Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:maven/org.apache.tomcat/tomcat@9.0.83

Type maven

Namespace org.apache.tomcat

Name tomcat

Version 9.0.83

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 9.0.86

Latest_non_vulnerable_version 11.0.22

Affected_by_vulnerabilities

url VCID-71uq-hgqp-b3a1

vulnerability_id VCID-71uq-hgqp-b3a1

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-24734.json

reference_id

reference_type

scores

value	7.4
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-24734.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-24734

reference_id

reference_type

scores

value	0.00091
scoring_system	epss
scoring_elements	0.25698
published_at	2026-05-30T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-24734

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/apache/tomcat

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat

reference_url

https://lists.apache.org/thread/292dlmx3fz1888v6v16221kpozq56gml

reference_id

reference_type

scores

value	7.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-21T21:16:49Z/

url

https://lists.apache.org/thread/292dlmx3fz1888v6v16221kpozq56gml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2440426
reference_id	2440426
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2440426

reference_url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-24734

reference_id

CVE-2026-24734

reference_type

scores

value	Moderate
scoring_system	apache_tomcat
scoring_elements

url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-24734

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2026-24734

reference_id

CVE-2026-24734

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2026-24734

reference_url

https://github.com/advisories/GHSA-mgp5-rv84-w37q

reference_id

GHSA-mgp5-rv84-w37q

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-mgp5-rv84-w37q

reference_url	https://access.redhat.com/errata/RHSA-2026:19054
reference_id	RHSA-2026:19054
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:19054

reference_url	https://access.redhat.com/errata/RHSA-2026:5611
reference_id	RHSA-2026:5611
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5611

reference_url	https://access.redhat.com/errata/RHSA-2026:5612
reference_id	RHSA-2026:5612
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5612

reference_url	https://access.redhat.com/errata/RHSA-2026:6569
reference_id	RHSA-2026:6569
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6569

reference_url	https://access.redhat.com/errata/RHSA-2026:8334
reference_id	RHSA-2026:8334
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8334

fixed_packages

url pkg:maven/org.apache.tomcat/tomcat@9.0.115

purl pkg:maven/org.apache.tomcat/tomcat@9.0.115

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e3b-6dse-s3gf

vulnerability	VCID-8btx-vpre-pugb

vulnerability	VCID-bqkn-zvm1-4kd6

vulnerability	VCID-keyp-7fnn-cbh8

vulnerability	VCID-rx6f-x5cc-6bef

vulnerability	VCID-thj9-c3nq-f3ax

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.115

url pkg:maven/org.apache.tomcat/tomcat@10.1.52

purl pkg:maven/org.apache.tomcat/tomcat@10.1.52

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e3b-6dse-s3gf

vulnerability	VCID-8btx-vpre-pugb

vulnerability	VCID-bqkn-zvm1-4kd6

vulnerability	VCID-keyp-7fnn-cbh8

vulnerability	VCID-rx6f-x5cc-6bef

vulnerability	VCID-thj9-c3nq-f3ax

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.52

url pkg:maven/org.apache.tomcat/tomcat@11.0.18

purl pkg:maven/org.apache.tomcat/tomcat@11.0.18

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e3b-6dse-s3gf

vulnerability	VCID-bqkn-zvm1-4kd6

vulnerability	VCID-ek4k-3m72-qqbf

vulnerability	VCID-keyp-7fnn-cbh8

vulnerability	VCID-rx6f-x5cc-6bef

vulnerability	VCID-thj9-c3nq-f3ax

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@11.0.18

aliases CVE-2026-24734, GHSA-mgp5-rv84-w37q

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-71uq-hgqp-b3a1

url VCID-ek4k-3m72-qqbf

vulnerability_id VCID-ek4k-3m72-qqbf

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-29145.json

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-29145.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-29145

reference_id

reference_type

scores

value	0.00039
scoring_system	epss
scoring_elements	0.11909
published_at	2026-05-30T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-29145

