Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.0.0-RC5
Typemaven
Namespaceorg.apache.tomcat.embed
Nametomcat-embed-core
Version8.0.0-RC5
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version9.0.107
Latest_non_vulnerable_version11.0.21
Affected_by_vulnerabilities
0
url VCID-2sr7-c3j5-cfhg
vulnerability_id VCID-2sr7-c3j5-cfhg
summary java/org/apache/coyote/ajp/AbstractAjpProcessor.java in Apache Tomcat 8.x before 8.0.4 allows remote attackers to cause a denial of service (thread consumption) by using a "Content-Length: 0" AJP request to trigger a hang in request processing.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0095.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0095.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-0095
reference_id
reference_type
scores
0
value 0.09656
scoring_system epss
scoring_elements 0.92874
published_at 2026-04-01T12:55:00Z
1
value 0.09656
scoring_system epss
scoring_elements 0.92913
published_at 2026-04-18T12:55:00Z
2
value 0.09656
scoring_system epss
scoring_elements 0.92911
published_at 2026-04-16T12:55:00Z
3
value 0.09656
scoring_system epss
scoring_elements 0.929
published_at 2026-04-12T12:55:00Z
4
value 0.09656
scoring_system epss
scoring_elements 0.92901
published_at 2026-04-13T12:55:00Z
5
value 0.09656
scoring_system epss
scoring_elements 0.92897
published_at 2026-04-09T12:55:00Z
6
value 0.09656
scoring_system epss
scoring_elements 0.92892
published_at 2026-04-08T12:55:00Z
7
value 0.09656
scoring_system epss
scoring_elements 0.92884
published_at 2026-04-07T12:55:00Z
8
value 0.09656
scoring_system epss
scoring_elements 0.92886
published_at 2026-04-04T12:55:00Z
9
value 0.09656
scoring_system epss
scoring_elements 0.92882
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-0095
2
reference_url http://seclists.org/fulldisclosure/2014/May/134
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://seclists.org/fulldisclosure/2014/May/134
3
reference_url http://secunia.com/advisories/59873
reference_id
reference_type
scores
url http://secunia.com/advisories/59873
4
reference_url http://secunia.com/advisories/60729
reference_id
reference_type
scores
url http://secunia.com/advisories/60729
5
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
6
reference_url https://github.com/apache/tomcat80/commit/77590c897f0e542fe363d70efdf3b82209510aee
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat80/commit/77590c897f0e542fe363d70efdf3b82209510aee
7
reference_url https://github.com/apache/tomcat/commit/8884dae60ace77a87ed9385442ce429e98c3a479
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/8884dae60ace77a87ed9385442ce429e98c3a479
8
reference_url https://svn.apache.org/viewvc?view=rev&rev=1578392
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1578392
9
reference_url http://svn.apache.org/viewvc?view=revision&revision=1578392
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://svn.apache.org/viewvc?view=revision&revision=1578392
10
reference_url https://web.archive.org/web/20140713043210/http://www.securitytracker.com/id/1030300
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20140713043210/http://www.securitytracker.com/id/1030300
11
reference_url https://web.archive.org/web/20141126170141/http://www.securityfocus.com/bid/67673
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20141126170141/http://www.securityfocus.com/bid/67673
12
reference_url https://web.archive.org/web/20151017043748/http://secunia.com/advisories/60729
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20151017043748/http://secunia.com/advisories/60729
13
reference_url https://web.archive.org/web/20161024215453/http://secunia.com/advisories/59873
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20161024215453/http://secunia.com/advisories/59873
14
reference_url http://tomcat.apache.org/security-8.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-8.html
15
reference_url http://www-01.ibm.com/support/docview.wss?uid=swg21678231
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www-01.ibm.com/support/docview.wss?uid=swg21678231
16
