Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/org.apache.tomcat/tomcat-util@7.0.22
Typemaven
Namespaceorg.apache.tomcat
Nametomcat-util
Version7.0.22
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version7.0.107
Latest_non_vulnerable_version11.0.1
Affected_by_vulnerabilities
0
url VCID-59dd-qzpt-aucm
vulnerability_id VCID-59dd-qzpt-aucm
summary 
Improper Input Validation
When running on Windows with `enableCmdLineArguments` enabled, the CGI Servlet in Apache Tomcat is vulnerable to Remote Code Execution due to a bug in the way the JRE passes command line arguments to Windows. The CGI Servlet is disabled by default. The CGI option `enableCmdLineArguments` is disable by default in Tomcat (and will be disabled by default in all versions in response to this vulnerability).
references
0
reference_url http://packetstormsecurity.com/files/153506/Apache-Tomcat-CGIServlet-enableCmdLineArguments-Remote-Code-Execution.html
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://packetstormsecurity.com/files/153506/Apache-Tomcat-CGIServlet-enableCmdLineArguments-Remote-Code-Execution.html
1
reference_url https://access.redhat.com/errata/RHSA-2019:1712
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:1712
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0232.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0232.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-0232
reference_id
reference_type
scores
0
value 0.94221
scoring_system epss
scoring_elements 0.99928
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-0232
4
reference_url https://blog.trendmicro.com/trendlabs-security-intelligence/uncovering-cve-2019-0232-a-remote-code-execution-vulnerability-in-apache-tomcat
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://blog.trendmicro.com/trendlabs-security-intelligence/uncovering-cve-2019-0232-a-remote-code-execution-vulnerability-in-apache-tomcat
5
reference_url https://blog.trendmicro.com/trendlabs-security-intelligence/uncovering-cve-2019-0232-a-remote-code-execution-vulnerability-in-apache-tomcat/
reference_id
reference_type
scores
url https://blog.trendmicro.com/trendlabs-security-intelligence/uncovering-cve-2019-0232-a-remote-code-execution-vulnerability-in-apache-tomcat/
6
reference_url https://codewhitesec.blogspot.com/2016/02/java-and-command-line-injections-in-windows.html
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://codewhitesec.blogspot.com/2016/02/java-and-command-line-injections-in-windows.html
7
reference_url http://seclists.org/fulldisclosure/2019/May/4
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://seclists.org/fulldisclosure/2019/May/4
8
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
9
reference_url https://github.com/apache/tomcat/commit/4b244d827ade2a36ef3b8734939541207b78f35c
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/4b244d827ade2a36ef3b8734939541207b78f35c
10
reference_url https://github.com/apache/tomcat/commit/5bc4e6d7b1c22dc1bf99f475b7e70594ebdd83b9
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/5bc4e6d7b1c22dc1bf99f475b7e70594ebdd83b9
11
reference_url https://github.com/apache/tomcat/commit/7f0221b904956359f2d739aa3a2b53f8c12ed8c7
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/7f0221b904956359f2d739aa3a2b53f8c12ed8c7
12
reference_url https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba@%3Cdev.tomcat.apache.org%3E
13
reference_url https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba%40%3Cdev.tomcat.apache.org%3E
14
reference_url https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E
15
reference_url https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E
16
reference_url https://lists.apache.org/thread.html/52ffb9fbf661245386a83a661183d13f1de2e5779fa23837a08e02ac@%3Ccommits.ofbiz.apache.org%3E
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/52ffb9fbf661245386a83a661183d13f1de2e5779fa23837a08e02ac@%3Ccommits.ofbiz.apache.org%3E
17
reference_url https://lists.apache.org/thread.html/52ffb9fbf661245386a83a661183d13f1de2e5779fa23837a08e02ac%40%3Ccommits.ofbiz.apache.org%3E
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/52ffb9fbf661245386a83a661183d13f1de2e5779fa23837a08e02ac%40%3Ccommits.ofbiz.apache.org%3E
18
reference_url https://lists.apache.org/thread.html/5f297a4b9080b5f65a05bc139596d0e437d6a539b25e31d29d028767@%3Cannounce.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/5f297a4b9080b5f65a05bc139596d0e437d6a539b25e31d29d028767@%3Cannounce.tomcat.apache.org%3E
19
reference_url https://lists.apache.org/thread.html/5f297a4b9080b5f65a05bc139596d0e437d6a539b25e31d29d028767%40%3Cannounce.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/5f297a4b9080b5f65a05bc139596d0e437d6a539b25e31d29d028767%40%3Cannounce.tomcat.apache.org%3E
20
reference_url https://lists.apache.org/thread.html/673b6148d92cd7bc99ea2dcf85ad75d57da44fc322d51f37fb529a2a@%3Ccommits.ofbiz.apache.org%3E
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/673b6148d92cd7bc99ea2dcf85ad75d57da44fc322d51f37fb529a2a@%3Ccommits.ofbiz.apache.org%3E
21
reference_url https://lists.apache.org/thread.html/673b6148d92cd7bc99ea2dcf85ad75d57da44fc322d51f37fb529a2a%40%3Ccommits.ofbiz.apache.org%3E
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/673b6148d92cd7bc99ea2dcf85ad75d57da44fc322d51f37fb529a2a%40%3Ccommits.ofbiz.apache.org%3E
22
reference_url https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E
23
reference_url https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3E
24
reference_url https://lists.apache.org/thread.html/96849486813a95dfd542e1618b7923ca945508aaf4a4341f674d83e3@%3Cnotifications.ofbiz.apache.org%3E
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/96849486813a95dfd542e1618b7923ca945508aaf4a4341f674d83e3@%3Cnotifications.ofbiz.apache.org%3E
25
reference_url https://lists.apache.org/thread.html/96849486813a95dfd542e1618b7923ca945508aaf4a4341f674d83e3%40%3Cnotifications.ofbiz.apache.org%3E
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/96849486813a95dfd542e1618b7923ca945508aaf4a4341f674d83e3%40%3Cnotifications.ofbiz.apache.org%3E
26
reference_url https://lists.apache.org/thread.html/a6c87a09a71162fd563ab1c4e70a08a103e0b7c199fc391f1c9c4c35@%3Ccommits.ofbiz.apache.org%3E
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/a6c87a09a71162fd563ab1c4e70a08a103e0b7c199fc391f1c9c4c35@%3Ccommits.ofbiz.apache.org%3E
27
reference_url https://lists.apache.org/thread.html/a6c87a09a71162fd563ab1c4e70a08a103e0b7c199fc391f1c9c4c35%40%3Ccommits.ofbiz.apache.org%3E
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/a6c87a09a71162fd563ab1c4e70a08a103e0b7c199fc391f1c9c4c35%40%3Ccommits.ofbiz.apache.org%3E
28
reference_url https://lists.apache.org/thread.html/dd4b325cdb261183dbf5ce913c102920a8f09c26dae666a98309165b@%3Cnotifications.ofbiz.apache.org%3E
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/dd4b325cdb261183dbf5ce913c102920a8f09c26dae666a98309165b@%3Cnotifications.ofbiz.apache.org%3E
29
reference_url https://lists.apache.org/thread.html/dd4b325cdb261183dbf5ce913c102920a8f09c26dae666a98309165b%40%3Cnotifications.ofbiz.apache.org%3E
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/dd4b325cdb261183dbf5ce913c102920a8f09c26dae666a98309165b%40%3Cnotifications.ofbiz.apache.org%3E
30
reference_url https://lists.apache.org/thread.html/f4d48b32ef2b6aa49c8830241a9475da5b46e451f964b291c7a0a715@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/f4d48b32ef2b6aa49c8830241a9475da5b46e451f964b291c7a0a715@%3Cdev.tomcat.apache.org%3E
31
reference_url https://lists.apache.org/thread.html/f4d48b32ef2b6aa49c8830241a9475da5b46e451f964b291c7a0a715%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/f4d48b32ef2b6aa49c8830241a9475da5b46e451f964b291c7a0a715%40%3Cdev.tomcat.apache.org%3E
32
reference_url https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E
33
reference_url https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d%40%3Cdev.tomcat.apache.org%3E
34
reference_url https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E
35
reference_url https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0%40%3Cdev.tomcat.apache.org%3E
36
reference_url https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9@%3Cdev.tomcat.apache.org%3E
37
reference_url https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9%40%3Cdev.tomcat.apache.org%3E
38
reference_url https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c@%3Cannounce.apache.org%3E
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c@%3Cannounce.apache.org%3E
39
reference_url https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c%40%3Cannounce.apache.org%3E
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c%40%3Cannounce.apache.org%3E
40
reference_url https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E
41
reference_url https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E
42
reference_url https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a@%3Cdev.tomcat.apache.org%3E
43
reference_url https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a%40%3Cdev.tomcat.apache.org%3E
44
reference_url https://security.netapp.com/advisory/ntap-20190419-0001
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20190419-0001
45
reference_url https://security.netapp.com/advisory/ntap-20190419-0001/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20190419-0001/
