Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:apache/tomcat@10.1.41
Typeapache
Namespace
Nametomcat
Version10.1.41
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version10.1.45
Latest_non_vulnerable_version11.0.22
Affected_by_vulnerabilities
0
url VCID-1fr1-b1h1-zqcz
vulnerability_id VCID-1fr1-b1h1-zqcz
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-48988.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-48988.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-48988
reference_id
reference_type
scores
0
value 0.00759
scoring_system epss
scoring_elements 0.73765
published_at 2026-06-11T12:55:00Z
1
value 0.00759
scoring_system epss
scoring_elements 0.73854
published_at 2026-06-14T12:55:00Z
2
value 0.00759
scoring_system epss
scoring_elements 0.73856
published_at 2026-06-13T12:55:00Z
3
value 0.00759
scoring_system epss
scoring_elements 0.7384
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-48988
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
4
reference_url https://github.com/apache/tomcat/commit/2b0ab14fb55d4edc896e5f1817f2ab76f714ae5e
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/2b0ab14fb55d4edc896e5f1817f2ab76f714ae5e
5
reference_url https://github.com/apache/tomcat/commit/cdde8e655bc1c5c60a07efd216251d77c52fd7f6
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/cdde8e655bc1c5c60a07efd216251d77c52fd7f6
6
reference_url https://github.com/apache/tomcat/commit/ee8042ffce4cb9324dfd79efda5984f37bbb6910
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/ee8042ffce4cb9324dfd79efda5984f37bbb6910
7
reference_url https://lists.debian.org/debian-lts-announce/2025/07/msg00009.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2025/07/msg00009.html
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-48988
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-48988
9
reference_url https://tomcat.apache.org/security-10.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-10.html
10
reference_url https://tomcat.apache.org/security-11.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-11.html
11
reference_url https://tomcat.apache.org/security-9.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-9.html
12
reference_url http://www.openwall.com/lists/oss-security/2025/06/16/1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2025/06/16/1
13
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108116
reference_id 1108116
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108116
14
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108117
reference_id 1108117
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108117
15
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2373015
reference_id 2373015
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2373015
16
reference_url https://security.archlinux.org/AVG-2888
reference_id AVG-2888
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2888
17
reference_url https://security.archlinux.org/AVG-2889
reference_id AVG-2889
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2889
18
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48988
reference_id CVE-2025-48988
reference_type
scores
0
value Important
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48988
19
reference_url https://github.com/advisories/GHSA-h3gc-qfqq-6h8f
reference_id GHSA-h3gc-qfqq-6h8f
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-h3gc-qfqq-6h8f
20
reference_url https://lists.apache.org/thread/nzkqsok8t42qofgqfmck536mtyzygp18
reference_id nzkqsok8t42qofgqfmck536mtyzygp18
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-17T18:20:54Z/
url https://lists.apache.org/thread/nzkqsok8t42qofgqfmck536mtyzygp18
21
reference_url https://access.redhat.com/errata/RHSA-2025:11695
reference_id RHSA-2025:11695
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:11695
22
reference_url https://access.redhat.com/errata/RHSA-2025:11696
reference_id RHSA-2025:11696
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:11696
23
reference_url https://access.redhat.com/errata/RHSA-2025:11741
reference_id RHSA-2025:11741
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:11741
24
reference_url https://access.redhat.com/errata/RHSA-2025:11742
reference_id RHSA-2025:11742
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:11742
25
reference_url https://access.redhat.com/errata/RHSA-2025:14177
reference_id RHSA-2025:14177
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:14177
26
reference_url https://access.redhat.com/errata/RHSA-2025:14178
reference_id RHSA-2025:14178
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:14178
27
reference_url https://access.redhat.com/errata/RHSA-2025:14179
reference_id RHSA-2025:14179
