Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/org.apache.tomcat/tomcat@8.0.0-RC3
Typemaven
Namespaceorg.apache.tomcat
Nametomcat
Version8.0.0-RC3
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version9.0.118
Latest_non_vulnerable_version11.0.22
Affected_by_vulnerabilities
0
url VCID-3txt-1psa-5kf5
vulnerability_id VCID-3txt-1psa-5kf5
summary 
Denial of service
`MultipartStream.java` in this package allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted `Content-Type` header that bypasses a loop's intended exit conditions.
references
0
reference_url http://advisories.mageia.org/MGASA-2014-0110.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://advisories.mageia.org/MGASA-2014-0110.html
1
reference_url http://jvndb.jvn.jp/jvndb/JVNDB-2014-000017
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://jvndb.jvn.jp/jvndb/JVNDB-2014-000017
2
reference_url http://jvn.jp/en/jp/JVN14876762/index.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://jvn.jp/en/jp/JVN14876762/index.html
3
reference_url http://mail-archives.apache.org/mod_mbox/commons-dev/201402.mbox/%3C52F373FC.9030907@apache.org%3E
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://mail-archives.apache.org/mod_mbox/commons-dev/201402.mbox/%3C52F373FC.9030907@apache.org%3E
4
reference_url http://mail-archives.apache.org/mod_mbox/www-announce/201402.mbox/%3C52F373FC.9030907@apache.org%3E
reference_id
reference_type
scores
url http://mail-archives.apache.org/mod_mbox/www-announce/201402.mbox/%3C52F373FC.9030907@apache.org%3E
5
reference_url http://marc.info/?l=bugtraq&m=143136844732487&w=2
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://marc.info/?l=bugtraq&m=143136844732487&w=2
6
reference_url http://packetstormsecurity.com/files/127215/VMware-Security-Advisory-2014-0007.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://packetstormsecurity.com/files/127215/VMware-Security-Advisory-2014-0007.html
7
reference_url http://rhn.redhat.com/errata/RHSA-2014-0252.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-0252.html
8
reference_url http://rhn.redhat.com/errata/RHSA-2014-0253.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-0253.html
9
reference_url http://rhn.redhat.com/errata/RHSA-2014-0400.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-0400.html
10
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0050.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0050.json
11
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-0050
reference_id
reference_type
scores
0
value 0.9265
scoring_system epss
scoring_elements 0.9976
published_at 2026-06-08T12:55:00Z
1
value 0.92712
scoring_system epss
scoring_elements 0.99763
published_at 2026-06-04T12:55:00Z
2
value 0.92712
scoring_system epss
scoring_elements 0.99764
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-0050
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1062337
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1062337
13
reference_url http://seclists.org/fulldisclosure/2014/Dec/23
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://seclists.org/fulldisclosure/2014/Dec/23
14
reference_url http://secunia.com/advisories/57915
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/57915
15
reference_url http://secunia.com/advisories/58075
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/58075
16
reference_url http://secunia.com/advisories/58976
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/58976
17
reference_url http://secunia.com/advisories/59039
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/59039
18
reference_url http://secunia.com/advisories/59041
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/59041
19
reference_url http://secunia.com/advisories/59183
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/59183
20
reference_url http://secunia.com/advisories/59184
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/59184
21
reference_url http://secunia.com/advisories/59185
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/59185
22
reference_url http://secunia.com/advisories/59187
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/59187
23
reference_url http://secunia.com/advisories/59232
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/59232
24
reference_url http://secunia.com/advisories/59399
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/59399
25
reference_url http://secunia.com/advisories/59492
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/59492
26
reference_url http://secunia.com/advisories/59500
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/59500
27
reference_url http://secunia.com/advisories/59725
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/59725
28
reference_url http://secunia.com/advisories/60475
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/60475
29
reference_url http://secunia.com/advisories/60753
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/60753
30
reference_url https://github.com/apache/commons-fileupload
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/commons-fileupload
31
reference_url https://github.com/apache/commons-fileupload/commit/c61ff05b3241cb14d989b67209e57aa71540417a
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/commons-fileupload/commit/c61ff05b3241cb14d989b67209e57aa71540417a
32
reference_url https://github.com/apache/tomcat/commit/29384723d8d9645b87e05be9fa369a4deeb78b9c
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/29384723d8d9645b87e05be9fa369a4deeb78b9c
33
reference_url https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755
34
reference_url https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05376917
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05376917
35
reference_url https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722
36
reference_url https://svn.apache.org/viewvc?view=revision&revision=1565143
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://svn.apache.org/viewvc?view=revision&revision=1565143
37
reference_url https://svn.apache.org/viewvc?view=revision&revision=1565163
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://svn.apache.org/viewvc?view=revision&revision=1565163
38
reference_url https://svn.apache.org/viewvc?view=revision&revision=1565169
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://svn.apache.org/viewvc?view=revision&revision=1565169
39
reference_url https://svn.apache.org/viewvc?view=rev&rev=1565163
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1565163
40
reference_url https://svn.apache.org/viewvc?view=rev&rev=1565169
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1565169
41
reference_url https://tomcat.apache.org/security-7.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-7.html
42
reference_url https://tomcat.apache.org/security-8.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-8.html
43
reference_url http://struts.apache.org/docs/s2-020.html
reference_id
reference_type
scores
url http://struts.apache.org/docs/s2-020.html
44
reference_url http://svn.apache.org/r1565143
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://svn.apache.org/r1565143
45
reference_url http://svn.apache.org/viewvc?view=revision&revision=1565143
reference_id
reference_type
scores
url http://svn.apache.org/viewvc?view=revision&revision=1565143
46
reference_url https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0050
reference_id
reference_type
scores
url https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0050
47
reference_url http://tomcat.apache.org/security-7.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-7.html
48
reference_url http://tomcat.apache.org/security-8.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-8.html
49
reference_url http://www-01.ibm.com/support/docview.wss?uid=swg21669554
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www-01.ibm.com/support/docview.wss?uid=swg21669554
50
reference_url http://www-01.ibm.com/support/docview.wss?uid=swg21675432
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www-01.ibm.com/support/docview.wss?uid=swg21675432
51
reference_url http://www-01.ibm.com/support/docview.wss?uid=swg21676091
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www-01.ibm.com/support/docview.wss?uid=swg21676091
52
reference_url http://www-01.ibm.com/support/docview.wss?uid=swg21676092
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www-01.ibm.com/support/docview.wss?uid=swg21676092
53
reference_url http://www-01.ibm.com/support/docview.wss?uid=swg21676401
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www-01.ibm.com/support/docview.wss?uid=swg21676401
54
reference_url http://www-01.ibm.com/support/docview.wss?uid=swg21676403
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www-01.ibm.com/support/docview.wss?uid=swg21676403
55
reference_url http://www-01.ibm.com/support/docview.wss?uid=swg21676405
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www-01.ibm.com/support/docview.wss?uid=swg21676405
56
reference_url http://www-01.ibm.com/support/docview.wss?uid=swg21676410
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www-01.ibm.com/support/docview.wss?uid=swg21676410
57
reference_url http://www-01.ibm.com/support/docview.wss?uid=swg21676656
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www-01.ibm.com/support/docview.wss?uid=swg21676656
58
reference_url http://www-01.ibm.com/support/docview.wss?uid=swg21676853
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www-01.ibm.com/support/docview.wss?uid=swg21676853
59
reference_url http://www-01.ibm.com/support/docview.wss?uid=swg21677691
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www-01.ibm.com/support/docview.wss?uid=swg21677691
60
reference_url http://www-01.ibm.com/support/docview.wss?uid=swg21677724
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www-01.ibm.com/support/docview.wss?uid=swg21677724
61
reference_url http://www-01.ibm.com/support/docview.wss?uid=swg21681214
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www-01.ibm.com/support/docview.wss?uid=swg21681214
62
reference_url http://www.debian.org/security/2014/dsa-2856
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2014/dsa-2856
63
reference_url http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS14-015/index.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS14-015/index.html
64
reference_url http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS14-016/index.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS14-016/index.html
65
reference_url http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS14-017/index.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS14-017/index.html