reference_url http://www-01.ibm.com/support/docview.wss?uid=swg21681528
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www-01.ibm.com/support/docview.wss?uid=swg21681528
17
reference_url http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html
18
reference_url http://www.securityfocus.com/bid/67673
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/67673
19
reference_url http://www.securitytracker.com/id/1030300
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1030300
20
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1103804
reference_id 1103804
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1103804
21
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0095
reference_id CVE-2014-0095
reference_type
scores
0
value Important
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0095
22
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-0095
reference_id CVE-2014-0095
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-0095
23
reference_url https://github.com/advisories/GHSA-wf5v-jhxj-q632
reference_id GHSA-wf5v-jhxj-q632
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-wf5v-jhxj-q632
fixed_packages
0
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.0.4
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.0.4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.0.4
1
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.0.5
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.0.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-18q4-zark-s7a7
1
vulnerability VCID-dzpn-w4b3-vbcm
2
vulnerability VCID-e7kd-kk57-mkd6
3
vulnerability VCID-fyfz-6tr5-2fc7
4
vulnerability VCID-hmbm-5ysw-77bu
5
vulnerability VCID-hves-r5bg-yfes
6
vulnerability VCID-ruuh-g3fa-m7d8
7
vulnerability VCID-yfx4-4gsc-2kgh
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.0.5
aliases CVE-2014-0095, GHSA-wf5v-jhxj-q632
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2sr7-c3j5-cfhg
1
url VCID-e7kd-kk57-mkd6
vulnerability_id VCID-e7kd-kk57-mkd6
summary A Incorrect Default Permissions vulnerability in the packaging of tomcat on SUSE Enterprise Storage 5, SUSE Linux Enterprise Server 12-SP2-BCL, SUSE Linux Enterprise Server 12-SP2-LTSS, SUSE Linux Enterprise Server 12-SP3-BCL, SUSE Linux Enterprise Server 12-SP3-LTSS, SUSE Linux Enterprise Server 12-SP4, SUSE Linux Enterprise Server 12-SP5, SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP 12-SP2, SUSE Linux Enterprise Server for SAP 12-SP3, SUSE Linux Enterprise Server for SAP 15, SUSE OpenStack Cloud 7, SUSE OpenStack Cloud 8, SUSE OpenStack Cloud Crowbar 8 allows local attackers to escalate from group tomcat to root. This issue affects: SUSE Enterprise Storage 5 tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server 12-SP2-BCL tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server 12-SP2-LTSS tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server 12-SP3-BCL tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server 12-SP3-LTSS tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server 12-SP4 tomcat versions prior to 9.0.35-3.39.1. SUSE Linux Enterprise Server 12-SP5 tomcat versions prior to 9.0.35-3.39.1. SUSE Linux Enterprise Server 15-LTSS tomcat versions prior to 9.0.35-3.57.3. SUSE Linux Enterprise Server for SAP 12-SP2 tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server for SAP 12-SP3 tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server for SAP 15 tomcat versions prior to 9.0.35-3.57.3. SUSE OpenStack Cloud 7 tomcat versions prior to 8.0.53-29.32.1. SUSE OpenStack Cloud 8 tomcat versions prior to 8.0.53-29.32.1. SUSE OpenStack Cloud Crowbar 8 tomcat versions prior to 8.0.53-29.32.1.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00066.html
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00066.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8022.json
reference_id
reference_type
scores
0
value 7.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8022.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-8022
reference_id
reference_type
scores
0
value 0.00187