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:14179
28
reference_url https://access.redhat.com/errata/RHSA-2025:14180
reference_id RHSA-2025:14180
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:14180
29
reference_url https://access.redhat.com/errata/RHSA-2025:14181
reference_id RHSA-2025:14181
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:14181
30
reference_url https://access.redhat.com/errata/RHSA-2025:14182
reference_id RHSA-2025:14182
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:14182
31
reference_url https://access.redhat.com/errata/RHSA-2025:14183
reference_id RHSA-2025:14183
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:14183
fixed_packages
0
url pkg:apache/tomcat@10.1.42
purl pkg:apache/tomcat@10.1.42
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4md2-vchu-3bgx
1
vulnerability VCID-vwn1-fgjk-p7bz
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@10.1.42
1
url pkg:apache/tomcat@11.0.8
purl pkg:apache/tomcat@11.0.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4md2-vchu-3bgx
1
vulnerability VCID-vwn1-fgjk-p7bz
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@11.0.8
aliases CVE-2025-48988, GHSA-h3gc-qfqq-6h8f
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1fr1-b1h1-zqcz
1
url VCID-a463-td75-3bhf
vulnerability_id VCID-a463-td75-3bhf
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-49125.json
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-49125.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-49125
reference_id
reference_type
scores
0
value 0.00189
scoring_system epss
scoring_elements 0.40649
published_at 2026-06-11T12:55:00Z
1
value 0.00189
scoring_system epss
scoring_elements 0.40827
published_at 2026-06-14T12:55:00Z
2
value 0.00189
scoring_system epss
scoring_elements 0.4084
published_at 2026-06-13T12:55:00Z
3
value 0.00189
scoring_system epss
scoring_elements 0.40817
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-49125
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
4
reference_url https://github.com/apache/tomcat/commit/7617b9c247bc77ed0444dd69adcd8aa48777886c
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/7617b9c247bc77ed0444dd69adcd8aa48777886c
5
reference_url https://github.com/apache/tomcat/commit/9418e3ff9f1f4c006b4661311ae9376c52d162b9
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/9418e3ff9f1f4c006b4661311ae9376c52d162b9
6
reference_url https://github.com/apache/tomcat/commit/d94bd36fb7eb32e790dae0339bc249069649a637
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/d94bd36fb7eb32e790dae0339bc249069649a637
7
reference_url https://lists.debian.org/debian-lts-announce/2025/07/msg00009.html
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2025/07/msg00009.html
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-49125
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-49125
9
reference_url https://tomcat.apache.org/security-10.html
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-10.html
10
reference_url https://tomcat.apache.org/security-11.html
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-11.html
11
reference_url https://tomcat.apache.org/security-9.html
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-9.html
12
reference_url http://www.openwall.com/lists/oss-security/2025/06/16/2
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2025/06/16/2
13
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108114
reference_id 1108114
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108114
14
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108115
reference_id 1108115
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108115
15
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2373018
reference_id 2373018
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2373018
16
reference_url https://security.archlinux.org/AVG-2888
reference_id AVG-2888
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2888
17
reference_url https://security.archlinux.org/AVG-2889
reference_id AVG-2889
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2889
18
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49125
reference_id CVE-2025-49125
reference_type
scores
0
value Moderate
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49125
19
reference_url https://github.com/advisories/GHSA-wc4r-xq3c-5cf3
reference_id GHSA-wc4r-xq3c-5cf3
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-wc4r-xq3c-5cf3
20
reference_url https://lists.apache.org/thread/m66cytbfrty9k7dc4cg6tl1czhsnbywk
reference_id m66cytbfrty9k7dc4cg6tl1czhsnbywk
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:06:30Z/
url https://lists.apache.org/thread/m66cytbfrty9k7dc4cg6tl1czhsnbywk
21
reference_url https://access.redhat.com/errata/RHSA-2025:11695