66
reference_url http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-350733.htm
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-350733.htm
67
reference_url http://www.mandriva.com/security/advisories?name=MDVSA-2015:084
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.mandriva.com/security/advisories?name=MDVSA-2015:084
68
reference_url http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
69
reference_url http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
70
reference_url http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html
71
reference_url http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
72
reference_url http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html
73
reference_url http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
74
reference_url http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html
75
reference_url http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
76
reference_url http://www.securityfocus.com/archive/1/532549/100/0/threaded
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/archive/1/532549/100/0/threaded
77
reference_url http://www.securityfocus.com/archive/1/534161/100/0/threaded
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/archive/1/534161/100/0/threaded
78
reference_url http://www.securityfocus.com/bid/65400
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/65400
79
reference_url http://www.ubuntu.com/usn/USN-2130-1
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-2130-1
80
reference_url http://www.vmware.com/security/advisories/VMSA-2014-0007.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.vmware.com/security/advisories/VMSA-2014-0007.html
81
reference_url http://www.vmware.com/security/advisories/VMSA-2014-0008.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.vmware.com/security/advisories/VMSA-2014-0008.html
82
reference_url http://www.vmware.com/security/advisories/VMSA-2014-0012.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.vmware.com/security/advisories/VMSA-2014-0012.html
83
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0050
reference_id CVE-2014-0050
reference_type
scores
0
value Important
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0050
84
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-0050
reference_id CVE-2014-0050
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-0050
85
reference_url http://blog.spiderlabs.com/2014/02/cve-2014-0050-exploit-with-boundaries-loops-without-boundaries.html
reference_id CVE-2014-0050-EXPLOIT-WITH-BOUNDARIES-LOOPS-WITHOUT-BOUNDARIES.HTML
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://blog.spiderlabs.com/2014/02/cve-2014-0050-exploit-with-boundaries-loops-without-boundaries.html
86
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/31615.rb
reference_id CVE-2014-0050;OSVDB-102945
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/31615.rb
87
reference_url https://github.com/advisories/GHSA-xx68-jfcg-xmmf
reference_id GHSA-xx68-jfcg-xmmf
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-xx68-jfcg-xmmf
88
reference_url https://security.gentoo.org/glsa/201412-29
reference_id GLSA-201412-29
reference_type
scores
url https://security.gentoo.org/glsa/201412-29
89
reference_url https://access.redhat.com/errata/RHSA-2014:0252
reference_id RHSA-2014:0252
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0252
90
reference_url https://access.redhat.com/errata/RHSA-2014:0253
reference_id RHSA-2014:0253
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0253
91
reference_url https://access.redhat.com/errata/RHSA-2014:0373
reference_id RHSA-2014:0373
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0373
92
reference_url https://access.redhat.com/errata/RHSA-2014:0400
reference_id RHSA-2014:0400
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0400
93
reference_url https://access.redhat.com/errata/RHSA-2014:0401
reference_id RHSA-2014:0401
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0401
94
reference_url https://access.redhat.com/errata/RHSA-2014:0429
reference_id RHSA-2014:0429
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0429
95
reference_url https://access.redhat.com/errata/RHSA-2014:0452
reference_id RHSA-2014:0452
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0452
96
reference_url https://access.redhat.com/errata/RHSA-2014:0459
reference_id RHSA-2014:0459
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0459
97
reference_url https://access.redhat.com/errata/RHSA-2014:0473
reference_id RHSA-2014:0473
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0473
98
reference_url https://access.redhat.com/errata/RHSA-2014:0525
reference_id RHSA-2014:0525
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0525
99
reference_url https://access.redhat.com/errata/RHSA-2014:0526
reference_id RHSA-2014:0526
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0526
100
reference_url https://access.redhat.com/errata/RHSA-2014:0527
reference_id RHSA-2014:0527
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0527
101
reference_url https://access.redhat.com/errata/RHSA-2014:0528
reference_id RHSA-2014:0528
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0528
102
reference_url https://access.redhat.com/errata/RHSA-2015:1009
reference_id RHSA-2015:1009
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1009
103
reference_url https://usn.ubuntu.com/2130-1/
reference_id USN-2130-1
reference_type
scores
url https://usn.ubuntu.com/2130-1/
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@8.0.3
purl pkg:maven/org.apache.tomcat/tomcat@8.0.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1a1b-3pdg-jbfq
1
vulnerability VCID-2kjh-4r2g-rqe6
2
vulnerability VCID-5m85-3zyu-7qak
3
vulnerability VCID-5udv-rheh-kqfy
4
vulnerability VCID-6umz-z8db-kqcy
5
vulnerability VCID-6uuq-2a39-yubx
6
vulnerability VCID-937w-2w2q-7fdy
7
vulnerability VCID-axzz-cadr-b7fv
8
vulnerability VCID-cugj-j48z-jub5
9
vulnerability VCID-e2gy-1c6a-6fdf
10
vulnerability VCID-fqyx-8pgs-uqgg
11
vulnerability VCID-fukm-h3r6-s7cr
12
vulnerability VCID-g3vd-74yh-s7bn
13
vulnerability VCID-gmjm-6ck2-skgu
14
vulnerability VCID-hqzu-shyu-j3hp
15
vulnerability VCID-j1m6-79yt-f7h5
16
vulnerability VCID-jzta-navk-87bn
17
vulnerability VCID-n4zk-mdyw-3fcz
18
vulnerability VCID-nnye-4xbb-kuf5
19
vulnerability VCID-pq53-6deg-abfx
20
vulnerability VCID-q7g1-m4e7-pya4
21
vulnerability VCID-rtmv-qetu-yqfa
22
vulnerability VCID-s37s-p75k-27e6
23
vulnerability VCID-se44-f85s-xyex
24
vulnerability VCID-tcmv-6ftg-fqen
25
vulnerability VCID-u95s-xhwk-vka6
26
vulnerability VCID-vu84-dfwa-z3dg
27
vulnerability VCID-xjj5-fy4e-e7ha
28
vulnerability VCID-xvz4-nm7g-2fee
29
vulnerability VCID-y9hs-ymcm-3ucx
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@8.0.3
aliases CVE-2014-0050, GHSA-xx68-jfcg-xmmf
risk_score 10.0
exploitability 2.0
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3txt-1psa-5kf5
1
url VCID-4qcn-52ug-mbd5
vulnerability_id VCID-4qcn-52ug-mbd5
summary 
Improper Input Validation
Apache Tomcat before 6.0.39, 7.x before 7.0.50, and 8.x before 8.0.0-RC10 processes chunked transfer coding without properly handling (1) a large total amount of chunked data or (2) whitespace characters in an HTTP header value within a trailer field, which allows remote attackers to cause a denial of service by streaming data. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-3544.
references
0
reference_url http://advisories.mageia.org/MGASA-2014-0148.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://advisories.mageia.org/MGASA-2014-0148.html
1
reference_url http://marc.info/?l=bugtraq&m=144498216801440&w=2
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://marc.info/?l=bugtraq&m=144498216801440&w=2
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4322.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4322.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-4322
reference_id
reference_type
scores
0
value 0.36275
scoring_system epss
scoring_elements 0.97204
published_at 2026-06-08T12:55:00Z
1
value 0.36664
scoring_system epss
scoring_elements 0.97229
published_at 2026-06-06T12:55:00Z
2
value 0.36664
scoring_system epss
scoring_elements 0.97223
published_at 2026-06-04T12:55:00Z
3
value 0.36664
scoring_system epss
scoring_elements 0.97227
published_at 2026-06-05T12:55:00Z
4
value 0.36664
scoring_system epss
scoring_elements 0.9723
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-4322
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1069905
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1069905
5
reference_url http://seclists.org/fulldisclosure/2014/Dec/23
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://seclists.org/fulldisclosure/2014/Dec/23
6
reference_url http://secunia.com/advisories/59036
reference_id
reference_type
scores
url http://secunia.com/advisories/59036
7
reference_url http://secunia.com/advisories/59675
reference_id
reference_type
scores
url http://secunia.com/advisories/59675
8
reference_url http://secunia.com/advisories/59722
reference_id
reference_type
scores
url http://secunia.com/advisories/59722
9
reference_url http://secunia.com/advisories/59724
reference_id
reference_type
scores
url http://secunia.com/advisories/59724
10
reference_url http://secunia.com/advisories/59873
reference_id
reference_type
scores
url http://secunia.com/advisories/59873
11
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
12
reference_url https://github.com/apache/tomcat70/commit/a91516b80deaf1d0c6e04a7931765fdac34c4ccd
reference_id
reference_type
scores
url https://github.com/apache/tomcat70/commit/a91516b80deaf1d0c6e04a7931765fdac34c4ccd
13
reference_url https://github.com/apache/tomcat70/commit/bed3a1a0d06a3c787183c6e90f326bbe17e49dd4
reference_id
reference_type
scores
url https://github.com/apache/tomcat70/commit/bed3a1a0d06a3c787183c6e90f326bbe17e49dd4
14
reference_url https://github.com/apache/tomcat/commit/70dc3b279f7c99136c2c51bce8812508b4893c8b
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/70dc3b279f7c99136c2c51bce8812508b4893c8b
15
reference_url https://github.com/apache/tomcat/commit/72613a0e2f88af789c2acc7093c82ff02b95b6d1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/72613a0e2f88af789c2acc7093c82ff02b95b6d1
16
reference_url https://github.com/apache/tomcat/commit/a91516b80deaf1d0c6e04a7931765fdac34c4ccd
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/a91516b80deaf1d0c6e04a7931765fdac34c4ccd
17
