_type
scores
url	https://usn.ubuntu.com/2130-1/

fixed_packages

url pkg:maven/org.apache.tomcat/tomcat-coyote@7.0.52

purl pkg:maven/org.apache.tomcat/tomcat-coyote@7.0.52

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3r3s-q21j-c3au

vulnerability	VCID-a8gk-n8bq-87cp

vulnerability	VCID-eb37-mkxf-7fgw

vulnerability	VCID-kzzv-rhya-j7dd

vulnerability	VCID-nvbx-q971-skgm

vulnerability	VCID-yfx4-4gsc-2kgh

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-coyote@7.0.52

url pkg:maven/org.apache.tomcat/tomcat-coyote@8.0.3

purl pkg:maven/org.apache.tomcat/tomcat-coyote@8.0.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2sr7-c3j5-cfhg

vulnerability	VCID-3r3s-q21j-c3au

vulnerability	VCID-kzzv-rhya-j7dd

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-coyote@8.0.3

aliases CVE-2014-0050, GHSA-xx68-jfcg-xmmf

risk_score 10.0

exploitability 2.0

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gv12-4ruf-kfhq

Fixing_vulnerabilities

Risk_score 10.0

Resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-coyote@7-alpha0

Package Instance