Django REST framework
Api Root
Package List
Package Instance
Format
json
api
admin
Package Instance
Lookup for vulnerable packages by Package URL.
Purl
pkg:maven/org.apache.tomcat/tomcat@10.1.5
Type
maven
Namespace
org.apache.tomcat
Name
tomcat
Version
10.1.5
Qualifiers
Subpath
Is_vulnerable
true
Next_non_vulnerable_version
10.1.6
Latest_non_vulnerable_version
11.0.22
Affected_by_vulnerabilities
0
url
VCID-64r1-zcg6-qfb8
vulnerability_id
VCID-64r1-zcg6-qfb8
summary
references
0
reference_url
https://api.first.org/data/v1/epss?cve=CVE-2023-28708
reference_id
reference_type
scores
0
value
0.0011
scoring_system
epss
scoring_elements
0.29009
published_at
2026-05-30T12:55:00Z
url
https://api.first.org/data/v1/epss?cve=CVE-2023-28708
1
reference_url
https://bz.apache.org/bugzilla/show_bug.cgi?id=66471
reference_id
reference_type
scores
url
https://bz.apache.org/bugzilla/show_bug.cgi?id=66471
2
reference_url
https://github.com/apache/tomcat
reference_id
reference_type
scores
url
https://github.com/apache/tomcat
3
reference_url
https://github.com/apache/tomcat/commit/3b51230764da595bb19e8d0962dd8c69ab40dfab
reference_id
reference_type
scores
url
https://github.com/apache/tomcat/commit/3b51230764da595bb19e8d0962dd8c69ab40dfab
4
reference_url
https://github.com/apache/tomcat/commit/5b72c94e8b2c4ada63a1d91dc527bf4d8fd1f510
reference_id
reference_type
scores
url
https://github.com/apache/tomcat/commit/5b72c94e8b2c4ada63a1d91dc527bf4d8fd1f510
5
reference_url
https://github.com/apache/tomcat/commit/c64d496dda1560b5df113be55fbfaefec349b50f
reference_id
reference_type
scores
url
https://github.com/apache/tomcat/commit/c64d496dda1560b5df113be55fbfaefec349b50f
6
reference_url
https://github.com/apache/tomcat/commit/f509bbf31fc00abe3d9f25ebfabca5e05173da5b
reference_id
reference_type
scores
url
https://github.com/apache/tomcat/commit/f509bbf31fc00abe3d9f25ebfabca5e05173da5b
7
reference_url
https://lists.apache.org/thread/hdksc59z3s7tm39x0pp33mtwdrt8qr67
reference_id
reference_type
scores
url
https://lists.apache.org/thread/hdksc59z3s7tm39x0pp33mtwdrt8qr67
8
reference_url
https://security.netapp.com/advisory/ntap-20230331-0012
reference_id
reference_type
scores
url
https://security.netapp.com/advisory/ntap-20230331-0012
9
reference_url
https://tomcat.apache.org/security-10.html
reference_id
reference_type
scores
url
https://tomcat.apache.org/security-10.html
10
reference_url
https://tomcat.apache.org/security-11.html
reference_id
reference_type
scores
url
https://tomcat.apache.org/security-11.html
11
reference_url
https://tomcat.apache.org/security-8.html
reference_id
reference_type
scores
url
https://tomcat.apache.org/security-8.html
12
reference_url
https://tomcat.apache.org/security-9.html
reference_id
reference_type
scores
url
https://tomcat.apache.org/security-9.html
13
reference_url
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28708
reference_id
CVE-2023-28708
reference_type
scores
0
value
Important
scoring_system
apache_tomcat
scoring_elements
url
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28708
14
reference_url
https://nvd.nist.gov/vuln/detail/CVE-2023-28708
reference_id
CVE-2023-28708
reference_type
scores
url
https://nvd.nist.gov/vuln/detail/CVE-2023-28708
15
reference_url