reference_url https://github.com/apache/tomcat/commit/b8cb9f5f91e9210ca107fd80f3e6acd47531daa7
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/b8cb9f5f91e9210ca107fd80f3e6acd47531daa7
18
reference_url https://github.com/apache/tomcat/commit/bed3a1a0d06a3c787183c6e90f326bbe17e49dd4
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/bed3a1a0d06a3c787183c6e90f326bbe17e49dd4
19
reference_url https://github.com/apache/tomcat/commit/d6a9898125f34e593de426e8c7dabb0f224fc00f
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/d6a9898125f34e593de426e8c7dabb0f224fc00f
20
reference_url https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013
21
reference_url https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E
22
reference_url https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E
23
reference_url https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E
24
reference_url https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E
25
reference_url https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E
26
reference_url https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E
27
reference_url https://rhn.redhat.com/errata/RHSA-2014-0686.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://rhn.redhat.com/errata/RHSA-2014-0686.html
28
reference_url https://svn.apache.org/viewvc?view=rev&rev=1521834
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1521834
29
reference_url https://svn.apache.org/viewvc?view=rev&rev=1521864
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1521864
30
reference_url https://svn.apache.org/viewvc?view=rev&rev=1549522
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1549522
31
reference_url https://svn.apache.org/viewvc?view=rev&rev=1549523
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1549523
32
reference_url https://svn.apache.org/viewvc?view=rev&rev=1556540
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1556540
33
reference_url http://svn.apache.org/viewvc?view=revision&revision=1521834
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://svn.apache.org/viewvc?view=revision&revision=1521834
34
reference_url http://svn.apache.org/viewvc?view=revision&revision=1521864
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://svn.apache.org/viewvc?view=revision&revision=1521864
35
reference_url http://svn.apache.org/viewvc?view=revision&revision=1549522
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://svn.apache.org/viewvc?view=revision&revision=1549522
36
reference_url http://svn.apache.org/viewvc?view=revision&revision=1549523
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://svn.apache.org/viewvc?view=revision&revision=1549523
37
reference_url http://svn.apache.org/viewvc?view=revision&revision=1556540
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://svn.apache.org/viewvc?view=revision&revision=1556540
38
reference_url https://web.archive.org/web/20140315211337/http://www.securityfocus.com/bid/65767
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20140315211337/http://www.securityfocus.com/bid/65767
39
reference_url https://web.archive.org/web/20150503090027/http://www.securityfocus.com/archive/1/534161/100/0/threaded
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20150503090027/http://www.securityfocus.com/archive/1/534161/100/0/threaded
40
reference_url https://web.archive.org/web/20151023203543/http://secunia.com/advisories/59873
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20151023203543/http://secunia.com/advisories/59873
41
reference_url https://web.archive.org/web/20161024215620/http://secunia.com/advisories/59036
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20161024215620/http://secunia.com/advisories/59036
42
reference_url https://web.archive.org/web/20161024215639/http://secunia.com/advisories/59722
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20161024215639/http://secunia.com/advisories/59722
43
reference_url https://web.archive.org/web/20161024215804/http://secunia.com/advisories/59675
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20161024215804/http://secunia.com/advisories/59675
44
reference_url https://web.archive.org/web/20161024220018/http://secunia.com/advisories/59724
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20161024220018/http://secunia.com/advisories/59724
45
reference_url http://tomcat.apache.org/security-6.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-6.html
46
reference_url http://tomcat.apache.org/security-7.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-7.html
47
reference_url http://tomcat.apache.org/security-8.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-8.html
48
reference_url http://www-01.ibm.com/support/docview.wss?uid=swg21667883
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www-01.ibm.com/support/docview.wss?uid=swg21667883
49
reference_url http://www-01.ibm.com/support/docview.wss?uid=swg21675886
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www-01.ibm.com/support/docview.wss?uid=swg21675886
50
reference_url http://www-01.ibm.com/support/docview.wss?uid=swg21677147
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www-01.ibm.com/support/docview.wss?uid=swg21677147
51
reference_url http://www-01.ibm.com/support/docview.wss?uid=swg21678113
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www-01.ibm.com/support/docview.wss?uid=swg21678113
52
reference_url http://www-01.ibm.com/support/docview.wss?uid=swg21678231
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www-01.ibm.com/support/docview.wss?uid=swg21678231
53
reference_url http://www.debian.org/security/2016/dsa-3530
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2016/dsa-3530
54
reference_url http://www.mandriva.com/security/advisories?name=MDVSA-2015:052
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.mandriva.com/security/advisories?name=MDVSA-2015:052
55
reference_url http://www.mandriva.com/security/advisories?name=MDVSA-2015:084
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.mandriva.com/security/advisories?name=MDVSA-2015:084
56
reference_url http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
57
reference_url http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
58
reference_url http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html
59
reference_url http://www.securityfocus.com/archive/1/534161/100/0/threaded
reference_id
reference_type
scores
url http://www.securityfocus.com/archive/1/534161/100/0/threaded
60
reference_url http://www.securityfocus.com/bid/65767
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/65767
61
reference_url http://www.ubuntu.com/usn/USN-2130-1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-2130-1
62
reference_url http://www.vmware.com/security/advisories/VMSA-2014-0008.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.vmware.com/security/advisories/VMSA-2014-0008.html
63
reference_url http://www.vmware.com/security/advisories/VMSA-2014-0012.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.vmware.com/security/advisories/VMSA-2014-0012.html
64
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4322
reference_id CVE-2013-4322
reference_type
scores
0
value Important
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4322
65
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-4322
reference_id CVE-2013-4322
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-4322
66
reference_url https://github.com/advisories/GHSA-wq2p-q66w-q8gp
reference_id GHSA-wq2p-q66w-q8gp
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-wq2p-q66w-q8gp
67
reference_url https://security.gentoo.org/glsa/201412-29
reference_id GLSA-201412-29
reference_type
scores
url https://security.gentoo.org/glsa/201412-29
68
reference_url https://access.redhat.com/errata/RHSA-2014:0429
reference_id RHSA-2014:0429
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0429
69
reference_url https://access.redhat.com/errata/RHSA-2014:0525
reference_id RHSA-2014:0525
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0525
70
reference_url https://access.redhat.com/errata/RHSA-2014:0526
reference_id RHSA-2014:0526
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0526
71
reference_url https://access.redhat.com/errata/RHSA-2014:0527
reference_id RHSA-2014:0527
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0527
72
reference_url https://access.redhat.com/errata/RHSA-2014:0528
reference_id RHSA-2014:0528
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0528
73
reference_url https://access.redhat.com/errata/RHSA-2014:0686
reference_id RHSA-2014:0686
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0686
74
reference_url https://usn.ubuntu.com/2130-1/
reference_id USN-2130-1
reference_type
scores
url https://usn.ubuntu.com/2130-1/
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@8.0.0-RC10
purl pkg:maven/org.apache.tomcat/tomcat@8.0.0-RC10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3txt-1psa-5kf5
1
vulnerability VCID-cugj-j48z-jub5
2
vulnerability VCID-fqyx-8pgs-uqgg
3
vulnerability VCID-y9hs-ymcm-3ucx
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@8.0.0-RC10
aliases CVE-2013-4322, GHSA-wq2p-q66w-q8gp
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4qcn-52ug-mbd5
2
url VCID-cugj-j48z-jub5
vulnerability_id VCID-cugj-j48z-jub5
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-24880.json
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-24880.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-24880
reference_id
reference_type
scores
0
value 0.00176
scoring_system epss
scoring_elements 0.38946
published_at 2026-06-05T12:55:00Z
1
value 0.00176
scoring_system epss
scoring_elements 0.38895
published_at 2026-06-08T12:55:00Z
2
value 0.00176
scoring_system epss
scoring_elements 0.38923
published_at 2026-06-07T12:55:00Z
3
value 0.00176
scoring_system epss
scoring_elements 0.38951
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-24880
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
4
reference_url https://github.com/apache/tomcat/commit/1b586d6aa8ae65726da5fa8799427b5d4718478a
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/1b586d6aa8ae65726da5fa8799427b5d4718478a
5
reference_url https://github.com/apache/tomcat/commit/1e71441a15972f56e661b0b549fb9e5d838b83bb
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/1e71441a15972f56e661b0b549fb9e5d838b83bb
6
reference_url https://github.com/apache/tomcat/commit/2cb06c34f661ca42f7570bbcc21e99806184bcc5
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/2cb06c34f661ca42f7570bbcc21e99806184bcc5
7
