Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:apache/tomcat@8.0.0-RC1
Typeapache
Namespace
Nametomcat
Version8.0.0-RC1
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version8.0.0-RC10
Latest_non_vulnerable_version11.0.22
Affected_by_vulnerabilities
0
url VCID-1a1b-3pdg-jbfq
vulnerability_id VCID-1a1b-3pdg-jbfq
summary 
Integer Overflow or Wraparound in Apache Tomcat
Integer overflow in the parseChunkHeader function in java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4 allows remote attackers to cause a denial of service (resource consumption) via a malformed chunk size in chunked transfer coding of a request during the streaming of data.
references
0
reference_url http://advisories.mageia.org/MGASA-2014-0268.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://advisories.mageia.org/MGASA-2014-0268.html
1
reference_url http://linux.oracle.com/errata/ELSA-2014-0865.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://linux.oracle.com/errata/ELSA-2014-0865.html
2
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150282.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150282.html
3
reference_url http://marc.info/?l=bugtraq&m=141017844705317&w=2
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://marc.info/?l=bugtraq&m=141017844705317&w=2
4
reference_url http://marc.info/?l=bugtraq&m=141390017113542&w=2
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://marc.info/?l=bugtraq&m=141390017113542&w=2
5
reference_url http://marc.info/?l=bugtraq&m=144498216801440&w=2
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://marc.info/?l=bugtraq&m=144498216801440&w=2
6
reference_url http://rhn.redhat.com/errata/RHSA-2015-0675.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0675.html
7
reference_url http://rhn.redhat.com/errata/RHSA-2015-0720.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0720.html
8
reference_url http://rhn.redhat.com/errata/RHSA-2015-0765.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0765.html
9
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0075.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0075.json
10
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-0075
reference_id
reference_type
scores
0
value 0.46749
scoring_system epss
scoring_elements 0.97726
published_at 2026-06-04T12:55:00Z
1
value 0.46749
scoring_system epss
scoring_elements 0.97732
published_at 2026-06-08T12:55:00Z
2
value 0.46749
scoring_system epss
scoring_elements 0.9773
published_at 2026-06-05T12:55:00Z
3
value 0.46749
scoring_system epss
scoring_elements 0.97731
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-0075
11
reference_url http://seclists.org/fulldisclosure/2014/Dec/23
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://seclists.org/fulldisclosure/2014/Dec/23
12
reference_url http://secunia.com/advisories/59121
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/59121
13
reference_url http://secunia.com/advisories/59616
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/59616
14
reference_url http://secunia.com/advisories/59678
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/59678
15
reference_url http://secunia.com/advisories/59732
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/59732
16
reference_url http://secunia.com/advisories/59835
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/59835
17
reference_url http://secunia.com/advisories/59849
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/59849
18
reference_url http://secunia.com/advisories/59873
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/59873
19
reference_url http://secunia.com/advisories/60729
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/60729
20
reference_url http://secunia.com/advisories/60793
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/60793
21
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
22
reference_url https://github.com/apache/tomcat70/commit/b6974571c122f6a1e7ec74a90fa212976fa7b0ed
reference_id
reference_type
scores
url https://github.com/apache/tomcat70/commit/b6974571c122f6a1e7ec74a90fa212976fa7b0ed
23
reference_url https://github.com/apache/tomcat80/commit/d49a03728ac7e3c800b1b0ce0eeccd8a5a21bb91
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat80/commit/d49a03728ac7e3c800b1b0ce0eeccd8a5a21bb91
24
reference_url https://github.com/apache/tomcat/commit/b6974571c122f6a1e7ec74a90fa212976fa7b0ed
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/b6974571c122f6a1e7ec74a90fa212976fa7b0ed
25
reference_url https://github.com/apache/tomcat/commit/f646a5acd5e32d6f5a2d9bf1d94ca66b65477675
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/f646a5acd5e32d6f5a2d9bf1d94ca66b65477675
26
reference_url https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013
27
reference_url https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E
28
reference_url https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E
29
reference_url https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E
30
reference_url https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E
31
reference_url https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E
32
reference_url https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E
33
reference_url https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E
34
reference_url https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E
35
reference_url https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E
36
reference_url https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E
37
reference_url https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E
38
reference_url https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E
39
reference_url https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E
40
reference_url https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E
41
reference_url https://svn.apache.org/viewvc?view=rev&rev=1578337
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1578337
42
reference_url https://svn.apache.org/viewvc?view=rev&rev=1578341
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1578341
43
reference_url https://svn.apache.org/viewvc?view=rev&rev=1579262
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1579262
44
reference_url http://svn.apache.org/viewvc?view=revision&revision=1578337
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://svn.apache.org/viewvc?view=revision&revision=1578337
45
reference_url http://svn.apache.org/viewvc?view=revision&revision=1578341
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://svn.apache.org/viewvc?view=revision&revision=1578341
46
reference_url http://svn.apache.org/viewvc?view=revision&revision=1579262
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://svn.apache.org/viewvc?view=revision&revision=1579262