reference_id RHSA-2025:11695
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:11695
22
reference_url https://access.redhat.com/errata/RHSA-2025:11696
reference_id RHSA-2025:11696
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:11696
23
reference_url https://access.redhat.com/errata/RHSA-2025:11741
reference_id RHSA-2025:11741
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:11741
24
reference_url https://access.redhat.com/errata/RHSA-2025:11742
reference_id RHSA-2025:11742
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:11742
25
reference_url https://access.redhat.com/errata/RHSA-2025:14177
reference_id RHSA-2025:14177
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:14177
26
reference_url https://access.redhat.com/errata/RHSA-2025:14178
reference_id RHSA-2025:14178
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:14178
27
reference_url https://access.redhat.com/errata/RHSA-2025:14179
reference_id RHSA-2025:14179
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:14179
28
reference_url https://access.redhat.com/errata/RHSA-2025:14180
reference_id RHSA-2025:14180
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:14180
29
reference_url https://access.redhat.com/errata/RHSA-2025:14181
reference_id RHSA-2025:14181
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:14181
30
reference_url https://access.redhat.com/errata/RHSA-2025:14182
reference_id RHSA-2025:14182
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:14182
31
reference_url https://access.redhat.com/errata/RHSA-2025:14183
reference_id RHSA-2025:14183
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:14183
fixed_packages
0
url pkg:apache/tomcat@10.1.42
purl pkg:apache/tomcat@10.1.42
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4md2-vchu-3bgx
1
vulnerability VCID-vwn1-fgjk-p7bz
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@10.1.42
1
url pkg:apache/tomcat@11.0.8
purl pkg:apache/tomcat@11.0.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4md2-vchu-3bgx
1
vulnerability VCID-vwn1-fgjk-p7bz
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@11.0.8
aliases CVE-2025-49125, GHSA-wc4r-xq3c-5cf3
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a463-td75-3bhf
2
url VCID-d4m6-nran-5ydj
vulnerability_id VCID-d4m6-nran-5ydj
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-55668.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-55668.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-55668
reference_id
reference_type
scores
0
value 0.00053
scoring_system epss
scoring_elements 0.16987
published_at 2026-06-12T12:55:00Z
1
value 0.00053
scoring_system epss
scoring_elements 0.16973
published_at 2026-06-14T12:55:00Z
2
value 0.00053
scoring_system epss
scoring_elements 0.16999
published_at 2026-06-13T12:55:00Z
3
value 0.00053
scoring_system epss
scoring_elements 0.1683
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-55668
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
4
reference_url https://github.com/apache/tomcat/commit/8621e4c6ba2c916a41eb34cb0f781171ead33fb6
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/8621e4c6ba2c916a41eb34cb0f781171ead33fb6
5
reference_url https://github.com/apache/tomcat/commit/90306d971bb8b8393336d893644124fb2ca11d21
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/90306d971bb8b8393336d893644124fb2ca11d21
6
reference_url https://github.com/apache/tomcat/commit/9c3673ba04009377cb0c81ccb6cf5078aec1aa95
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/9c3673ba04009377cb0c81ccb6cf5078aec1aa95
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-55668
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-55668
8
reference_url https://tomcat.apache.org/security-10.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-10.html
9
reference_url https://tomcat.apache.org/security-11.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-11.html
10
reference_url https://tomcat.apache.org/security-9.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-9.html
11
reference_url http://www.openwall.com/lists/oss-security/2025/08/13/3
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2025/08/13/3
12
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1111098
reference_id 1111098
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1111098
13
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1111099
reference_id 1111099
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1111099
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2388226
reference_id 2388226
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2388226
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-55668
reference_id CVE-2025-55668
reference_type
