Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/org.apache.tomcat/tomcat@4.0.0
Typemaven
Namespaceorg.apache.tomcat
Nametomcat
Version4.0.0
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version4.0.7
Latest_non_vulnerable_version11.0.22
Affected_by_vulnerabilities
0
url VCID-24v5-jpna-rqg9
vulnerability_id VCID-24v5-jpna-rqg9
summary 
Apache Tomcat Reveals Directories
Apache Tomcat 5 before 5.5.17 allows remote attackers to list directories via a semicolon (`;`) preceding a filename with a mapped extension, as demonstrated by URLs ending with `/;index.jsp` and `/;help.do`.
references
0
reference_url http://archives.neohapsis.com/archives/fulldisclosure/2006-07/0467.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://archives.neohapsis.com/archives/fulldisclosure/2006-07/0467.html
1
reference_url http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx
2
reference_url http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html
3
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-3835.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-3835.json
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2006-3835
reference_id
reference_type
scores
0
value 0.51511
scoring_system epss
scoring_elements 0.97942
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2006-3835
5
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/27902
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/27902
6
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/34183
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/34183
7
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
8
reference_url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
9
reference_url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E
10
reference_url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
11
reference_url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
13
reference_url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E
14
reference_url http://sunsolve.sun.com/search/document.do?assetkey=1-26-239312-1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://sunsolve.sun.com/search/document.do?assetkey=1-26-239312-1
15
reference_url http://support.avaya.com/elmodocs2/security/ASA-2007-206.htm
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://support.avaya.com/elmodocs2/security/ASA-2007-206.htm
16
reference_url http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540
17
reference_url https://web.archive.org/web/20200517122628/http://www.securityfocus.com/archive/1/500396/100/0/threaded
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200517122628/http://www.securityfocus.com/archive/1/500396/100/0/threaded
18
reference_url https://web.archive.org/web/20200517153851/http://www.securityfocus.com/archive/1/500412/100/0/threaded
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200517153851/http://www.securityfocus.com/archive/1/500412/100/0/threaded
19
reference_url https://web.archive.org/web/20200525234537/http://securitytracker.com/id?1016576
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200525234537/http://securitytracker.com/id?1016576
20
reference_url https://web.archive.org/web/20200526144006/http://www.securityfocus.com/archive/1/507729/100/0/threaded
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200526144006/http://www.securityfocus.com/archive/1/507729/100/0/threaded
21
reference_url https://web.archive.org/web/20200526152646/http://www.securityfocus.com/archive/1/468048/100/0/threaded
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200526152646/http://www.securityfocus.com/archive/1/468048/100/0/threaded
22
reference_url https://web.archive.org/web/20200526165235/http://www.securityfocus.com/bid/19106
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200526165235/http://www.securityfocus.com/bid/19106
23
reference_url http://tomcat.apache.org/security-4.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-4.html
24
reference_url http://tomcat.apache.org/security-5.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-5.html
25
reference_url http://www.redhat.com/support/errata/RHSA-2008-0261.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.redhat.com/support/errata/RHSA-2008-0261.html
26
reference_url http://www.sec-consult.com/289.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.sec-consult.com/289.html
27
reference_url http://www.securenetwork.it/ricerca/advisory/download/SN-2009-02.txt
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securenetwork.it/ricerca/advisory/download/SN-2009-02.txt
28
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=237084
reference_id 237084
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=237084
29
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3835
reference_id CVE-2006-3835
reference_type
scores
0
value Low
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3835
30
reference_url https://nvd.nist.gov/vuln/detail/CVE-2006-3835
reference_id CVE-2006-3835
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2006-3835
31
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/28254.txt
reference_id CVE-2006-3835;OSVDB-32723
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/28254.txt
32
reference_url https://www.securityfocus.com/bid/19106/info
reference_id CVE-2006-3835;OSVDB-32723
reference_type exploit
scores
url https://www.securityfocus.com/bid/19106/info
33
reference_url https://github.com/advisories/GHSA-wfj7-mhr5-pcwq
reference_id GHSA-wfj7-mhr5-pcwq
reference_type
scores
url https://github.com/advisories/GHSA-wfj7-mhr5-pcwq
34
reference_url https://access.redhat.com/errata/RHSA-2007:1069
reference_id RHSA-2007:1069
reference_type
scores
url https://access.redhat.com/errata/RHSA-2007:1069
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@4.1.32
purl pkg:maven/org.apache.tomcat/tomcat@4.1.32
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4wj8-en12-uuch
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@4.1.32
1
url pkg:maven/org.apache.tomcat/tomcat@5.5.13%2C
purl pkg:maven/org.apache.tomcat/tomcat@5.5.13%2C
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@5.5.13%252C
2
url pkg:maven/org.apache.tomcat/tomcat@5.5.17
purl pkg:maven/org.apache.tomcat/tomcat@5.5.17
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-cqz2-4njt-g3da
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@5.5.17
aliases CVE-2006-3835, GHSA-wfj7-mhr5-pcwq
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-24v5-jpna-rqg9
1
url VCID-284n-4e5d-d7gt
vulnerability_id VCID-284n-4e5d-d7gt
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2002-0682
reference_id
reference_type
scores
0
value 0.83058
scoring_system epss
scoring_elements 0.99274
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2002-0682
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0682
reference_id CVE-2002-0682
reference_type
scores
0
value Moderate
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0682
2
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/21604.txt
reference_id CVE-2002-0682;OSVDB-4973
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/21604.txt
3
reference_url https://www.securityfocus.com/bid/5193/info
reference_id CVE-2002-0682;OSVDB-4973
reference_type exploit
scores
url https://www.securityfocus.com/bid/5193/info
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@4.1.13%2C
purl pkg:maven/org.apache.tomcat/tomcat@4.1.13%2C
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@4.1.13%252C
aliases CVE-2002-0682
risk_score 10.0
exploitability 2.0
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-284n-4e5d-d7gt
2
url VCID-2af1-rv9j-jugv
vulnerability_id VCID-2af1-rv9j-jugv
summary 
Cross-site scripting in Apache Tomcat
Cross-site scripting (XSS) vulnerability in the calendar application example in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.31, 5.0.0 through 5.0.30, and 5.5.0 through 5.5.15 allows remote attackers to inject arbitrary web script or HTML via the time parameter to cal2.jsp and possibly unspecified other vectors.  NOTE: this may be related to CVE-2006-0254.1.
references
0
reference_url http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html
2
reference_url http://osvdb.org/34888
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://osvdb.org/34888
3
reference_url https://access.redhat.com/errata/RHSA-2007:0326
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2007:0326
4
reference_url https://access.redhat.com/errata/RHSA-2007:0340
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2007:0340
5
reference_url https://access.redhat.com/errata/RHSA-2008:0261
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2008:0261
6
reference_url https://access.redhat.com/errata/RHSA-2008:0524
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2008:0524
7
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-7196.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-7196.json
8
reference_url https://api.first.org/data/v1/epss?cve=CVE-2006-7196
reference_id
reference_type
scores
0
value 0.79909
scoring_system epss
scoring_elements 0.99127
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2006-7196
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=238131
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=238131
10
reference_url http://secunia.com/advisories/29242
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/29242
11
reference_url http://secunia.com/advisories/33668
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/33668
12
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
13
reference_url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
14
reference_url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E
15
reference_url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
16
reference_url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E
17
reference_url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
18
reference_url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E
19
reference_url http://support.avaya.com/elmodocs2/security/ASA-2007-206.htm
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://support.avaya.com/elmodocs2/security/ASA-2007-206.htm
20
reference_url http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540
21
reference_url http://tomcat.apache.org/security-4.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-4.html
22
reference_url http://tomcat.apache.org/security-5.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-5.html
23
reference_url http://www.redhat.com/support/errata/RHSA-2008-0261.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.redhat.com/support/errata/RHSA-2008-0261.html
24
reference_url http://www.securityfocus.com/archive/1/478491/100/0/threaded
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/archive/1/478491/100/0/threaded
25
reference_url http://www.securityfocus.com/archive/1/478609/100/0/threaded
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/archive/1/478609/100/0/threaded
26
reference_url http://www.securityfocus.com/archive/1/500396/100/0/threaded
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/archive/1/500396/100/0/threaded
27
reference_url http://www.securityfocus.com/archive/1/500412/100/0/threaded
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/archive/1/500412/100/0/threaded
28
reference_url http://www.securityfocus.com/bid/25531
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/25531
29
reference_url http://www.vupen.com/english/advisories/2007/1729
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.vupen.com/english/advisories/2007/1729
30
reference_url http://www.vupen.com/english/advisories/2009/0233
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.vupen.com/english/advisories/2009/0233
31
reference_url https://access.redhat.com/security/cve/CVE-2006-7196
reference_id CVE-2006-7196
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2006-7196
32
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7196
reference_id CVE-2006-7196
reference_type
scores
0
value Low
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7196
33
reference_url https://nvd.nist.gov/vuln/detail/CVE-2006-7196
reference_id CVE-2006-7196
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2006-7196
34
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/jsp/webapps/30563.txt
reference_id CVE-2006-7196;OSVDB-34888
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/jsp/webapps/30563.txt
35
reference_url https://www.securityfocus.com/bid/25531/info
reference_id CVE-2006-7196;OSVDB-34888
reference_type exploit
scores
url https://www.securityfocus.com/bid/25531/info
36
reference_url https://github.com/advisories/GHSA-pm78-wxxf-fw98
reference_id GHSA-pm78-wxxf-fw98
reference_type
scores
url https://github.com/advisories/GHSA-pm78-wxxf-fw98
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@4.0.7
purl pkg:maven/org.apache.tomcat/tomcat@4.0.7
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@4.0.7
1
url pkg:maven/org.apache.tomcat/tomcat@4.1.32
purl pkg:maven/org.apache.tomcat/tomcat@4.1.32
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4wj8-en12-uuch
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@4.1.32
2
url pkg:maven/org.apache.tomcat/tomcat@5.0.31
purl pkg:maven/org.apache.tomcat/tomcat@5.0.31
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@5.0.31
3
url pkg:maven/org.apache.tomcat/tomcat@5.5.16
purl pkg:maven/org.apache.tomcat/tomcat@5.5.16
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-19dy-a2qt-9qdt
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@5.5.16
4
url pkg:maven/org.apache.tomcat/tomcat@5.5.16%2C
purl pkg:maven/org.apache.tomcat/tomcat@5.5.16%2C
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@5.5.16%252C
aliases CVE-2006-7196, GHSA-pm78-wxxf-fw98
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2af1-rv9j-jugv
3
url VCID-2jws-wtvg-2khf
vulnerability_id VCID-2jws-wtvg-2khf
summary 
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Cross-site scripting (XSS) vulnerability in certain applications using Apache Tomcat 4.0.0 through 4.0.6 and 4.1.0 through 4.1.34 allows remote attackers to inject arbitrary web script or HTML via crafted "Accept-Language headers that do not conform to RFC 2616".