47
reference_url http://tomcat.apache.org/security-6.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-6.html
48
reference_url http://tomcat.apache.org/security-7.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-7.html
49
reference_url http://tomcat.apache.org/security-8.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-8.html
50
reference_url http://www-01.ibm.com/support/docview.wss?uid=swg21678231
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www-01.ibm.com/support/docview.wss?uid=swg21678231
51
reference_url http://www-01.ibm.com/support/docview.wss?uid=swg21680603
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www-01.ibm.com/support/docview.wss?uid=swg21680603
52
reference_url http://www-01.ibm.com/support/docview.wss?uid=swg21681528
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www-01.ibm.com/support/docview.wss?uid=swg21681528
53
reference_url http://www.debian.org/security/2016/dsa-3447
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2016/dsa-3447
54
reference_url http://www.debian.org/security/2016/dsa-3530
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2016/dsa-3530
55
reference_url http://www.mandriva.com/security/advisories?name=MDVSA-2015:052
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.mandriva.com/security/advisories?name=MDVSA-2015:052
56
reference_url http://www.mandriva.com/security/advisories?name=MDVSA-2015:053
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.mandriva.com/security/advisories?name=MDVSA-2015:053
57
reference_url http://www.mandriva.com/security/advisories?name=MDVSA-2015:084
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.mandriva.com/security/advisories?name=MDVSA-2015:084
58
reference_url http://www.novell.com/support/kb/doc.php?id=7010166
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.novell.com/support/kb/doc.php?id=7010166
59
reference_url http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
60
reference_url http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
61
reference_url http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html
62
reference_url http://www.securityfocus.com/archive/1/534161/100/0/threaded
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/archive/1/534161/100/0/threaded
63
reference_url http://www.securityfocus.com/bid/67671
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/67671
64
reference_url http://www.vmware.com/security/advisories/VMSA-2014-0012.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.vmware.com/security/advisories/VMSA-2014-0012.html
65
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1072776
reference_id 1072776
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1072776
66
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0075
reference_id CVE-2014-0075
reference_type
scores
0
value Important
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0075
67
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-0075
reference_id CVE-2014-0075
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-0075
68
reference_url https://github.com/advisories/GHSA-475f-74wp-pqv5
reference_id GHSA-475f-74wp-pqv5
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-475f-74wp-pqv5
69
reference_url https://security.gentoo.org/glsa/201412-29
reference_id GLSA-201412-29
reference_type
scores
url https://security.gentoo.org/glsa/201412-29
70
reference_url https://access.redhat.com/errata/RHSA-2014:0827
reference_id RHSA-2014:0827
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0827
71
reference_url https://access.redhat.com/errata/RHSA-2014:0833
reference_id RHSA-2014:0833
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0833
72
reference_url https://access.redhat.com/errata/RHSA-2014:0834
reference_id RHSA-2014:0834
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0834
73
reference_url https://access.redhat.com/errata/RHSA-2014:0835
reference_id RHSA-2014:0835
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0835
74
reference_url https://access.redhat.com/errata/RHSA-2014:0836
reference_id RHSA-2014:0836
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0836
75
reference_url https://access.redhat.com/errata/RHSA-2014:0842
reference_id RHSA-2014:0842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0842
76
reference_url https://access.redhat.com/errata/RHSA-2014:0843
reference_id RHSA-2014:0843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0843
77
reference_url https://access.redhat.com/errata/RHSA-2014:0865
reference_id RHSA-2014:0865
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0865
78
reference_url https://access.redhat.com/errata/RHSA-2014:0895
reference_id RHSA-2014:0895
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0895
79
reference_url https://access.redhat.com/errata/RHSA-2014:1149
reference_id RHSA-2014:1149
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1149
80
reference_url https://access.redhat.com/errata/RHSA-2015:0234
reference_id RHSA-2015:0234
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0234
81
reference_url https://access.redhat.com/errata/RHSA-2015:0235
reference_id RHSA-2015:0235
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0235
82
reference_url https://access.redhat.com/errata/RHSA-2015:0675
reference_id RHSA-2015:0675
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0675
83
reference_url https://access.redhat.com/errata/RHSA-2015:0720
reference_id RHSA-2015:0720
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0720
84
reference_url https://access.redhat.com/errata/RHSA-2015:0765
reference_id RHSA-2015:0765
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0765
85
reference_url https://access.redhat.com/errata/RHSA-2015:1009
reference_id RHSA-2015:1009
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1009
86
reference_url https://usn.ubuntu.com/2302-1/
reference_id USN-2302-1
reference_type
scores
url https://usn.ubuntu.com/2302-1/
fixed_packages
0
url pkg:apache/tomcat@8.0.5
purl pkg:apache/tomcat@8.0.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-xjj5-fy4e-e7ha
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@8.0.5
aliases CVE-2014-0075, GHSA-475f-74wp-pqv5
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1a1b-3pdg-jbfq
1
url VCID-2kjh-4r2g-rqe6
vulnerability_id VCID-2kjh-4r2g-rqe6
summary 
Improper Access Control
The Expression Language (EL) implementation in Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.58, and 8.x before 8.0.16 does not properly consider the possibility of an accessible interface implemented by an inaccessible class, which allows attackers to bypass a SecurityManager protection mechanism via a web application that leverages use of incorrect privileges during EL evaluation.
