Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/org.apache.tomcat/tomcat@9.0.106
Typemaven
Namespaceorg.apache.tomcat
Nametomcat
Version9.0.106
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version9.0.110
Latest_non_vulnerable_version11.0.22
Affected_by_vulnerabilities
0
url VCID-hgbg-akgm-pbfj
vulnerability_id VCID-hgbg-akgm-pbfj
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-52434.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-52434.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-52434
reference_id
reference_type
scores
0
value 0.01205
scoring_system epss
scoring_elements 0.7926
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-52434
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
4
reference_url https://github.com/apache/tomcat/commit/8a83c3c42d20762782678932c14005cd3397a018
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/8a83c3c42d20762782678932c14005cd3397a018
5
reference_url https://lists.apache.org/thread/gxgh65004f25y8519coth6w7vchww030
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-11T14:02:46Z/
url https://lists.apache.org/thread/gxgh65004f25y8519coth6w7vchww030
6
reference_url https://lists.debian.org/debian-lts-announce/2025/07/msg00009.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2025/07/msg00009.html
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-52434
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-52434
8
reference_url http://www.openwall.com/lists/oss-security/2025/07/10/11
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2025/07/10/11
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2379382
reference_id 2379382
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2379382
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-52434
reference_id CVE-2025-52434
reference_type
scores
0
value Important
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-52434
11
reference_url https://github.com/advisories/GHSA-4j3c-42xv-3f84
reference_id GHSA-4j3c-42xv-3f84
reference_type
scores
url https://github.com/advisories/GHSA-4j3c-42xv-3f84
12
reference_url https://access.redhat.com/errata/RHSA-2025:11695
reference_id RHSA-2025:11695
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:11695
13
reference_url https://access.redhat.com/errata/RHSA-2025:11696
reference_id RHSA-2025:11696
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:11696
14
reference_url https://access.redhat.com/errata/RHSA-2025:14177
reference_id RHSA-2025:14177
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:14177
15
reference_url https://access.redhat.com/errata/RHSA-2025:14178
reference_id RHSA-2025:14178
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:14178
16
reference_url https://access.redhat.com/errata/RHSA-2025:14180
reference_id RHSA-2025:14180
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:14180
17
reference_url https://access.redhat.com/errata/RHSA-2025:14181
reference_id RHSA-2025:14181
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:14181
18
reference_url https://access.redhat.com/errata/RHSA-2025:14182
reference_id RHSA-2025:14182
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:14182
19
reference_url https://access.redhat.com/errata/RHSA-2025:14183
reference_id RHSA-2025:14183
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:14183
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@9.0.107
purl pkg:maven/org.apache.tomcat/tomcat@9.0.107
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-61p6-f9vu-7fca
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.107
aliases CVE-2025-52434, GHSA-4j3c-42xv-3f84
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hgbg-akgm-pbfj
1
url VCID-p7x2-ejss-ffd1
vulnerability_id VCID-p7x2-ejss-ffd1
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-53506.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-53506.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-53506
reference_id
reference_type
scores
0
value 0.01247
scoring_system epss
scoring_elements 0.79619
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-53506
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
4
reference_url https://github.com/apache/tomcat/commit/2aa6261276ebe50b99276953591e3a2be7898bdb
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/2aa6261276ebe50b99276953591e3a2be7898bdb
5
reference_url https://github.com/apache/tomcat/commit/434772930f362145516dd60681134e7f0cf8115b
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/434772930f362145516dd60681134e7f0cf8115b
6
reference_url https://github.com/apache/tomcat/commit/be8f330f83ceddaf3baeed57522e571572b6b99b
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/be8f330f83ceddaf3baeed57522e571572b6b99b
7
reference_url https://lists.apache.org/thread/p09775q0rd185m6zz98krg0fp45j8kr0
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-11T13:46:01Z/
url https://lists.apache.org/thread/p09775q0rd185m6zz98krg0fp45j8kr0
8
