Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:apache/tomcat@11.0.0-M21
Typeapache
Namespace
Nametomcat
Version11.0.0-M21
Qualifiers
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version11.0.0-M3
Latest_non_vulnerable_version11.0.21
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-3vdn-j7sj-dfdn
vulnerability_id VCID-3vdn-j7sj-dfdn
summary 
Allocation of Resources Without Limits or Throttling vulnerability in Apache Tomcat.

This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M20, from 10.1.0-M1 through 10.1.24, from 9.0.13 through 9.0.89.


The following versions were EOL at the time the CVE was created but are 
known to be affected: 8.5.35 through 8.5.100 and 7.0.92 through 7.0.109. Other EOL versions may also be affected.


Users are recommended to upgrade to version 11.0.0-M21, 10.1.25, or 9.0.90, which fixes the issue.



Apache Tomcat, under certain configurations on any platform, allows an attacker to cause an OutOfMemoryError by abusing the TLS handshake process.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-38286.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-38286.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-38286
reference_id
reference_type
scores
0
value 0.00401
scoring_system epss
scoring_elements 0.60731
published_at 2026-04-02T12:55:00Z
1
value 0.00401
scoring_system epss
scoring_elements 0.60822
published_at 2026-04-16T12:55:00Z
2
value 0.00401
scoring_system epss
scoring_elements 0.60779
published_at 2026-04-13T12:55:00Z
3
value 0.00401
scoring_system epss
scoring_elements 0.60798
published_at 2026-04-12T12:55:00Z
4
value 0.00401
scoring_system epss
scoring_elements 0.60812
published_at 2026-04-11T12:55:00Z
5
value 0.00401
scoring_system epss
scoring_elements 0.60761
published_at 2026-04-04T12:55:00Z
6
value 0.00401
scoring_system epss
scoring_elements 0.60726
published_at 2026-04-07T12:55:00Z
7
value 0.00401
scoring_system epss
scoring_elements 0.60774
published_at 2026-04-08T12:55:00Z
8
value 0.00401
scoring_system epss
scoring_elements 0.6079
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-38286
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
1
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:H
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
4
reference_url https://github.com/apache/tomcat/commit/3197862639732e16ec1164557bcd289ebc116c93
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
1
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:H
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/3197862639732e16ec1164557bcd289ebc116c93
5
reference_url https://github.com/apache/tomcat/commit/3344c17cef094da4bb616f4186ed32039627b543
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
1
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:H
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/3344c17cef094da4bb616f4186ed32039627b543
6
reference_url https://github.com/apache/tomcat/commit/76c5cce6f0bcef14b0c21c38910371ca7d322d13
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
1
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:H
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/76c5cce6f0bcef14b0c21c38910371ca7d322d13
7
reference_url https://lists.apache.org/thread/wms60cvbsz3fpbz9psxtfx8r41jl6d4s
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
1
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-07T16:33:49Z/
url https://lists.apache.org/thread/wms60cvbsz3fpbz9psxtfx8r41jl6d4s
8
reference_url https://lists.debian.org/debian-lts-announce/2025/01/msg00009.html
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
1
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:H
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2025/01/msg00009.html
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-38286
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
1
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:H
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-38286
10
reference_url https://security.netapp.com/advisory/ntap-20241101-0010
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
1
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:H
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20241101-0010
11
reference_url http://www.openwall.com/lists/oss-security/2024/09/23/2
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
1
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:H
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2024/09/23/2
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2314686
reference_id 2314686
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2314686
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38286
reference_id CVE-2024-38286
reference_type
scores
0
value Important
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38286
14
reference_url https://github.com/advisories/GHSA-7jqf-v358-p8g7
reference_id GHSA-7jqf-v358-p8g7
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-7jqf-v358-p8g7
15
reference_url https://access.redhat.com/errata/RHSA-2024:4976
reference_id RHSA-2024:4976
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4976
16
reference_url https://access.redhat.com/errata/RHSA-2024:4977
reference_id RHSA-2024:4977
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4977
17
reference_url https://access.redhat.com/errata/RHSA-2024:5024
reference_id RHSA-2024:5024
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5024
18
reference_url https://access.redhat.com/errata/RHSA-2024:5025
reference_id RHSA-2024:5025
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5025
19
reference_url https://access.redhat.com/errata/RHSA-2024:5693
reference_id RHSA-2024:5693
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5693
20
reference_url https://access.redhat.com/errata/RHSA-2024:5694
reference_id RHSA-2024:5694
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5694
21
reference_url https://access.redhat.com/errata/RHSA-2024:5695
reference_id RHSA-2024:5695
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5695
22
reference_url https://access.redhat.com/errata/RHSA-2024:5696
reference_id RHSA-2024:5696
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5696
23
reference_url https://access.redhat.com/errata/RHSA-2024:8494
reference_id RHSA-2024:8494
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:8494
24
reference_url https://access.redhat.com/errata/RHSA-2024:8497
reference_id RHSA-2024:8497
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:8497
25
reference_url https://access.redhat.com/errata/RHSA-2024:8528
reference_id RHSA-2024:8528
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:8528
26
reference_url https://access.redhat.com/errata/RHSA-2024:8543
reference_id RHSA-2024:8543
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:8543
27
reference_url https://access.redhat.com/errata/RHSA-2024:8567
reference_id RHSA-2024:8567
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:8567
28
reference_url https://access.redhat.com/errata/RHSA-2024:8572
reference_id RHSA-2024:8572
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:8572
29
reference_url https://usn.ubuntu.com/7562-1/
reference_id USN-7562-1
reference_type
scores
url https://usn.ubuntu.com/7562-1/
fixed_packages
0
url pkg:apache/tomcat@9.0.90
purl pkg:apache/tomcat@9.0.90
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@9.0.90
1
url pkg:apache/tomcat@10.1.25
purl pkg:apache/tomcat@10.1.25
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@10.1.25
2
url pkg:apache/tomcat@11.0.0-M21
purl pkg:apache/tomcat@11.0.0-M21
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@11.0.0-M21
aliases CVE-2024-38286, GHSA-7jqf-v358-p8g7
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3vdn-j7sj-dfdn
1
url VCID-8myk-ac5b-huh8
vulnerability_id VCID-8myk-ac5b-huh8
summary 
Improper Handling of Exceptional Conditions, Uncontrolled Resource Consumption vulnerability in Apache Tomcat. When processing an HTTP/2 stream, Tomcat did not handle some cases of excessive HTTP headers correctly. This led to a miscounting of active HTTP/2 streams which in turn led to the use of an incorrect infinite timeout which allowed connections to remain open which should have been closed.