references
0
reference_url http://marc.info/?l=bugtraq&m=145974991225029&w=2
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://marc.info/?l=bugtraq&m=145974991225029&w=2
1
reference_url http://rhn.redhat.com/errata/RHSA-2015-1621.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-1621.html
2
reference_url http://rhn.redhat.com/errata/RHSA-2015-1622.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-1622.html
3
reference_url http://rhn.redhat.com/errata/RHSA-2016-0492.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-0492.html
4
reference_url http://rhn.redhat.com/errata/RHSA-2016-2046.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-2046.html
5
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-7810.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-7810.json
6
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-7810
reference_id
reference_type
scores
0
value 0.09485
scoring_system epss
scoring_elements 0.92981
published_at 2026-06-04T12:55:00Z
1
value 0.09485
scoring_system epss
scoring_elements 0.92984
published_at 2026-06-07T12:55:00Z
2
value 0.09485
scoring_system epss
scoring_elements 0.92988
published_at 2026-06-06T12:55:00Z
3
value 0.09485
scoring_system epss
scoring_elements 0.92991
published_at 2026-06-05T12:55:00Z
4
value 0.0993
scoring_system epss
scoring_elements 0.93166
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-7810
7
reference_url https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05054964
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05054964
8
reference_url https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E
9
reference_url https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E
10
reference_url https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E
11
reference_url https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E
13
reference_url https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E
14
reference_url https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E
15
reference_url https://svn.apache.org/viewvc?view=rev&rev=1644018
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1644018
16
reference_url https://svn.apache.org/viewvc?view=rev&rev=1644019
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1644019
17
reference_url https://svn.apache.org/viewvc?view=rev&rev=1645366
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1645366
18
reference_url https://svn.apache.org/viewvc?view=rev&rev=1645642
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1645642
19
reference_url https://svn.apache.org/viewvc?view=rev&rev=1645644
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1645644
20
reference_url https://svn.apache.org/viewvc?view=rev&rev=1659538
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1659538
21
reference_url http://svn.apache.org/viewvc?view=revision&revision=1644018
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://svn.apache.org/viewvc?view=revision&revision=1644018
22
reference_url http://svn.apache.org/viewvc?view=revision&revision=1645642
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://svn.apache.org/viewvc?view=revision&revision=1645642
23
reference_url http://tomcat.apache.org/security-6.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-6.html
24
reference_url http://tomcat.apache.org/security-7.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-7.html
25
reference_url http://tomcat.apache.org/security-8.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-8.html
26
reference_url http://www.debian.org/security/2015/dsa-3428
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2015/dsa-3428
27
reference_url http://www.debian.org/security/2016/dsa-3447
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2016/dsa-3447
28
reference_url http://www.debian.org/security/2016/dsa-3530
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2016/dsa-3530
29
reference_url http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
30
reference_url http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html
31
reference_url http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
32
reference_url http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html
33
reference_url http://www.ubuntu.com/usn/USN-2654-1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-2654-1
34
reference_url http://www.ubuntu.com/usn/USN-2655-1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-2655-1
35
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1222573
reference_id 1222573
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1222573
36
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7810
reference_id CVE-2014-7810
reference_type
scores
0
value Moderate
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7810
37
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-7810
reference_id CVE-2014-7810
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-7810
38
reference_url https://github.com/advisories/GHSA-4c43-cwvx-9crh
reference_id GHSA-4c43-cwvx-9crh
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-4c43-cwvx-9crh
39
reference_url https://access.redhat.com/errata/RHSA-2015:1621
reference_id RHSA-2015:1621
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1621
40
reference_url https://access.redhat.com/errata/RHSA-2015:1622
reference_id RHSA-2015:1622
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1622