scores
0
value Moderate
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-55668
16
reference_url https://github.com/advisories/GHSA-23hv-mwm6-g8jf
reference_id GHSA-23hv-mwm6-g8jf
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-23hv-mwm6-g8jf
17
reference_url https://access.redhat.com/errata/RHSA-2026:18536
reference_id RHSA-2026:18536
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:18536
18
reference_url https://access.redhat.com/errata/RHSA-2026:18537
reference_id RHSA-2026:18537
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:18537
19
reference_url https://access.redhat.com/errata/RHSA-2026:18916
reference_id RHSA-2026:18916
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:18916
20
reference_url https://access.redhat.com/errata/RHSA-2026:2740
reference_id RHSA-2026:2740
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2740
21
reference_url https://access.redhat.com/errata/RHSA-2026:2741
reference_id RHSA-2026:2741
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2741
22
reference_url https://access.redhat.com/errata/RHSA-2026:6569
reference_id RHSA-2026:6569
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6569
23
reference_url https://access.redhat.com/errata/RHSA-2026:8334
reference_id RHSA-2026:8334
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8334
24
reference_url https://lists.apache.org/thread/v6bknr96rl7l1qxkl1c03v0qdvbbqs47
reference_id v6bknr96rl7l1qxkl1c03v0qdvbbqs47
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-13T13:38:12Z/
url https://lists.apache.org/thread/v6bknr96rl7l1qxkl1c03v0qdvbbqs47
fixed_packages
0
url pkg:apache/tomcat@10.1.42
purl pkg:apache/tomcat@10.1.42
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4md2-vchu-3bgx
1
vulnerability VCID-vwn1-fgjk-p7bz
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@10.1.42
1
url pkg:apache/tomcat@11.0.8
purl pkg:apache/tomcat@11.0.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4md2-vchu-3bgx
1
vulnerability VCID-vwn1-fgjk-p7bz
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@11.0.8
aliases CVE-2025-55668, GHSA-23hv-mwm6-g8jf
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d4m6-nran-5ydj
3
url VCID-dyrd-71bh-v7fs
vulnerability_id VCID-dyrd-71bh-v7fs
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-49124
reference_id
reference_type
scores
0
value 0.00175
scoring_system epss
scoring_elements 0.38914
published_at 2026-06-12T12:55:00Z
1
value 0.00175
scoring_system epss
scoring_elements 0.38928
published_at 2026-06-14T12:55:00Z
2
value 0.00175
scoring_system epss
scoring_elements 0.38937
published_at 2026-06-13T12:55:00Z
3
value 0.00175
scoring_system epss
scoring_elements 0.38742
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-49124
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
3
reference_url https://github.com/apache/tomcat/commit/28726cc2e63bed68771f5eb0f65a78dc7080571823
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/28726cc2e63bed68771f5eb0f65a78dc7080571823
4
reference_url https://github.com/apache/tomcat/commit/c56456cda8151c9504dfb7985700824559d769a7
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/c56456cda8151c9504dfb7985700824559d769a7
5
reference_url https://github.com/apache/tomcat/commit/e0e07812224d327a321babb554f5a5758d30cc49
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/e0e07812224d327a321babb554f5a5758d30cc49
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-49124
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-49124
7
reference_url https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.42
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.42
8
reference_url https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.8
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.8
9
reference_url https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.106
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.106
10
reference_url http://www.openwall.com/lists/oss-security/2025/06/16/3
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2025/06/16/3
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49124
reference_id CVE-2025-49124
reference_type
scores
0
value Low
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49124
12
reference_url https://github.com/advisories/GHSA-42wg-hm62-jcwg
reference_id GHSA-42wg-hm62-jcwg
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-42wg-hm62-jcwg
13
reference_url https://lists.apache.org/thread/lnow7tt2j6hb9kcpkggx32ht6o90vqzv
reference_id lnow7tt2j6hb9kcpkggx32ht6o90vqzv
reference_type
scores
0
value 8.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 4.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-17T14:03:41Z/