reference_url https://lists.debian.org/debian-lts-announce/2025/07/msg00009.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2025/07/msg00009.html
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-53506
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-53506
10
reference_url http://www.openwall.com/lists/oss-security/2025/07/10/13
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2025/07/10/13
11
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1109113
reference_id 1109113
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1109113
12
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1109114
reference_id 1109114
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1109114
13
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2379386
reference_id 2379386
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2379386
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-53506
reference_id CVE-2025-53506
reference_type
scores
0
value Important
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-53506
15
reference_url https://github.com/advisories/GHSA-25xr-qj8w-c4vf
reference_id GHSA-25xr-qj8w-c4vf
reference_type
scores
url https://github.com/advisories/GHSA-25xr-qj8w-c4vf
16
reference_url https://access.redhat.com/errata/RHSA-2025:11695
reference_id RHSA-2025:11695
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:11695
17
reference_url https://access.redhat.com/errata/RHSA-2025:11696
reference_id RHSA-2025:11696
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:11696
18
reference_url https://access.redhat.com/errata/RHSA-2025:11741
reference_id RHSA-2025:11741
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:11741
19
reference_url https://access.redhat.com/errata/RHSA-2025:11742
reference_id RHSA-2025:11742
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:11742
20
reference_url https://access.redhat.com/errata/RHSA-2025:14177
reference_id RHSA-2025:14177
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:14177
21
reference_url https://access.redhat.com/errata/RHSA-2025:14178
reference_id RHSA-2025:14178
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:14178
22
reference_url https://access.redhat.com/errata/RHSA-2025:14179
reference_id RHSA-2025:14179
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:14179
23
reference_url https://access.redhat.com/errata/RHSA-2025:14180
reference_id RHSA-2025:14180
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:14180
24
reference_url https://access.redhat.com/errata/RHSA-2025:14181
reference_id RHSA-2025:14181
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:14181
25
reference_url https://access.redhat.com/errata/RHSA-2025:14182
reference_id RHSA-2025:14182
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:14182
26
reference_url https://access.redhat.com/errata/RHSA-2025:14183
reference_id RHSA-2025:14183
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:14183
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@9.0.107
purl pkg:maven/org.apache.tomcat/tomcat@9.0.107
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-61p6-f9vu-7fca
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.107
1
url pkg:maven/org.apache.tomcat/tomcat@10.1.43
purl pkg:maven/org.apache.tomcat/tomcat@10.1.43
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-61p6-f9vu-7fca
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.43
2
url pkg:maven/org.apache.tomcat/tomcat@11.0.9
purl pkg:maven/org.apache.tomcat/tomcat@11.0.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-61p6-f9vu-7fca
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@11.0.9
aliases CVE-2025-53506, GHSA-25xr-qj8w-c4vf
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p7x2-ejss-ffd1
2
url VCID-s6p4-xq69-6fb4
vulnerability_id VCID-s6p4-xq69-6fb4
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-52520.json
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-52520.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-52520
reference_id
reference_type
scores
0
value 0.00683
scoring_system epss
scoring_elements 0.71984
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-52520
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
4
reference_url https://github.com/apache/tomcat/commit/927d66fbc294cb65242102b817a45fd80834e040
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/927d66fbc294cb65242102b817a45fd80834e040
5
reference_url https://github.com/apache/tomcat/commit/a51e4bedccfafd35b7cdd0ee3e22267dee9f90db
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/a51e4bedccfafd35b7cdd0ee3e22267dee9f90db
6
reference_url https://github.com/apache/tomcat/commit/fc42bbccb9041fafd194fbfdf3eab1d44cb5c45c
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/fc42bbccb9041fafd194fbfdf3eab1d44cb5c45c
7
reference_url https://lists.apache.org/thread/trqq01bbxw6c92zx69kx2mw2qgmfy0o5
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-11T14:08:03Z/
url https://lists.apache.org/thread/trqq01bbxw6c92zx69kx2mw2qgmfy0o5