https://github.com/advisories/GHSA-2c9m-w27f-53rm
reference_id
GHSA-2c9m-w27f-53rm
reference_type
scores
url
https://github.com/advisories/GHSA-2c9m-w27f-53rm
fixed_packages
0
url
pkg:maven/org.apache.tomcat/tomcat@10.1.6
purl
pkg:maven/org.apache.tomcat/tomcat@10.1.6
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.6
1
url
pkg:maven/org.apache.tomcat/tomcat@11.0.0-M3
purl
pkg:maven/org.apache.tomcat/tomcat@11.0.0-M3
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@11.0.0-M3
aliases
CVE-2023-28708, GHSA-2c9m-w27f-53rm
risk_score
null
exploitability
null
weighted_severity
null
resource_url
http://public2.vulnerablecode.io/vulnerabilities/VCID-64r1-zcg6-qfb8
1
url
VCID-gted-g7jd-nqcf
vulnerability_id
VCID-gted-g7jd-nqcf
summary
references
0
reference_url
https://api.first.org/data/v1/epss?cve=CVE-2023-28709
reference_id
reference_type
scores
0
value
0.00516
scoring_system
epss
scoring_elements
0.66992
published_at
2026-05-30T12:55:00Z
url
https://api.first.org/data/v1/epss?cve=CVE-2023-28709
1
reference_url
https://github.com/apache/tomcat/commit/5badf94e79e5de206fc0ef3054fd536b1bb787cd
reference_id
reference_type
scores
url
https://github.com/apache/tomcat/commit/5badf94e79e5de206fc0ef3054fd536b1bb787cd
2
reference_url
https://github.com/apache/tomcat/commit/ba848da71c523d94950d3c53c19ea155189df9dc
reference_id
reference_type
scores
url
https://github.com/apache/tomcat/commit/ba848da71c523d94950d3c53c19ea155189df9dc
3
reference_url
https://github.com/apache/tomcat/commit/d53d8e7f77042cc32a3b98f589496a1ef5088e38
reference_id
reference_type
scores
url
https://github.com/apache/tomcat/commit/d53d8e7f77042cc32a3b98f589496a1ef5088e38
4
reference_url
https://github.com/apache/tomcat/commit/fbd81421629afe8b8a3922d59020cde81caea861
reference_id
reference_type
scores
url
https://github.com/apache/tomcat/commit/fbd81421629afe8b8a3922d59020cde81caea861
5
reference_url
https://lists.apache.org/thread/7wvxonzwb7k9hx9jt3q33cmy7j97jo3j
reference_id
reference_type
scores
url
https://lists.apache.org/thread/7wvxonzwb7k9hx9jt3q33cmy7j97jo3j
6
reference_url
http://www.openwall.com/lists/oss-security/2023/05/22/1
reference_id
reference_type
scores
url
http://www.openwall.com/lists/oss-security/2023/05/22/1
7
reference_url
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28709
reference_id
CVE-2023-28709
reference_type
scores
0
value
Moderate
scoring_system
apache_tomcat
scoring_elements
url
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28709
8
reference_url
https://nvd.nist.gov/vuln/detail/CVE-2023-28709
reference_id
CVE-2023-28709
reference_type
scores
url
https://nvd.nist.gov/vuln/detail/CVE-2023-28709
fixed_packages
0
url
pkg:maven/org.apache.tomcat/tomcat@10.1.8
purl
pkg:maven/org.apache.tomcat/tomcat@10.1.8
is_vulnerable
true
affected_by_vulnerabilities
0
vulnerability
VCID-bapg-6hhe-nfhj
resource_url
http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.8
1
url
pkg:maven/org.apache.tomcat/tomcat@11.0.0-M5
purl
pkg:maven/org.apache.tomcat/tomcat@11.0.0-M5
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@11.0.0-M5
aliases
CVE-2023-28709
risk_score
null
exploitability
null
weighted_severity
null
resource_url
http://public2.vulnerablecode.io/vulnerabilities/VCID-gted-g7jd-nqcf