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/apache/tomcat

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat

reference_url

https://github.com/apache/tomcat/commit/721591f7bff424c693f26adc18ae9b9abac3655b

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/721591f7bff424c693f26adc18ae9b9abac3655b

reference_url

https://github.com/apache/tomcat/commit/d1406df5ae0326f39f54c3f64ac30d8fca55cd5b

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/d1406df5ae0326f39f54c3f64ac30d8fca55cd5b

reference_url

https://github.com/apache/tomcat/commit/fe26667cd2385045ac73f4dea086cc9971209b90

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/fe26667cd2385045ac73f4dea086cc9971209b90

reference_url

https://lists.apache.org/thread/yz5fxmhd2j43wgqykssdo7kltws57jfz

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T18:10:50Z/

url

https://lists.apache.org/thread/yz5fxmhd2j43wgqykssdo7kltws57jfz

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2026-29145

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2026-29145

reference_url

https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.53

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.53

reference_url

https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.20

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.20

reference_url

https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.116

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.116

reference_url

http://www.openwall.com/lists/oss-security/2026/04/09/23

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2026/04/09/23

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133356
reference_id	1133356
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133356

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133357
reference_id	1133357
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133357

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2457037
reference_id	2457037
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2457037

reference_url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-29145

reference_id

CVE-2026-29145

reference_type

scores

value	Moderate
scoring_system	apache_tomcat
scoring_elements

url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-29145

reference_url

https://github.com/advisories/GHSA-95jq-rwvf-vjx4

reference_id

GHSA-95jq-rwvf-vjx4

reference_type

scores

value	CRITICAL
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-95jq-rwvf-vjx4

reference_url	https://access.redhat.com/errata/RHSA-2026:20405
reference_id	RHSA-2026:20405
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:20405

reference_url	https://access.redhat.com/errata/RHSA-2026:20406
reference_id	RHSA-2026:20406
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:20406

fixed_packages

url pkg:maven/org.apache.tomcat/tomcat@9.0.116

purl pkg:maven/org.apache.tomcat/tomcat@9.0.116

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1mms-9rqw-xqhq

vulnerability	VCID-3e3b-6dse-s3gf

vulnerability	VCID-aug4-yyp5-37f8

vulnerability	VCID-jz35-ynpa-sqfq

vulnerability	VCID-up1n-hunu-rkak

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.116

url pkg:maven/org.apache.tomcat/tomcat@10.1.53

purl pkg:maven/org.apache.tomcat/tomcat@10.1.53

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1mms-9rqw-xqhq

vulnerability	VCID-3e3b-6dse-s3gf

vulnerability	VCID-aug4-yyp5-37f8

vulnerability	VCID-jz35-ynpa-sqfq

vulnerability	VCID-up1n-hunu-rkak

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.53

url pkg:maven/org.apache.tomcat/tomcat@11.0.20

purl pkg:maven/org.apache.tomcat/tomcat@11.0.20

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1mms-9rqw-xqhq

vulnerability	VCID-3e3b-6dse-s3gf

vulnerability	VCID-aug4-yyp5-37f8

vulnerability	VCID-jz35-ynpa-sqfq

vulnerability	VCID-up1n-hunu-rkak

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@11.0.20

aliases CVE-2026-29145, GHSA-95jq-rwvf-vjx4

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ek4k-3m72-qqbf

Fixing_vulnerabilities

url VCID-ryjx-b2fp-5bbc

vulnerability_id VCID-ryjx-b2fp-5bbc

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-46589.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-46589.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-46589

reference_id

reference_type

scores

value	0.53735
scoring_system	epss
scoring_elements	0.9804
published_at	2026-05-30T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-46589

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/apache/tomcat

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat

reference_url

https://github.com/apache/tomcat/commit/6f181e1062a472bc5f0234980f66cbde42c1041b

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/6f181e1062a472bc5f0234980f66cbde42c1041b

reference_url

https://github.com/apache/tomcat/commit/7a2d8818fcea0b51747a67af9510ce7977245ebd

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/7a2d8818fcea0b51747a67af9510ce7977245ebd

reference_url

https://github.com/apache/tomcat/commit/aa92971e879a519384c517febc39fd04c48d4642

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/aa92971e879a519384c517febc39fd04c48d4642