references
0
reference_url http://docs.info.apple.com/article.html?artnum=306172
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://docs.info.apple.com/article.html?artnum=306172
1
reference_url http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html
2
reference_url http://rhn.redhat.com/errata/RHSA-2008-0630.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2008-0630.html
3
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-1358.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-1358.json
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2007-1358
reference_id
reference_type
scores
0
value 0.44249
scoring_system epss
scoring_elements 0.9762
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2007-1358
5
reference_url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
6
reference_url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
7
reference_url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
8
reference_url https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00525.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00525.html
9
reference_url http://tomcat.apache.org/security-4.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-4.html
10
reference_url http://www.redhat.com/support/errata/RHSA-2008-0261.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://www.redhat.com/support/errata/RHSA-2008-0261.html
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=244803
reference_id 244803
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=244803
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1358
reference_id CVE-2007-1358
reference_type
scores
0
value Low
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1358
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2007-1358
reference_id CVE-2007-1358
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2007-1358
14
reference_url https://github.com/advisories/GHSA-xmc9-6p56-3c4v
reference_id GHSA-xmc9-6p56-3c4v
reference_type
scores
url https://github.com/advisories/GHSA-xmc9-6p56-3c4v
15
reference_url https://access.redhat.com/errata/RHSA-2007:0360
reference_id RHSA-2007:0360
reference_type
scores
url https://access.redhat.com/errata/RHSA-2007:0360
16
reference_url https://access.redhat.com/errata/RHSA-2007:0876
reference_id RHSA-2007:0876
reference_type
scores
url https://access.redhat.com/errata/RHSA-2007:0876
17
reference_url https://access.redhat.com/errata/RHSA-2008:0630
reference_id RHSA-2008:0630
reference_type
scores
url https://access.redhat.com/errata/RHSA-2008:0630
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@4.1.36
purl pkg:maven/org.apache.tomcat/tomcat@4.1.36
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-96yu-fvee-wfbs
1
vulnerability VCID-kaem-zczd-pyhu
2
vulnerability VCID-kxc3-vz2c-wqca
3
vulnerability VCID-qdvn-uc56-6fds
4
vulnerability VCID-qz87-x4zb-rud7
5
vulnerability VCID-sjn3-a6fs-gyck
6
vulnerability VCID-uwuf-vukf-cqck
7
vulnerability VCID-w8uj-zy2r-fyca
8
vulnerability VCID-ypuq-2mr2-sybb
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@4.1.36
1
url pkg:maven/org.apache.tomcat/tomcat@5.5.21%2C
purl pkg:maven/org.apache.tomcat/tomcat@5.5.21%2C
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@5.5.21%252C
2
url pkg:maven/org.apache.tomcat/tomcat@6.0.6
purl pkg:maven/org.apache.tomcat/tomcat@6.0.6
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@6.0.6
aliases CVE-2007-1358, GHSA-xmc9-6p56-3c4v
risk_score 1.4
exploitability 0.5
weighted_severity 2.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2jws-wtvg-2khf
4
url VCID-7few-6w74-43cm
vulnerability_id VCID-7few-6w74-43cm
summary 
Apache Tomcat DoS Via Requests Including Null Characters
Apache Tomcat 4.0.3, and possibly other versions before 4.1.3 beta, allows remote attackers to cause a denial of service (resource exhaustion) via a large number of requests to the server with null characters, which causes the working threads to hang.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2002-0935
reference_id
reference_type
scores
0
value 0.02834
scoring_system epss
scoring_elements 0.86455
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2002-0935
1
reference_url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
2
reference_url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
3
reference_url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
4
reference_url https://web.archive.org/web/20020822030311/http://www.iss.net/security_center/static/9396.php
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20020822030311/http://www.iss.net/security_center/static/9396.php
5
reference_url https://web.archive.org/web/20021010182017/http://online.securityfocus.com/bid/5067
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20021010182017/http://online.securityfocus.com/bid/5067
6
reference_url https://web.archive.org/web/20021116054924/http://online.securityfocus.com/archive/1/277940
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20021116054924/http://online.securityfocus.com/archive/1/277940
7
reference_url https://web.archive.org/web/20070525180638/http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0120.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20070525180638/http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0120.html
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0935
reference_id CVE-2002-0935
reference_type
scores
0
value Important
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0935
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2002-0935
reference_id CVE-2002-0935
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2002-0935
10
reference_url https://github.com/advisories/GHSA-xmf4-j3j7-xj7q
reference_id GHSA-xmf4-j3j7-xj7q
reference_type
scores
url https://github.com/advisories/GHSA-xmf4-j3j7-xj7q
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@4.1.3-beta
purl pkg:maven/org.apache.tomcat/tomcat@4.1.3-beta
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@4.1.3-beta
1
url pkg:maven/org.apache.tomcat/tomcat@4.1.3
purl pkg:maven/org.apache.tomcat/tomcat@4.1.3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@4.1.3
aliases CVE-2002-0935, GHSA-xmf4-j3j7-xj7q
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7few-6w74-43cm
5
url VCID-aywp-amq3-yyes
vulnerability_id VCID-aywp-amq3-yyes
summary 
Improper Restriction of Operations within the Bounds of a Memory Buffer
Tomcat 4.0 through 4.1.12, using mod_jk 1.2.1 module on Apache 1.3 through 1.3.27, allows remote attackers to cause a denial of service (desynchronized communications) via an HTTP GET request with a Transfer-Encoding chunked field with invalid values.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2002-2272
reference_id
reference_type
scores
0
value 0.31421
scoring_system epss
scoring_elements 0.96874
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2002-2272
1
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/10771
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/10771
2
reference_url https://web.archive.org/web/20030501051114/http://www.securityfocus.com/bid/6320
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20030501051114/http://www.securityfocus.com/bid/6320
3
reference_url https://web.archive.org/web/20051124132812/http://archives.neohapsis.com/archives/bugtraq/2002-12/0045.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20051124132812/http://archives.neohapsis.com/archives/bugtraq/2002-12/0045.html
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2002-2272
reference_id CVE-2002-2272
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2002-2272
5
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/unix/dos/22068.pl
reference_id CVE-2002-2272;OSVDB-7394
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/unix/dos/22068.pl
6
reference_url https://www.securityfocus.com/bid/6320/info
reference_id CVE-2002-2272;OSVDB-7394
reference_type exploit
scores
url https://www.securityfocus.com/bid/6320/info
7
reference_url https://github.com/advisories/GHSA-pqr5-9v2j-44xg
reference_id GHSA-pqr5-9v2j-44xg
reference_type
scores
url https://github.com/advisories/GHSA-pqr5-9v2j-44xg
fixed_packages
aliases CVE-2002-2272, GHSA-pqr5-9v2j-44xg
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-aywp-amq3-yyes
6
url VCID-ccfn-tde4-s7hr
vulnerability_id VCID-ccfn-tde4-s7hr
summary 
Apache Tomcat Source Code Disclosure
The default servlet (org.apache.catalina.servlets.DefaultServlet) in Tomcat 4.0.4 and 4.1.10 and earlier allows remote attackers to read source code for server files via a direct request to the servlet.