url https://lists.apache.org/thread/lnow7tt2j6hb9kcpkggx32ht6o90vqzv
fixed_packages
0
url pkg:apache/tomcat@10.1.42
purl pkg:apache/tomcat@10.1.42
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4md2-vchu-3bgx
1
vulnerability VCID-vwn1-fgjk-p7bz
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@10.1.42
1
url pkg:apache/tomcat@11.0.8
purl pkg:apache/tomcat@11.0.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4md2-vchu-3bgx
1
vulnerability VCID-vwn1-fgjk-p7bz
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@11.0.8
aliases CVE-2025-49124, GHSA-42wg-hm62-jcwg
risk_score 3.8
exploitability 0.5
weighted_severity 7.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dyrd-71bh-v7fs
4
url VCID-q4zv-r7va-nfc3
vulnerability_id VCID-q4zv-r7va-nfc3
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-48976.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-48976.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-48976
reference_id
reference_type
scores
0
value 0.01278
scoring_system epss
scoring_elements 0.79976
published_at 2026-06-11T12:55:00Z
1
value 0.01278
scoring_system epss
scoring_elements 0.80049
published_at 2026-06-14T12:55:00Z
2
value 0.01278
scoring_system epss
scoring_elements 0.80057
published_at 2026-06-13T12:55:00Z
3
value 0.01278
scoring_system epss
scoring_elements 0.80039
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-48976
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/apache/commons-fileupload
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/commons-fileupload
4
reference_url https://github.com/apache/commons-fileupload/commit/b247774a72a044f5d5380ae947140ee80af4e78b
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/commons-fileupload/commit/b247774a72a044f5d5380ae947140ee80af4e78b
5
reference_url https://github.com/apache/commons-fileupload/commit/bf68f63cfb312ef4710fb3dfb4d8e4e1665f4497
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/commons-fileupload/commit/bf68f63cfb312ef4710fb3dfb4d8e4e1665f4497
6
reference_url https://github.com/apache/tomcat/commit/667ddd76e2a0e762f3a784d86f0d25e7fd7cdb86
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/667ddd76e2a0e762f3a784d86f0d25e7fd7cdb86
7
reference_url https://github.com/apache/tomcat/commit/74f69ffaf61e54c727603e7e831fe20f0ac5d2a7
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/74f69ffaf61e54c727603e7e831fe20f0ac5d2a7
8
reference_url https://github.com/apache/tomcat/commit/97790a35a27d236fa053e660676c3f8196284d93
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/97790a35a27d236fa053e660676c3f8196284d93
9
reference_url https://lists.debian.org/debian-lts-announce/2025/07/msg00008.html
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2025/07/msg00008.html
10
reference_url https://lists.debian.org/debian-lts-announce/2025/07/msg00009.html
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2025/07/msg00009.html
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-48976
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-48976
12
reference_url http://www.openwall.com/lists/oss-security/2025/06/16/4
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2025/06/16/4
13
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108118
reference_id 1108118
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108118
14
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108119
reference_id 1108119
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108119
15
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108120
reference_id 1108120
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108120
16
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2373020
reference_id 2373020
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2373020
17
reference_url https://security.archlinux.org/AVG-2888
reference_id AVG-2888
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2888
18
reference_url https://security.archlinux.org/AVG-2889
reference_id AVG-2889
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2889
19
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48976
reference_id CVE-2025-48976
reference_type
scores
0
value Important
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48976
20
reference_url https://lists.apache.org/thread/fbs3wrr3p67vkjcxogqqqqz45pqtso12
reference_id fbs3wrr3p67vkjcxogqqqqz45pqtso12
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:04:56Z/
url https://lists.apache.org/thread/fbs3wrr3p67vkjcxogqqqqz45pqtso12
21
reference_url https://github.com/advisories/GHSA-vv7r-c36w-3prj
reference_id GHSA-vv7r-c36w-3prj
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-vv7r-c36w-3prj
22
reference_url https://access.redhat.com/errata/RHSA-2025:11695
reference_id RHSA-2025:11695