reference_url

https://github.com/apache/tomcat/commit/b5776d769bffeade865061bc8ecbeb2b56167b08

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/b5776d769bffeade865061bc8ecbeb2b56167b08

reference_url

https://lists.apache.org/thread/0rqq6ktozqc42ro8hhxdmmdjm1k1tpxr

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-11T16:04:24Z/

url

https://lists.apache.org/thread/0rqq6ktozqc42ro8hhxdmmdjm1k1tpxr

reference_url

https://lists.debian.org/debian-lts-announce/2024/01/msg00001.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2024/01/msg00001.html

reference_url

https://security.netapp.com/advisory/ntap-20231214-0009

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20231214-0009

reference_url

https://tomcat.apache.org/security-10.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://tomcat.apache.org/security-10.html

reference_url

https://tomcat.apache.org/security-11.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://tomcat.apache.org/security-11.html

reference_url

https://tomcat.apache.org/security-8.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://tomcat.apache.org/security-8.html

reference_url

https://tomcat.apache.org/security-9.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://tomcat.apache.org/security-9.html

reference_url

https://www.openwall.com/lists/oss-security/2023/11/28/2

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-11T16:04:24Z/

url

https://www.openwall.com/lists/oss-security/2023/11/28/2

reference_url

http://www.openwall.com/lists/oss-security/2023/11/28/2

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2023/11/28/2

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1057082
reference_id	1057082
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1057082

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2252050
reference_id	2252050
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2252050

reference_url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46589

reference_id

CVE-2023-46589

reference_type

scores

value	Important
scoring_system	apache_tomcat
scoring_elements

url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46589

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2023-46589

reference_id

CVE-2023-46589

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2023-46589

reference_url

https://github.com/advisories/GHSA-fccv-jmmp-qg76

reference_id

GHSA-fccv-jmmp-qg76

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-fccv-jmmp-qg76

reference_url	https://access.redhat.com/errata/RHSA-2024:0532
reference_id	RHSA-2024:0532
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0532

reference_url	https://access.redhat.com/errata/RHSA-2024:0539
reference_id	RHSA-2024:0539
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0539

reference_url	https://access.redhat.com/errata/RHSA-2024:1092
reference_id	RHSA-2024:1092
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1092

reference_url	https://access.redhat.com/errata/RHSA-2024:1134
reference_id	RHSA-2024:1134
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1134

reference_url	https://access.redhat.com/errata/RHSA-2024:1318
reference_id	RHSA-2024:1318
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1318

reference_url	https://access.redhat.com/errata/RHSA-2024:1319
reference_id	RHSA-2024:1319
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1319

reference_url	https://access.redhat.com/errata/RHSA-2024:1324
reference_id	RHSA-2024:1324
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1324

reference_url	https://access.redhat.com/errata/RHSA-2024:1325
reference_id	RHSA-2024:1325
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1325

reference_url	https://usn.ubuntu.com/7032-1/
reference_id	USN-7032-1
reference_type
scores
url	https://usn.ubuntu.com/7032-1/

fixed_packages

url pkg:maven/org.apache.tomcat/tomcat@8.5.96

purl pkg:maven/org.apache.tomcat/tomcat@8.5.96

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zpvv-4hjw-g3bt

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@8.5.96

url pkg:maven/org.apache.tomcat/tomcat@9.0.83

purl pkg:maven/org.apache.tomcat/tomcat@9.0.83

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-71uq-hgqp-b3a1

vulnerability	VCID-ek4k-3m72-qqbf

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.83

url	pkg:maven/org.apache.tomcat/tomcat@10.1.16
purl	pkg:maven/org.apache.tomcat/tomcat@10.1.16
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.16

url pkg:maven/org.apache.tomcat/tomcat@11.0.0-M11

purl pkg:maven/org.apache.tomcat/tomcat@11.0.0-M11

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-35fm-apgj-jqd3

vulnerability	VCID-g9rk-me3p-1fey

vulnerability	VCID-hdnj-g415-2bbw

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@11.0.0-M11

aliases CVE-2023-46589, GHSA-fccv-jmmp-qg76

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ryjx-b2fp-5bbc

Risk_score 4.0

Resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.83

Package Instance