46
reference_url https://web.archive.org/web/20161228144344/https://blogs.msdn.microsoft.com/twistylittlepassagesallalike/2011/04/23/everyone-quotes-command-line-arguments-the-wrong-way
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20161228144344/https://blogs.msdn.microsoft.com/twistylittlepassagesallalike/2011/04/23/everyone-quotes-command-line-arguments-the-wrong-way
47
reference_url https://web.archive.org/web/20161228144344/https://blogs.msdn.microsoft.com/twistylittlepassagesallalike/2011/04/23/everyone-quotes-command-line-arguments-the-wrong-way/
reference_id
reference_type
scores
url https://web.archive.org/web/20161228144344/https://blogs.msdn.microsoft.com/twistylittlepassagesallalike/2011/04/23/everyone-quotes-command-line-arguments-the-wrong-way/
48
reference_url https://web.archive.org/web/20200227030103/http://www.securityfocus.com/bid/107906
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200227030103/http://www.securityfocus.com/bid/107906
49
reference_url https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2019-784
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2019-784
50
reference_url https://www.oracle.com/security-alerts/cpuapr2020.html
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuapr2020.html
51
reference_url https://www.oracle.com/security-alerts/cpuApr2021.html
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuApr2021.html
52
reference_url https://www.oracle.com/security-alerts/cpujan2020.html
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujan2020.html
53
reference_url https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
54
reference_url https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
55
reference_url https://wwws.nightwatchcybersecurity.com/2019/04/30/remote-code-execution-rce-in-cgi-servlet-apache-tomcat-on-windows-cve-2019-0232
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://wwws.nightwatchcybersecurity.com/2019/04/30/remote-code-execution-rce-in-cgi-servlet-apache-tomcat-on-windows-cve-2019-0232
56
reference_url https://wwws.nightwatchcybersecurity.com/2019/04/30/remote-code-execution-rce-in-cgi-servlet-apache-tomcat-on-windows-cve-2019-0232/
reference_id
reference_type
scores
url https://wwws.nightwatchcybersecurity.com/2019/04/30/remote-code-execution-rce-in-cgi-servlet-apache-tomcat-on-windows-cve-2019-0232/
57
reference_url https://www.synology.com/security/advisory/Synology_SA_19_17
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.synology.com/security/advisory/Synology_SA_19_17
58
reference_url http://www.securityfocus.com/bid/107906
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/107906
59
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1701056
reference_id 1701056
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1701056
60
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0232
reference_id CVE-2019-0232
reference_type
scores
0
value Important
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0232
61
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/47073.rb
reference_id CVE-2019-0232
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/47073.rb
62
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-0232
reference_id CVE-2019-0232
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-0232
63
reference_url https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/http/tomcat_cgi_cmdlineargs.rb
reference_id CVE-2019-0232
reference_type exploit
scores
url https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/http/tomcat_cgi_cmdlineargs.rb
64
reference_url https://github.com/advisories/GHSA-8vmx-qmch-mpqg
reference_id GHSA-8vmx-qmch-mpqg
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-8vmx-qmch-mpqg
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat-util@7.0.94
purl pkg:maven/org.apache.tomcat/tomcat-util@7.0.94
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-essq-6syu-6ygm
1
vulnerability VCID-webw-gryb-7ucv
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-util@7.0.94
1
url pkg:maven/org.apache.tomcat/tomcat-util@8.5.40
purl pkg:maven/org.apache.tomcat/tomcat-util@8.5.40
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2qhv-x4j1-jqa7
1
vulnerability VCID-essq-6syu-6ygm
2
vulnerability VCID-urhs-6aus-syb1
3
vulnerability VCID-webw-gryb-7ucv
4
vulnerability VCID-xns8-63b5-guf2
5
vulnerability VCID-zba8-2zc4-9qfh
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-util@8.5.40
2
url pkg:maven/org.apache.tomcat/tomcat-util@9.0.19
purl pkg:maven/org.apache.tomcat/tomcat-util@9.0.19
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2qhv-x4j1-jqa7
1
vulnerability VCID-essq-6syu-6ygm
2
vulnerability VCID-urhs-6aus-syb1
3
vulnerability VCID-webw-gryb-7ucv
4
vulnerability VCID-xns8-63b5-guf2
5
vulnerability VCID-zba8-2zc4-9qfh
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-util@9.0.19
aliases CVE-2019-0232, GHSA-8vmx-qmch-mpqg
risk_score 10.0
exploitability 2.0
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-59dd-qzpt-aucm
1
url VCID-essq-6syu-6ygm
vulnerability_id VCID-essq-6syu-6ygm
summary information disclosure
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-24122.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-24122.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-24122
reference_id
reference_type
scores
0
value 0.61383
scoring_system epss
scoring_elements 0.98349
published_at 2026-06-05T12:55:00Z
1
value 0.61383
scoring_system epss
scoring_elements 0.98346
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-24122
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
4
reference_url https://github.com/apache/tomcat/commit/7f004ac4531c45f9a2a2d1470561fe135cf27bc2
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/7f004ac4531c45f9a2a2d1470561fe135cf27bc2
5
reference_url https://github.com/apache/tomcat/commit/800b03140e640f8892f27021e681645e8e320177
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/800b03140e640f8892f27021e681645e8e320177
6
reference_url https://github.com/apache/tomcat/commit/920dddbdb981f92e8d5872a4bb126a10af5ca8a9
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/920dddbdb981f92e8d5872a4bb126a10af5ca8a9
7
reference_url https://github.com/apache/tomcat/commit/935fc5582dc25ae10bab6f9d5629ff8d996cb533
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/935fc5582dc25ae10bab6f9d5629ff8d996cb533
8
reference_url https://lists.apache.org/thread.html/r1595889b083e05986f42b944dc43060d6b083022260b6ea64d2cec52@%3Cannounce.apache.org%3E
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r1595889b083e05986f42b944dc43060d6b083022260b6ea64d2cec52@%3Cannounce.apache.org%3E
9
reference_url https://lists.apache.org/thread.html/r1595889b083e05986f42b944dc43060d6b083022260b6ea64d2cec52@%3Cannounce.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r1595889b083e05986f42b944dc43060d6b083022260b6ea64d2cec52@%3Cannounce.tomcat.apache.org%3E
10
reference_url https://lists.apache.org/thread.html/r1595889b083e05986f42b944dc43060d6b083022260b6ea64d2cec52%40%3Cannounce.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r1595889b083e05986f42b944dc43060d6b083022260b6ea64d2cec52%40%3Cannounce.tomcat.apache.org%3E
11
reference_url https://lists.apache.org/thread.html/r7382e1e35b9bc7c8f320b90ad77e74c13172d08034e20c18000fe710@%3Cdev.tomee.apache.org%3E
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r7382e1e35b9bc7c8f320b90ad77e74c13172d08034e20c18000fe710@%3Cdev.tomee.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/r776c64337495bf28b7d5597268114a888e3fad6045c40a0da0c66d4d@%3Cdev.tomee.apache.org%3E
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r776c64337495bf28b7d5597268114a888e3fad6045c40a0da0c66d4d@%3Cdev.tomee.apache.org%3E
13
reference_url https://lists.apache.org/thread.html/r7e0bb9ea415724550e2b325e143b23e269579e54d66fcd7754bd0c20@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r7e0bb9ea415724550e2b325e143b23e269579e54d66fcd7754bd0c20@%3Cdev.tomcat.apache.org%3E
14
reference_url https://lists.apache.org/thread.html/rb32a73b7cb919d4f44a2596b6b951274c0004fc8b0e393d6829a45f9@%3Cusers.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb32a73b7cb919d4f44a2596b6b951274c0004fc8b0e393d6829a45f9@%3Cusers.tomcat.apache.org%3E
15
reference_url https://lists.apache.org/thread.html/rca833c6d42b7b9ce1563488c0929f29fcc95947d86e5e740258c8937@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rca833c6d42b7b9ce1563488c0929f29fcc95947d86e5e740258c8937@%3Cdev.tomcat.apache.org%3E
16
reference_url https://lists.debian.org/debian-lts-announce/2021/03/msg00018.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2021/03/msg00018.html
17
reference_url https://security.netapp.com/advisory/ntap-20210212-0008
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20210212-0008
18
reference_url https://tomcat.apache.org/security-10.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-10.html
19
reference_url https://tomcat.apache.org/security-7.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-7.html
20
reference_url https://tomcat.apache.org/security-8.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-8.html
21
reference_url https://tomcat.apache.org/security-9.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-9.html
22