8
reference_url https://lists.debian.org/debian-lts-announce/2025/07/msg00009.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2025/07/msg00009.html
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-52520
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-52520
10
reference_url http://www.openwall.com/lists/oss-security/2025/07/10/12
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2025/07/10/12
11
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1109111
reference_id 1109111
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1109111
12
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1109112
reference_id 1109112
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1109112
13
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2379374
reference_id 2379374
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2379374
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-52520
reference_id CVE-2025-52520
reference_type
scores
0
value Low
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-52520
15
reference_url https://github.com/advisories/GHSA-wr62-c79q-cv37
reference_id GHSA-wr62-c79q-cv37
reference_type
scores
url https://github.com/advisories/GHSA-wr62-c79q-cv37
16
reference_url https://access.redhat.com/errata/RHSA-2025:11695
reference_id RHSA-2025:11695
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:11695
17
reference_url https://access.redhat.com/errata/RHSA-2025:11696
reference_id RHSA-2025:11696
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:11696
18
reference_url https://access.redhat.com/errata/RHSA-2025:13685
reference_id RHSA-2025:13685
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:13685
19
reference_url https://access.redhat.com/errata/RHSA-2025:13686
reference_id RHSA-2025:13686
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:13686
20
reference_url https://access.redhat.com/errata/RHSA-2025:14177
reference_id RHSA-2025:14177
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:14177
21
reference_url https://access.redhat.com/errata/RHSA-2025:14178
reference_id RHSA-2025:14178
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:14178
22
reference_url https://access.redhat.com/errata/RHSA-2025:14179
reference_id RHSA-2025:14179
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:14179
23
reference_url https://access.redhat.com/errata/RHSA-2025:14180
reference_id RHSA-2025:14180
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:14180
24
reference_url https://access.redhat.com/errata/RHSA-2025:14181
reference_id RHSA-2025:14181
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:14181
25
reference_url https://access.redhat.com/errata/RHSA-2025:14182
reference_id RHSA-2025:14182
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:14182
26
reference_url https://access.redhat.com/errata/RHSA-2025:14183
reference_id RHSA-2025:14183
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:14183
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@9.0.107
purl pkg:maven/org.apache.tomcat/tomcat@9.0.107
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-61p6-f9vu-7fca
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.107
1
url pkg:maven/org.apache.tomcat/tomcat@10.1.43
purl pkg:maven/org.apache.tomcat/tomcat@10.1.43
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-61p6-f9vu-7fca
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.43
2
url pkg:maven/org.apache.tomcat/tomcat@11.0.9
purl pkg:maven/org.apache.tomcat/tomcat@11.0.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-61p6-f9vu-7fca
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@11.0.9
aliases CVE-2025-52520, GHSA-wr62-c79q-cv37
risk_score 1.6
exploitability 0.5
weighted_severity 3.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-s6p4-xq69-6fb4
Fixing_vulnerabilities
0
url VCID-9w58-wv96-dfhb
vulnerability_id VCID-9w58-wv96-dfhb
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-55668.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-55668.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-55668
reference_id
reference_type
scores
0
value 0.00019
scoring_system epss
scoring_elements 0.05486
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-55668
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
4
reference_url https://github.com/apache/tomcat/commit/8621e4c6ba2c916a41eb34cb0f781171ead33fb6
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/8621e4c6ba2c916a41eb34cb0f781171ead33fb6
5
reference_url https://github.com/apache/tomcat/commit/90306d971bb8b8393336d893644124fb2ca11d21
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/90306d971bb8b8393336d893644124fb2ca11d21
6
reference_url https://github.com/apache/tomcat/commit/9c3673ba04009377cb0c81ccb6cf5078aec1aa95
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/9c3673ba04009377cb0c81ccb6cf5078aec1aa95
7
reference_url https://lists.apache.org/thread/v6bknr96rl7l1qxkl1c03v0qdvbbqs47