references
0
reference_url http://marc.info/?l=bugtraq&m=103288242014253&w=2
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://marc.info/?l=bugtraq&m=103288242014253&w=2
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2002-1148.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2002-1148.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2002-1148
reference_id
reference_type
scores
0
value 0.67271
scoring_system epss
scoring_elements 0.98579
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2002-1148
3
reference_url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@<dev.tomcat.apache.org>
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@<dev.tomcat.apache.org>
4
reference_url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@<dev.tomcat.apache.org>
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@<dev.tomcat.apache.org>
5
reference_url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@<dev.tomcat.apache.org>
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@<dev.tomcat.apache.org>
6
reference_url https://web.archive.org/web/20021027204137/http://www.iss.net/security_center/static/10175.php
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20021027204137/http://www.iss.net/security_center/static/10175.php
7
reference_url https://web.archive.org/web/20030113141130/http://online.securityfocus.com/advisories/4758
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20030113141130/http://online.securityfocus.com/advisories/4758
8
reference_url https://web.archive.org/web/20030710185447/http://www.securityfocus.com/bid/5786
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20030710185447/http://www.securityfocus.com/bid/5786
9
reference_url https://web.archive.org/web/20040814165854/http://rhn.redhat.com/errata/RHSA-2002-217.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20040814165854/http://rhn.redhat.com/errata/RHSA-2002-217.html
10
reference_url https://web.archive.org/web/20040817035804/http://rhn.redhat.com/errata/RHSA-2002-218.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20040817035804/http://rhn.redhat.com/errata/RHSA-2002-218.html
11
reference_url https://web.archive.org/web/20070430075037/http://www.debian.org/security/2002/dsa-170
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20070430075037/http://www.debian.org/security/2002/dsa-170
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1616844
reference_id 1616844
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1616844
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1148
reference_id CVE-2002-1148
reference_type
scores
0
value Important
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1148
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2002-1148
reference_id CVE-2002-1148
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2002-1148
15
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/unix/remote/21853.txt
reference_id CVE-2002-1148;OSVDB-8773
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/unix/remote/21853.txt
16
reference_url https://www.securityfocus.com/bid/5786/info
reference_id CVE-2002-1148;OSVDB-8773
reference_type exploit
scores
url https://www.securityfocus.com/bid/5786/info
17
reference_url https://github.com/advisories/GHSA-jxcv-v856-j5vg
reference_id GHSA-jxcv-v856-j5vg
reference_type
scores
url https://github.com/advisories/GHSA-jxcv-v856-j5vg
18
reference_url https://access.redhat.com/errata/RHSA-2002:217
reference_id RHSA-2002:217
reference_type
scores
url https://access.redhat.com/errata/RHSA-2002:217
19
reference_url https://access.redhat.com/errata/RHSA-2002:218
reference_id RHSA-2002:218
reference_type
scores
url https://access.redhat.com/errata/RHSA-2002:218
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@4.0.5
purl pkg:maven/org.apache.tomcat/tomcat@4.0.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-284n-4e5d-d7gt
1
vulnerability VCID-rpqh-1b8p-dqcy
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@4.0.5
1
url pkg:maven/org.apache.tomcat/tomcat@4.1.12
purl pkg:maven/org.apache.tomcat/tomcat@4.1.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-284n-4e5d-d7gt
1
vulnerability VCID-aywp-amq3-yyes
2
vulnerability VCID-rpqh-1b8p-dqcy
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@4.1.12
2
url pkg:maven/org.apache.tomcat/tomcat@4.1.12%2C
purl pkg:maven/org.apache.tomcat/tomcat@4.1.12%2C
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@4.1.12%252C
aliases CVE-2002-1148, GHSA-jxcv-v856-j5vg
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ccfn-tde4-s7hr
7
url VCID-hxer-p6va-7kdh
vulnerability_id VCID-hxer-p6va-7kdh
summary 
Apache Tomcat Leaks Pathname Information via Error Message
Apache Tomcat 4.0.1 allows remote attackers to obtain the web root path via HTTP requests for JSP files preceded by (1) +/, (2) >/, (3) </, and (4) %20/, which leaks the pathname in an error message.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2002-2009
reference_id
reference_type
scores
0
value 0.03215
scoring_system epss
scoring_elements 0.87275
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2002-2009
1
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/42915
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/42915
2
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
3
reference_url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
4
reference_url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E
5
reference_url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
6
reference_url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E
7
reference_url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
8
reference_url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E
9
reference_url https://web.archive.org/web/20200302170930/https://www.securityfocus.com/bid/4557
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200302170930/https://www.securityfocus.com/bid/4557
10
reference_url http://tomcat.apache.org/security-4.html
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-4.html
11
reference_url http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2002-04/0286.html
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2002-04/0286.html
12
reference_url http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2002-04/0297.html
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2002-04/0297.html
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2009
reference_id CVE-2002-2009
reference_type
scores
0
value Low
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2009
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2002-2009
reference_id CVE-2002-2009
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2002-2009
15
reference_url https://github.com/advisories/GHSA-r6cf-cr44-m8rr
reference_id GHSA-r6cf-cr44-m8rr
reference_type
scores
url https://github.com/advisories/GHSA-r6cf-cr44-m8rr
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@4.0.2
purl pkg:maven/org.apache.tomcat/tomcat@4.0.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7few-6w74-43cm
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@4.0.2
aliases CVE-2002-2009, GHSA-r6cf-cr44-m8rr
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hxer-p6va-7kdh
8
url VCID-kua1-kn4q-7kd2
vulnerability_id VCID-kua1-kn4q-7kd2
summary
references
0
reference_url http://docs.info.apple.com/article.html?artnum=306172
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://docs.info.apple.com/article.html?artnum=306172
1
reference_url http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html
2
reference_url http://lists.vmware.com/pipermail/security-announce/2008/000003.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.vmware.com/pipermail/security-announce/2008/000003.html
3
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-0450.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-0450.json
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2007-0450
reference_id
reference_type
scores
0
value 0.90452
scoring_system epss
scoring_elements 0.99625
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2007-0450
5
reference_url http://security.gentoo.org/glsa/glsa-200705-03.xml
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://security.gentoo.org/glsa/glsa-200705-03.xml
6
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/32988
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/32988
7
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
8
reference_url https://github.com/apache/tomcat/commit/0c5ec5b958f1b59840ee155a23ab409755b039f6
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/0c5ec5b958f1b59840ee155a23ab409755b039f6
9
reference_url https://github.com/apache/tomcat/commit/1735d7f55094c3775c7d94e4f8568336dbe1a738
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/1735d7f55094c3775c7d94e4f8568336dbe1a738
10
reference_url https://github.com/apache/tomcat/commit/19ec1ccd17fbb98511bc1c12b255253c4f48b85f
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/19ec1ccd17fbb98511bc1c12b255253c4f48b85f
11
reference_url https://github.com/apache/tomcat/commit/ec7ff880dbc28b313bf3a2b1914f6f0371489793
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/ec7ff880dbc28b313bf3a2b1914f6f0371489793
12
reference_url https://lists.apache.org/thread.html/277d42b48b6e9aef50949c0dcc79ce21693091d73da246b3c1981925@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/277d42b48b6e9aef50949c0dcc79ce21693091d73da246b3c1981925@%3Cdev.tomcat.apache.org%3E
13
reference_url https://lists.apache.org/thread.html/277d42b48b6e9aef50949c0dcc79ce21693091d73da246b3c1981925%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/277d42b48b6e9aef50949c0dcc79ce21693091d73da246b3c1981925%40%3Cdev.tomcat.apache.org%3E
14
reference_url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
15
reference_url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E
16
reference_url https://lists.apache.org/thread.html/5b7a23e245c93235c503900da854a143596d901bf1a1f67e851a5de4@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/5b7a23e245c93235c503900da854a143596d901bf1a1f67e851a5de4@%3Cdev.tomcat.apache.org%3E
17
reference_url https://lists.apache.org/thread.html/5b7a23e245c93235c503900da854a143596d901bf1a1f67e851a5de4%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/5b7a23e245c93235c503900da854a143596d901bf1a1f67e851a5de4%40%3Cdev.tomcat.apache.org%3E