reference_url https://github.com/apache/tomcat/commit/6d478dbe18b7c4bb671c30fedf130309b0dab77c
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/6d478dbe18b7c4bb671c30fedf130309b0dab77c
8
reference_url https://github.com/apache/tomcat/commit/f07df938d00f7419b40fa65aa912966d0efac522
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/f07df938d00f7419b40fa65aa912966d0efac522
9
reference_url https://github.com/apache/tomcat/commit/fde1a8235fb73125217bd41e162aa0a113f33552
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/fde1a8235fb73125217bd41e162aa0a113f33552
10
reference_url https://lists.apache.org/thread/2c682qnlg2tv4o5knlggqbl9yc2gb5sn
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T18:33:19Z/
url https://lists.apache.org/thread/2c682qnlg2tv4o5knlggqbl9yc2gb5sn
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-24880
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-24880
12
reference_url https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.53
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.53
13
reference_url https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.20
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.20
14
reference_url https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.116
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.116
15
reference_url https://www.herodevs.com/vulnerability-directory/cve-2026-24880
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.herodevs.com/vulnerability-directory/cve-2026-24880
16
reference_url http://www.openwall.com/lists/oss-security/2026/04/09/20
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2026/04/09/20
17
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133356
reference_id 1133356
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133356
18
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133357
reference_id 1133357
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133357
19
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2457040
reference_id 2457040
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2457040
20
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-24880
reference_id CVE-2026-24880
reference_type
scores
0
value Low
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-24880
21
reference_url https://github.com/advisories/GHSA-563x-q5rq-57qp
reference_id GHSA-563x-q5rq-57qp
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-563x-q5rq-57qp
22
reference_url https://access.redhat.com/errata/RHSA-2026:20405
reference_id RHSA-2026:20405
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:20405
23
reference_url https://access.redhat.com/errata/RHSA-2026:20406
reference_id RHSA-2026:20406
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:20406
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@9.0.116
purl pkg:maven/org.apache.tomcat/tomcat@9.0.116
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1qsf-yxnk-fqhy
1
vulnerability VCID-2s6w-bbfa-afb8
2
vulnerability VCID-5tsf-py3f-skd9
3
vulnerability VCID-nqgv-hbwa-d3en
4
vulnerability VCID-z8df-aq4y-ubet
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.116
1
url pkg:maven/org.apache.tomcat/tomcat@10.1.52
purl pkg:maven/org.apache.tomcat/tomcat@10.1.52
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1qsf-yxnk-fqhy
1
vulnerability VCID-2s6w-bbfa-afb8
2
vulnerability VCID-8qk1-ufax-eugz
3
vulnerability VCID-cugj-j48z-jub5
4
vulnerability VCID-gw94-yyjd-17er
5
vulnerability VCID-j493-xan3-myfm
6
vulnerability VCID-nqgv-hbwa-d3en
7
vulnerability VCID-nsp7-e9m6-juhv
8
vulnerability VCID-s5kh-nebr-tba9
9
vulnerability VCID-z8df-aq4y-ubet
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.52
2
url pkg:maven/org.apache.tomcat/tomcat@10.1.53
purl pkg:maven/org.apache.tomcat/tomcat@10.1.53
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1qsf-yxnk-fqhy
1
vulnerability VCID-2s6w-bbfa-afb8
2
vulnerability VCID-5tsf-py3f-skd9
3
vulnerability VCID-nqgv-hbwa-d3en
4
vulnerability VCID-z8df-aq4y-ubet
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.53
3
url pkg:maven/org.apache.tomcat/tomcat@11.0.20
purl pkg:maven/org.apache.tomcat/tomcat@11.0.20
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1qsf-yxnk-fqhy
1
vulnerability VCID-2s6w-bbfa-afb8
2
vulnerability VCID-5tsf-py3f-skd9
3
vulnerability VCID-nqgv-hbwa-d3en
4
vulnerability VCID-z8df-aq4y-ubet
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@11.0.20
aliases CVE-2026-24880, GHSA-563x-q5rq-57qp
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cugj-j48z-jub5
3
url VCID-fqyx-8pgs-uqgg
vulnerability_id VCID-fqyx-8pgs-uqgg
summary A Incorrect Default Permissions vulnerability in the packaging of tomcat on SUSE Enterprise Storage 5, SUSE Linux Enterprise Server 12-SP2-BCL, SUSE Linux Enterprise Server 12-SP2-LTSS, SUSE Linux Enterprise Server 12-SP3-BCL, SUSE Linux Enterprise Server 12-SP3-LTSS, SUSE Linux Enterprise Server 12-SP4, SUSE Linux Enterprise Server 12-SP5, SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP 12-SP2, SUSE Linux Enterprise Server for SAP 12-SP3, SUSE Linux Enterprise Server for SAP 15, SUSE OpenStack Cloud 7, SUSE OpenStack Cloud 8, SUSE OpenStack Cloud Crowbar 8 allows local attackers to escalate from group tomcat to root. This issue affects: SUSE Enterprise Storage 5 tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server 12-SP2-BCL tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server 12-SP2-LTSS tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server 12-SP3-BCL tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server 12-SP3-LTSS tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server 12-SP4 tomcat versions prior to 9.0.35-3.39.1. SUSE Linux Enterprise Server 12-SP5 tomcat versions prior to 9.0.35-3.39.1. SUSE Linux Enterprise Server 15-LTSS tomcat versions prior to 9.0.35-3.57.3. SUSE Linux Enterprise Server for SAP 12-SP2 tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server for SAP 12-SP3 tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server for SAP 15 tomcat versions prior to 9.0.35-3.57.3. SUSE OpenStack Cloud 7 tomcat versions prior to 8.0.53-29.32.1. SUSE OpenStack Cloud 8 tomcat versions prior to 8.0.53-29.32.1. SUSE OpenStack Cloud Crowbar 8 tomcat versions prior to 8.0.53-29.32.1.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00066.html
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00066.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8022.json
reference_id
reference_type
scores
0
value 7.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8022.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-8022
reference_id
reference_type
scores
0
value 0.00187
scoring_system epss
scoring_elements 0.4034
published_at 2026-06-08T12:55:00Z
1
value 0.00187
scoring_system epss
scoring_elements 0.40314
published_at 2026-06-04T12:55:00Z
2
value 0.00187
scoring_system epss
scoring_elements 0.40394
published_at 2026-06-05T12:55:00Z
3
value 0.00187
scoring_system epss
scoring_elements 0.40397
published_at 2026-06-06T12:55:00Z
4
value 0.00187
scoring_system epss
scoring_elements 0.40369
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-8022
3
reference_url https://bugzilla.suse.com/show_bug.cgi?id=1172405
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.suse.com/show_bug.cgi?id=1172405
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://lists.apache.org/thread.html/r393d4f431683e99c839b4aed68f720b8583bca6c35cd84adccaa02be@%3Cjava-dev.axis.apache.org%3E
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r393d4f431683e99c839b4aed68f720b8583bca6c35cd84adccaa02be@%3Cjava-dev.axis.apache.org%3E
6
reference_url https://lists.apache.org/thread.html/r5be80ba868a11a1f64e4922399f171b8619bca4bc2039f79cf913928@%3Cjava-dev.axis.apache.org%3E
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r5be80ba868a11a1f64e4922399f171b8619bca4bc2039f79cf913928@%3Cjava-dev.axis.apache.org%3E
7
reference_url https://lists.apache.org/thread.html/ra87ec20a0f4b226c81c7eed27e5d7433ccdc41e61a8da408a45f0fa1@%3Cusers.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/ra87ec20a0f4b226c81c7eed27e5d7433ccdc41e61a8da408a45f0fa1@%3Cusers.tomcat.apache.org%3E
8
reference_url https://lists.apache.org/thread.html/rf50d02409e5732c4ee37f19a193af171251a25a652599ce3c2bc69e7@%3Cusers.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rf50d02409e5732c4ee37f19a193af171251a25a652599ce3c2bc69e7@%3Cusers.tomcat.apache.org%3E
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1852863
reference_id 1852863
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1852863
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-8022
reference_id CVE-2020-8022
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-8022
11
reference_url https://github.com/advisories/GHSA-gc58-v8h3-x2gr
reference_id GHSA-gc58-v8h3-x2gr
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-gc58-v8h3-x2gr
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@8.0.53
purl pkg:maven/org.apache.tomcat/tomcat@8.0.53
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5udv-rheh-kqfy
1
vulnerability VCID-cugj-j48z-jub5
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@8.0.53
1
url pkg:maven/org.apache.tomcat/tomcat@9.0.35
purl pkg:maven/org.apache.tomcat/tomcat@9.0.35
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1qsf-yxnk-fqhy
1
vulnerability VCID-2qhv-x4j1-jqa7
2
vulnerability VCID-4q7w-adqc-kydu
3
vulnerability VCID-71mw-xrnv-9kec
4
vulnerability VCID-9awt-9zjq-yucn
5
vulnerability VCID-cugj-j48z-jub5
6
vulnerability VCID-d8re-94xd-nycp
7
vulnerability VCID-dbu6-fhrs-aubn
8
vulnerability VCID-dk58-p9py-rka9
9
vulnerability VCID-dxkq-jhq6-qbad
10
vulnerability VCID-essq-6syu-6ygm
11
vulnerability VCID-gw94-yyjd-17er
12
vulnerability VCID-hssj-zqwx-9bc9
13
vulnerability VCID-kqng-d1f2-myg5
14
vulnerability VCID-nqgv-hbwa-d3en
15
vulnerability VCID-qth9-7326-hffp
16
vulnerability VCID-urhs-6aus-syb1
17
vulnerability VCID-vvqm-vk3g-kuh8
18
vulnerability VCID-wmrh-m1m3-uyav
19
vulnerability VCID-wyf8-8szf-qbfn
20
vulnerability VCID-zba8-2zc4-9qfh
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.35
aliases CVE-2020-8022, GHSA-gc58-v8h3-x2gr
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fqyx-8pgs-uqgg
4
url VCID-sk1w-8yt4-93cv
vulnerability_id VCID-sk1w-8yt4-93cv
summary 
Exposure of Sensitive Information to an Unauthorized Actor
Apache Tomcat before 6.0.39, 7.x before 7.0.50, and 8.x before 8.0.0-RC10 allows attackers to obtain "Tomcat internals" information by leveraging the presence of an untrusted web application with a context.xml, web.xml, *.jspx, *.tagx, or *.tld XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
