Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:apache/tomcat@9.0.96

Type apache

Namespace

Name tomcat

Version 9.0.96

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 9.0.99

Latest_non_vulnerable_version 11.0.22

Affected_by_vulnerabilities

url VCID-58hq-8nzw-7bfw

vulnerability_id VCID-58hq-8nzw-7bfw

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-52318.json

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-52318.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-52318

reference_id

reference_type

scores

value	0.15467
scoring_system	epss
scoring_elements	0.94773
published_at	2026-05-30T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-52318

reference_url

https://bz.apache.org/bugzilla/show_bug.cgi?id=69333

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://bz.apache.org/bugzilla/show_bug.cgi?id=69333

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/apache/tomcat

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat

reference_url

https://github.com/apache/tomcat/commit/8d1fc4733a06d1a03b9d644c57010f2ec5f0df38

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/8d1fc4733a06d1a03b9d644c57010f2ec5f0df38

reference_url

https://github.com/apache/tomcat/commit/9813c5dd3259183f659bbb83312a5cf673cc1ebf

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/9813c5dd3259183f659bbb83312a5cf673cc1ebf

reference_url

https://github.com/apache/tomcat/commit/be8e32143a3159e78fe5463d09bb8e1b33bf2b1f

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/be8e32143a3159e78fe5463d09bb8e1b33bf2b1f

reference_url

https://lists.apache.org/thread/co243cw1nlh6p521c5265cm839wkqdp9

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-18T14:31:54Z/

url

https://lists.apache.org/thread/co243cw1nlh6p521c5265cm839wkqdp9

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2024-52318

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2024-52318

reference_url

https://security.netapp.com/advisory/ntap-20250131-0009

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20250131-0009

reference_url

http://www.openwall.com/lists/oss-security/2024/11/18/4

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2024/11/18/4

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1087884
reference_id	1087884
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1087884

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2326985
reference_id	2326985
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2326985

reference_url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52318

reference_id

CVE-2024-52318

reference_type

scores

value	Important
scoring_system	apache_tomcat
scoring_elements

url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52318

fixed_packages

url pkg:apache/tomcat@9.0.97

purl pkg:apache/tomcat@9.0.97

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-61xw-8vnm-vkcx

vulnerability	VCID-b9hb-uzqm-wbcp

vulnerability	VCID-wpew-vv5h-r7c5

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@9.0.97

url pkg:apache/tomcat@10.1.33

purl pkg:apache/tomcat@10.1.33

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-61xw-8vnm-vkcx

vulnerability	VCID-b9hb-uzqm-wbcp

vulnerability	VCID-wpew-vv5h-r7c5

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@10.1.33

url pkg:apache/tomcat@11.0.1

purl pkg:apache/tomcat@11.0.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-61xw-8vnm-vkcx

vulnerability	VCID-b9hb-uzqm-wbcp

vulnerability	VCID-wpew-vv5h-r7c5

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@11.0.1

aliases CVE-2024-52318, GHSA-f632-9449-3j4w

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-58hq-8nzw-7bfw

Fixing_vulnerabilities

url VCID-nafh-ss66-efc1

vulnerability_id VCID-nafh-ss66-efc1

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-52316.json

reference_id

reference_type

scores

value	7.4
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-52316.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-52316

reference_id

reference_type

scores

value	0.02487
scoring_system	epss
scoring_elements	0.85559
published_at	2026-05-30T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-52316

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/apache/tomcat

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat

reference_url

https://github.com/apache/tomcat/commit/6d097a66746635df6880fe7662a792156b0eca14

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/6d097a66746635df6880fe7662a792156b0eca14

reference_url

https://github.com/apache/tomcat/commit/7532f9dc4a8c37ec958f79dc82c4924a6c539223

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/7532f9dc4a8c37ec958f79dc82c4924a6c539223

reference_url

https://github.com/apache/tomcat/commit/acc2f01395f895980f5d8a64573fcc1bade13369

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/acc2f01395f895980f5d8a64573fcc1bade13369

reference_url

https://lists.apache.org/thread/lopzlqh91jj9n334g02om08sbysdb928

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-18T14:50:59Z/

url

https://lists.apache.org/thread/lopzlqh91jj9n334g02om08sbysdb928

reference_url

https://lists.debian.org/debian-lts-announce/2025/01/msg00009.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2025/01/msg00009.html