18
reference_url https://lists.apache.org/thread.html/8d2a579bbd977c225c70cb23b0ec54865fb0dab5da3eff1e060c9935@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/8d2a579bbd977c225c70cb23b0ec54865fb0dab5da3eff1e060c9935@%3Cdev.tomcat.apache.org%3E
19
reference_url https://lists.apache.org/thread.html/8d2a579bbd977c225c70cb23b0ec54865fb0dab5da3eff1e060c9935%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/8d2a579bbd977c225c70cb23b0ec54865fb0dab5da3eff1e060c9935%40%3Cdev.tomcat.apache.org%3E
20
reference_url https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d@%3Cdev.tomcat.apache.org%3E
21
reference_url https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d%40%3Cdev.tomcat.apache.org%3E
22
reference_url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
23
reference_url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E
24
reference_url https://lists.apache.org/thread.html/r5c616dfc49156e4b06ffab842800c80f4425924d0f20c452c127a53c@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r5c616dfc49156e4b06ffab842800c80f4425924d0f20c452c127a53c@%3Cdev.tomcat.apache.org%3E
25
reference_url https://lists.apache.org/thread.html/r5c616dfc49156e4b06ffab842800c80f4425924d0f20c452c127a53c%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r5c616dfc49156e4b06ffab842800c80f4425924d0f20c452c127a53c%40%3Cdev.tomcat.apache.org%3E
26
reference_url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
27
reference_url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E
28
reference_url https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d@%3Cdev.tomcat.apache.org%3E
29
reference_url https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d%40%3Cdev.tomcat.apache.org%3E
30
reference_url https://nvd.nist.gov/vuln/detail/CVE-2007-0450
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2007-0450
31
reference_url http://tomcat.apache.org/security-4.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-4.html
32
reference_url http://tomcat.apache.org/security-5.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-5.html
33
reference_url http://tomcat.apache.org/security-6.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-6.html
34
reference_url http://www.redhat.com/support/errata/RHSA-2007-0327.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.redhat.com/support/errata/RHSA-2007-0327.html
35
reference_url http://www.redhat.com/support/errata/RHSA-2007-0360.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.redhat.com/support/errata/RHSA-2007-0360.html
36
reference_url http://www.redhat.com/support/errata/RHSA-2008-0261.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.redhat.com/support/errata/RHSA-2008-0261.html
37
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=237080
reference_id 237080
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=237080
38
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0450
reference_id CVE-2007-0450
reference_type
scores
0
value Important
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0450
39
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/29739.txt
reference_id CVE-2007-0450;OSVDB-34769
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/29739.txt
40
reference_url https://www.securityfocus.com/bid/22960/info
reference_id CVE-2007-0450;OSVDB-34769
reference_type exploit
scores
url https://www.securityfocus.com/bid/22960/info
41
reference_url https://security.gentoo.org/glsa/200705-03
reference_id GLSA-200705-03
reference_type
scores
url https://security.gentoo.org/glsa/200705-03
42
reference_url https://access.redhat.com/errata/RHSA-2007:0360
reference_id RHSA-2007:0360
reference_type
scores
url https://access.redhat.com/errata/RHSA-2007:0360
43
reference_url https://access.redhat.com/errata/RHSA-2007:1069
reference_id RHSA-2007:1069
reference_type
scores
url https://access.redhat.com/errata/RHSA-2007:1069
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@4.1.36
purl pkg:maven/org.apache.tomcat/tomcat@4.1.36
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-96yu-fvee-wfbs
1
vulnerability VCID-kaem-zczd-pyhu
2
vulnerability VCID-kxc3-vz2c-wqca
3
vulnerability VCID-qdvn-uc56-6fds
4
vulnerability VCID-qz87-x4zb-rud7
5
vulnerability VCID-sjn3-a6fs-gyck
6
vulnerability VCID-uwuf-vukf-cqck
7
vulnerability VCID-w8uj-zy2r-fyca
8
vulnerability VCID-ypuq-2mr2-sybb
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@4.1.36
1
url pkg:maven/org.apache.tomcat/tomcat@5.5.22
purl pkg:maven/org.apache.tomcat/tomcat@5.5.22
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-zam7-79x3-ekg3
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@5.5.22
2
url pkg:maven/org.apache.tomcat/tomcat@5.5.22%2C
purl pkg:maven/org.apache.tomcat/tomcat@5.5.22%2C
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@5.5.22%252C
3
url pkg:maven/org.apache.tomcat/tomcat@6.0.10
purl pkg:maven/org.apache.tomcat/tomcat@6.0.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ypuq-2mr2-sybb
1
vulnerability VCID-zam7-79x3-ekg3
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@6.0.10
aliases CVE-2007-0450, GHSA-4prh-gqw8-rgh5
risk_score 10.0
exploitability 2.0
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kua1-kn4q-7kd2
9
url VCID-kxc3-vz2c-wqca
vulnerability_id VCID-kxc3-vz2c-wqca
summary 
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Absolute path traversal vulnerability in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0, 5.0.0, 5.5.0 through 5.5.25, and 6.0.0 through 6.0.14, under certain configurations, allows remote authenticated users to read arbitrary files via a WebDAV write request that specifies an entity with a SYSTEM tag.
references
0
reference_url http://geronimo.apache.org/2007/10/18/potential-vulnerability-in-apache-tomcat-webdav-servlet.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://geronimo.apache.org/2007/10/18/potential-vulnerability-in-apache-tomcat-webdav-servlet.html
1
reference_url http://issues.apache.org/jira/browse/GERONIMO-3549
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://issues.apache.org/jira/browse/GERONIMO-3549
2
reference_url http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html
3
reference_url http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html
4
reference_url http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html
5
reference_url http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html
6
reference_url http://mail-archives.apache.org/mod_mbox/tomcat-users/200710.mbox/%3C47135C2D.1000705@apache.org%3E
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://mail-archives.apache.org/mod_mbox/tomcat-users/200710.mbox/%3C47135C2D.1000705@apache.org%3E
7
reference_url http://marc.info/?l=bugtraq&m=139344343412337&w=2
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://marc.info/?l=bugtraq&m=139344343412337&w=2
8
reference_url http://marc.info/?l=full-disclosure&m=119239530508382
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://marc.info/?l=full-disclosure&m=119239530508382
9
reference_url http://rhn.redhat.com/errata/RHSA-2008-0630.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2008-0630.html
10
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5461.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5461.json
11
reference_url https://api.first.org/data/v1/epss?cve=CVE-2007-5461
reference_id
reference_type
scores
0
value 0.06505
scoring_system epss
scoring_elements 0.91271
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2007-5461
12
reference_url http://security.gentoo.org/glsa/glsa-200804-10.xml
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://security.gentoo.org/glsa/glsa-200804-10.xml
13
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/37243
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/37243
14
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
15
reference_url https://github.com/apache/tomcat/commit/1e7b31e24801777f4de45d565f6a20a5377dd22c
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/1e7b31e24801777f4de45d565f6a20a5377dd22c
16
reference_url https://github.com/apache/tomcat/commit/901292cf9d7d8225f8a3b96c7583e2bd8b41772d
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/901292cf9d7d8225f8a3b96c7583e2bd8b41772d
17
reference_url https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E
18
reference_url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
19
reference_url https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E
20
reference_url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
21
reference_url https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@%3Cdev.tomcat.apache.org%3E
22
reference_url https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3Cdev.tomcat.apache.org%3E
23
reference_url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
24
reference_url http://support.apple.com/kb/HT2163
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://support.apple.com/kb/HT2163
25
reference_url http://support.apple.com/kb/HT3216
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://support.apple.com/kb/HT3216
26
reference_url https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00525.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00525.html
27
reference_url http://tomcat.apache.org/security-4.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-4.html
28
reference_url http://tomcat.apache.org/security-5.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-5.html
29
reference_url http://tomcat.apache.org/security-6.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-6.html
30
reference_url http://www.debian.org/security/2008/dsa-1447
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2008/dsa-1447
31
reference_url http://www.debian.org/security/2008/dsa-1453
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2008/dsa-1453
32
reference_url http://www.redhat.com/support/errata/RHSA-2008-0042.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://www.redhat.com/support/errata/RHSA-2008-0042.html
33
reference_url http://www.redhat.com/support/errata/RHSA-2008-0195.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://www.redhat.com/support/errata/RHSA-2008-0195.html
34