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-13T13:38:12Z/
url https://lists.apache.org/thread/v6bknr96rl7l1qxkl1c03v0qdvbbqs47
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-55668
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-55668
9
reference_url https://tomcat.apache.org/security-10.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-10.html
10
reference_url https://tomcat.apache.org/security-11.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-11.html
11
reference_url https://tomcat.apache.org/security-9.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-9.html
12
reference_url http://www.openwall.com/lists/oss-security/2025/08/13/3
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2025/08/13/3
13
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1111098
reference_id 1111098
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1111098
14
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1111099
reference_id 1111099
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1111099
15
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2388226
reference_id 2388226
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2388226
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-55668
reference_id CVE-2025-55668
reference_type
scores
0
value Moderate
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-55668
17
reference_url https://github.com/advisories/GHSA-23hv-mwm6-g8jf
reference_id GHSA-23hv-mwm6-g8jf
reference_type
scores
url https://github.com/advisories/GHSA-23hv-mwm6-g8jf
18
reference_url https://access.redhat.com/errata/RHSA-2026:18536
reference_id RHSA-2026:18536
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:18536
19
reference_url https://access.redhat.com/errata/RHSA-2026:18537
reference_id RHSA-2026:18537
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:18537
20
reference_url https://access.redhat.com/errata/RHSA-2026:18916
reference_id RHSA-2026:18916
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:18916
21
reference_url https://access.redhat.com/errata/RHSA-2026:2740
reference_id RHSA-2026:2740
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2740
22
reference_url https://access.redhat.com/errata/RHSA-2026:2741
reference_id RHSA-2026:2741
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2741
23
reference_url https://access.redhat.com/errata/RHSA-2026:6569
reference_id RHSA-2026:6569
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6569
24
reference_url https://access.redhat.com/errata/RHSA-2026:8334
reference_id RHSA-2026:8334
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8334
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@9.0.106
purl pkg:maven/org.apache.tomcat/tomcat@9.0.106
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-hgbg-akgm-pbfj
1
vulnerability VCID-p7x2-ejss-ffd1
2
vulnerability VCID-s6p4-xq69-6fb4
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.106
1
url pkg:maven/org.apache.tomcat/tomcat@10.1.42
purl pkg:maven/org.apache.tomcat/tomcat@10.1.42
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-p7x2-ejss-ffd1
1
vulnerability VCID-s6p4-xq69-6fb4
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.42
2
url pkg:maven/org.apache.tomcat/tomcat@11.0.8
purl pkg:maven/org.apache.tomcat/tomcat@11.0.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-p7x2-ejss-ffd1
1
vulnerability VCID-s6p4-xq69-6fb4
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@11.0.8
aliases CVE-2025-55668, GHSA-23hv-mwm6-g8jf
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9w58-wv96-dfhb
1
url VCID-b4g7-nvey-5bh3
vulnerability_id VCID-b4g7-nvey-5bh3
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-49124
reference_id
reference_type
scores
0
value 0.00175
scoring_system epss
scoring_elements 0.38661
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-49124
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
3
reference_url https://github.com/apache/tomcat/commit/28726cc2e63bed68771f5eb0f65a78dc7080571823
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/28726cc2e63bed68771f5eb0f65a78dc7080571823
4
reference_url https://github.com/apache/tomcat/commit/c56456cda8151c9504dfb7985700824559d769a7
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/c56456cda8151c9504dfb7985700824559d769a7
5
reference_url https://github.com/apache/tomcat/commit/e0e07812224d327a321babb554f5a5758d30cc49
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/e0e07812224d327a321babb554f5a5758d30cc49
6
reference_url https://lists.apache.org/thread/lnow7tt2j6hb9kcpkggx32ht6o90vqzv
reference_id
reference_type
scores
0
value 8.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 4.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-17T14:03:41Z/
url https://lists.apache.org/thread/lnow7tt2j6hb9kcpkggx32ht6o90vqzv
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-49124
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-49124
8
