Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/org.apache.tomcat.embed/tomcat-embed-core@7.0.52
Typemaven
Namespaceorg.apache.tomcat.embed
Nametomcat-embed-core
Version7.0.52
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version7.0.72
Latest_non_vulnerable_version11.0.18
Affected_by_vulnerabilities
0
url VCID-axzz-cadr-b7fv
vulnerability_id VCID-axzz-cadr-b7fv
summary 
Information Exposure
When a `SecurityManager` is configured, a web application's ability to read system properties should be controlled by the `SecurityManager`. In Apache Tomcat, the system property replacement feature for configuration files could be used by a malicious web application to bypass the SecurityManager and read system properties that should not be visible.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2017-0457.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2017-0457.html
1
reference_url https://access.redhat.com/errata/RHSA-2017:0455
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0455
2
reference_url https://access.redhat.com/errata/RHSA-2017:0456
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0456
3
reference_url https://access.redhat.com/errata/RHSA-2017:2247
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2247
4
reference_url https://lists.apache.org/thread.html/09d2f2c65ac4ff5da42f15dc2b0f78b655e50f1a42e8a9784134a9eb@%3Cannounce.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/09d2f2c65ac4ff5da42f15dc2b0f78b655e50f1a42e8a9784134a9eb@%3Cannounce.tomcat.apache.org%3E
5
reference_url https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E
6
reference_url https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E
7
reference_url https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E
8
reference_url https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E
9
reference_url https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E
10
reference_url https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E
11
reference_url https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424@%3Cdev.tomcat.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E
13
reference_url https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E
14
reference_url https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E
15
reference_url https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E
16
reference_url https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E
17
reference_url https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E
18
reference_url https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E
19
reference_url https://security.netapp.com/advisory/ntap-20180605-0001/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20180605-0001/
20
reference_url https://usn.ubuntu.com/4557-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/4557-1/
21
reference_url https://www.oracle.com/security-alerts/cpuoct2021.html
reference_id
reference_type
scores
url https://www.oracle.com/security-alerts/cpuoct2021.html
22
reference_url http://www.debian.org/security/2016/dsa-3720
reference_id
reference_type
scores
url http://www.debian.org/security/2016/dsa-3720
23
reference_url http://www.securityfocus.com/bid/93943
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/93943
24
reference_url http://www.securitytracker.com/id/1037143
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1037143
25
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-6794
reference_id CVE-2016-6794
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2016-6794
26
reference_url https://github.com/advisories/GHSA-2rvf-329f-p99g
reference_id GHSA-2rvf-329f-p99g
reference_type
scores
url https://github.com/advisories/GHSA-2rvf-329f-p99g
fixed_packages
0
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@7.0.72
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@7.0.72
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@7.0.72
1
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.0.37
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.0.37
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.0.37
2
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.5
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.5
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.5
3
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.1
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.1
aliases CVE-2016-6794, GHSA-2rvf-329f-p99g
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-axzz-cadr-b7fv
1
url VCID-xa95-zsnk-3kg9
vulnerability_id VCID-xa95-zsnk-3kg9
summary 
Information Exposure
A bug in the error handling of the NIO HTTP connector in Apache Tomcat resulted in the current Processor object being added to the Processor cache multiple times. This in turn meant that the same Processor could be used for concurrent requests. Sharing a Processor can result in information leakage.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2017-0457.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2017-0457.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2017-0527.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2017-0527.html
2
reference_url https://access.redhat.com/errata/RHSA-2017:0455
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0455
3
reference_url https://access.redhat.com/errata/RHSA-2017:0456
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0456
4
reference_url https://access.redhat.com/errata/RHSA-2017:0935
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0935
5
reference_url https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E
6
reference_url https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E
7
reference_url https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E
8
reference_url https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E
9
reference_url https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E
10
reference_url https://lists.apache.org/thread.html/4113c05d37f37c12b8033205684f04033c5f7a9bae117d4af23b32b4@%3Cannounce.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/4113c05d37f37c12b8033205684f04033c5f7a9bae117d4af23b32b4@%3Cannounce.tomcat.apache.org%3E
11
reference_url https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424@%3Cdev.tomcat.apache.org%3E
13
reference_url https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E
14
reference_url https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E
15
reference_url https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E
16
reference_url https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E
17
reference_url https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E
18
reference_url https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E
19
reference_url https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E
20
reference_url https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E
21
reference_url https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E
22
reference_url https://security.gentoo.org/glsa/201705-09
reference_id
reference_type
scores
url https://security.gentoo.org/glsa/201705-09
23
reference_url https://security.netapp.com/advisory/ntap-20180607-0002/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20180607-0002/
24
reference_url http://www.debian.org/security/2017/dsa-3754
reference_id
reference_type
scores
url http://www.debian.org/security/2017/dsa-3754
25
reference_url http://www.debian.org/security/2017/dsa-3755
reference_id
reference_type
scores
url http://www.debian.org/security/2017/dsa-3755
26
reference_url http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
reference_id
reference_type
scores
url http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
27
reference_url http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
reference_id
reference_type
scores
url http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
28
reference_url http://www.securityfocus.com/bid/94828
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/94828
29
reference_url http://www.securitytracker.com/id/1037432
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1037432
30
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-8745
reference_id CVE-2016-8745
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2016-8745
31
reference_url https://github.com/advisories/GHSA-w3j5-q8f2-3cqq
reference_id GHSA-w3j5-q8f2-3cqq
reference_type
scores
url https://github.com/advisories/GHSA-w3j5-q8f2-3cqq
fixed_packages
0
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@7.0.75
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@7.0.75
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-se44-f85s-xyex
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@7.0.75
1
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.0.41
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.0.41
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-se44-f85s-xyex
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.0.41
2
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.9
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.9
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.9
3
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.1
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.1
aliases CVE-2016-8745, GHSA-w3j5-q8f2-3cqq
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xa95-zsnk-3kg9
Fixing_vulnerabilities
0
url VCID-gmjm-6ck2-skgu
vulnerability_id VCID-gmjm-6ck2-skgu
summary 
Improper Handling of Exceptional Conditions
The error page mechanism of the Java Servlet Specification requires that, when an error occurs and an error page is configured for the error that occurred, the original request and response are forwarded to the error page. The Default Servlet in Apache Tomcat does not do this. Depending on the original request this could lead to unexpected and undesirable results for static error pages including, if the DefaultServlet is configured to permit writes, the replacement or removal of the custom error page. Notes for other user provided error pages: (1) Unless explicitly coded otherwise, JSPs ignore the HTTP method. JSPs used as error pages must ensure that they handle any error dispatch as a GET request, regardless of the actual method. (2) By default, the response generated by a Servlet does depend on the HTTP method. Custom Servlets used as error pages must ensure that they handle any error dispatch as a GET request, regardless of the actual method.