references
0
reference_url http://advisories.mageia.org/MGASA-2014-0148.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://advisories.mageia.org/MGASA-2014-0148.html
1
reference_url http://marc.info/?l=bugtraq&m=144498216801440&w=2
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://marc.info/?l=bugtraq&m=144498216801440&w=2
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4590.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4590.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-4590
reference_id
reference_type
scores
0
value 0.00662
scoring_system epss
scoring_elements 0.71566
published_at 2026-06-08T12:55:00Z
1
value 0.00922
scoring_system epss
scoring_elements 0.76391
published_at 2026-06-07T12:55:00Z
2
value 0.00922
scoring_system epss
scoring_elements 0.76401
published_at 2026-06-06T12:55:00Z
3
value 0.00922
scoring_system epss
scoring_elements 0.76399
published_at 2026-06-05T12:55:00Z
4
value 0.00922
scoring_system epss
scoring_elements 0.76372
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-4590
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1069911
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1069911
5
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
6
reference_url https://github.com/apache/tomcat70/commit/b9e06ead01984483af73f48e7861bc7897f5e84f
reference_id
reference_type
scores
url https://github.com/apache/tomcat70/commit/b9e06ead01984483af73f48e7861bc7897f5e84f
7
reference_url https://github.com/apache/tomcat/commit/05c84ff8304a69a30b251f207a7b93c2c882564d
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/05c84ff8304a69a30b251f207a7b93c2c882564d
8
reference_url https://github.com/apache/tomcat/commit/78dd7e6f3d8481bc3bcd71ca5b20296de1283888
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/78dd7e6f3d8481bc3bcd71ca5b20296de1283888
9
reference_url https://github.com/apache/tomcat/commit/b9e06ead01984483af73f48e7861bc7897f5e84f
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/b9e06ead01984483af73f48e7861bc7897f5e84f
10
reference_url https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013
11
reference_url https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E
13
reference_url https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E
14
reference_url https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E
15
reference_url https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E
16
reference_url https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E
17
reference_url https://svn.apache.org/viewvc?view=rev&rev=1549528
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1549528
18
reference_url https://svn.apache.org/viewvc?view=rev&rev=1549529
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1549529
19
reference_url https://svn.apache.org/viewvc?view=rev&rev=1558828
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1558828
20
reference_url http://svn.apache.org/viewvc?view=revision&revision=1549528
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://svn.apache.org/viewvc?view=revision&revision=1549528
21
reference_url http://svn.apache.org/viewvc?view=revision&revision=1549529
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://svn.apache.org/viewvc?view=revision&revision=1549529
22
reference_url http://svn.apache.org/viewvc?view=revision&revision=1558828
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://svn.apache.org/viewvc?view=revision&revision=1558828
23
reference_url http://tomcat.apache.org/security-6.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-6.html
24
reference_url http://tomcat.apache.org/security-7.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-7.html
25
reference_url http://tomcat.apache.org/security-8.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-8.html
26
reference_url http://www-01.ibm.com/support/docview.wss?uid=swg21667883
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www-01.ibm.com/support/docview.wss?uid=swg21667883
27
reference_url http://www-01.ibm.com/support/docview.wss?uid=swg21675886
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www-01.ibm.com/support/docview.wss?uid=swg21675886
28
reference_url http://www-01.ibm.com/support/docview.wss?uid=swg21677147
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www-01.ibm.com/support/docview.wss?uid=swg21677147
29
reference_url http://www-01.ibm.com/support/docview.wss?uid=swg21678231
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www-01.ibm.com/support/docview.wss?uid=swg21678231
30
reference_url http://www.debian.org/security/2016/dsa-3530
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2016/dsa-3530
31
reference_url http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
32
reference_url http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html
33
reference_url http://www.vmware.com/security/advisories/VMSA-2014-0008.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.vmware.com/security/advisories/VMSA-2014-0008.html
34
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4590
reference_id CVE-2013-4590
reference_type
scores
0
value Low
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4590
35
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-4590
reference_id CVE-2013-4590
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-4590
36
reference_url https://github.com/advisories/GHSA-87w9-x2c3-hrjj
reference_id GHSA-87w9-x2c3-hrjj
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-87w9-x2c3-hrjj
37
reference_url https://security.gentoo.org/glsa/201412-29
reference_id GLSA-201412-29
reference_type
scores
url https://security.gentoo.org/glsa/201412-29
38
reference_url https://access.redhat.com/errata/RHSA-2014:1038
reference_id RHSA-2014:1038
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1038
39
reference_url https://access.redhat.com/errata/RHSA-2014:1086
reference_id RHSA-2014:1086
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1086
40
reference_url https://access.redhat.com/errata/RHSA-2014:1087
reference_id RHSA-2014:1087
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1087
41
reference_url https://access.redhat.com/errata/RHSA-2014:1088
reference_id RHSA-2014:1088
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1088
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@8.0.0-RC10
purl pkg:maven/org.apache.tomcat/tomcat@8.0.0-RC10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3txt-1psa-5kf5
1
vulnerability VCID-cugj-j48z-jub5
2
vulnerability VCID-fqyx-8pgs-uqgg
3
vulnerability VCID-y9hs-ymcm-3ucx
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@8.0.0-RC10
aliases CVE-2013-4590, GHSA-87w9-x2c3-hrjj
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sk1w-8yt4-93cv
5
url VCID-y9hs-ymcm-3ucx
vulnerability_id VCID-y9hs-ymcm-3ucx
summary 
Improper Input Validation
The code in Apache Tomcat 9.0.0.M1 to 9.0.0.M11, 8.5.0 to 8.5.6, 8.0.0.RC1 to 8.0.38, 7.0.0 to 7.0.72, and 6.0.0 to 6.0.47 that parsed the HTTP request line permitted invalid characters. This could be exploited, in conjunction with a proxy that also permitted the invalid characters but with a different interpretation, to inject data into the HTTP response. By manipulating the HTTP response the attacker could poison a web-cache, perform an XSS attack and/or obtain sensitive information from requests other then their own.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2017-0244.html
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:25:30Z/
url http://rhn.redhat.com/errata/RHSA-2017-0244.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2017-0245.html
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:25:30Z/
url http://rhn.redhat.com/errata/RHSA-2017-0245.html
2
reference_url http://rhn.redhat.com/errata/RHSA-2017-0246.html
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:25:30Z/
url http://rhn.redhat.com/errata/RHSA-2017-0246.html
3
reference_url http://rhn.redhat.com/errata/RHSA-2017-0247.html
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:25:30Z/
url http://rhn.redhat.com/errata/RHSA-2017-0247.html
4
reference_url http://rhn.redhat.com/errata/RHSA-2017-0250.html
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:25:30Z/
url http://rhn.redhat.com/errata/RHSA-2017-0250.html
5
reference_url http://rhn.redhat.com/errata/RHSA-2017-0457.html
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:25:30Z/
url http://rhn.redhat.com/errata/RHSA-2017-0457.html
6
reference_url http://rhn.redhat.com/errata/RHSA-2017-0527.html
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:25:30Z/
url http://rhn.redhat.com/errata/RHSA-2017-0527.html
7
reference_url https://access.redhat.com/errata/RHSA-2017:0455
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:25:30Z/
url https://access.redhat.com/errata/RHSA-2017:0455
8
reference_url https://access.redhat.com/errata/RHSA-2017:0456
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:25:30Z/
url https://access.redhat.com/errata/RHSA-2017:0456
9
reference_url https://access.redhat.com/errata/RHSA-2017:0935
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:25:30Z/
url https://access.redhat.com/errata/RHSA-2017:0935
10
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6816.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6816.json
11
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-6816
reference_id
reference_type
scores
0
value 0.0326
scoring_system epss
scoring_elements 0.874
published_at 2026-06-06T12:55:00Z
1
value 0.0326
scoring_system epss
scoring_elements 0.87397
published_at 2026-06-08T12:55:00Z
2
value 0.0326
scoring_system epss
scoring_elements 0.87402
published_at 2026-06-05T12:55:00Z
3
value 0.0326
scoring_system epss
scoring_elements 0.8738
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-6816
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9774
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9774
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9775
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9775
14
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
15
reference_url https://github.com/apache/tomcat70/commit/cdc0a935c2173aff60039a0b85e57a461381107c
reference_id
reference_type
scores
url https://github.com/apache/tomcat70/commit/cdc0a935c2173aff60039a0b85e57a461381107c
16
reference_url https://github.com/apache/tomcat80/commit/779d5d34e68e50d2f721897050b147106992f566
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat80/commit/779d5d34e68e50d2f721897050b147106992f566
17
reference_url https://github.com/apache/tomcat85/commit/f96f5751d418ae5a2f550be040daf9c5f7d99256