reference_url http://www.redhat.com/support/errata/RHSA-2008-0261.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://www.redhat.com/support/errata/RHSA-2008-0261.html
35
reference_url http://www.redhat.com/support/errata/RHSA-2008-0862.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://www.redhat.com/support/errata/RHSA-2008-0862.html
36
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=333791
reference_id 333791
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=333791
37
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5461
reference_id CVE-2007-5461
reference_type
scores
0
value Important
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5461
38
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/4552.pl
reference_id CVE-2007-5461
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/4552.pl
39
reference_url https://nvd.nist.gov/vuln/detail/CVE-2007-5461
reference_id CVE-2007-5461
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2007-5461
40
reference_url https://github.com/advisories/GHSA-v5p2-vg3c-pmrr
reference_id GHSA-v5p2-vg3c-pmrr
reference_type
scores
url https://github.com/advisories/GHSA-v5p2-vg3c-pmrr
41
reference_url https://security.gentoo.org/glsa/200804-10
reference_id GLSA-200804-10
reference_type
scores
url https://security.gentoo.org/glsa/200804-10
42
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/4530.pl
reference_id OSVDB-38187;CVE-2007-5461
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/4530.pl
43
reference_url https://access.redhat.com/errata/RHSA-2008:0042
reference_id RHSA-2008:0042
reference_type
scores
url https://access.redhat.com/errata/RHSA-2008:0042
44
reference_url https://access.redhat.com/errata/RHSA-2008:0151
reference_id RHSA-2008:0151
reference_type
scores
url https://access.redhat.com/errata/RHSA-2008:0151
45
reference_url https://access.redhat.com/errata/RHSA-2008:0158
reference_id RHSA-2008:0158
reference_type
scores
url https://access.redhat.com/errata/RHSA-2008:0158
46
reference_url https://access.redhat.com/errata/RHSA-2008:0195
reference_id RHSA-2008:0195
reference_type
scores
url https://access.redhat.com/errata/RHSA-2008:0195
47
reference_url https://access.redhat.com/errata/RHSA-2008:0213
reference_id RHSA-2008:0213
reference_type
scores
url https://access.redhat.com/errata/RHSA-2008:0213
48
reference_url https://access.redhat.com/errata/RHSA-2008:0630
reference_id RHSA-2008:0630
reference_type
scores
url https://access.redhat.com/errata/RHSA-2008:0630
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@4.1.37
purl pkg:maven/org.apache.tomcat/tomcat@4.1.37
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qrbz-jgfy-qqhm
1
vulnerability VCID-t4mh-zvhq-27du
2
vulnerability VCID-wg7f-pjmn-uudk
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@4.1.37
1
url pkg:maven/org.apache.tomcat/tomcat@5.5.26
purl pkg:maven/org.apache.tomcat/tomcat@5.5.26
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-t4mh-zvhq-27du
1
vulnerability VCID-wg7f-pjmn-uudk
2
vulnerability VCID-yswq-hnqg-sycs
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@5.5.26
2
url pkg:maven/org.apache.tomcat/tomcat@6.0.16
purl pkg:maven/org.apache.tomcat/tomcat@6.0.16
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-t4mh-zvhq-27du
1
vulnerability VCID-wg7f-pjmn-uudk
2
vulnerability VCID-xa95-zsnk-3kg9
3
vulnerability VCID-y9hs-ymcm-3ucx
4
vulnerability VCID-yswq-hnqg-sycs
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@6.0.16
aliases CVE-2007-5461, GHSA-v5p2-vg3c-pmrr
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kxc3-vz2c-wqca
10
url VCID-rp5z-q8an-e3az
vulnerability_id VCID-rp5z-q8an-e3az
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-4838.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-4838.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2005-4838
reference_id
reference_type
scores
0
value 0.07788
scoring_system epss
scoring_elements 0.92113
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2005-4838
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=238401
reference_id 238401
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=238401
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4838
reference_id CVE-2005-4838
reference_type
scores
0
value Low
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4838
4
reference_url https://access.redhat.com/errata/RHSA-2008:0630
reference_id RHSA-2008:0630
reference_type
scores
url https://access.redhat.com/errata/RHSA-2008:0630
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@4.1.32
purl pkg:maven/org.apache.tomcat/tomcat@4.1.32
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4wj8-en12-uuch
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@4.1.32
1
url pkg:maven/org.apache.tomcat/tomcat@5.5.7%2C
purl pkg:maven/org.apache.tomcat/tomcat@5.5.7%2C
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@5.5.7%252C
aliases CVE-2005-4838
risk_score 1.4
exploitability 0.5
weighted_severity 2.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rp5z-q8an-e3az
11
url VCID-rpqh-1b8p-dqcy
vulnerability_id VCID-rpqh-1b8p-dqcy
summary 
Apache Tomcat Source Code Disclosure
Apache Tomcat 4.0.5 and earlier, when using both the invoker servlet and the default servlet, allows remote attackers to read source code for server files or bypass certain protections, a variant of CAN-2002-1148.
references
0
reference_url http://issues.apache.org/bugzilla/show_bug.cgi?id=13365
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://issues.apache.org/bugzilla/show_bug.cgi?id=13365
1
reference_url http://marc.info/?l=bugtraq&m=103470282514938&w=2
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://marc.info/?l=bugtraq&m=103470282514938&w=2
2
reference_url http://marc.info/?l=tomcat-dev&m=103417249325526&w=2
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://marc.info/?l=tomcat-dev&m=103417249325526&w=2
3
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2002-1394.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2002-1394.json
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2002-1394
reference_id
reference_type
scores
0
value 0.05353
scoring_system epss
scoring_elements 0.90241
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2002-1394
5
reference_url https://archive.apache.org/dist/tomcat/tomcat-4/archive/v4.0.6/README.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://archive.apache.org/dist/tomcat/tomcat-4/archive/v4.0.6/README.html
6
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/10376
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/10376
7
reference_url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@<dev.tomcat.apache.org>
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@<dev.tomcat.apache.org>
8
reference_url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@<dev.tomcat.apache.org>
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@<dev.tomcat.apache.org>
9
reference_url https://web.archive.org/web/20030412075128/http://rhn.redhat.com/errata/RHSA-2003-075.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20030412075128/http://rhn.redhat.com/errata/RHSA-2003-075.html
10
reference_url https://web.archive.org/web/20030705143220/http://www.securityfocus.com/bid/6562
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20030705143220/http://www.securityfocus.com/bid/6562
11
reference_url https://web.archive.org/web/20041024213235/http://rhn.redhat.com/errata/RHSA-2003-082.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20041024213235/http://rhn.redhat.com/errata/RHSA-2003-082.html
12
reference_url https://web.archive.org/web/20070430073829/http://www.debian.org/security/2003/dsa-225
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20070430073829/http://www.debian.org/security/2003/dsa-225
13
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1616907
reference_id 1616907
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1616907
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1394
reference_id CVE-2002-1394
reference_type
scores
0
value Important
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1394
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2002-1394
reference_id CVE-2002-1394
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2002-1394
16
reference_url https://github.com/advisories/GHSA-8v5p-2cpv-c2x6
reference_id GHSA-8v5p-2cpv-c2x6
reference_type
scores
url https://github.com/advisories/GHSA-8v5p-2cpv-c2x6
17
reference_url https://access.redhat.com/errata/RHSA-2003:075
reference_id RHSA-2003:075
reference_type
scores
url https://access.redhat.com/errata/RHSA-2003:075
18
reference_url https://access.redhat.com/errata/RHSA-2003:082
reference_id RHSA-2003:082
reference_type
scores
url https://access.redhat.com/errata/RHSA-2003:082
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@4.0.6
purl pkg:maven/org.apache.tomcat/tomcat@4.0.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-24v5-jpna-rqg9
1
vulnerability VCID-2af1-rv9j-jugv
2
vulnerability VCID-2jws-wtvg-2khf
3
vulnerability VCID-7few-6w74-43cm
4
vulnerability VCID-96yu-fvee-wfbs
5
vulnerability VCID-kaem-zczd-pyhu
6
vulnerability VCID-kua1-kn4q-7kd2
7
vulnerability VCID-kxc3-vz2c-wqca
8
vulnerability VCID-rp5z-q8an-e3az
9
vulnerability VCID-sjn3-a6fs-gyck
10
vulnerability VCID-w6ay-nzvg-zbff
11
vulnerability VCID-w8uj-zy2r-fyca
12
vulnerability VCID-wpnp-3yad-ybcj
13
vulnerability VCID-x9v1-6ysy-bfcm
14
vulnerability VCID-ypuq-2mr2-sybb
15
vulnerability VCID-zam7-79x3-ekg3
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@4.0.6
1
url pkg:maven/org.apache.tomcat/tomcat@4.1.13%2C
purl pkg:maven/org.apache.tomcat/tomcat@4.1.13%2C
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@4.1.13%252C
aliases CVE-2002-1394, GHSA-8v5p-2cpv-c2x6
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rpqh-1b8p-dqcy
12
url VCID-sjn3-a6fs-gyck
vulnerability_id VCID-sjn3-a6fs-gyck
summary 
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Cross-site scripting (XSS) vulnerability in SendMailServlet in the examples web application (examples/jsp/mail/sendmail.jsp) in Apache Tomcat 4.0.0 through 4.0.6 and 4.1.0 through 4.1.36 allows remote attackers to inject arbitrary web script or HTML via the From field and possibly other fields, related to generation of error messages.