reference_url https://www.oracle.com//security-alerts/cpujul2021.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com//security-alerts/cpujul2021.html
23
reference_url http://www.openwall.com/lists/oss-security/2021/01/14/1
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2021/01/14/1
24
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1917209
reference_id 1917209
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1917209
25
reference_url https://security.archlinux.org/AVG-1452
reference_id AVG-1452
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1452
26
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24122
reference_id CVE-2021-24122
reference_type
scores
0
value Important
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24122
27
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-24122
reference_id CVE-2021-24122
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-24122
28
reference_url https://access.redhat.com/errata/RHSA-2021:0494
reference_id RHSA-2021:0494
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0494
29
reference_url https://access.redhat.com/errata/RHSA-2021:0495
reference_id RHSA-2021:0495
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0495
30
reference_url https://access.redhat.com/errata/RHSA-2021:3425
reference_id RHSA-2021:3425
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3425
31
reference_url https://access.redhat.com/errata/RHSA-2022:5532
reference_id RHSA-2022:5532
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5532
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat-util@7.0.107
purl pkg:maven/org.apache.tomcat/tomcat-util@7.0.107
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-util@7.0.107
1
url pkg:maven/org.apache.tomcat/tomcat-util@8.5.60
purl pkg:maven/org.apache.tomcat/tomcat-util@8.5.60
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2qhv-x4j1-jqa7
1
vulnerability VCID-urhs-6aus-syb1
2
vulnerability VCID-zba8-2zc4-9qfh
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-util@8.5.60
2
url pkg:maven/org.apache.tomcat/tomcat-util@9.0.40
purl pkg:maven/org.apache.tomcat/tomcat-util@9.0.40
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2qhv-x4j1-jqa7
1
vulnerability VCID-urhs-6aus-syb1
2
vulnerability VCID-zba8-2zc4-9qfh
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-util@9.0.40
3
url pkg:maven/org.apache.tomcat/tomcat-util@10.0.2
purl pkg:maven/org.apache.tomcat/tomcat-util@10.0.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2qhv-x4j1-jqa7
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-util@10.0.2
aliases CVE-2021-24122, GHSA-2rvv-w9r2-rg7m
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-essq-6syu-6ygm
2
url VCID-nnye-4xbb-kuf5
vulnerability_id VCID-nnye-4xbb-kuf5
summary 
Improper Neutralization of CRLF Sequences in HTTP Headers in Apache Tomcat
Integer overflow in java/org/apache/tomcat/util/buf/Ascii.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4, when operated behind a reverse proxy, allows remote attackers to conduct HTTP request smuggling attacks via a crafted Content-Length HTTP header.
references
0
reference_url http://advisories.mageia.org/MGASA-2014-0268.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://advisories.mageia.org/MGASA-2014-0268.html
1
reference_url http://linux.oracle.com/errata/ELSA-2014-0865.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://linux.oracle.com/errata/ELSA-2014-0865.html
2
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150282.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150282.html
3
reference_url http://marc.info/?l=bugtraq&m=141017844705317&w=2
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://marc.info/?l=bugtraq&m=141017844705317&w=2
4
reference_url http://marc.info/?l=bugtraq&m=141390017113542&w=2
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://marc.info/?l=bugtraq&m=141390017113542&w=2
5
reference_url http://marc.info/?l=bugtraq&m=144498216801440&w=2
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://marc.info/?l=bugtraq&m=144498216801440&w=2
6
reference_url http://rhn.redhat.com/errata/RHSA-2015-0675.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0675.html
7
reference_url http://rhn.redhat.com/errata/RHSA-2015-0720.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0720.html
8
reference_url http://rhn.redhat.com/errata/RHSA-2015-0765.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0765.html
9
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0099.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0099.json
10
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-0099
reference_id
reference_type
scores
0
value 0.37857
scoring_system epss
scoring_elements 0.97295
published_at 2026-06-05T12:55:00Z
1
value 0.37857
scoring_system epss
scoring_elements 0.97291
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-0099
11
reference_url http://seclists.org/fulldisclosure/2014/Dec/23
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://seclists.org/fulldisclosure/2014/Dec/23
12
reference_url http://seclists.org/fulldisclosure/2014/May/138
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://seclists.org/fulldisclosure/2014/May/138
13
reference_url http://seclists.org/fulldisclosure/2014/May/140
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://seclists.org/fulldisclosure/2014/May/140
14
reference_url http://secunia.com/advisories/59121
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/59121
15
reference_url http://secunia.com/advisories/59678
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/59678
16
reference_url http://secunia.com/advisories/59732
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/59732
17
reference_url http://secunia.com/advisories/59835
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/59835
18
reference_url http://secunia.com/advisories/59849
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/59849
19
reference_url http://secunia.com/advisories/59873
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/59873
20
reference_url http://secunia.com/advisories/60729
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/60729
21
reference_url http://secunia.com/advisories/60793
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/60793
22
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
23
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
24
reference_url https://github.com/apache/tomcat70/commit/184cdc0d3f03f5737e12d21fff246d7285034597
reference_id
reference_type
scores
url https://github.com/apache/tomcat70/commit/184cdc0d3f03f5737e12d21fff246d7285034597
25
reference_url https://github.com/apache/tomcat80/commit/990de53ab923c126f7402090a4ca53df4bb80cbd
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat80/commit/990de53ab923c126f7402090a4ca53df4bb80cbd
26
reference_url https://github.com/apache/tomcat/commit/184cdc0d3f03f5737e12d21fff246d7285034597
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/184cdc0d3f03f5737e12d21fff246d7285034597
27
reference_url https://github.com/apache/tomcat/commit/fffd63a3bd3a5475379b7c074820a5463b7663b3
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/fffd63a3bd3a5475379b7c074820a5463b7663b3
28
reference_url https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013
29
reference_url https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E
30
reference_url https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E
31
reference_url https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E
32
reference_url https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E
33
reference_url https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E
34
reference_url https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E
35
reference_url https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E
36
reference_url https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E
37
reference_url https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E
38
reference_url https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E
39
reference_url https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E
40
reference_url https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E
41
reference_url https://svn.apache.org/viewvc?view=rev&rev=1578812
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1578812
42
reference_url https://svn.apache.org/viewvc?view=rev&rev=1578814
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1578814
43
reference_url https://svn.apache.org/viewvc?view=rev&rev=1580473
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1580473
44
reference_url http://svn.apache.org/viewvc?view=revision&revision=1578812
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://svn.apache.org/viewvc?view=revision&revision=1578812
45
reference_url http://svn.apache.org/viewvc?view=revision&revision=1578814
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://svn.apache.org/viewvc?view=revision&revision=1578814
46
reference_url http://svn.apache.org/viewvc?view=revision&revision=1580473
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://svn.apache.org/viewvc?view=revision&revision=1580473
47
reference_url http://tomcat.apache.org/security-6.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-6.html
48
reference_url http://tomcat.apache.org/security-7.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-7.html