reference_id
reference_type
scores
url https://github.com/apache/tomcat85/commit/f96f5751d418ae5a2f550be040daf9c5f7d99256
18
reference_url https://github.com/apache/tomcat/commit/516bda676ac8d0284da3e0295a7df70391315360
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/516bda676ac8d0284da3e0295a7df70391315360
19
reference_url https://github.com/apache/tomcat/commit/cdc0a935c2173aff60039a0b85e57a461381107c
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/cdc0a935c2173aff60039a0b85e57a461381107c
20
reference_url https://github.com/apache/tomcat/commit/f96f5751d418ae5a2f550be040daf9c5f7d99256
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/f96f5751d418ae5a2f550be040daf9c5f7d99256
21
reference_url https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E
22
reference_url https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:25:30Z/
url https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E
23
reference_url https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E
24
reference_url https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:25:30Z/
url https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E
25
reference_url https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E
26
reference_url https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:25:30Z/
url https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E
27
reference_url https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E
28
reference_url https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:25:30Z/
url https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E
29
reference_url https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E
30
reference_url https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:25:30Z/
url https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E
31
reference_url https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E
32
reference_url https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:25:30Z/
url https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3E
33
reference_url https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424@%3Cdev.tomcat.apache.org%3E
34
reference_url https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:25:30Z/
url https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E
35
reference_url https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E
36
reference_url https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:25:30Z/
url https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a%40%3Cdev.tomcat.apache.org%3E
37
reference_url https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E
38
reference_url https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:25:30Z/
url https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E
39
reference_url https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E
40
reference_url https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:25:30Z/
url https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E
41
reference_url https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E
42
reference_url https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:25:30Z/
url https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E
43
reference_url https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E
44
reference_url https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:25:30Z/
url https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E
45
reference_url https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E
46
reference_url https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:25:30Z/
url https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E
47
reference_url https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E
48
reference_url https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:25:30Z/
url https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E
49
reference_url https://security.netapp.com/advisory/ntap-20180607-0001
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20180607-0001
50
reference_url https://security.netapp.com/advisory/ntap-20180607-0001/
reference_id
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:25:30Z/
url https://security.netapp.com/advisory/ntap-20180607-0001/
51
reference_url https://svn.apache.org/viewvc?view=revision&revision=1767641
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://svn.apache.org/viewvc?view=revision&revision=1767641
52
reference_url https://svn.apache.org/viewvc?view=revision&revision=1767645
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://svn.apache.org/viewvc?view=revision&revision=1767645
53
reference_url https://svn.apache.org/viewvc?view=revision&revision=1767653
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://svn.apache.org/viewvc?view=revision&revision=1767653
54
reference_url https://svn.apache.org/viewvc?view=revision&revision=1767675
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://svn.apache.org/viewvc?view=revision&revision=1767675
55
reference_url https://svn.apache.org/viewvc?view=revision&revision=1767683
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://svn.apache.org/viewvc?view=revision&revision=1767683
56
reference_url https://svn.apache.org/viewvc?view=rev&rev=1767641
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1767641
57
reference_url https://svn.apache.org/viewvc?view=rev&rev=1767645
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1767645
58
reference_url https://svn.apache.org/viewvc?view=rev&rev=1767653
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1767653
59
reference_url https://svn.apache.org/viewvc?view=rev&rev=1767675
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1767675
60
reference_url https://svn.apache.org/viewvc?view=rev&rev=1767683
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1767683
61
reference_url https://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.48
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:25:30Z/
url https://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.48
62
reference_url https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.73
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:25:30Z/
url https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.73
63
reference_url https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.39
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:25:30Z/
url https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.39
64
reference_url https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.8
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:25:30Z/
url https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.8
65
reference_url https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.0.M13
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:25:30Z/
url https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.0.M13
66
reference_url https://usn.ubuntu.com/4557-1
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/4557-1
67
reference_url https://usn.ubuntu.com/4557-1/
reference_id
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:25:30Z/
url https://usn.ubuntu.com/4557-1/
68
reference_url https://web.archive.org/web/20161204121236/http://www.securityfocus.com/bid/94461
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20161204121236/http://www.securityfocus.com/bid/94461
69
reference_url https://web.archive.org/web/20170929085438/http://www.securitytracker.com/id/1037332
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20170929085438/http://www.securitytracker.com/id/1037332
70
reference_url https://www.exploit-db.com/exploits/41783
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.exploit-db.com/exploits/41783
71
reference_url https://www.exploit-db.com/exploits/41783/
reference_id
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:25:30Z/
url https://www.exploit-db.com/exploits/41783/
72
reference_url http://www.debian.org/security/2016/dsa-3738
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:25:30Z/
url http://www.debian.org/security/2016/dsa-3738
73
reference_url http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:25:30Z/
url http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
74
reference_url http://www.securitytracker.com/id/1037332
reference_id 1037332
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:25:30Z/
url http://www.securitytracker.com/id/1037332
75
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1397484
reference_id 1397484
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1397484
76
reference_url http://www.securityfocus.com/bid/94461
reference_id 94461
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:25:30Z/
url http://www.securityfocus.com/bid/94461
77
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6816
reference_id CVE-2016-6816
reference_type
scores
0
value Important
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6816
78
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/41783.txt
reference_id CVE-2016-6816
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/41783.txt
79
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-6816
reference_id CVE-2016-6816
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-6816
80
reference_url https://github.com/advisories/GHSA-jc7p-5r39-9477
reference_id GHSA-jc7p-5r39-9477
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-jc7p-5r39-9477
81
reference_url https://access.redhat.com/errata/RHSA-2017:0244
reference_id RHSA-2017:0244
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0244
82
reference_url https://access.redhat.com/errata/RHSA-2017:0245
reference_id RHSA-2017:0245
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0245
83
reference_url https://access.redhat.com/errata/RHSA-2017:0246
reference_id RHSA-2017:0246
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0246
84
reference_url https://access.redhat.com/errata/RHSA-2017:0247
reference_id RHSA-2017:0247
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0247
85
reference_url https://access.redhat.com/errata/RHSA-2017:0250
reference_id RHSA-2017:0250
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0250
86
reference_url https://access.redhat.com/errata/RHSA-2017:0457
reference_id RHSA-2017:0457
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0457
87
reference_url https://access.redhat.com/errata/RHSA-2017:0527
reference_id RHSA-2017:0527
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0527
88
reference_url https://usn.ubuntu.com/3177-1/