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2024-52316

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2024-52316

reference_url

https://security.netapp.com/advisory/ntap-20250124-0003

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20250124-0003

reference_url

http://www.openwall.com/lists/oss-security/2024/11/18/2

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2024/11/18/2

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2326972
reference_id	2326972
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2326972

reference_url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52316

reference_id

CVE-2024-52316

reference_type

scores

value	Low
scoring_system	apache_tomcat
scoring_elements

url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52316

reference_url	https://access.redhat.com/errata/RHSA-2025:3608
reference_id	RHSA-2025:3608
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3608

reference_url	https://access.redhat.com/errata/RHSA-2025:3609
reference_id	RHSA-2025:3609
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3609

reference_url	https://access.redhat.com/errata/RHSA-2025:7497
reference_id	RHSA-2025:7497
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:7497

fixed_packages

url pkg:apache/tomcat@9.0.96

purl pkg:apache/tomcat@9.0.96

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-58hq-8nzw-7bfw

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@9.0.96

url pkg:apache/tomcat@10.1.31

purl pkg:apache/tomcat@10.1.31

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-58hq-8nzw-7bfw

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@10.1.31

url pkg:apache/tomcat@11.0.0

purl pkg:apache/tomcat@11.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-58hq-8nzw-7bfw

vulnerability	VCID-bapg-6hhe-nfhj

vulnerability	VCID-j4ut-s3e4-qqh7

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@11.0.0

aliases CVE-2024-52316, GHSA-xcpr-7mr4-h4xq

risk_score 3.4

exploitability 0.5

weighted_severity 6.7

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nafh-ss66-efc1

url VCID-rzd7-26dq-b7ff

vulnerability_id VCID-rzd7-26dq-b7ff

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-52317.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-52317.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-52317

reference_id

reference_type

scores

value	0.215
scoring_system	epss
scoring_elements	0.9581
published_at	2026-05-30T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-52317

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/apache/tomcat

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat

reference_url

https://github.com/apache/tomcat/commit/146f94f87ea398fb592c7a20a5ccbef95e9dd72b

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/146f94f87ea398fb592c7a20a5ccbef95e9dd72b

reference_url

https://github.com/apache/tomcat/commit/47307ee27abcdea2ee40e33897aca760083de46a

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/47307ee27abcdea2ee40e33897aca760083de46a

reference_url

https://github.com/apache/tomcat/commit/9e840ccacb40881c03a03b1e0746bfba7369b3bd

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/9e840ccacb40881c03a03b1e0746bfba7369b3bd

reference_url

https://lists.apache.org/thread/ty376mrxy1mmxtw3ogo53nc9l3co3dfs

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-18T14:44:38Z/

url

https://lists.apache.org/thread/ty376mrxy1mmxtw3ogo53nc9l3co3dfs

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2024-52317

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2024-52317

reference_url

https://security.netapp.com/advisory/ntap-20250124-0004

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20250124-0004

reference_url

http://www.openwall.com/lists/oss-security/2024/11/18/3

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2024/11/18/3

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2326973
reference_id	2326973
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2326973

reference_url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52317

reference_id

CVE-2024-52317

reference_type

scores

value	Important
scoring_system	apache_tomcat
scoring_elements

url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52317

reference_url	https://usn.ubuntu.com/7705-1/
reference_id	USN-7705-1
reference_type
scores
url	https://usn.ubuntu.com/7705-1/

fixed_packages

url pkg:apache/tomcat@9.0.96

purl pkg:apache/tomcat@9.0.96

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-58hq-8nzw-7bfw

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@9.0.96

url pkg:apache/tomcat@10.1.31

purl pkg:apache/tomcat@10.1.31

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-58hq-8nzw-7bfw

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@10.1.31

url pkg:apache/tomcat@11.0.0

purl pkg:apache/tomcat@11.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-58hq-8nzw-7bfw

vulnerability	VCID-bapg-6hhe-nfhj

vulnerability	VCID-j4ut-s3e4-qqh7

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@11.0.0

aliases CVE-2024-52317, GHSA-qvf5-hvjx-wm27

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rzd7-26dq-b7ff

Risk_score 4.0

Resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@9.0.96

Package Instance