49
reference_url http://tomcat.apache.org/security-8.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-8.html
50
reference_url http://www-01.ibm.com/support/docview.wss?uid=swg21678231
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www-01.ibm.com/support/docview.wss?uid=swg21678231
51
reference_url http://www-01.ibm.com/support/docview.wss?uid=swg21680603
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www-01.ibm.com/support/docview.wss?uid=swg21680603
52
reference_url http://www-01.ibm.com/support/docview.wss?uid=swg21681528
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www-01.ibm.com/support/docview.wss?uid=swg21681528
53
reference_url http://www.debian.org/security/2016/dsa-3447
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2016/dsa-3447
54
reference_url http://www.debian.org/security/2016/dsa-3530
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2016/dsa-3530
55
reference_url http://www.mandriva.com/security/advisories?name=MDVSA-2015:052
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.mandriva.com/security/advisories?name=MDVSA-2015:052
56
reference_url http://www.mandriva.com/security/advisories?name=MDVSA-2015:053
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.mandriva.com/security/advisories?name=MDVSA-2015:053
57
reference_url http://www.mandriva.com/security/advisories?name=MDVSA-2015:084
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.mandriva.com/security/advisories?name=MDVSA-2015:084
58
reference_url http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
59
reference_url http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
60
reference_url http://www.securityfocus.com/archive/1/532218/100/0/threaded
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/archive/1/532218/100/0/threaded
61
reference_url http://www.securityfocus.com/archive/1/532221/100/0/threaded
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/archive/1/532221/100/0/threaded
62
reference_url http://www.securityfocus.com/archive/1/534161/100/0/threaded
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/archive/1/534161/100/0/threaded
63
reference_url http://www.securityfocus.com/bid/67668
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/67668
64
reference_url http://www.securitytracker.com/id/1030302
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securitytracker.com/id/1030302
65
reference_url http://www.vmware.com/security/advisories/VMSA-2014-0012.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.vmware.com/security/advisories/VMSA-2014-0012.html
66
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1102030
reference_id 1102030
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1102030
67
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0099
reference_id CVE-2014-0099
reference_type
scores
0
value Important
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0099
68
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-0099
reference_id CVE-2014-0099
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-0099
69
reference_url https://github.com/advisories/GHSA-xh5x-j8jf-pcpx
reference_id GHSA-xh5x-j8jf-pcpx
reference_type
scores
url https://github.com/advisories/GHSA-xh5x-j8jf-pcpx
70
reference_url https://security.gentoo.org/glsa/201412-29
reference_id GLSA-201412-29
reference_type
scores
url https://security.gentoo.org/glsa/201412-29
71
reference_url https://access.redhat.com/errata/RHSA-2014:0827
reference_id RHSA-2014:0827
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0827
72
reference_url https://access.redhat.com/errata/RHSA-2014:0833
reference_id RHSA-2014:0833
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0833
73
reference_url https://access.redhat.com/errata/RHSA-2014:0834
reference_id RHSA-2014:0834
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0834
74
reference_url https://access.redhat.com/errata/RHSA-2014:0835
reference_id RHSA-2014:0835
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0835
75
reference_url https://access.redhat.com/errata/RHSA-2014:0836
reference_id RHSA-2014:0836
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0836
76
reference_url https://access.redhat.com/errata/RHSA-2014:0842
reference_id RHSA-2014:0842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0842
77
reference_url https://access.redhat.com/errata/RHSA-2014:0843
reference_id RHSA-2014:0843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0843
78
reference_url https://access.redhat.com/errata/RHSA-2014:0865
reference_id RHSA-2014:0865
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0865
79
reference_url https://access.redhat.com/errata/RHSA-2014:0895
reference_id RHSA-2014:0895
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0895
80
reference_url https://access.redhat.com/errata/RHSA-2014:1149
reference_id RHSA-2014:1149
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1149
81
reference_url https://access.redhat.com/errata/RHSA-2015:0234
reference_id RHSA-2015:0234
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0234
82
reference_url https://access.redhat.com/errata/RHSA-2015:0235
reference_id RHSA-2015:0235
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0235
83
reference_url https://access.redhat.com/errata/RHSA-2015:0675
reference_id RHSA-2015:0675
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0675
84
reference_url https://access.redhat.com/errata/RHSA-2015:0720
reference_id RHSA-2015:0720
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0720
85
reference_url https://access.redhat.com/errata/RHSA-2015:0765
reference_id RHSA-2015:0765
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0765
86
reference_url https://access.redhat.com/errata/RHSA-2015:1009
reference_id RHSA-2015:1009
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1009
87
reference_url https://usn.ubuntu.com/2302-1/
reference_id USN-2302-1
reference_type
scores
url https://usn.ubuntu.com/2302-1/
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat-util@7.0.54
purl pkg:maven/org.apache.tomcat/tomcat-util@7.0.54
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-59dd-qzpt-aucm
1
vulnerability VCID-essq-6syu-6ygm
2
vulnerability VCID-nxb3-55eu-auhp
3
vulnerability VCID-rtmv-qetu-yqfa
4
vulnerability VCID-webw-gryb-7ucv
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-util@7.0.54
1
url pkg:maven/org.apache.tomcat/tomcat-util@8.0.6
purl pkg:maven/org.apache.tomcat/tomcat-util@8.0.6
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-util@8.0.6
2
url pkg:maven/org.apache.tomcat/tomcat-util@8.0.8
purl pkg:maven/org.apache.tomcat/tomcat-util@8.0.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-rtmv-qetu-yqfa
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-util@8.0.8
aliases CVE-2014-0099, GHSA-xh5x-j8jf-pcpx
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nnye-4xbb-kuf5
3
url VCID-nxb3-55eu-auhp
vulnerability_id VCID-nxb3-55eu-auhp
summary 
Cross-site Scripting
The SSI printenv command in Apache Tomcat echoes user provided data without escaping and is, therefore, vulnerable to XSS. SSI is disabled by default. The `printenv` command is intended for debugging and is unlikely to be present in a production website.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00090.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00090.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00054.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00054.html
2
reference_url http://packetstormsecurity.com/files/163457/Apache-Tomcat-9.0.0.M1-Cross-Site-Scripting.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://packetstormsecurity.com/files/163457/Apache-Tomcat-9.0.0.M1-Cross-Site-Scripting.html
3
reference_url https://access.redhat.com/errata/RHSA-2019:3929
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:3929
4
reference_url https://access.redhat.com/errata/RHSA-2019:3931
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:3931
5
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0221.json
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0221.json
6
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-0221
reference_id
reference_type
scores
0
value 0.14481
scoring_system epss
scoring_elements 0.94569
published_at 2026-06-04T12:55:00Z
1
value 0.14481
scoring_system epss
scoring_elements 0.94577
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-0221
7
reference_url http://seclists.org/fulldisclosure/2019/May/50
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://seclists.org/fulldisclosure/2019/May/50
8
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
9
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
10
reference_url https://github.com/apache/tomcat/commit/15fcd166ea2c1bb79e8541b8e1a43da9c452ceea
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/15fcd166ea2c1bb79e8541b8e1a43da9c452ceea
11
reference_url https://github.com/apache/tomcat/commit/44ec74c44dcd05cd7e90967c04d40b51440ecd7e
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/44ec74c44dcd05cd7e90967c04d40b51440ecd7e
12
reference_url https://github.com/apache/tomcat/commit/4fcdf706f3ecf35912a600242f89637f5acb32da
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/4fcdf706f3ecf35912a600242f89637f5acb32da
13