reference_id USN-3177-1
reference_type
scores
url https://usn.ubuntu.com/3177-1/
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@8.0.39
purl pkg:maven/org.apache.tomcat/tomcat@8.0.39
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5udv-rheh-kqfy
1
vulnerability VCID-cugj-j48z-jub5
2
vulnerability VCID-fqyx-8pgs-uqgg
3
vulnerability VCID-g3vd-74yh-s7bn
4
vulnerability VCID-gmjm-6ck2-skgu
5
vulnerability VCID-hqzu-shyu-j3hp
6
vulnerability VCID-q7g1-m4e7-pya4
7
vulnerability VCID-rtmv-qetu-yqfa
8
vulnerability VCID-se44-f85s-xyex
9
vulnerability VCID-u95s-xhwk-vka6
10
vulnerability VCID-vu84-dfwa-z3dg
11
vulnerability VCID-xa95-zsnk-3kg9
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@8.0.39
1
url pkg:maven/org.apache.tomcat/tomcat@8.5.8
purl pkg:maven/org.apache.tomcat/tomcat@8.5.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1kgu-zupu-tydw
1
vulnerability VCID-2qhv-x4j1-jqa7
2
vulnerability VCID-3nsr-9s9y-ckft
3
vulnerability VCID-3tme-zh53-7ubx
4
vulnerability VCID-4nx6-t8vd-bqcu
5
vulnerability VCID-4q7w-adqc-kydu
6
vulnerability VCID-59dd-qzpt-aucm
7
vulnerability VCID-5udv-rheh-kqfy
8
vulnerability VCID-8xdc-3kn9-b3e6
9
vulnerability VCID-ct4z-hxx3-53bw
10
vulnerability VCID-cugj-j48z-jub5
11
vulnerability VCID-d8re-94xd-nycp
12
vulnerability VCID-dast-z2hv-2yfe
13
vulnerability VCID-dbu6-fhrs-aubn
14
vulnerability VCID-dk58-p9py-rka9
15
vulnerability VCID-dxkq-jhq6-qbad
16
vulnerability VCID-essq-6syu-6ygm
17
vulnerability VCID-g3vd-74yh-s7bn
18
vulnerability VCID-gmjm-6ck2-skgu
19
vulnerability VCID-hqzu-shyu-j3hp
20
vulnerability VCID-kqng-d1f2-myg5
21
vulnerability VCID-nndc-pabd-nbgf
22
vulnerability VCID-nxb3-55eu-auhp
23
vulnerability VCID-q7g1-m4e7-pya4
24
vulnerability VCID-qth9-7326-hffp
25
vulnerability VCID-rbvh-4npk-nub9
26
vulnerability VCID-rk89-9dw5-w3gg
27
vulnerability VCID-rtmv-qetu-yqfa
28
vulnerability VCID-se44-f85s-xyex
29
vulnerability VCID-u95s-xhwk-vka6
30
vulnerability VCID-urhs-6aus-syb1
31
vulnerability VCID-vu84-dfwa-z3dg
32
vulnerability VCID-webw-gryb-7ucv
33
vulnerability VCID-wmb3-3j7y-due7
34
vulnerability VCID-wmrh-m1m3-uyav
35
vulnerability VCID-wyf8-8szf-qbfn
36
vulnerability VCID-xa95-zsnk-3kg9
37
vulnerability VCID-xns8-63b5-guf2
38
vulnerability VCID-zba8-2zc4-9qfh
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@8.5.8
2
url pkg:maven/org.apache.tomcat/tomcat@9.0.0.M12
purl pkg:maven/org.apache.tomcat/tomcat@9.0.0.M12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.0.M12
3
url pkg:maven/org.apache.tomcat/tomcat@9.0.0.M13
purl pkg:maven/org.apache.tomcat/tomcat@9.0.0.M13
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1kgu-zupu-tydw
1
vulnerability VCID-3nsr-9s9y-ckft
2
vulnerability VCID-4nx6-t8vd-bqcu
3
vulnerability VCID-5udv-rheh-kqfy
4
vulnerability VCID-71mw-xrnv-9kec
5
vulnerability VCID-ct4z-hxx3-53bw
6
vulnerability VCID-cugj-j48z-jub5
7
vulnerability VCID-d8re-94xd-nycp
8
vulnerability VCID-dast-z2hv-2yfe
9
vulnerability VCID-dxkq-jhq6-qbad
10
vulnerability VCID-gmjm-6ck2-skgu
11
vulnerability VCID-gw94-yyjd-17er
12
vulnerability VCID-hqzu-shyu-j3hp
13
vulnerability VCID-kqng-d1f2-myg5
14
vulnerability VCID-nndc-pabd-nbgf
15
vulnerability VCID-rbvh-4npk-nub9
16
vulnerability VCID-rk89-9dw5-w3gg
17
vulnerability VCID-se44-f85s-xyex
18
vulnerability VCID-urhs-6aus-syb1
19
vulnerability VCID-wyf8-8szf-qbfn
20
vulnerability VCID-xa95-zsnk-3kg9
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.0.M13
aliases CVE-2016-6816, GHSA-jc7p-5r39-9477
risk_score 10.0
exploitability 2.0
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y9hs-ymcm-3ucx
Fixing_vulnerabilities
0
url VCID-yusx-ncpv-sfhg
vulnerability_id VCID-yusx-ncpv-sfhg
summary 
Improper Input Validation
Apache Tomcat before 6.0.39, 7.x before 7.0.47, and 8.x before 8.0.0-RC3, when an HTTP connector or AJP connector is used, does not properly handle certain inconsistent HTTP request headers, which allows remote attackers to trigger incorrect identification of a request's length and conduct request-smuggling attacks via (1) multiple Content-Length headers or (2) a Content-Length header and a "Transfer-Encoding: chunked" header. NOTE: this vulnerability exists because of an incomplete fix for CVE-2005-2090.
references
0
reference_url http://advisories.mageia.org/MGASA-2014-0148.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://advisories.mageia.org/MGASA-2014-0148.html
1
reference_url http://marc.info/?l=bugtraq&m=141390017113542&w=2
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://marc.info/?l=bugtraq&m=141390017113542&w=2
2
reference_url http://marc.info/?l=bugtraq&m=144498216801440&w=2
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://marc.info/?l=bugtraq&m=144498216801440&w=2
3
reference_url http://rhn.redhat.com/errata/RHSA-2014-0343.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-0343.html
4
reference_url http://rhn.redhat.com/errata/RHSA-2014-0344.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-0344.html
5
reference_url http://rhn.redhat.com/errata/RHSA-2014-0345.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-0345.html
6
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4286.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4286.json
7
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-4286
reference_id
reference_type
scores
0
value 0.23601
scoring_system epss
scoring_elements 0.96094
published_at 2026-06-06T12:55:00Z
1
value 0.23601
scoring_system epss
scoring_elements 0.96095
published_at 2026-06-07T12:55:00Z
2
value 0.23601
scoring_system epss
scoring_elements 0.96086
published_at 2026-06-04T12:55:00Z
3
value 0.23601
scoring_system epss
scoring_elements 0.96091
published_at 2026-06-05T12:55:00Z
4
value 0.27776
scoring_system epss
scoring_elements 0.96554
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-4286
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1069921
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1069921
9
reference_url http://seclists.org/fulldisclosure/2014/Dec/23
reference_id
reference_type
scores
url http://seclists.org/fulldisclosure/2014/Dec/23
10
reference_url http://secunia.com/advisories/57675
reference_id
reference_type
scores
url http://secunia.com/advisories/57675
11
reference_url http://secunia.com/advisories/59036
reference_id
reference_type
scores
url http://secunia.com/advisories/59036
12
reference_url http://secunia.com/advisories/59675
reference_id
reference_type
scores
url http://secunia.com/advisories/59675
13
reference_url http://secunia.com/advisories/59722
reference_id
reference_type
scores
url http://secunia.com/advisories/59722
14
reference_url http://secunia.com/advisories/59724
reference_id
reference_type
scores
url http://secunia.com/advisories/59724
15
reference_url http://secunia.com/advisories/59733
reference_id
reference_type
scores
url http://secunia.com/advisories/59733
16
reference_url http://secunia.com/advisories/59873
reference_id
reference_type
scores
url http://secunia.com/advisories/59873
17
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
18
reference_url https://github.com/apache/tomcat70/commit/41b90b6ebc3e7f898a5a87d197ddf63790d33315
reference_id
reference_type
scores
url https://github.com/apache/tomcat70/commit/41b90b6ebc3e7f898a5a87d197ddf63790d33315
19
reference_url https://github.com/apache/tomcat80/commit/ff00954b78e6484e40f323c0cef2e6d95c2882b9
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat80/commit/ff00954b78e6484e40f323c0cef2e6d95c2882b9
20
reference_url https://github.com/apache/tomcat/commit/41b90b6ebc3e7f898a5a87d197ddf63790d33315
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/41b90b6ebc3e7f898a5a87d197ddf63790d33315
21
reference_url https://github.com/apache/tomcat/commit/7c040003f1387795356605566be7870cf70e05dc
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/7c040003f1387795356605566be7870cf70e05dc
22
reference_url https://github.com/apache/tomcat/commit/bcce3e4997a4ed06fe03e2517443f3ad8ade2dfa
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/bcce3e4997a4ed06fe03e2517443f3ad8ade2dfa
23
reference_url https://github.com/apache/tomcat/commit/d0b3e252eb168fafbfb4c3efc16d4192fc8fad6c
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/d0b3e252eb168fafbfb4c3efc16d4192fc8fad6c
24
reference_url https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013
25
reference_url https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E
26
reference_url https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E
27
reference_url https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E
28
reference_url https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E
29
reference_url https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E
30
reference_url https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E
31
reference_url https://rhn.redhat.com/errata/RHSA-2014-0686.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://rhn.redhat.com/errata/RHSA-2014-0686.html
32
reference_url https://svn.apache.org/viewvc?view=rev&rev=1521829
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1521829
33
reference_url https://svn.apache.org/viewvc?view=rev&rev=1521854
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1521854
34
reference_url https://svn.apache.org/viewvc?view=rev&rev=1552565
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1552565
35
reference_url http://svn.apache.org/viewvc?view=revision&revision=1521829
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://svn.apache.org/viewvc?view=revision&revision=1521829
36
reference_url http://svn.apache.org/viewvc?view=revision&revision=1521854
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://svn.apache.org/viewvc?view=revision&revision=1521854
37
reference_url http://svn.apache.org/viewvc?view=revision&revision=1552565
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://svn.apache.org/viewvc?view=revision&revision=1552565
38
reference_url https://web.archive.org/web/20140724174205/http://secunia.com/advisories/57675
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20140724174205/http://secunia.com/advisories/57675
39
reference_url https://web.archive.org/web/20140804172142/http://secunia.com/advisories/59036
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20140804172142/http://secunia.com/advisories/59036
40
reference_url https://web.archive.org/web/20141230041748/http://seclists.org/fulldisclosure/2014/Dec/23
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20141230041748/http://seclists.org/fulldisclosure/2014/Dec/23
41