references
0
reference_url http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2007-3383
reference_id
reference_type
scores
0
value 0.38832
scoring_system epss
scoring_elements 0.9734
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2007-3383
2
reference_url http://seclists.org/fulldisclosure/2007/Jul/0448.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://seclists.org/fulldisclosure/2007/Jul/0448.html
3
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/35536
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/35536
4
reference_url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
5
reference_url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
6
reference_url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
7
reference_url http://support.apple.com/kb/HT2163
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://support.apple.com/kb/HT2163
8
reference_url http://tomcat.apache.org/security-4.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-4.html
9
reference_url http://www.kb.cert.org/vuls/id/862600
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.kb.cert.org/vuls/id/862600
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3383
reference_id CVE-2007-3383
reference_type
scores
0
value Low
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3383
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2007-3383
reference_id CVE-2007-3383
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2007-3383
12
reference_url https://github.com/advisories/GHSA-wjwr-3jch-479j
reference_id GHSA-wjwr-3jch-479j
reference_type
scores
url https://github.com/advisories/GHSA-wjwr-3jch-479j
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@4.1.37
purl pkg:maven/org.apache.tomcat/tomcat@4.1.37
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qrbz-jgfy-qqhm
1
vulnerability VCID-t4mh-zvhq-27du
2
vulnerability VCID-wg7f-pjmn-uudk
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@4.1.37
aliases CVE-2007-3383, GHSA-wjwr-3jch-479j
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sjn3-a6fs-gyck
13
url VCID-u9ha-5mmp-r7df
vulnerability_id VCID-u9ha-5mmp-r7df
summary 
Apache Tomcat Reveals Path through Long URL
Jakarta Tomcat 4.0.1 allows remote attackers to reveal physical path information by requesting a long URL with a .JSP extension.
references
0
reference_url http://marc.info/?l=bugtraq&m=100654722925155&w=2
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://marc.info/?l=bugtraq&m=100654722925155&w=2
1
reference_url http://marc.info/?l=tomcat-dev&m=100658457507305&w=2
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://marc.info/?l=tomcat-dev&m=100658457507305&w=2
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2001-0917
reference_id
reference_type
scores
0
value 0.03425
scoring_system epss
scoring_elements 0.87676
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2001-0917
3
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/7599
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/7599
4
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
5
reference_url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
6
reference_url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E
7
reference_url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
8
reference_url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E
9
reference_url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
10
reference_url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0917
reference_id CVE-2001-0917
reference_type
scores
0
value Low
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0917
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2001-0917
reference_id CVE-2001-0917
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2001-0917
13
reference_url https://github.com/advisories/GHSA-2w2w-cv3h-rr38
reference_id GHSA-2w2w-cv3h-rr38
reference_type
scores
url https://github.com/advisories/GHSA-2w2w-cv3h-rr38
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@4.0.2
purl pkg:maven/org.apache.tomcat/tomcat@4.0.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7few-6w74-43cm
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@4.0.2
aliases CVE-2001-0917, GHSA-2w2w-cv3h-rr38
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u9ha-5mmp-r7df
14
url VCID-w6ay-nzvg-zbff
vulnerability_id VCID-w6ay-nzvg-zbff
summary 
Apache Tomcat Vulnerable to Denial of Service (DoS) via Simultaneous Requests
Apache Tomcat 5.5.0 to 5.5.11 allows remote attackers to cause a denial of service (CPU consumption) via a large number of simultaneous requests to list a web directory that has a large number of files.
references
0
reference_url http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-3510.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-3510.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2005-3510
reference_id
reference_type
scores
0
value 0.20508
scoring_system epss
scoring_elements 0.9567
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2005-3510
3
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
4
reference_url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
5
reference_url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E
6
reference_url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
7
reference_url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E
8
reference_url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
9
reference_url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E
10
reference_url http://sunsolve.sun.com/search/document.do?assetkey=1-26-239312-1
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://sunsolve.sun.com/search/document.do?assetkey=1-26-239312-1
11
reference_url http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540
12
reference_url https://web.archive.org/web/20200228054210/http://www.securityfocus.com/archive/1/415782/30/0/threaded
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200228054210/http://www.securityfocus.com/archive/1/415782/30/0/threaded
13
reference_url https://web.archive.org/web/20200229175931/http://www.securityfocus.com/bid/15325
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200229175931/http://www.securityfocus.com/bid/15325
14
reference_url https://web.archive.org/web/20200517122628/http://www.securityfocus.com/archive/1/500396/100/0/threaded
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200517122628/http://www.securityfocus.com/archive/1/500396/100/0/threaded
15
reference_url https://web.archive.org/web/20200517153851/http://www.securityfocus.com/archive/1/500412/100/0/threaded
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200517153851/http://www.securityfocus.com/archive/1/500412/100/0/threaded
16
reference_url https://web.archive.org/web/20200922015809/http://securitytracker.com/id?1015147
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200922015809/http://securitytracker.com/id?1015147
17
reference_url http://tomcat.apache.org/security-4.html
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-4.html
18
reference_url http://tomcat.apache.org/security-5.html
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-5.html
19
reference_url http://www.redhat.com/support/errata/RHSA-2006-0161.html
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.redhat.com/support/errata/RHSA-2006-0161.html
20
reference_url http://www.redhat.com/support/errata/RHSA-2008-0261.html
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.redhat.com/support/errata/RHSA-2008-0261.html
21
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=237085
reference_id 237085
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=237085
22
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3510
reference_id CVE-2005-3510
reference_type
scores
0
value Important
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3510
23
reference_url https://nvd.nist.gov/vuln/detail/CVE-2005-3510
reference_id CVE-2005-3510
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2005-3510
24
reference_url https://github.com/advisories/GHSA-8f4w-jwqv-5cxc
reference_id GHSA-8f4w-jwqv-5cxc
reference_type
scores
url https://github.com/advisories/GHSA-8f4w-jwqv-5cxc
25
reference_url https://access.redhat.com/errata/RHSA-2006:0161
reference_id RHSA-2006:0161
reference_type
scores
url https://access.redhat.com/errata/RHSA-2006:0161
26
reference_url https://access.redhat.com/errata/RHSA-2007:1069
reference_id RHSA-2007:1069
reference_type
scores
url https://access.redhat.com/errata/RHSA-2007:1069
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@4.1.32
purl pkg:maven/org.apache.tomcat/tomcat@4.1.32
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4wj8-en12-uuch
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@4.1.32
1
url pkg:maven/org.apache.tomcat/tomcat@5.5.12
purl pkg:maven/org.apache.tomcat/tomcat@5.5.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-24v5-jpna-rqg9
1
vulnerability VCID-w6ay-nzvg-zbff
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@5.5.12
2
url pkg:maven/org.apache.tomcat/tomcat@5.5.13%2C
purl pkg:maven/org.apache.tomcat/tomcat@5.5.13%2C
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@5.5.13%252C
aliases CVE-2005-3510, GHSA-8f4w-jwqv-5cxc
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-w6ay-nzvg-zbff
15
url VCID-w8uj-zy2r-fyca
vulnerability_id VCID-w8uj-zy2r-fyca
summary 
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Multiple cross-site scripting (XSS) vulnerabilities in certain JSP files in the examples web application in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.36, 5.0.0 through 5.0.30, 5.5.0 through 5.5.24, and 6.0.0 through 6.0.13 allow remote attackers to inject arbitrary web script or HTML via the portion of the URI after the ';' character, as demonstrated by a URI containing a "snp/snoop.jsp;" sequence.