reference_url https://lists.apache.org/thread.html/6e6e9eacf7b28fd63d249711e9d3ccd4e0a83f556e324aee37be5a8c@%3Cannounce.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/6e6e9eacf7b28fd63d249711e9d3ccd4e0a83f556e324aee37be5a8c@%3Cannounce.tomcat.apache.org%3E
14
reference_url https://lists.apache.org/thread.html/6e6e9eacf7b28fd63d249711e9d3ccd4e0a83f556e324aee37be5a8c%40%3Cannounce.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/6e6e9eacf7b28fd63d249711e9d3ccd4e0a83f556e324aee37be5a8c%40%3Cannounce.tomcat.apache.org%3E
15
reference_url https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E
16
reference_url https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d%40%3Cdev.tomcat.apache.org%3E
17
reference_url https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E
18
reference_url https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0%40%3Cdev.tomcat.apache.org%3E
19
reference_url https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9@%3Cdev.tomcat.apache.org%3E
20
reference_url https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9%40%3Cdev.tomcat.apache.org%3E
21
reference_url https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c@%3Cannounce.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c@%3Cannounce.apache.org%3E
22
reference_url https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c%40%3Cannounce.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c%40%3Cannounce.apache.org%3E
23
reference_url https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E
24
reference_url https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E
25
reference_url https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a@%3Cdev.tomcat.apache.org%3E
26
reference_url https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a%40%3Cdev.tomcat.apache.org%3E
27
reference_url https://lists.debian.org/debian-lts-announce/2019/05/msg00044.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2019/05/msg00044.html
28
reference_url https://lists.debian.org/debian-lts-announce/2019/08/msg00015.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2019/08/msg00015.html
29
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NPHQEL5AQ6LZSZD2Y6TYZ4RC3WI7NXJ3
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NPHQEL5AQ6LZSZD2Y6TYZ4RC3WI7NXJ3
30
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQTZ5BJ5F4KV6N53SGNKSW3UY5DBIQ46
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQTZ5BJ5F4KV6N53SGNKSW3UY5DBIQ46
31
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NPHQEL5AQ6LZSZD2Y6TYZ4RC3WI7NXJ3
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NPHQEL5AQ6LZSZD2Y6TYZ4RC3WI7NXJ3
32
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NPHQEL5AQ6LZSZD2Y6TYZ4RC3WI7NXJ3/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NPHQEL5AQ6LZSZD2Y6TYZ4RC3WI7NXJ3/
33
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQTZ5BJ5F4KV6N53SGNKSW3UY5DBIQ46
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQTZ5BJ5F4KV6N53SGNKSW3UY5DBIQ46
34
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQTZ5BJ5F4KV6N53SGNKSW3UY5DBIQ46/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQTZ5BJ5F4KV6N53SGNKSW3UY5DBIQ46/
35
reference_url https://seclists.org/bugtraq/2019/Dec/43
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://seclists.org/bugtraq/2019/Dec/43
36
reference_url https://security.gentoo.org/glsa/202003-43
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202003-43
37
reference_url https://security.netapp.com/advisory/ntap-20190606-0001
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20190606-0001
38
reference_url https://security.netapp.com/advisory/ntap-20190606-0001/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20190606-0001/
39
reference_url https://support.f5.com/csp/article/K13184144?utm_source=f5support&amp%3Butm_medium=RSS
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://support.f5.com/csp/article/K13184144?utm_source=f5support&amp%3Butm_medium=RSS
40
reference_url https://support.f5.com/csp/article/K13184144?utm_source=f5support&utm_medium=RSS
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://support.f5.com/csp/article/K13184144?utm_source=f5support&utm_medium=RSS
41
reference_url https://tomcat.apache.org/security-7.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-7.html
42
reference_url https://tomcat.apache.org/security-8.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-8.html
43
reference_url https://tomcat.apache.org/security-9.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-9.html
44
reference_url https://usn.ubuntu.com/4128-1
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/4128-1
45
reference_url https://usn.ubuntu.com/4128-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/4128-1/
46
reference_url https://usn.ubuntu.com/4128-2
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/4128-2
47
reference_url https://usn.ubuntu.com/4128-2/
reference_id
reference_type
scores
url https://usn.ubuntu.com/4128-2/
48
reference_url https://web.archive.org/web/20200227055048/http://www.securityfocus.com/bid/108545
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200227055048/http://www.securityfocus.com/bid/108545
49
reference_url https://www.debian.org/security/2019/dsa-4596
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2019/dsa-4596
50
reference_url https://www.oracle.com/security-alerts/cpuapr2020.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuapr2020.html
51
reference_url https://www.oracle.com/security-alerts/cpuApr2021.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuApr2021.html
52
reference_url https://www.oracle.com/security-alerts/cpujan2020.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujan2020.html
53
reference_url https://wwws.nightwatchcybersecurity.com/2019/05/27/xss-in-ssi-printenv-command-apache-tomcat-cve-2019-0221
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://wwws.nightwatchcybersecurity.com/2019/05/27/xss-in-ssi-printenv-command-apache-tomcat-cve-2019-0221
54
reference_url https://wwws.nightwatchcybersecurity.com/2019/05/27/xss-in-ssi-printenv-command-apache-tomcat-cve-2019-0221/
reference_id
reference_type
scores
url https://wwws.nightwatchcybersecurity.com/2019/05/27/xss-in-ssi-printenv-command-apache-tomcat-cve-2019-0221/
55
reference_url http://www.securityfocus.com/bid/108545
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/108545
56
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1713275
reference_id 1713275
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1713275
57
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929895
reference_id 929895
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929895
58
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0221
reference_id CVE-2019-0221
reference_type
scores
0
value Low
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0221
59
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/50119.txt
reference_id CVE-2019-0221
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/50119.txt
60
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-0221
reference_id CVE-2019-0221
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-0221
61
reference_url https://github.com/advisories/GHSA-jjpq-gp5q-8q6w
reference_id GHSA-jjpq-gp5q-8q6w
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-jjpq-gp5q-8q6w
62
reference_url https://access.redhat.com/errata/RHSA-2020:0860
reference_id RHSA-2020:0860
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0860
63
reference_url https://access.redhat.com/errata/RHSA-2020:0861
reference_id RHSA-2020:0861
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0861
64
reference_url https://usn.ubuntu.com/6908-1/
reference_id USN-6908-1
reference_type
scores
url https://usn.ubuntu.com/6908-1/
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat-util@7.0.94
purl pkg:maven/org.apache.tomcat/tomcat-util@7.0.94
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-essq-6syu-6ygm
1
vulnerability VCID-webw-gryb-7ucv
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-util@7.0.94
1
url pkg:maven/org.apache.tomcat/tomcat-util@8.5.40
purl pkg:maven/org.apache.tomcat/tomcat-util@8.5.40
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2qhv-x4j1-jqa7
1
vulnerability VCID-essq-6syu-6ygm
2
vulnerability VCID-urhs-6aus-syb1
3
vulnerability VCID-webw-gryb-7ucv
4
vulnerability VCID-xns8-63b5-guf2
5
vulnerability VCID-zba8-2zc4-9qfh
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-util@8.5.40
2
url pkg:maven/org.apache.tomcat/tomcat-util@9.0.19
purl pkg:maven/org.apache.tomcat/tomcat-util@9.0.19
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2qhv-x4j1-jqa7
1
vulnerability VCID-essq-6syu-6ygm
2
vulnerability VCID-urhs-6aus-syb1
3
vulnerability VCID-webw-gryb-7ucv
4
vulnerability VCID-xns8-63b5-guf2
5
vulnerability VCID-zba8-2zc4-9qfh
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-util@9.0.19
aliases CVE-2019-0221, GHSA-jjpq-gp5q-8q6w
risk_score 10.0
exploitability 2.0
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nxb3-55eu-auhp
4
url VCID-rtmv-qetu-yqfa
vulnerability_id VCID-rtmv-qetu-yqfa
summary 
Loop with Unreachable Exit Condition (Infinite Loop)
An improper handling of overflow in the UTF-8 decoder with supplementary characters can lead to an infinite loop in the decoder causing a Denial of Service.
