Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/org.apache.tomcat/servlet-api@4.1.37
Typemaven
Namespaceorg.apache.tomcat
Nameservlet-api
Version4.1.37
Qualifiers
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version4.1.37
Latest_non_vulnerable_version6.0.11
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-ypuq-2mr2-sybb
vulnerability_id VCID-ypuq-2mr2-sybb
summary 
Apache Tomcat Vulnerable to Cross-Site Scripting
Multiple cross-site scripting (XSS) vulnerabilities in the appdev/sample/web/hello.jsp example application in Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.36, 5.0.0 through 5.0.30, 5.5.0 through 5.5.23, and 6.0.0 through 6.0.10 allow remote attackers to inject arbitrary web script or HTML via the test parameter and unspecified vectors.
references
0
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/34377
reference_id
reference_type
scores
url https://exchange.xforce.ibmcloud.com/vulnerabilities/34377
1
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
url https://github.com/apache/tomcat
2
reference_url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
3
reference_url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E
4
reference_url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
5
reference_url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E
6
reference_url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
7
reference_url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E
8
reference_url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6111
reference_id
reference_type
scores
url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6111
9
reference_url https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00525.html
reference_id
reference_type
scores
url https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00525.html
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2007-1355
reference_id CVE-2007-1355
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2007-1355
11
reference_url https://github.com/advisories/GHSA-4c6x-gfc8-c26r
reference_id GHSA-4c6x-gfc8-c26r
reference_type
scores
url https://github.com/advisories/GHSA-4c6x-gfc8-c26r
fixed_packages
0
url pkg:maven/org.apache.tomcat/servlet-api@4.1.37
purl pkg:maven/org.apache.tomcat/servlet-api@4.1.37
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/servlet-api@4.1.37
1
url pkg:maven/org.apache.tomcat/servlet-api@5.5.24
purl pkg:maven/org.apache.tomcat/servlet-api@5.5.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/servlet-api@5.5.24
2
url pkg:maven/org.apache.tomcat/servlet-api@6.0.11
purl pkg:maven/org.apache.tomcat/servlet-api@6.0.11
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/servlet-api@6.0.11
aliases CVE-2007-1355, GHSA-4c6x-gfc8-c26r
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ypuq-2mr2-sybb
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/servlet-api@4.1.37