Fixing_vulnerabilities
0
url
VCID-j4ut-s3e4-qqh7
vulnerability_id
VCID-j4ut-s3e4-qqh7
summary
denial of service
references
0
reference_url
https://api.first.org/data/v1/epss?cve=CVE-2023-24998
reference_id
reference_type
scores
0
value
0.339
scoring_system
epss
scoring_elements
0.97041
published_at
2026-05-30T12:55:00Z
url
https://api.first.org/data/v1/epss?cve=CVE-2023-24998
1
reference_url
https://commons.apache.org/proper/commons-fileupload/security-reports.html
reference_id
reference_type
scores
url
https://commons.apache.org/proper/commons-fileupload/security-reports.html
2
reference_url
https://github.com/apache/commons-fileupload
reference_id
reference_type
scores
url
https://github.com/apache/commons-fileupload
3
reference_url
https://github.com/apache/commons-fileupload/commit/e20c04990f7420ca917e96a84cec58b13a1b3d17
reference_id
reference_type
scores
url
https://github.com/apache/commons-fileupload/commit/e20c04990f7420ca917e96a84cec58b13a1b3d17
4
reference_url
https://github.com/apache/tomcat/commit/063e2e81ede50c287f737cc8e2915ce7217e886e
reference_id
reference_type
scores
url
https://github.com/apache/tomcat/commit/063e2e81ede50c287f737cc8e2915ce7217e886e
5
reference_url
https://github.com/apache/tomcat/commit/8a2285f13affa961cc65595aad999db5efae45ce
reference_id
reference_type
scores
url
https://github.com/apache/tomcat/commit/8a2285f13affa961cc65595aad999db5efae45ce
6
reference_url
https://github.com/apache/tomcat/commit/9ca96c8c1eba86c0aaa2e6be581ba2a7d4d4ae6e
reference_id
reference_type
scores
url
https://github.com/apache/tomcat/commit/9ca96c8c1eba86c0aaa2e6be581ba2a7d4d4ae6e
7
reference_url
https://github.com/apache/tomcat/commit/cf77cc545de0488fb89e24294151504a7432df74
reference_id
reference_type
scores
url
https://github.com/apache/tomcat/commit/cf77cc545de0488fb89e24294151504a7432df74
8
reference_url
https://github.com/apache/tomcat/commit/d53d8e7f77042cc32a3b98f589496a1ef5088e38
reference_id
reference_type
scores
url
https://github.com/apache/tomcat/commit/d53d8e7f77042cc32a3b98f589496a1ef5088e38
9
reference_url
https://github.com/search?q=repo%3Aapache%2Ftomcat+util.http+path%3A%2F%5Eres%5C%2Fbnd%5C%2F%2F&type=code
reference_id
reference_type
scores
url
https://github.com/search?q=repo%3Aapache%2Ftomcat+util.http+path%3A%2F%5Eres%5C%2Fbnd%5C%2F%2F&type=code
10
reference_url
https://lists.apache.org/thread/4xl4l09mhwg4vgsk7dxqogcjrobrrdoy
reference_id
reference_type
scores
url
https://lists.apache.org/thread/4xl4l09mhwg4vgsk7dxqogcjrobrrdoy
11
reference_url
https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html
reference_id
reference_type
scores
url
https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html
12
reference_url
https://lists.debian.org/debian-lts-announce/2025/07/msg00008.html
reference_id
reference_type
scores
url
https://lists.debian.org/debian-lts-announce/2025/07/msg00008.html
13
reference_url
https://security.gentoo.org/glsa/202305-37
reference_id
reference_type
scores
url
https://security.gentoo.org/glsa/202305-37
14
reference_url
https://security.netapp.com/advisory/ntap-20230302-0013
reference_id
reference_type
scores
url
https://security.netapp.com/advisory/ntap-20230302-0013
15
reference_url