reference_url https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.42
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.42
9
reference_url https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.8
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.8
10
reference_url https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.106
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.106
11
reference_url http://www.openwall.com/lists/oss-security/2025/06/16/3
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2025/06/16/3
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49124
reference_id CVE-2025-49124
reference_type
scores
0
value Low
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49124
13
reference_url https://github.com/advisories/GHSA-42wg-hm62-jcwg
reference_id GHSA-42wg-hm62-jcwg
reference_type
scores
url https://github.com/advisories/GHSA-42wg-hm62-jcwg
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@9.0.106
purl pkg:maven/org.apache.tomcat/tomcat@9.0.106
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-hgbg-akgm-pbfj
1
vulnerability VCID-p7x2-ejss-ffd1
2
vulnerability VCID-s6p4-xq69-6fb4
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.106
1
url pkg:maven/org.apache.tomcat/tomcat@10.1.42
purl pkg:maven/org.apache.tomcat/tomcat@10.1.42
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-p7x2-ejss-ffd1
1
vulnerability VCID-s6p4-xq69-6fb4
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.42
2
url pkg:maven/org.apache.tomcat/tomcat@11.0.8
purl pkg:maven/org.apache.tomcat/tomcat@11.0.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-p7x2-ejss-ffd1
1
vulnerability VCID-s6p4-xq69-6fb4
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@11.0.8
aliases CVE-2025-49124, GHSA-42wg-hm62-jcwg
risk_score 1.4
exploitability 0.5
weighted_severity 2.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b4g7-nvey-5bh3
2
url VCID-eehy-pgzv-vudx
vulnerability_id VCID-eehy-pgzv-vudx
summary multiple issues
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-48976.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-48976.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-48976
reference_id
reference_type
scores
0
value 0.01278
scoring_system epss
scoring_elements 0.79876
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-48976
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/apache/commons-fileupload
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/commons-fileupload
4
reference_url https://github.com/apache/commons-fileupload/commit/b247774a72a044f5d5380ae947140ee80af4e78b
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/commons-fileupload/commit/b247774a72a044f5d5380ae947140ee80af4e78b
5
reference_url https://github.com/apache/commons-fileupload/commit/bf68f63cfb312ef4710fb3dfb4d8e4e1665f4497
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/commons-fileupload/commit/bf68f63cfb312ef4710fb3dfb4d8e4e1665f4497
6
reference_url https://github.com/apache/tomcat/commit/667ddd76e2a0e762f3a784d86f0d25e7fd7cdb86
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/667ddd76e2a0e762f3a784d86f0d25e7fd7cdb86
7
reference_url https://github.com/apache/tomcat/commit/74f69ffaf61e54c727603e7e831fe20f0ac5d2a7
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/74f69ffaf61e54c727603e7e831fe20f0ac5d2a7
8
reference_url https://github.com/apache/tomcat/commit/97790a35a27d236fa053e660676c3f8196284d93
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/97790a35a27d236fa053e660676c3f8196284d93
9
reference_url https://lists.apache.org/thread/fbs3wrr3p67vkjcxogqqqqz45pqtso12
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:04:56Z/
url https://lists.apache.org/thread/fbs3wrr3p67vkjcxogqqqqz45pqtso12
10
reference_url https://lists.debian.org/debian-lts-announce/2025/07/msg00008.html
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2025/07/msg00008.html
11
reference_url https://lists.debian.org/debian-lts-announce/2025/07/msg00009.html
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2025/07/msg00009.html
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-48976
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-48976
13
reference_url http://www.openwall.com/lists/oss-security/2025/06/16/4
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2025/06/16/4
14
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108118
reference_id 1108118
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108118
15
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108119
reference_id 1108119
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108119
16
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108120
reference_id 1108120
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108120
17
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2373020
reference_id 2373020
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2373020
18
reference_url https://security.archlinux.org/AVG-2888
reference_id AVG-2888