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:11695
23
reference_url https://access.redhat.com/errata/RHSA-2025:11696
reference_id RHSA-2025:11696
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:11696
24
reference_url https://access.redhat.com/errata/RHSA-2025:11741
reference_id RHSA-2025:11741
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:11741
25
reference_url https://access.redhat.com/errata/RHSA-2025:11742
reference_id RHSA-2025:11742
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:11742
26
reference_url https://access.redhat.com/errata/RHSA-2025:14177
reference_id RHSA-2025:14177
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:14177
27
reference_url https://access.redhat.com/errata/RHSA-2025:14178
reference_id RHSA-2025:14178
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:14178
28
reference_url https://access.redhat.com/errata/RHSA-2025:14179
reference_id RHSA-2025:14179
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:14179
29
reference_url https://access.redhat.com/errata/RHSA-2025:14180
reference_id RHSA-2025:14180
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:14180
30
reference_url https://access.redhat.com/errata/RHSA-2025:14181
reference_id RHSA-2025:14181
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:14181
31
reference_url https://access.redhat.com/errata/RHSA-2025:14182
reference_id RHSA-2025:14182
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:14182
32
reference_url https://access.redhat.com/errata/RHSA-2025:14183
reference_id RHSA-2025:14183
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:14183
fixed_packages
0
url pkg:apache/tomcat@10.1.42
purl pkg:apache/tomcat@10.1.42
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4md2-vchu-3bgx
1
vulnerability VCID-vwn1-fgjk-p7bz
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@10.1.42
1
url pkg:apache/tomcat@11.0.8
purl pkg:apache/tomcat@11.0.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4md2-vchu-3bgx
1
vulnerability VCID-vwn1-fgjk-p7bz
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@11.0.8
aliases CVE-2025-48976, GHSA-vv7r-c36w-3prj
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-q4zv-r7va-nfc3
Fixing_vulnerabilities
0
url VCID-xvbv-9ztw-mfcn
vulnerability_id VCID-xvbv-9ztw-mfcn
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-46701.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-46701.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-46701
reference_id
reference_type
scores
0
value 0.00132
scoring_system epss
scoring_elements 0.3228
published_at 2026-06-11T12:55:00Z
1
value 0.00132
scoring_system epss
scoring_elements 0.3246
published_at 2026-06-14T12:55:00Z
2
value 0.00132
scoring_system epss
scoring_elements 0.32483
published_at 2026-06-13T12:55:00Z
3
value 0.00132
scoring_system epss
scoring_elements 0.32463
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-46701
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 1.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
4
reference_url https://github.com/apache/tomcat/commit/0f01966eb60015d975525019e12a087f05ebf01a
reference_id
reference_type
scores
0
value 1.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/0f01966eb60015d975525019e12a087f05ebf01a
5
reference_url https://github.com/apache/tomcat/commit/238d2aa54b99f91d1111467e2237d2244c64e558
reference_id
reference_type
scores
0
value 1.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/238d2aa54b99f91d1111467e2237d2244c64e558
6
reference_url https://github.com/apache/tomcat/commit/2c6800111e7d8d8d5403c07978ea9bff3db5a5a5
reference_id
reference_type
scores
0
value 1.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/2c6800111e7d8d8d5403c07978ea9bff3db5a5a5
7
reference_url https://github.com/apache/tomcat/commit/8cb95ff03221067c511b3fa66d4f745bc4b0a605
reference_id
reference_type
scores
0
value 1.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/8cb95ff03221067c511b3fa66d4f745bc4b0a605
8
reference_url https://github.com/apache/tomcat/commit/8df00018a252baa9497615d6420fb6c10466fa74
reference_id
reference_type
scores
0
value 1.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/8df00018a252baa9497615d6420fb6c10466fa74
9
reference_url https://github.com/apache/tomcat/commit/fab7247d2f0e3a29d5daef565f829f383e10e5e2
reference_id
reference_type
scores
0
value 1.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/fab7247d2f0e3a29d5daef565f829f383e10e5e2
10
reference_url https://lists.debian.org/debian-lts-announce/2025/07/msg00009.html
reference_id
reference_type
scores
0
value 1.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
1
value LOW
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2025/07/msg00009.html