references
0
reference_url http://mail-archives.us.apache.org/mod_mbox/www-announce/201807.mbox/%3C20180722090435.GA60759%40minotaur.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-12T19:28:51Z/
url http://mail-archives.us.apache.org/mod_mbox/www-announce/201807.mbox/%3C20180722090435.GA60759%40minotaur.apache.org%3E
1
reference_url https://access.redhat.com/errata/RHEA-2018:2188
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-12T19:28:51Z/
url https://access.redhat.com/errata/RHEA-2018:2188
2
reference_url https://access.redhat.com/errata/RHEA-2018:2189
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-12T19:28:51Z/
url https://access.redhat.com/errata/RHEA-2018:2189
3
reference_url https://access.redhat.com/errata/RHSA-2018:2700
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-12T19:28:51Z/
url https://access.redhat.com/errata/RHSA-2018:2700
4
reference_url https://access.redhat.com/errata/RHSA-2018:2701
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-12T19:28:51Z/
url https://access.redhat.com/errata/RHSA-2018:2701
5
reference_url https://access.redhat.com/errata/RHSA-2018:2740
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-12T19:28:51Z/
url https://access.redhat.com/errata/RHSA-2018:2740
6
reference_url https://access.redhat.com/errata/RHSA-2018:2741
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-12T19:28:51Z/
url https://access.redhat.com/errata/RHSA-2018:2741
7
reference_url https://access.redhat.com/errata/RHSA-2018:2742
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-12T19:28:51Z/
url https://access.redhat.com/errata/RHSA-2018:2742
8
reference_url https://access.redhat.com/errata/RHSA-2018:2743
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-12T19:28:51Z/
url https://access.redhat.com/errata/RHSA-2018:2743
9
reference_url https://access.redhat.com/errata/RHSA-2018:2921
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-12T19:28:51Z/
url https://access.redhat.com/errata/RHSA-2018:2921
10
reference_url https://access.redhat.com/errata/RHSA-2018:2930
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-12T19:28:51Z/
url https://access.redhat.com/errata/RHSA-2018:2930
11
reference_url https://access.redhat.com/errata/RHSA-2018:2939
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-12T19:28:51Z/
url https://access.redhat.com/errata/RHSA-2018:2939
12
reference_url https://access.redhat.com/errata/RHSA-2018:2945
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-12T19:28:51Z/
url https://access.redhat.com/errata/RHSA-2018:2945
13
reference_url https://access.redhat.com/errata/RHSA-2018:3768
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-12T19:28:51Z/
url https://access.redhat.com/errata/RHSA-2018:3768
14
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1336.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1336.json
15
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-1336
reference_id
reference_type
scores
0
value 0.19427
scoring_system epss
scoring_elements 0.95503
published_at 2026-06-04T12:55:00Z
1
value 0.19427
scoring_system epss
scoring_elements 0.9551
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-1336
16
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
17
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
18
reference_url https://github.com/apache/tomcat80/commit/9e9b7fe1b5732277a26e437f1d32155de6208ef2
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat80/commit/9e9b7fe1b5732277a26e437f1d32155de6208ef2
19
reference_url https://github.com/apache/tomcat/commit/156d76a6afeef440d14044a560d6ad1d029361c4
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/156d76a6afeef440d14044a560d6ad1d029361c4
20
reference_url https://github.com/apache/tomcat/commit/92cd494555598e99dd691712e8ee426a2f9c2e93
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/92cd494555598e99dd691712e8ee426a2f9c2e93
21
reference_url https://github.com/apache/tomcat/commit/e00812b94e5830b2be3de04f4ae4ade38a700074
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/e00812b94e5830b2be3de04f4ae4ade38a700074
22
reference_url https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba@%3Cdev.tomcat.apache.org%3E
23
reference_url https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-12T19:28:51Z/
url https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba%40%3Cdev.tomcat.apache.org%3E
24
reference_url https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E
25
reference_url https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-12T19:28:51Z/
url https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E
26
reference_url https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E
27
reference_url https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-12T19:28:51Z/
url https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E
28
reference_url https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E
29
reference_url https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-12T19:28:51Z/
url https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E
30
reference_url https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb@%3Cdev.tomcat.apache.org%3E
31
reference_url https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-12T19:28:51Z/
url https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb%40%3Cdev.tomcat.apache.org%3E
32
reference_url https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E
33
reference_url https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-12T19:28:51Z/
url https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3E
34
reference_url https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424@%3Cdev.tomcat.apache.org%3E
35
reference_url https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-12T19:28:51Z/
url https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E
36
reference_url https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E
37
reference_url https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-12T19:28:51Z/
url https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a%40%3Cdev.tomcat.apache.org%3E
38
reference_url https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E
39
reference_url https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-12T19:28:51Z/
url https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E
40
reference_url https://lists.apache.org/thread.html/e85e83e9954f169bbb77b44baae5a33d8de878df557bb32b7f793661@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/e85e83e9954f169bbb77b44baae5a33d8de878df557bb32b7f793661@%3Cdev.tomcat.apache.org%3E
41
reference_url https://lists.apache.org/thread.html/e85e83e9954f169bbb77b44baae5a33d8de878df557bb32b7f793661%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-12T19:28:51Z/
url https://lists.apache.org/thread.html/e85e83e9954f169bbb77b44baae5a33d8de878df557bb32b7f793661%40%3Cdev.tomcat.apache.org%3E
42
reference_url https://lists.apache.org/thread.html/eb6efa8d59c45a7a9eff94c4b925467d3b3fec8ba7697f3daa314b04@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/eb6efa8d59c45a7a9eff94c4b925467d3b3fec8ba7697f3daa314b04@%3Cdev.tomcat.apache.org%3E
43
reference_url https://lists.apache.org/thread.html/eb6efa8d59c45a7a9eff94c4b925467d3b3fec8ba7697f3daa314b04%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-12T19:28:51Z/
url https://lists.apache.org/thread.html/eb6efa8d59c45a7a9eff94c4b925467d3b3fec8ba7697f3daa314b04%40%3Cdev.tomcat.apache.org%3E
44
reference_url https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E
45
reference_url https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-12T19:28:51Z/
url https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d%40%3Cdev.tomcat.apache.org%3E
46
reference_url https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E
47
reference_url https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-12T19:28:51Z/
url https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0%40%3Cdev.tomcat.apache.org%3E
48