41
reference_url https://access.redhat.com/errata/RHSA-2016:0492
reference_id RHSA-2016:0492
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:0492
42
reference_url https://usn.ubuntu.com/2654-1/
reference_id USN-2654-1
reference_type
scores
url https://usn.ubuntu.com/2654-1/
43
reference_url https://usn.ubuntu.com/2655-1/
reference_id USN-2655-1
reference_type
scores
url https://usn.ubuntu.com/2655-1/
fixed_packages
0
url pkg:apache/tomcat@8.0.17
purl pkg:apache/tomcat@8.0.17
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@8.0.17
aliases CVE-2014-7810, GHSA-4c43-cwvx-9crh
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2kjh-4r2g-rqe6
2
url VCID-3txt-1psa-5kf5
vulnerability_id VCID-3txt-1psa-5kf5
summary 
Denial of service
`MultipartStream.java` in this package allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted `Content-Type` header that bypasses a loop's intended exit conditions.
references
0
reference_url http://advisories.mageia.org/MGASA-2014-0110.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://advisories.mageia.org/MGASA-2014-0110.html
1
reference_url http://jvndb.jvn.jp/jvndb/JVNDB-2014-000017
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://jvndb.jvn.jp/jvndb/JVNDB-2014-000017
2
reference_url http://jvn.jp/en/jp/JVN14876762/index.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://jvn.jp/en/jp/JVN14876762/index.html
3
reference_url http://mail-archives.apache.org/mod_mbox/commons-dev/201402.mbox/%3C52F373FC.9030907@apache.org%3E
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://mail-archives.apache.org/mod_mbox/commons-dev/201402.mbox/%3C52F373FC.9030907@apache.org%3E
4
reference_url http://mail-archives.apache.org/mod_mbox/www-announce/201402.mbox/%3C52F373FC.9030907@apache.org%3E
reference_id
reference_type
scores
url http://mail-archives.apache.org/mod_mbox/www-announce/201402.mbox/%3C52F373FC.9030907@apache.org%3E
5
reference_url http://marc.info/?l=bugtraq&m=143136844732487&w=2
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://marc.info/?l=bugtraq&m=143136844732487&w=2
6
reference_url http://packetstormsecurity.com/files/127215/VMware-Security-Advisory-2014-0007.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://packetstormsecurity.com/files/127215/VMware-Security-Advisory-2014-0007.html
7
reference_url http://rhn.redhat.com/errata/RHSA-2014-0252.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-0252.html
8
reference_url http://rhn.redhat.com/errata/RHSA-2014-0253.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-0253.html
9
reference_url http://rhn.redhat.com/errata/RHSA-2014-0400.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-0400.html
10
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0050.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0050.json
11
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-0050
reference_id
reference_type
scores
0
value 0.9265
scoring_system epss
scoring_elements 0.9976
published_at 2026-06-08T12:55:00Z
1
value 0.92712
scoring_system epss
scoring_elements 0.99763
published_at 2026-06-04T12:55:00Z
2
value 0.92712
scoring_system epss
scoring_elements 0.99764
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-0050
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1062337
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1062337
13
reference_url http://seclists.org/fulldisclosure/2014/Dec/23
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://seclists.org/fulldisclosure/2014/Dec/23
14
reference_url http://secunia.com/advisories/57915
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/57915
15
reference_url http://secunia.com/advisories/58075
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/58075
16
reference_url http://secunia.com/advisories/58976
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/58976
17
reference_url http://secunia.com/advisories/59039
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/59039
18
reference_url http://secunia.com/advisories/59041
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/59041
19
reference_url http://secunia.com/advisories/59183
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/59183
20
reference_url http://secunia.com/advisories/59184
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/59184
21
reference_url http://secunia.com/advisories/59185
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/59185
22
reference_url http://secunia.com/advisories/59187
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/59187
23
reference_url http://secunia.com/advisories/59232
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/59232
24
reference_url http://secunia.com/advisories/59399
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/59399
25
reference_url http://secunia.com/advisories/59492
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/59492
26
reference_url http://secunia.com/advisories/59500
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/59500
27
reference_url http://secunia.com/advisories/59725
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/59725
28
reference_url http://secunia.com/advisories/60475
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/60475
29
reference_url http://secunia.com/advisories/60753
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/60753
30