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2888
19
reference_url https://security.archlinux.org/AVG-2889
reference_id AVG-2889
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2889
20
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48976
reference_id CVE-2025-48976
reference_type
scores
0
value Important
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48976
21
reference_url https://github.com/advisories/GHSA-vv7r-c36w-3prj
reference_id GHSA-vv7r-c36w-3prj
reference_type
scores
url https://github.com/advisories/GHSA-vv7r-c36w-3prj
22
reference_url https://access.redhat.com/errata/RHSA-2025:11695
reference_id RHSA-2025:11695
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:11695
23
reference_url https://access.redhat.com/errata/RHSA-2025:11696
reference_id RHSA-2025:11696
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:11696
24
reference_url https://access.redhat.com/errata/RHSA-2025:11741
reference_id RHSA-2025:11741
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:11741
25
reference_url https://access.redhat.com/errata/RHSA-2025:11742
reference_id RHSA-2025:11742
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:11742
26
reference_url https://access.redhat.com/errata/RHSA-2025:14177
reference_id RHSA-2025:14177
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:14177
27
reference_url https://access.redhat.com/errata/RHSA-2025:14178
reference_id RHSA-2025:14178
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:14178
28
reference_url https://access.redhat.com/errata/RHSA-2025:14179
reference_id RHSA-2025:14179
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:14179
29
reference_url https://access.redhat.com/errata/RHSA-2025:14180
reference_id RHSA-2025:14180
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:14180
30
reference_url https://access.redhat.com/errata/RHSA-2025:14181
reference_id RHSA-2025:14181
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:14181
31
reference_url https://access.redhat.com/errata/RHSA-2025:14182
reference_id RHSA-2025:14182
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:14182
32
reference_url https://access.redhat.com/errata/RHSA-2025:14183
reference_id RHSA-2025:14183
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:14183
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@9.0.106
purl pkg:maven/org.apache.tomcat/tomcat@9.0.106
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-hgbg-akgm-pbfj
1
vulnerability VCID-p7x2-ejss-ffd1
2
vulnerability VCID-s6p4-xq69-6fb4
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.106
1
url pkg:maven/org.apache.tomcat/tomcat@10.1.42
purl pkg:maven/org.apache.tomcat/tomcat@10.1.42
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-p7x2-ejss-ffd1
1
vulnerability VCID-s6p4-xq69-6fb4
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.42
2
url pkg:maven/org.apache.tomcat/tomcat@11.0.8
purl pkg:maven/org.apache.tomcat/tomcat@11.0.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-p7x2-ejss-ffd1
1
vulnerability VCID-s6p4-xq69-6fb4
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@11.0.8
aliases CVE-2025-48976, GHSA-vv7r-c36w-3prj
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-eehy-pgzv-vudx
3
url VCID-ffqg-mkqf-xqgh
vulnerability_id VCID-ffqg-mkqf-xqgh
summary multiple issues
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-48988.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-48988.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-48988
reference_id
reference_type
scores
0
value 0.00759
scoring_system epss
scoring_elements 0.73624
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-48988
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
4
reference_url https://github.com/apache/tomcat/commit/2b0ab14fb55d4edc896e5f1817f2ab76f714ae5e
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/2b0ab14fb55d4edc896e5f1817f2ab76f714ae5e
5
reference_url https://github.com/apache/tomcat/commit/cdde8e655bc1c5c60a07efd216251d77c52fd7f6
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/cdde8e655bc1c5c60a07efd216251d77c52fd7f6
6
reference_url https://github.com/apache/tomcat/commit/ee8042ffce4cb9324dfd79efda5984f37bbb6910
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/ee8042ffce4cb9324dfd79efda5984f37bbb6910
7
reference_url https://lists.apache.org/thread/nzkqsok8t42qofgqfmck536mtyzygp18
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-17T18:20:54Z/
url https://lists.apache.org/thread/nzkqsok8t42qofgqfmck536mtyzygp18
8
reference_url https://lists.debian.org/debian-lts-announce/2025/07/msg00009.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2025/07/msg00009.html
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-48988
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-48988
10
reference_url https://tomcat.apache.org/security-10.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-10.html
11
reference_url https://tomcat.apache.org/security-11.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-11.html