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-46701
reference_id
reference_type
scores
0
value 1.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-46701
12
reference_url https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.41
reference_id
reference_type
scores
0
value 1.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
1
value LOW
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.41
13
reference_url https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.7
reference_id
reference_type
scores
0
value 1.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
1
value LOW
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.7
14
reference_url https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.105
reference_id
reference_type
scores
0
value 1.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
1
value LOW
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.105
15
reference_url http://www.openwall.com/lists/oss-security/2025/05/29/4
reference_id
reference_type
scores
0
value 1.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
1
value LOW
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2025/05/29/4
16
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1106820
reference_id 1106820
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1106820
17
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1106821
reference_id 1106821
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1106821
18
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2369253
reference_id 2369253
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2369253
19
reference_url https://security.archlinux.org/AVG-2888
reference_id AVG-2888
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2888
20
reference_url https://security.archlinux.org/AVG-2889
reference_id AVG-2889
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2889
21
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-46701
reference_id CVE-2025-46701
reference_type
scores
0
value Low
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-46701
22
reference_url https://github.com/advisories/GHSA-h2fw-rfh5-95r3
reference_id GHSA-h2fw-rfh5-95r3
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-h2fw-rfh5-95r3
23
reference_url https://access.redhat.com/errata/RHSA-2026:18536
reference_id RHSA-2026:18536
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:18536
24
reference_url https://access.redhat.com/errata/RHSA-2026:18537
reference_id RHSA-2026:18537
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:18537
25
reference_url https://access.redhat.com/errata/RHSA-2026:18916
reference_id RHSA-2026:18916
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:18916
26
reference_url https://access.redhat.com/errata/RHSA-2026:2740
reference_id RHSA-2026:2740
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2740
27
reference_url https://access.redhat.com/errata/RHSA-2026:2741
reference_id RHSA-2026:2741
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2741
28
reference_url https://usn.ubuntu.com/7705-1/
reference_id USN-7705-1
reference_type
scores
url https://usn.ubuntu.com/7705-1/
29
reference_url https://lists.apache.org/thread/xhqqk9w5q45srcdqhogdk04lhdscv30j
reference_id xhqqk9w5q45srcdqhogdk04lhdscv30j
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value 1.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
2
value LOW
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-30T14:58:21Z/
url https://lists.apache.org/thread/xhqqk9w5q45srcdqhogdk04lhdscv30j
fixed_packages
0
url pkg:apache/tomcat@9.0.105
purl pkg:apache/tomcat@9.0.105
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1fr1-b1h1-zqcz
1
vulnerability VCID-a463-td75-3bhf
2
vulnerability VCID-d4m6-nran-5ydj
3
vulnerability VCID-dyrd-71bh-v7fs
4
vulnerability VCID-q4zv-r7va-nfc3
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@9.0.105
1
url pkg:apache/tomcat@10.1.41
purl pkg:apache/tomcat@10.1.41
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1fr1-b1h1-zqcz
1
vulnerability VCID-a463-td75-3bhf
2
vulnerability VCID-d4m6-nran-5ydj
3
vulnerability VCID-dyrd-71bh-v7fs
4
vulnerability VCID-q4zv-r7va-nfc3
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@10.1.41
2
url pkg:apache/tomcat@11.0.7
purl pkg:apache/tomcat@11.0.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1fr1-b1h1-zqcz
1
vulnerability VCID-a463-td75-3bhf
2
vulnerability VCID-d4m6-nran-5ydj
3
vulnerability VCID-dyrd-71bh-v7fs
4
vulnerability VCID-q4zv-r7va-nfc3
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@11.0.7
aliases CVE-2025-46701, GHSA-h2fw-rfh5-95r3
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xvbv-9ztw-mfcn
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:apache/tomcat@10.1.41