This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M20, from 10.1.0-M1 through 10.1.24, from 9.0.0-M1 through 9.0.89.

The following versions were EOL at the time the CVE was created but are 
known to be affected: 8.5.0 though 8.5.100. Other EOL versions may also be affected.


Users are recommended to upgrade to version 11.0.0-M21, 10.1.25 or 9.0.90, which fixes the issue.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-34750.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-34750.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-34750
reference_id
reference_type
scores
0
value 0.17245
scoring_system epss
scoring_elements 0.95002
published_at 2026-04-02T12:55:00Z
1
value 0.17245
scoring_system epss
scoring_elements 0.95004
published_at 2026-04-04T12:55:00Z
2
value 0.17245
scoring_system epss
scoring_elements 0.95029
published_at 2026-04-13T12:55:00Z
3
value 0.17245
scoring_system epss
scoring_elements 0.95026
published_at 2026-04-12T12:55:00Z
4
value 0.17245
scoring_system epss
scoring_elements 0.95007
published_at 2026-04-07T12:55:00Z
5
value 0.17245
scoring_system epss
scoring_elements 0.95015
published_at 2026-04-08T12:55:00Z
6
value 0.17245
scoring_system epss
scoring_elements 0.95019
published_at 2026-04-09T12:55:00Z
7
value 0.17245
scoring_system epss
scoring_elements 0.95025
published_at 2026-04-11T12:55:00Z
8
value 0.21539
scoring_system epss
scoring_elements 0.95727
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-34750
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
4
reference_url https://github.com/apache/tomcat/commit/2344a4c0d03e307ba6b8ab6dc8b894cc8bac63f2
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/2344a4c0d03e307ba6b8ab6dc8b894cc8bac63f2
5
reference_url https://github.com/apache/tomcat/commit/2afae300c9ac9c0e516e2e9de580847d925365c3
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/2afae300c9ac9c0e516e2e9de580847d925365c3
6
reference_url https://github.com/apache/tomcat/commit/9fec9a82887853402833a80b584e3762c7423f5f
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/9fec9a82887853402833a80b584e3762c7423f5f
7
reference_url https://lists.apache.org/thread/4kqf0bc9gxymjc2x7v3p7dvplnl77y8l
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-08T16:51:20Z/
url https://lists.apache.org/thread/4kqf0bc9gxymjc2x7v3p7dvplnl77y8l
8
reference_url https://lists.debian.org/debian-lts-announce/2025/07/msg00009.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2025/07/msg00009.html
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-34750
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-34750
10
reference_url https://security.netapp.com/advisory/ntap-20240816-0004
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20240816-0004
11
reference_url https://tomcat.apache.org/security-10.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-10.html
12
reference_url https://tomcat.apache.org/security-11.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-11.html
13
reference_url https://tomcat.apache.org/security-9.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-9.html
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2295651
reference_id 2295651
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2295651
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34750
reference_id CVE-2024-34750
reference_type
scores
0
value Important
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34750
16
reference_url https://github.com/advisories/GHSA-wm9w-rjj3-j356
reference_id GHSA-wm9w-rjj3-j356
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-wm9w-rjj3-j356
17
reference_url https://access.redhat.com/errata/RHSA-2024:4976
reference_id RHSA-2024:4976
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4976
18
reference_url https://access.redhat.com/errata/RHSA-2024:4977
reference_id RHSA-2024:4977
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4977
19
reference_url https://access.redhat.com/errata/RHSA-2024:5024
reference_id RHSA-2024:5024
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5024
20
reference_url https://access.redhat.com/errata/RHSA-2024:5025
reference_id RHSA-2024:5025
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5025
21
reference_url https://access.redhat.com/errata/RHSA-2024:5693
reference_id RHSA-2024:5693
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5693
22
reference_url https://access.redhat.com/errata/RHSA-2024:5694
reference_id RHSA-2024:5694
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5694
23
reference_url https://access.redhat.com/errata/RHSA-2024:5695
reference_id RHSA-2024:5695
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5695
24
reference_url https://access.redhat.com/errata/RHSA-2024:5696
reference_id RHSA-2024:5696
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5696
25
reference_url https://usn.ubuntu.com/7562-1/
reference_id USN-7562-1
reference_type
scores
url https://usn.ubuntu.com/7562-1/
fixed_packages
0
url pkg:apache/tomcat@9.0.90
purl pkg:apache/tomcat@9.0.90
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@9.0.90
1
url pkg:apache/tomcat@10.1.25
purl pkg:apache/tomcat@10.1.25
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@10.1.25
2
url pkg:apache/tomcat@11.0.0-M21
purl pkg:apache/tomcat@11.0.0-M21
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@11.0.0-M21
aliases CVE-2024-34750, GHSA-wm9w-rjj3-j356
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8myk-ac5b-huh8
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:apache/tomcat@11.0.0-M21