references
0
reference_url http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00008.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00008.html
2
reference_url http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html
3
reference_url http://rhn.redhat.com/errata/RHSA-2008-0630.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2008-0630.html
4
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-2449.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-2449.json
5
reference_url https://api.first.org/data/v1/epss?cve=CVE-2007-2449
reference_id
reference_type
scores
0
value 0.5214
scoring_system epss
scoring_elements 0.97969
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2007-2449
6
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/34869
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/34869
7
reference_url https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E
8
reference_url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
9
reference_url https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E
10
reference_url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
11
reference_url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
12
reference_url http://support.apple.com/kb/HT2163
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://support.apple.com/kb/HT2163
13
reference_url http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540
14
reference_url https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00525.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00525.html
15
reference_url http://tomcat.apache.org/security-4.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-4.html
16
reference_url http://tomcat.apache.org/security-5.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-5.html
17
reference_url http://tomcat.apache.org/security-6.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-6.html
18
reference_url http://www.redhat.com/support/errata/RHSA-2007-0569.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.redhat.com/support/errata/RHSA-2007-0569.html
19
reference_url http://www.redhat.com/support/errata/RHSA-2008-0261.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.redhat.com/support/errata/RHSA-2008-0261.html
20
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=244804
reference_id 244804
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=244804
21
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2449
reference_id CVE-2007-2449
reference_type
scores
0
value Low
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2449
22
reference_url https://nvd.nist.gov/vuln/detail/CVE-2007-2449
reference_id CVE-2007-2449
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2007-2449
23
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/jsp/webapps/30189.txt
reference_id CVE-2007-2449;OSVDB-36080
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/jsp/webapps/30189.txt
24
reference_url https://www.securityfocus.com/bid/24476/info
reference_id CVE-2007-2449;OSVDB-36080
reference_type exploit
scores
url https://www.securityfocus.com/bid/24476/info
25
reference_url https://github.com/advisories/GHSA-hc39-rjwp-qffq
reference_id GHSA-hc39-rjwp-qffq
reference_type
scores
url https://github.com/advisories/GHSA-hc39-rjwp-qffq
26
reference_url https://access.redhat.com/errata/RHSA-2007:0569
reference_id RHSA-2007:0569
reference_type
scores
url https://access.redhat.com/errata/RHSA-2007:0569
27
reference_url https://access.redhat.com/errata/RHSA-2007:0876
reference_id RHSA-2007:0876
reference_type
scores
url https://access.redhat.com/errata/RHSA-2007:0876
28
reference_url https://access.redhat.com/errata/RHSA-2008:0630
reference_id RHSA-2008:0630
reference_type
scores
url https://access.redhat.com/errata/RHSA-2008:0630
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@4.1.37
purl pkg:maven/org.apache.tomcat/tomcat@4.1.37
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qrbz-jgfy-qqhm
1
vulnerability VCID-t4mh-zvhq-27du
2
vulnerability VCID-wg7f-pjmn-uudk
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@4.1.37
1
url pkg:maven/org.apache.tomcat/tomcat@5.5.25%2C
purl pkg:maven/org.apache.tomcat/tomcat@5.5.25%2C
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@5.5.25%252C
2
url pkg:maven/org.apache.tomcat/tomcat@6.0.14
purl pkg:maven/org.apache.tomcat/tomcat@6.0.14
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kxc3-vz2c-wqca
1
vulnerability VCID-qdvn-uc56-6fds
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@6.0.14
aliases CVE-2007-2449, GHSA-hc39-rjwp-qffq
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-w8uj-zy2r-fyca
16
url VCID-wpnp-3yad-ybcj
vulnerability_id VCID-wpnp-3yad-ybcj
summary 
Apache Tomcat Default Installation Reveals Sensitive Information
The default installation of Apache Tomcat 4.0 through 4.1 and 3.0 through 3.3.1 allows remote attackers to obtain the installation path and other sensitive system information via the (1) SnoopServlet or (2) TroubleShooter example servlets.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2002-2006
reference_id
reference_type
scores
0
value 0.32359
scoring_system epss
scoring_elements 0.96936
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2002-2006
1
reference_url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@<dev.tomcat.apache.org>
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@<dev.tomcat.apache.org>
2
reference_url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@<dev.tomcat.apache.org>
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@<dev.tomcat.apache.org>
3
reference_url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@<dev.tomcat.apache.org>
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@<dev.tomcat.apache.org>
4
reference_url http://sunsolve.sun.com/search/document.do?assetkey=1-26-239312-1
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://sunsolve.sun.com/search/document.do?assetkey=1-26-239312-1
5
reference_url https://web.archive.org/web/20020602051837/http://archives.neohapsis.com/archives/bugtraq/2002-04/0311.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20020602051837/http://archives.neohapsis.com/archives/bugtraq/2002-04/0311.html
6
reference_url https://web.archive.org/web/20021026082659/http://online.securityfocus.com/bid/4575
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20021026082659/http://online.securityfocus.com/bid/4575
7
reference_url https://web.archive.org/web/20030104173336/http://www.iss.net/security_center/static/8932.php
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20030104173336/http://www.iss.net/security_center/static/8932.php
8
reference_url http://tomcat.apache.org/security-4.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-4.html
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2006
reference_id CVE-2002-2006
reference_type
scores
0
value Low
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2006
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2002-2006
reference_id CVE-2002-2006
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2002-2006
11
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/unix/remote/21412.txt
reference_id CVE-2002-2006;OSVDB-849
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/unix/remote/21412.txt
12
reference_url https://www.securityfocus.com/bid/4575/info
reference_id CVE-2002-2006;OSVDB-849
reference_type exploit
scores
url https://www.securityfocus.com/bid/4575/info
13
reference_url https://github.com/advisories/GHSA-8g4f-fh7f-4fwh
reference_id GHSA-8g4f-fh7f-4fwh
reference_type
scores
url https://github.com/advisories/GHSA-8g4f-fh7f-4fwh
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@4.1.0
purl pkg:maven/org.apache.tomcat/tomcat@4.1.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-24v5-jpna-rqg9
1
vulnerability VCID-284n-4e5d-d7gt
2
vulnerability VCID-2af1-rv9j-jugv
3
vulnerability VCID-2jws-wtvg-2khf
4
vulnerability VCID-5jm8-9upn-g7f4
5
vulnerability VCID-7787-4bwm-efgq
6
vulnerability VCID-7few-6w74-43cm
7
vulnerability VCID-96kt-5j22-pqg7
8
vulnerability VCID-96yu-fvee-wfbs
9
vulnerability VCID-ccfn-tde4-s7hr
10
vulnerability VCID-crhe-rt8j-wycu
11
vulnerability VCID-eygg-nt7y-qubh
12
vulnerability VCID-hmqa-jhuf-hfe2
13
vulnerability VCID-kaem-zczd-pyhu
14
vulnerability VCID-kua1-kn4q-7kd2
15
vulnerability VCID-kxc3-vz2c-wqca
16
vulnerability VCID-qdvn-uc56-6fds
17
vulnerability VCID-qrbz-jgfy-qqhm
18
vulnerability VCID-qz87-x4zb-rud7
19
vulnerability VCID-rdr4-db3y-p3cz
20
vulnerability VCID-rp5z-q8an-e3az
21
vulnerability VCID-rpqh-1b8p-dqcy
22
vulnerability VCID-sjn3-a6fs-gyck
23
vulnerability VCID-t4mh-zvhq-27du
24
vulnerability VCID-uwuf-vukf-cqck
25
vulnerability VCID-w6ay-nzvg-zbff
26
vulnerability VCID-w8uj-zy2r-fyca
27
vulnerability VCID-wg7f-pjmn-uudk
28
vulnerability VCID-ypuq-2mr2-sybb
29
vulnerability VCID-zam7-79x3-ekg3
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@4.1.0
aliases CVE-2002-2006, GHSA-8g4f-fh7f-4fwh
risk_score 1.4
exploitability 0.5
weighted_severity 2.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wpnp-3yad-ybcj
17
url VCID-x9v1-6ysy-bfcm
vulnerability_id VCID-x9v1-6ysy-bfcm
summary 
Apache Tomcat Denial of Service vulnerability in the Catalina package
The Catalina org.apache.catalina.connector.http package in Tomcat 4.0.x up to 4.0.3 allows remote attackers to cause a denial of service via several requests that do not follow the HTTP protocol, which causes Tomcat to reject later requests.
references
0
reference_url http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=215506
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=215506
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2003-0866
reference_id
reference_type
scores
0
value 0.20413
scoring_system epss
scoring_elements 0.95655
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2003-0866
2
reference_url http://secunia.com/advisories/30899
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/30899
3
reference_url http://secunia.com/advisories/30908
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/30908
4
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/13429
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/13429
5
reference_url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
6
reference_url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
7
reference_url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
8
reference_url http://sunsolve.sun.com/search/document.do?assetkey=1-26-239312-1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://sunsolve.sun.com/search/document.do?assetkey=1-26-239312-1
9
reference_url http://tomcat.apache.org/security-4.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-4.html
10
reference_url http://www.debian.org/security/2003/dsa-395
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2003/dsa-395
11
reference_url http://www.securityfocus.com/bid/8824
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/8824
12
reference_url http://www.vupen.com/english/advisories/2008/1979/references
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.vupen.com/english/advisories/2008/1979/references
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0866
reference_id CVE-2003-0866
reference_type
scores
0
value Important
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0866
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2003-0866
reference_id CVE-2003-0866
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2003-0866
15
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/23245.pl
reference_id CVE-2003-0866;OSVDB-8772
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/23245.pl
16
reference_url https://www.securityfocus.com/bid/8824/info
reference_id CVE-2003-0866;OSVDB-8772
reference_type exploit
scores
url https://www.securityfocus.com/bid/8824/info
17
reference_url https://github.com/advisories/GHSA-7wj2-48c4-2684
reference_id GHSA-7wj2-48c4-2684
reference_type
scores
url https://github.com/advisories/GHSA-7wj2-48c4-2684
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@4.1.0
purl pkg:maven/org.apache.tomcat/tomcat@4.1.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-24v5-jpna-rqg9
1
vulnerability VCID-284n-4e5d-d7gt
2
vulnerability VCID-2af1-rv9j-jugv
3
vulnerability VCID-2jws-wtvg-2khf
4
vulnerability VCID-5jm8-9upn-g7f4
5
vulnerability VCID-7787-4bwm-efgq
6
vulnerability VCID-7few-6w74-43cm
7
vulnerability VCID-96kt-5j22-pqg7
8
vulnerability VCID-96yu-fvee-wfbs
9
vulnerability VCID-ccfn-tde4-s7hr
10
vulnerability VCID-crhe-rt8j-wycu
11
vulnerability VCID-eygg-nt7y-qubh
12
vulnerability VCID-hmqa-jhuf-hfe2
13
vulnerability VCID-kaem-zczd-pyhu
14
vulnerability VCID-kua1-kn4q-7kd2
15
vulnerability VCID-kxc3-vz2c-wqca
16
vulnerability VCID-qdvn-uc56-6fds
17
vulnerability VCID-qrbz-jgfy-qqhm
18
vulnerability VCID-qz87-x4zb-rud7
19
vulnerability VCID-rdr4-db3y-p3cz
20
vulnerability VCID-rp5z-q8an-e3az
21
vulnerability VCID-rpqh-1b8p-dqcy
22
vulnerability VCID-sjn3-a6fs-gyck
23
vulnerability VCID-t4mh-zvhq-27du
24
vulnerability VCID-uwuf-vukf-cqck
25
vulnerability VCID-w6ay-nzvg-zbff
26
vulnerability VCID-w8uj-zy2r-fyca
27
vulnerability VCID-wg7f-pjmn-uudk
28
vulnerability VCID-ypuq-2mr2-sybb
29
vulnerability VCID-zam7-79x3-ekg3
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@4.1.0
aliases CVE-2003-0866, GHSA-7wj2-48c4-2684
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x9v1-6ysy-bfcm
18
url VCID-zam7-79x3-ekg3
vulnerability_id VCID-zam7-79x3-ekg3
summary 
Improper Neutralization
Jakarta Tomcat 5.0.19 (Coyote/1.1) and Tomcat 4.1.24 (Coyote/1.0) allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Length header, which causes Tomcat to incorrectly handle and forward the body of the request in a way that causes the receiving server to process it as a separate HTTP request, aka "HTTP Request Smuggling."