https://security.netapp.com/advisory/ntap-20241108-0002
reference_id
reference_type
scores
url
https://security.netapp.com/advisory/ntap-20241108-0002
16
reference_url
https://tomcat.apache.org/security-10.html
reference_id
reference_type
scores
url
https://tomcat.apache.org/security-10.html
17
reference_url
https://tomcat.apache.org/security-11.html
reference_id
reference_type
scores
url
https://tomcat.apache.org/security-11.html
18
reference_url
https://tomcat.apache.org/security-8.html
reference_id
reference_type
scores
url
https://tomcat.apache.org/security-8.html
19
reference_url
https://tomcat.apache.org/security-9.html
reference_id
reference_type
scores
url
https://tomcat.apache.org/security-9.html
20
reference_url
https://www.debian.org/security/2023/dsa-5522
reference_id
reference_type
scores
url
https://www.debian.org/security/2023/dsa-5522
21
reference_url
https://security.archlinux.org/AVG-2829
reference_id
AVG-2829
reference_type
scores
0
value
Medium
scoring_system
archlinux
scoring_elements
url
https://security.archlinux.org/AVG-2829
22
reference_url
https://security.archlinux.org/AVG-2830
reference_id
AVG-2830
reference_type
scores
0
value
Medium
scoring_system
archlinux
scoring_elements
url
https://security.archlinux.org/AVG-2830
23
reference_url
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24998
reference_id
CVE-2023-24998
reference_type
scores
0
value
Important
scoring_system
apache_tomcat
scoring_elements
url
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24998
24
reference_url
https://nvd.nist.gov/vuln/detail/CVE-2023-24998
reference_id
CVE-2023-24998
reference_type
scores
url
https://nvd.nist.gov/vuln/detail/CVE-2023-24998
25
reference_url
https://github.com/advisories/GHSA-hfrx-6qgj-fp6c
reference_id
GHSA-hfrx-6qgj-fp6c
reference_type
scores
url
https://github.com/advisories/GHSA-hfrx-6qgj-fp6c
fixed_packages
0
url
pkg:maven/org.apache.tomcat/tomcat@8.5.85
purl
pkg:maven/org.apache.tomcat/tomcat@8.5.85
is_vulnerable
true
affected_by_vulnerabilities
0
vulnerability
VCID-64r1-zcg6-qfb8
1
vulnerability
VCID-fg3s-97t1-dfeg
2
vulnerability
VCID-gted-g7jd-nqcf
resource_url
http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@8.5.85
1
url
pkg:maven/org.apache.tomcat/tomcat@9.0.71
purl
pkg:maven/org.apache.tomcat/tomcat@9.0.71
is_vulnerable
true
affected_by_vulnerabilities
0
vulnerability
VCID-64r1-zcg6-qfb8
1
vulnerability
VCID-gted-g7jd-nqcf
resource_url
http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.71
2
url
pkg:maven/org.apache.tomcat/tomcat@10.1.5
purl
pkg:maven/org.apache.tomcat/tomcat@10.1.5
is_vulnerable
true
affected_by_vulnerabilities
0
vulnerability
VCID-64r1-zcg6-qfb8
1
vulnerability
VCID-gted-g7jd-nqcf
resource_url
http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.5
3
url
pkg:maven/org.apache.tomcat/tomcat@11.0.0-M3
purl
pkg:maven/org.apache.tomcat/tomcat@11.0.0-M3
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@11.0.0-M3
aliases
CVE-2023-24998, GHSA-hfrx-6qgj-fp6c
risk_score
null
exploitability
null
weighted_severity
null
resource_url
http://public2.vulnerablecode.io/vulnerabilities/VCID-j4ut-s3e4-qqh7
Risk_score
null
Resource_url
http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.5
×
Create
None
×
Edit
None