12
reference_url https://tomcat.apache.org/security-9.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-9.html
13
reference_url http://www.openwall.com/lists/oss-security/2025/06/16/1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2025/06/16/1
14
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108116
reference_id 1108116
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108116
15
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108117
reference_id 1108117
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108117
16
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2373015
reference_id 2373015
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2373015
17
reference_url https://security.archlinux.org/AVG-2888
reference_id AVG-2888
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2888
18
reference_url https://security.archlinux.org/AVG-2889
reference_id AVG-2889
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2889
19
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48988
reference_id CVE-2025-48988
reference_type
scores
0
value Important
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48988
20
reference_url https://github.com/advisories/GHSA-h3gc-qfqq-6h8f
reference_id GHSA-h3gc-qfqq-6h8f
reference_type
scores
url https://github.com/advisories/GHSA-h3gc-qfqq-6h8f
21
reference_url https://access.redhat.com/errata/RHSA-2025:11695
reference_id RHSA-2025:11695
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:11695
22
reference_url https://access.redhat.com/errata/RHSA-2025:11696
reference_id RHSA-2025:11696
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:11696
23
reference_url https://access.redhat.com/errata/RHSA-2025:11741
reference_id RHSA-2025:11741
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:11741
24
reference_url https://access.redhat.com/errata/RHSA-2025:11742
reference_id RHSA-2025:11742
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:11742
25
reference_url https://access.redhat.com/errata/RHSA-2025:14177
reference_id RHSA-2025:14177
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:14177
26
reference_url https://access.redhat.com/errata/RHSA-2025:14178
reference_id RHSA-2025:14178
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:14178
27
reference_url https://access.redhat.com/errata/RHSA-2025:14179
reference_id RHSA-2025:14179
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:14179
28
reference_url https://access.redhat.com/errata/RHSA-2025:14180
reference_id RHSA-2025:14180
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:14180
29
reference_url https://access.redhat.com/errata/RHSA-2025:14181
reference_id RHSA-2025:14181
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:14181
30
reference_url https://access.redhat.com/errata/RHSA-2025:14182
reference_id RHSA-2025:14182
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:14182
31
reference_url https://access.redhat.com/errata/RHSA-2025:14183
reference_id RHSA-2025:14183
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:14183
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@9.0.106
purl pkg:maven/org.apache.tomcat/tomcat@9.0.106
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-hgbg-akgm-pbfj
1
vulnerability VCID-p7x2-ejss-ffd1
2
vulnerability VCID-s6p4-xq69-6fb4
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.106
1
url pkg:maven/org.apache.tomcat/tomcat@10.1.42
purl pkg:maven/org.apache.tomcat/tomcat@10.1.42
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-p7x2-ejss-ffd1
1
vulnerability VCID-s6p4-xq69-6fb4
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.42
2
url pkg:maven/org.apache.tomcat/tomcat@11.0.8
purl pkg:maven/org.apache.tomcat/tomcat@11.0.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-p7x2-ejss-ffd1
1
vulnerability VCID-s6p4-xq69-6fb4
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@11.0.8
aliases CVE-2025-48988, GHSA-h3gc-qfqq-6h8f
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ffqg-mkqf-xqgh
4
url VCID-y5je-ud4g-ufdc
vulnerability_id VCID-y5je-ud4g-ufdc
summary multiple issues
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-49125.json
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-49125.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-49125
reference_id
reference_type
scores
0
value 0.00189
scoring_system epss
scoring_elements 0.40564
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-49125
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
4
reference_url https://github.com/apache/tomcat/commit/7617b9c247bc77ed0444dd69adcd8aa48777886c
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/7617b9c247bc77ed0444dd69adcd8aa48777886c
5
reference_url https://github.com/apache/tomcat/commit/9418e3ff9f1f4c006b4661311ae9376c52d162b9
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/9418e3ff9f1f4c006b4661311ae9376c52d162b9
6