reference_url https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9@%3Cdev.tomcat.apache.org%3E
49
reference_url https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-12T19:28:51Z/
url https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9%40%3Cdev.tomcat.apache.org%3E
50
reference_url https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E
51
reference_url https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-12T19:28:51Z/
url https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E
52
reference_url https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a@%3Cdev.tomcat.apache.org%3E
53
reference_url https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-12T19:28:51Z/
url https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a%40%3Cdev.tomcat.apache.org%3E
54
reference_url https://lists.debian.org/debian-lts-announce/2018/09/msg00001.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-12T19:28:51Z/
url https://lists.debian.org/debian-lts-announce/2018/09/msg00001.html
55
reference_url https://security.netapp.com/advisory/ntap-20180817-0001
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20180817-0001
56
reference_url https://security.netapp.com/advisory/ntap-20180817-0001/
reference_id
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-12T19:28:51Z/
url https://security.netapp.com/advisory/ntap-20180817-0001/
57
reference_url https://support.f5.com/csp/article/K73008537?utm_source=f5support&amp%3Butm_medium=RSS
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-12T19:28:51Z/
url https://support.f5.com/csp/article/K73008537?utm_source=f5support&amp%3Butm_medium=RSS
58
reference_url https://support.f5.com/csp/article/K73008537?utm_source=f5support&utm_medium=RSS
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://support.f5.com/csp/article/K73008537?utm_source=f5support&utm_medium=RSS
59
reference_url https://svn.apache.org/viewvc?view=rev&rev=1830373
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1830373
60
reference_url https://svn.apache.org/viewvc?view=rev&rev=1830374
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1830374
61
reference_url https://svn.apache.org/viewvc?view=rev&rev=1830375
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1830375
62
reference_url https://svn.apache.org/viewvc?view=rev&rev=1830376
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1830376
63
reference_url https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.88
reference_id
reference_type
scores
url https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.88
64
reference_url https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.53
reference_id
reference_type
scores
url https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.53
65
reference_url https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.31
reference_id
reference_type
scores
url https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.31
66
reference_url https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.8
reference_id
reference_type
scores
url https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.8
67
reference_url https://usn.ubuntu.com/3723-1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/3723-1
68
reference_url https://usn.ubuntu.com/3723-1/
reference_id
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-12T19:28:51Z/
url https://usn.ubuntu.com/3723-1/
69
reference_url https://web.archive.org/web/20190703075545/http://www.securitytracker.com/id/1041375
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20190703075545/http://www.securitytracker.com/id/1041375
70
reference_url https://web.archive.org/web/20200227102810/http://www.securityfocus.com/bid/104898
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200227102810/http://www.securityfocus.com/bid/104898
71
reference_url https://www.debian.org/security/2018/dsa-4281
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-12T19:28:51Z/
url https://www.debian.org/security/2018/dsa-4281
72
reference_url https://www.oracle.com/security-alerts/cpuapr2020.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-12T19:28:51Z/
url https://www.oracle.com/security-alerts/cpuapr2020.html
73
reference_url http://www.securityfocus.com/bid/104898
reference_id
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-12T19:28:51Z/
url http://www.securityfocus.com/bid/104898
74
reference_url http://www.securitytracker.com/id/1041375
reference_id
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-12T19:28:51Z/
url http://www.securitytracker.com/id/1041375
75
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1607591
reference_id 1607591
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1607591
76
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1336
reference_id CVE-2018-1336
reference_type
scores
0
value Important
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1336
77
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-1336
reference_id CVE-2018-1336
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-1336
78
reference_url https://github.com/advisories/GHSA-m59c-jpc8-m2x4
reference_id GHSA-m59c-jpc8-m2x4
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-m59c-jpc8-m2x4
79
reference_url https://usn.ubuntu.com/USN-4791-1/
reference_id USN-USN-4791-1
reference_type
scores
url https://usn.ubuntu.com/USN-4791-1/
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat-util@7.0.88
purl pkg:maven/org.apache.tomcat/tomcat-util@7.0.88
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-59dd-qzpt-aucm
1
vulnerability VCID-essq-6syu-6ygm
2
vulnerability VCID-nxb3-55eu-auhp
3
vulnerability VCID-webw-gryb-7ucv
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-util@7.0.88
1
url pkg:maven/org.apache.tomcat/tomcat-util@8.0.52
purl pkg:maven/org.apache.tomcat/tomcat-util@8.0.52
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-util@8.0.52
2
url pkg:maven/org.apache.tomcat/tomcat-util@8.5.31
purl pkg:maven/org.apache.tomcat/tomcat-util@8.5.31
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1kgu-zupu-tydw
1
vulnerability VCID-2qhv-x4j1-jqa7
2
vulnerability VCID-59dd-qzpt-aucm
3
vulnerability VCID-8xdc-3kn9-b3e6
4
vulnerability VCID-essq-6syu-6ygm
5
vulnerability VCID-nxb3-55eu-auhp
6
vulnerability VCID-urhs-6aus-syb1
7
vulnerability VCID-webw-gryb-7ucv
8
vulnerability VCID-xns8-63b5-guf2
9
vulnerability VCID-zba8-2zc4-9qfh
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-util@8.5.31
3
url pkg:maven/org.apache.tomcat/tomcat-util@9.0.8
purl pkg:maven/org.apache.tomcat/tomcat-util@9.0.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1kgu-zupu-tydw
1
vulnerability VCID-2qhv-x4j1-jqa7
2
vulnerability VCID-59dd-qzpt-aucm
3
vulnerability VCID-8xdc-3kn9-b3e6
4
vulnerability VCID-essq-6syu-6ygm
5
vulnerability VCID-nxb3-55eu-auhp
6
vulnerability VCID-urhs-6aus-syb1
7
vulnerability VCID-webw-gryb-7ucv
8
vulnerability VCID-xns8-63b5-guf2
9
vulnerability VCID-zba8-2zc4-9qfh
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-util@9.0.8
aliases CVE-2018-1336, GHSA-m59c-jpc8-m2x4
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rtmv-qetu-yqfa
5
url VCID-webw-gryb-7ucv
vulnerability_id VCID-webw-gryb-7ucv
summary 
Inconsistent Interpretation of HTTP Requests (HTTP Request Smuggling)
In Apache Tomcat M1 to to to the HTTP header parsing code used an approach to end-of-line parsing that allowed some invalid HTTP headers to be parsed as valid. This led to a possibility of HTTP Request Smuggling if Tomcat was located behind a reverse proxy that incorrectly handled the invalid Transfer-Encoding header in a particular manner. Such a reverse proxy is considered unlikely.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00025.html
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00025.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1935.json
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1935.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-1935
reference_id
reference_type
scores
0
value 0.01382