reference_url https://web.archive.org/web/20160317145515/http://www.securityfocus.com/archive/1/534161/100/0/threaded
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20160317145515/http://www.securityfocus.com/archive/1/534161/100/0/threaded
42
reference_url https://web.archive.org/web/20160729061926/http://www.securityfocus.com/bid/65773
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20160729061926/http://www.securityfocus.com/bid/65773
43
reference_url https://web.archive.org/web/20161014054543/http://www-01.ibm.com/support/docview.wss?uid=swg21678231
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20161014054543/http://www-01.ibm.com/support/docview.wss?uid=swg21678231
44
reference_url https://web.archive.org/web/20161014054838/http://www-01.ibm.com/support/docview.wss?uid=swg21677147
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20161014054838/http://www-01.ibm.com/support/docview.wss?uid=swg21677147
45
reference_url https://web.archive.org/web/20161014054913/http://www-01.ibm.com/support/docview.wss?uid=swg21678113
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20161014054913/http://www-01.ibm.com/support/docview.wss?uid=swg21678113
46
reference_url https://web.archive.org/web/20161014054948/http://www-01.ibm.com/support/docview.wss?uid=swg21667883
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20161014054948/http://www-01.ibm.com/support/docview.wss?uid=swg21667883
47
reference_url https://web.archive.org/web/20161024215453/http://secunia.com/advisories/59873
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20161024215453/http://secunia.com/advisories/59873
48
reference_url https://web.archive.org/web/20161024215639/http://secunia.com/advisories/59722
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20161024215639/http://secunia.com/advisories/59722
49
reference_url https://web.archive.org/web/20161024215804/http://secunia.com/advisories/59675
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20161024215804/http://secunia.com/advisories/59675
50
reference_url https://web.archive.org/web/20161024220018/http://secunia.com/advisories/59724
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20161024220018/http://secunia.com/advisories/59724
51
reference_url https://web.archive.org/web/20161024220034/http://secunia.com/advisories/59733
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20161024220034/http://secunia.com/advisories/59733
52
reference_url http://tomcat.apache.org/security-6.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-6.html
53
reference_url http://tomcat.apache.org/security-7.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-7.html
54
reference_url http://tomcat.apache.org/security-8.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-8.html
55
reference_url http://www-01.ibm.com/support/docview.wss?uid=swg21667883
reference_id
reference_type
scores
url http://www-01.ibm.com/support/docview.wss?uid=swg21667883
56
reference_url http://www-01.ibm.com/support/docview.wss?uid=swg21675886
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www-01.ibm.com/support/docview.wss?uid=swg21675886
57
reference_url http://www-01.ibm.com/support/docview.wss?uid=swg21677147
reference_id
reference_type
scores
url http://www-01.ibm.com/support/docview.wss?uid=swg21677147
58
reference_url http://www-01.ibm.com/support/docview.wss?uid=swg21678113
reference_id
reference_type
scores
url http://www-01.ibm.com/support/docview.wss?uid=swg21678113
59
reference_url http://www-01.ibm.com/support/docview.wss?uid=swg21678231
reference_id
reference_type
scores
url http://www-01.ibm.com/support/docview.wss?uid=swg21678231
60
reference_url http://www.debian.org/security/2016/dsa-3530
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2016/dsa-3530
61
reference_url http://www.mandriva.com/security/advisories?name=MDVSA-2015:052
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.mandriva.com/security/advisories?name=MDVSA-2015:052
62
reference_url http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
63
reference_url http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html
64
reference_url http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
65
reference_url http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
66
reference_url http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html
67
reference_url http://www.securityfocus.com/archive/1/534161/100/0/threaded
reference_id
reference_type
scores
url http://www.securityfocus.com/archive/1/534161/100/0/threaded
68
reference_url http://www.securityfocus.com/bid/65773
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/65773
69
reference_url http://www.ubuntu.com/usn/USN-2130-1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-2130-1
70
reference_url http://www.vmware.com/security/advisories/VMSA-2014-0012.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.vmware.com/security/advisories/VMSA-2014-0012.html
71
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4286
reference_id CVE-2013-4286
reference_type
scores
0
value Important
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4286
72
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-4286
reference_id CVE-2013-4286
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-4286
73
reference_url https://github.com/advisories/GHSA-j448-j653-r3vj
reference_id GHSA-j448-j653-r3vj
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-j448-j653-r3vj
74
reference_url https://security.gentoo.org/glsa/201412-29
reference_id GLSA-201412-29
reference_type
scores
url https://security.gentoo.org/glsa/201412-29
75
reference_url https://access.redhat.com/errata/RHSA-2014:0343
reference_id RHSA-2014:0343
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0343
76
reference_url https://access.redhat.com/errata/RHSA-2014:0344
reference_id RHSA-2014:0344
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0344
77
reference_url https://access.redhat.com/errata/RHSA-2014:0345
reference_id RHSA-2014:0345
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0345
78
reference_url https://access.redhat.com/errata/RHSA-2014:0373
reference_id RHSA-2014:0373
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0373
79
reference_url https://access.redhat.com/errata/RHSA-2014:0374
reference_id RHSA-2014:0374
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0374
80
reference_url https://access.redhat.com/errata/RHSA-2014:0429
reference_id RHSA-2014:0429
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0429
81
reference_url https://access.redhat.com/errata/RHSA-2014:0458
reference_id RHSA-2014:0458
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0458
82
reference_url https://access.redhat.com/errata/RHSA-2014:0459
reference_id RHSA-2014:0459
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0459
83
reference_url https://access.redhat.com/errata/RHSA-2014:0511
reference_id RHSA-2014:0511
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0511
84
reference_url https://access.redhat.com/errata/RHSA-2014:0525
reference_id RHSA-2014:0525
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0525
85
reference_url https://access.redhat.com/errata/RHSA-2014:0526
reference_id RHSA-2014:0526
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0526
86
reference_url https://access.redhat.com/errata/RHSA-2014:0527
reference_id RHSA-2014:0527
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0527
87
reference_url https://access.redhat.com/errata/RHSA-2014:0528
reference_id RHSA-2014:0528
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0528
88
reference_url https://access.redhat.com/errata/RHSA-2014:0686
reference_id RHSA-2014:0686
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0686
89
reference_url https://access.redhat.com/errata/RHSA-2015:1009
reference_id RHSA-2015:1009
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1009
90
reference_url https://usn.ubuntu.com/2130-1/
reference_id USN-2130-1
reference_type
scores
url https://usn.ubuntu.com/2130-1/
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@6.0.39
purl pkg:maven/org.apache.tomcat/tomcat@6.0.39
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1a1b-3pdg-jbfq
1
vulnerability VCID-937w-2w2q-7fdy
2
vulnerability VCID-nnye-4xbb-kuf5
3
vulnerability VCID-xjj5-fy4e-e7ha
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@6.0.39
1
url pkg:maven/org.apache.tomcat/tomcat@7.0.47
purl pkg:maven/org.apache.tomcat/tomcat@7.0.47
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1a1b-3pdg-jbfq
1
vulnerability VCID-2kjh-4r2g-rqe6
2
vulnerability VCID-3tme-zh53-7ubx
3
vulnerability VCID-3txt-1psa-5kf5
4
vulnerability VCID-4qcn-52ug-mbd5
5
vulnerability VCID-59dd-qzpt-aucm
6
vulnerability VCID-5m85-3zyu-7qak
7
vulnerability VCID-5udv-rheh-kqfy
8
vulnerability VCID-6umz-z8db-kqcy
9
vulnerability VCID-6uuq-2a39-yubx
10
vulnerability VCID-937w-2w2q-7fdy
11
vulnerability VCID-axzz-cadr-b7fv
12
vulnerability VCID-ct4z-hxx3-53bw
13
vulnerability VCID-cugj-j48z-jub5
14
vulnerability VCID-dk58-p9py-rka9
15
vulnerability VCID-e2gy-1c6a-6fdf
16
vulnerability VCID-essq-6syu-6ygm
17
vulnerability VCID-fqyx-8pgs-uqgg
18
vulnerability VCID-fukm-h3r6-s7cr
19
vulnerability VCID-g3vd-74yh-s7bn
20
vulnerability VCID-gmjm-6ck2-skgu
21
vulnerability VCID-hqzu-shyu-j3hp
22
vulnerability VCID-j1m6-79yt-f7h5
23
vulnerability VCID-jzta-navk-87bn
24
vulnerability VCID-nnye-4xbb-kuf5
25
vulnerability VCID-nxb3-55eu-auhp
26
vulnerability VCID-pq53-6deg-abfx
27
vulnerability VCID-q7g1-m4e7-pya4
28
vulnerability VCID-rbvh-4npk-nub9
29
vulnerability VCID-rtmv-qetu-yqfa
30
vulnerability VCID-s37s-p75k-27e6
31
vulnerability VCID-se44-f85s-xyex
32
vulnerability VCID-sk1w-8yt4-93cv
33
vulnerability VCID-tcmv-6ftg-fqen
34
vulnerability VCID-u95s-xhwk-vka6
35
vulnerability VCID-vu84-dfwa-z3dg
36
vulnerability VCID-webw-gryb-7ucv
37
vulnerability VCID-wmb3-3j7y-due7
38
vulnerability VCID-xjj5-fy4e-e7ha
39
vulnerability VCID-y9hs-ymcm-3ucx
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@7.0.47
2
url pkg:maven/org.apache.tomcat/tomcat@8.0.0-RC3
purl pkg:maven/org.apache.tomcat/tomcat@8.0.0-RC3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3txt-1psa-5kf5
1
vulnerability VCID-4qcn-52ug-mbd5
2
vulnerability VCID-cugj-j48z-jub5
3
vulnerability VCID-fqyx-8pgs-uqgg
4
vulnerability VCID-sk1w-8yt4-93cv
5
vulnerability VCID-y9hs-ymcm-3ucx
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@8.0.0-RC3
aliases CVE-2013-4286, GHSA-j448-j653-r3vj
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yusx-ncpv-sfhg
Risk_score10.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@8.0.0-RC3