reference_url https://github.com/apache/tomcat/commit/d94bd36fb7eb32e790dae0339bc249069649a637
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/d94bd36fb7eb32e790dae0339bc249069649a637
7
reference_url https://lists.apache.org/thread/m66cytbfrty9k7dc4cg6tl1czhsnbywk
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:06:30Z/
url https://lists.apache.org/thread/m66cytbfrty9k7dc4cg6tl1czhsnbywk
8
reference_url https://lists.debian.org/debian-lts-announce/2025/07/msg00009.html
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2025/07/msg00009.html
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-49125
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-49125
10
reference_url https://tomcat.apache.org/security-10.html
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-10.html
11
reference_url https://tomcat.apache.org/security-11.html
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-11.html
12
reference_url https://tomcat.apache.org/security-9.html
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-9.html
13
reference_url http://www.openwall.com/lists/oss-security/2025/06/16/2
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2025/06/16/2
14
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108114
reference_id 1108114
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108114
15
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108115
reference_id 1108115
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108115
16
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2373018
reference_id 2373018
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2373018
17
reference_url https://security.archlinux.org/AVG-2888
reference_id AVG-2888
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2888
18
reference_url https://security.archlinux.org/AVG-2889
reference_id AVG-2889
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2889
19
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49125
reference_id CVE-2025-49125
reference_type
scores
0
value Moderate
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49125
20
reference_url https://github.com/advisories/GHSA-wc4r-xq3c-5cf3
reference_id GHSA-wc4r-xq3c-5cf3
reference_type
scores
url https://github.com/advisories/GHSA-wc4r-xq3c-5cf3
21
reference_url https://access.redhat.com/errata/RHSA-2025:11695
reference_id RHSA-2025:11695
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:11695
22
reference_url https://access.redhat.com/errata/RHSA-2025:11696
reference_id RHSA-2025:11696
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:11696
23
reference_url https://access.redhat.com/errata/RHSA-2025:11741
reference_id RHSA-2025:11741
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:11741
24
reference_url https://access.redhat.com/errata/RHSA-2025:11742
reference_id RHSA-2025:11742
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:11742
25
reference_url https://access.redhat.com/errata/RHSA-2025:14177
reference_id RHSA-2025:14177
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:14177
26
reference_url https://access.redhat.com/errata/RHSA-2025:14178
reference_id RHSA-2025:14178
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:14178
27
reference_url https://access.redhat.com/errata/RHSA-2025:14179
reference_id RHSA-2025:14179
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:14179
28
reference_url https://access.redhat.com/errata/RHSA-2025:14180
reference_id RHSA-2025:14180
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:14180
29
reference_url https://access.redhat.com/errata/RHSA-2025:14181
reference_id RHSA-2025:14181
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:14181
30
reference_url https://access.redhat.com/errata/RHSA-2025:14182
reference_id RHSA-2025:14182
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:14182
31
reference_url https://access.redhat.com/errata/RHSA-2025:14183
reference_id RHSA-2025:14183
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:14183
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@9.0.106
purl pkg:maven/org.apache.tomcat/tomcat@9.0.106
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-hgbg-akgm-pbfj
1
vulnerability VCID-p7x2-ejss-ffd1
2
vulnerability VCID-s6p4-xq69-6fb4
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.106
1
url pkg:maven/org.apache.tomcat/tomcat@10.1.42
purl pkg:maven/org.apache.tomcat/tomcat@10.1.42
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-p7x2-ejss-ffd1
1
vulnerability VCID-s6p4-xq69-6fb4
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.42
2
url pkg:maven/org.apache.tomcat/tomcat@11.0.8
purl pkg:maven/org.apache.tomcat/tomcat@11.0.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-p7x2-ejss-ffd1
1
vulnerability VCID-s6p4-xq69-6fb4
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@11.0.8
aliases CVE-2025-49125, GHSA-wc4r-xq3c-5cf3
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y5je-ud4g-ufdc
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.106