scoring_system epss
scoring_elements 0.80638
published_at 2026-06-04T12:55:00Z
1
value 0.01382
scoring_system epss
scoring_elements 0.80664
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-1935
3
reference_url https://github.com/apache/tomcat/commit/702bf15bea292915684d931526d95d4990b2e73d
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/702bf15bea292915684d931526d95d4990b2e73d
4
reference_url https://github.com/apache/tomcat/commit/8bfb0ff7f25fe7555a5eb2f7984f73546c11aa26
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/8bfb0ff7f25fe7555a5eb2f7984f73546c11aa26
5
reference_url https://github.com/apache/tomcat/commit/8fbe2e962f0ea138d92361921643fe5abe0c4f56
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/8fbe2e962f0ea138d92361921643fe5abe0c4f56
6
reference_url https://lists.apache.org/thread.html/r127f76181aceffea2bd4711b03c595d0f115f63e020348fe925a916c%40%3Cannounce.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r127f76181aceffea2bd4711b03c595d0f115f63e020348fe925a916c%40%3Cannounce.tomcat.apache.org%3E
7
reference_url https://lists.apache.org/thread.html/r441c1f30a252bf14b07396286f6abd8089ce4240e91323211f1a2d75@%3Cusers.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r441c1f30a252bf14b07396286f6abd8089ce4240e91323211f1a2d75@%3Cusers.tomcat.apache.org%3E
8
reference_url https://lists.apache.org/thread.html/r660cd379afe346f10d72c0eaa8459ccc95d83aff181671b7e9076919@%3Cusers.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r660cd379afe346f10d72c0eaa8459ccc95d83aff181671b7e9076919@%3Cusers.tomcat.apache.org%3E
9
reference_url https://lists.apache.org/thread.html/r7bc994c965a34876bd94d5ff15b4e1e30b6220a15eb9b47c81915b78@%3Ccommits.tomee.apache.org%3E
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r7bc994c965a34876bd94d5ff15b4e1e30b6220a15eb9b47c81915b78@%3Ccommits.tomee.apache.org%3E
10
reference_url https://lists.apache.org/thread.html/r80e9c8417c77d52c62809168b96912bda70ddf7748f19f8210f745b1@%3Cusers.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r80e9c8417c77d52c62809168b96912bda70ddf7748f19f8210f745b1@%3Cusers.tomcat.apache.org%3E
11
reference_url https://lists.apache.org/thread.html/r9ce7918faf347e7aac32be930bf26c233b0b140fe37af0bb294158b6@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r9ce7918faf347e7aac32be930bf26c233b0b140fe37af0bb294158b6@%3Cdev.tomcat.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/ra5dee390ad2d60307b8362505c059cd6a726de4d146d63dfce1e05e7@%3Cusers.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/ra5dee390ad2d60307b8362505c059cd6a726de4d146d63dfce1e05e7@%3Cusers.tomcat.apache.org%3E
13
reference_url https://lists.apache.org/thread.html/rc31cbabb46cdc58bbdd8519a8f64b6236b2635a3922bbeba0f0e3743@%3Ccommits.tomee.apache.org%3E
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rc31cbabb46cdc58bbdd8519a8f64b6236b2635a3922bbeba0f0e3743@%3Ccommits.tomee.apache.org%3E
14
reference_url https://lists.apache.org/thread.html/rd547be0c9d821b4b1000a694b8e58ef9f5e2d66db03a31dfe77c4b18@%3Cusers.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rd547be0c9d821b4b1000a694b8e58ef9f5e2d66db03a31dfe77c4b18@%3Cusers.tomcat.apache.org%3E
15
reference_url https://lists.debian.org/debian-lts-announce/2020/03/msg00006.html
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2020/03/msg00006.html
16
reference_url https://lists.debian.org/debian-lts-announce/2020/05/msg00026.html
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2020/05/msg00026.html
17
reference_url https://security.netapp.com/advisory/ntap-20200327-0005
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20200327-0005
18
reference_url https://security.netapp.com/advisory/ntap-20200327-0005/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20200327-0005/
19
reference_url https://usn.ubuntu.com/4448-1
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/4448-1
20
reference_url https://usn.ubuntu.com/4448-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/4448-1/
21
reference_url https://www.debian.org/security/2020/dsa-4673
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2020/dsa-4673
22
reference_url https://www.debian.org/security/2020/dsa-4680
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2020/dsa-4680
23
reference_url https://www.oracle.com/security-alerts/cpujan2021.html
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujan2021.html
24
reference_url https://www.oracle.com/security-alerts/cpujul2020.html
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujul2020.html
25
reference_url https://www.oracle.com/security-alerts/cpuoct2020.html
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuoct2020.html
26
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1806835
reference_id 1806835
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1806835
27
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1935
reference_id CVE-2020-1935
reference_type
scores
0
value Low
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1935
28
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-1935
reference_id CVE-2020-1935
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-1935
29
reference_url https://github.com/advisories/GHSA-qxf4-chvg-4r8r
reference_id GHSA-qxf4-chvg-4r8r
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-qxf4-chvg-4r8r
30
reference_url https://access.redhat.com/errata/RHSA-2020:1520
reference_id RHSA-2020:1520
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1520
31
reference_url https://access.redhat.com/errata/RHSA-2020:1521
reference_id RHSA-2020:1521
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1521
32
reference_url https://access.redhat.com/errata/RHSA-2020:2367
reference_id RHSA-2020:2367
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2367
33
reference_url https://access.redhat.com/errata/RHSA-2020:3303
reference_id RHSA-2020:3303
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3303
34
reference_url https://access.redhat.com/errata/RHSA-2020:3305
reference_id RHSA-2020:3305
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3305
35
reference_url https://access.redhat.com/errata/RHSA-2020:4847
reference_id RHSA-2020:4847
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4847
36
reference_url https://access.redhat.com/errata/RHSA-2020:5020
reference_id RHSA-2020:5020
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:5020
37
reference_url https://access.redhat.com/errata/RHSA-2021:0882
reference_id RHSA-2021:0882
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0882
38
reference_url https://access.redhat.com/errata/RHSA-2021:1030
reference_id RHSA-2021:1030
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:1030
39
reference_url https://access.redhat.com/errata/RHSA-2021:3140
reference_id RHSA-2021:3140
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3140
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat-util@7.0.100
purl pkg:maven/org.apache.tomcat/tomcat-util@7.0.100
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-essq-6syu-6ygm
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-util@7.0.100
1
url pkg:maven/org.apache.tomcat/tomcat-util@8.5.51
purl pkg:maven/org.apache.tomcat/tomcat-util@8.5.51
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2qhv-x4j1-jqa7
1
vulnerability VCID-essq-6syu-6ygm
2
vulnerability VCID-urhs-6aus-syb1
3
vulnerability VCID-zba8-2zc4-9qfh
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-util@8.5.51
2
url pkg:maven/org.apache.tomcat/tomcat-util@9.0.31
purl pkg:maven/org.apache.tomcat/tomcat-util@9.0.31
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2qhv-x4j1-jqa7
1
vulnerability VCID-essq-6syu-6ygm
2
vulnerability VCID-urhs-6aus-syb1
3
vulnerability VCID-zba8-2zc4-9qfh
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-util@9.0.31
aliases CVE-2020-1935, GHSA-qxf4-chvg-4r8r
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-webw-gryb-7ucv
Fixing_vulnerabilities
Risk_score10.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-util@7.0.22