references
0
reference_url http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx
1
reference_url http://docs.info.apple.com/article.html?artnum=306172
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://docs.info.apple.com/article.html?artnum=306172
2
reference_url http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html
3
reference_url http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html
4
reference_url http://lists.vmware.com/pipermail/security-announce/2008/000003.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.vmware.com/pipermail/security-announce/2008/000003.html
5
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2090.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2090.json
6
reference_url https://api.first.org/data/v1/epss?cve=CVE-2005-2090
reference_id
reference_type
scores
0
value 0.71377
scoring_system epss
scoring_elements 0.98739
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2005-2090
7
reference_url http://seclists.org/lists/bugtraq/2005/Jun/0025.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://seclists.org/lists/bugtraq/2005/Jun/0025.html
8
reference_url http://securitytracker.com/id?1014365
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://securitytracker.com/id?1014365
9
reference_url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
10
reference_url https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E
11
reference_url https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E
13
reference_url https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E
14
reference_url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
15
reference_url https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E
16
reference_url https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E
17
reference_url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
18
reference_url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10499
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10499
19
reference_url http://sunsolve.sun.com/search/document.do?assetkey=1-26-239312-1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://sunsolve.sun.com/search/document.do?assetkey=1-26-239312-1
20
reference_url http://support.avaya.com/elmodocs2/security/ASA-2007-206.htm
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://support.avaya.com/elmodocs2/security/ASA-2007-206.htm
21
reference_url http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540
22
reference_url http://tomcat.apache.org/security-4.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-4.html
23
reference_url http://tomcat.apache.org/security-5.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-5.html
24
reference_url http://tomcat.apache.org/security-6.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-6.html
25
reference_url http://www.fujitsu.com/global/support/software/security/products-f/interstage-200703e.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.fujitsu.com/global/support/software/security/products-f/interstage-200703e.html
26
reference_url http://www.redhat.com/support/errata/RHSA-2007-0327.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.redhat.com/support/errata/RHSA-2007-0327.html
27
reference_url http://www.redhat.com/support/errata/RHSA-2007-0360.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.redhat.com/support/errata/RHSA-2007-0360.html
28
reference_url http://www.redhat.com/support/errata/RHSA-2008-0261.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.redhat.com/support/errata/RHSA-2008-0261.html
29
reference_url http://www.securiteam.com/securityreviews/5GP0220G0U.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securiteam.com/securityreviews/5GP0220G0U.html
30
reference_url http://www.securityfocus.com/archive/1/485938/100/0/threaded
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/archive/1/485938/100/0/threaded
31
reference_url http://www.securityfocus.com/archive/1/500396/100/0/threaded
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/archive/1/500396/100/0/threaded
32
reference_url http://www.securityfocus.com/archive/1/500412/100/0/threaded
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/archive/1/500412/100/0/threaded
33
reference_url http://www.securityfocus.com/bid/13873
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/13873
34
reference_url http://www.securityfocus.com/bid/25159
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/25159
35
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=237079
reference_id 237079
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=237079
36
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2090
reference_id CVE-2005-2090
reference_type
scores
0
value Important
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2090
37
reference_url https://nvd.nist.gov/vuln/detail/CVE-2005-2090
reference_id CVE-2005-2090
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2005-2090
38
reference_url https://github.com/advisories/GHSA-f2gq-p6qv-ccw4
reference_id GHSA-f2gq-p6qv-ccw4
reference_type
scores
url https://github.com/advisories/GHSA-f2gq-p6qv-ccw4
39
reference_url https://access.redhat.com/errata/RHSA-2007:0360
reference_id RHSA-2007:0360
reference_type
scores
url https://access.redhat.com/errata/RHSA-2007:0360
40
reference_url https://access.redhat.com/errata/RHSA-2007:1069
reference_id RHSA-2007:1069
reference_type
scores
url https://access.redhat.com/errata/RHSA-2007:1069
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@4.1.36
purl pkg:maven/org.apache.tomcat/tomcat@4.1.36
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-96yu-fvee-wfbs
1
vulnerability VCID-kaem-zczd-pyhu
2
vulnerability VCID-kxc3-vz2c-wqca
3
vulnerability VCID-qdvn-uc56-6fds
4
vulnerability VCID-qz87-x4zb-rud7
5
vulnerability VCID-sjn3-a6fs-gyck
6
vulnerability VCID-uwuf-vukf-cqck
7
vulnerability VCID-w8uj-zy2r-fyca
8
vulnerability VCID-ypuq-2mr2-sybb
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@4.1.36
1
url pkg:maven/org.apache.tomcat/tomcat@5.5.23%2C
purl pkg:maven/org.apache.tomcat/tomcat@5.5.23%2C
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@5.5.23%252C
2
url pkg:maven/org.apache.tomcat/tomcat@6.0.11
purl pkg:maven/org.apache.tomcat/tomcat@6.0.11
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@6.0.11
aliases CVE-2005-2090, GHSA-f2gq-p6qv-ccw4
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zam7-79x3-ekg3
Fixing_vulnerabilities
0
url VCID-gxnk-sfnf-z3f9
vulnerability_id VCID-gxnk-sfnf-z3f9
summary Apache Tomcat may be started without proper security settings if errors are encountered while reading the web.xml file, which could allow attackers to bypass intended restrictions.
references
0
reference_url http://marc.info/?l=bugtraq&m=101709002410365&w=2
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://marc.info/?l=bugtraq&m=101709002410365&w=2
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2002-0493
reference_id
reference_type
scores
0
value 0.0144
scoring_system epss
scoring_elements 0.81064
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2002-0493
2
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
3
reference_url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
4
reference_url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
5
reference_url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
6
reference_url https://web.archive.org/web/20020903071650/http://www.iss.net/security_center/static/9863.php
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20020903071650/http://www.iss.net/security_center/static/9863.php
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0493
reference_id CVE-2002-0493
reference_type
scores
0
value Moderate
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0493
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2002-0493
reference_id CVE-2002-0493
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2002-0493
9
reference_url https://github.com/advisories/GHSA-p543-jg43-9pm5
reference_id GHSA-p543-jg43-9pm5
reference_type
scores
url https://github.com/advisories/GHSA-p543-jg43-9pm5
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@4.0b7
purl pkg:maven/org.apache.tomcat/tomcat@4.0b7
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@4.0b7
1
url pkg:maven/org.apache.tomcat/tomcat@4.0.0
purl pkg:maven/org.apache.tomcat/tomcat@4.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-24v5-jpna-rqg9
1
vulnerability VCID-284n-4e5d-d7gt
2
vulnerability VCID-2af1-rv9j-jugv
3
vulnerability VCID-2jws-wtvg-2khf
4
vulnerability VCID-7few-6w74-43cm
5
vulnerability VCID-aywp-amq3-yyes
6
vulnerability VCID-ccfn-tde4-s7hr
7
vulnerability VCID-hxer-p6va-7kdh
8
vulnerability VCID-kua1-kn4q-7kd2
9
vulnerability VCID-kxc3-vz2c-wqca
10
vulnerability VCID-rp5z-q8an-e3az
11
vulnerability VCID-rpqh-1b8p-dqcy
12
vulnerability VCID-sjn3-a6fs-gyck
13
vulnerability VCID-u9ha-5mmp-r7df
14
vulnerability VCID-w6ay-nzvg-zbff
15
vulnerability VCID-w8uj-zy2r-fyca
16
vulnerability VCID-wpnp-3yad-ybcj
17
vulnerability VCID-x9v1-6ysy-bfcm
18
vulnerability VCID-zam7-79x3-ekg3
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@4.0.0
aliases CVE-2002-0493, GHSA-p543-jg43-9pm5
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gxnk-sfnf-z3f9
Risk_score10.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@4.0.0