references
0
reference_url https://access.redhat.com/errata/RHSA-2017:1801
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:1801
1
reference_url https://access.redhat.com/errata/RHSA-2017:1802
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:1802
2
reference_url https://access.redhat.com/errata/RHSA-2017:1809
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:1809
3
reference_url https://access.redhat.com/errata/RHSA-2017:2493
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2493
4
reference_url https://access.redhat.com/errata/RHSA-2017:2494
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2494
5
reference_url https://access.redhat.com/errata/RHSA-2017:2633
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2633
6
reference_url https://access.redhat.com/errata/RHSA-2017:2635
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2635
7
reference_url https://access.redhat.com/errata/RHSA-2017:2636
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2636
8
reference_url https://access.redhat.com/errata/RHSA-2017:2637
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2637
9
reference_url https://access.redhat.com/errata/RHSA-2017:2638
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2638
10
reference_url https://access.redhat.com/errata/RHSA-2017:3080
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3080
11
reference_url https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba@%3Cdev.tomcat.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E
13
reference_url https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E
14
reference_url https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E
15
reference_url https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb@%3Cdev.tomcat.apache.org%3E
16
reference_url https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E
17
reference_url https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424@%3Cdev.tomcat.apache.org%3E
18
reference_url https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E
19
reference_url https://lists.apache.org/thread.html/a42c48e37398d76334e17089e43ccab945238b8b7896538478d76066@%3Cannounce.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/a42c48e37398d76334e17089e43ccab945238b8b7896538478d76066@%3Cannounce.tomcat.apache.org%3E
20
reference_url https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E
21
reference_url https://lists.apache.org/thread.html/e85e83e9954f169bbb77b44baae5a33d8de878df557bb32b7f793661@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/e85e83e9954f169bbb77b44baae5a33d8de878df557bb32b7f793661@%3Cdev.tomcat.apache.org%3E
22
reference_url https://lists.apache.org/thread.html/eb6efa8d59c45a7a9eff94c4b925467d3b3fec8ba7697f3daa314b04@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/eb6efa8d59c45a7a9eff94c4b925467d3b3fec8ba7697f3daa314b04@%3Cdev.tomcat.apache.org%3E
23
reference_url https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E
24
reference_url https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E
25
reference_url https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E
26
reference_url https://security.netapp.com/advisory/ntap-20171019-0002/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20171019-0002/
27
reference_url https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03828en_us
reference_id
reference_type
scores
url https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03828en_us
28
reference_url https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
reference_id
reference_type
scores
url https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
29
reference_url https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
reference_id
reference_type
scores
url https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
30
reference_url http://www.debian.org/security/2017/dsa-3891
reference_id
reference_type
scores
url http://www.debian.org/security/2017/dsa-3891
31
reference_url http://www.debian.org/security/2017/dsa-3892
reference_id
reference_type
scores
url http://www.debian.org/security/2017/dsa-3892
32
reference_url http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
reference_id
reference_type
scores
url http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
33
reference_url http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
reference_id
reference_type
scores
url http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
34
reference_url http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
reference_id
reference_type
scores
url http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
35
reference_url http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
reference_id
reference_type
scores
url http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
36
reference_url http://www.securityfocus.com/bid/98888
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/98888
37
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-5664
reference_id CVE-2017-5664
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2017-5664
38
reference_url https://github.com/advisories/GHSA-jmvv-524f-hj5j
reference_id GHSA-jmvv-524f-hj5j
reference_type
scores
url https://github.com/advisories/GHSA-jmvv-524f-hj5j
fixed_packages
0
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@7.0.52
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@7.0.52
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-axzz-cadr-b7fv
1
vulnerability VCID-xa95-zsnk-3kg9
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@7.0.52
1
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@7.0.78
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@7.0.78
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@7.0.78
2
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.0.8
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.0.8
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.0.8
3
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.0.44
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.0.44
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.0.44
4
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.15
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.15
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-dast-z2hv-2yfe
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.15
5
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.1
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.1
aliases CVE-2017-5664, GHSA-jmvv-524f-hj5j
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gmjm-6ck2-skgu
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@7.0.52