scoring_system epss
scoring_elements 0.40547
published_at 2026-04-18T12:55:00Z
1
value 0.00187
scoring_system epss
scoring_elements 0.40476
published_at 2026-04-01T12:55:00Z
2
value 0.00187
scoring_system epss
scoring_elements 0.40556
published_at 2026-04-02T12:55:00Z
3
value 0.00187
scoring_system epss
scoring_elements 0.40583
published_at 2026-04-04T12:55:00Z
4
value 0.00187
scoring_system epss
scoring_elements 0.40505
published_at 2026-04-07T12:55:00Z
5
value 0.00187
scoring_system epss
scoring_elements 0.40555
published_at 2026-04-08T12:55:00Z
6
value 0.00187
scoring_system epss
scoring_elements 0.40566
published_at 2026-04-09T12:55:00Z
7
value 0.00187
scoring_system epss
scoring_elements 0.40586
published_at 2026-04-11T12:55:00Z
8
value 0.00187
scoring_system epss
scoring_elements 0.40549
published_at 2026-04-12T12:55:00Z
9
value 0.00187
scoring_system epss
scoring_elements 0.4053
published_at 2026-04-13T12:55:00Z
10
value 0.00187
scoring_system epss
scoring_elements 0.40578
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-8022
3
reference_url https://bugzilla.suse.com/show_bug.cgi?id=1172405
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.suse.com/show_bug.cgi?id=1172405
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://lists.apache.org/thread.html/r393d4f431683e99c839b4aed68f720b8583bca6c35cd84adccaa02be@%3Cjava-dev.axis.apache.org%3E
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r393d4f431683e99c839b4aed68f720b8583bca6c35cd84adccaa02be@%3Cjava-dev.axis.apache.org%3E
6
reference_url https://lists.apache.org/thread.html/r5be80ba868a11a1f64e4922399f171b8619bca4bc2039f79cf913928@%3Cjava-dev.axis.apache.org%3E
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r5be80ba868a11a1f64e4922399f171b8619bca4bc2039f79cf913928@%3Cjava-dev.axis.apache.org%3E
7
reference_url https://lists.apache.org/thread.html/ra87ec20a0f4b226c81c7eed27e5d7433ccdc41e61a8da408a45f0fa1@%3Cusers.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/ra87ec20a0f4b226c81c7eed27e5d7433ccdc41e61a8da408a45f0fa1@%3Cusers.tomcat.apache.org%3E
8
reference_url https://lists.apache.org/thread.html/rf50d02409e5732c4ee37f19a193af171251a25a652599ce3c2bc69e7@%3Cusers.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rf50d02409e5732c4ee37f19a193af171251a25a652599ce3c2bc69e7@%3Cusers.tomcat.apache.org%3E
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1852863
reference_id 1852863
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1852863
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-8022
reference_id CVE-2020-8022
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-8022
11
reference_url https://github.com/advisories/GHSA-gc58-v8h3-x2gr
reference_id GHSA-gc58-v8h3-x2gr
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-gc58-v8h3-x2gr
fixed_packages
0
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.0.53
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.0.53
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-dzpn-w4b3-vbcm
1
vulnerability VCID-ruuh-g3fa-m7d8
2
vulnerability VCID-yfx4-4gsc-2kgh
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.0.53
1
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.35
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.35
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-46bv-6b7y-3bca
1
vulnerability VCID-a8gk-n8bq-87cp
2
vulnerability VCID-dy6m-zt6r-9ubd
3
vulnerability VCID-dzan-r49k-kqab
4
vulnerability VCID-fpgj-82wf-ykbw
5
vulnerability VCID-j6cj-ftyd-3ffa
6
vulnerability VCID-j8tk-s915-pbfy
7
vulnerability VCID-kwab-3s4q-eka4
8
vulnerability VCID-n3ab-nk7c-hqc9
9
vulnerability VCID-nmq2-8ysj-4fbc
10
vulnerability VCID-p8q2-pt96-5ye8
11
vulnerability VCID-qkx6-32cj-jfbp
12
vulnerability VCID-ran8-rnqn-tkbc
13
vulnerability VCID-t2ne-75ck-eqcr
14
vulnerability VCID-v7tp-1t4h-zqeg
15
vulnerability VCID-vsdf-4tfj-uybe
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.35
aliases CVE-2020-8022, GHSA-gc58-v8h3-x2gr
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e7kd-kk57-mkd6
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.0.0-RC5