reference_url https://github.com/apache/commons-fileupload
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/commons-fileupload
31
reference_url https://github.com/apache/commons-fileupload/commit/c61ff05b3241cb14d989b67209e57aa71540417a
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/commons-fileupload/commit/c61ff05b3241cb14d989b67209e57aa71540417a
32
reference_url https://github.com/apache/tomcat/commit/29384723d8d9645b87e05be9fa369a4deeb78b9c
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/29384723d8d9645b87e05be9fa369a4deeb78b9c
33
reference_url https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755
34
reference_url https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05376917
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05376917
35
reference_url https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722
36
reference_url https://svn.apache.org/viewvc?view=revision&revision=1565143
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://svn.apache.org/viewvc?view=revision&revision=1565143
37
reference_url https://svn.apache.org/viewvc?view=revision&revision=1565163
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://svn.apache.org/viewvc?view=revision&revision=1565163
38
reference_url https://svn.apache.org/viewvc?view=revision&revision=1565169
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://svn.apache.org/viewvc?view=revision&revision=1565169
39
reference_url https://svn.apache.org/viewvc?view=rev&rev=1565163
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1565163
40
reference_url https://svn.apache.org/viewvc?view=rev&rev=1565169
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1565169
41
reference_url https://tomcat.apache.org/security-7.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-7.html
42
reference_url https://tomcat.apache.org/security-8.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-8.html
43
reference_url http://struts.apache.org/docs/s2-020.html
reference_id
reference_type
scores
url http://struts.apache.org/docs/s2-020.html
44
reference_url http://svn.apache.org/r1565143
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://svn.apache.org/r1565143
45
reference_url http://svn.apache.org/viewvc?view=revision&revision=1565143
reference_id
reference_type
scores
url http://svn.apache.org/viewvc?view=revision&revision=1565143
46
reference_url https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0050
reference_id
reference_type
scores
url https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0050
47
reference_url http://tomcat.apache.org/security-7.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-7.html
48
reference_url http://tomcat.apache.org/security-8.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-8.html
49
reference_url http://www-01.ibm.com/support/docview.wss?uid=swg21669554
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www-01.ibm.com/support/docview.wss?uid=swg21669554
50
reference_url http://www-01.ibm.com/support/docview.wss?uid=swg21675432
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www-01.ibm.com/support/docview.wss?uid=swg21675432
51
reference_url http://www-01.ibm.com/support/docview.wss?uid=swg21676091
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www-01.ibm.com/support/docview.wss?uid=swg21676091
52
reference_url http://www-01.ibm.com/support/docview.wss?uid=swg21676092
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www-01.ibm.com/support/docview.wss?uid=swg21676092
53
reference_url http://www-01.ibm.com/support/docview.wss?uid=swg21676401
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www-01.ibm.com/support/docview.wss?uid=swg21676401
54
reference_url http://www-01.ibm.com/support/docview.wss?uid=swg21676403
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www-01.ibm.com/support/docview.wss?uid=swg21676403
55
reference_url http://www-01.ibm.com/support/docview.wss?uid=swg21676405
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www-01.ibm.com/support/docview.wss?uid=swg21676405
56
reference_url http://www-01.ibm.com/support/docview.wss?uid=swg21676410
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www-01.ibm.com/support/docview.wss?uid=swg21676410
57
reference_url http://www-01.ibm.com/support/docview.wss?uid=swg21676656
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www-01.ibm.com/support/docview.wss?uid=swg21676656
58
reference_url http://www-01.ibm.com/support/docview.wss?uid=swg21676853
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www-01.ibm.com/support/docview.wss?uid=swg21676853
59
reference_url http://www-01.ibm.com/support/docview.wss?uid=swg21677691
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www-01.ibm.com/support/docview.wss?uid=swg21677691
60
reference_url http://www-01.ibm.com/support/docview.wss?uid=swg21677724
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www-01.ibm.com/support/docview.wss?uid=swg21677724
61
reference_url http://www-01.ibm.com/support/docview.wss?uid=swg21681214
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www-01.ibm.com/support/docview.wss?uid=swg21681214
62
reference_url http://www.debian.org/security/2014/dsa-2856
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2014/dsa-2856
63
reference_url http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS14-015/index.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS14-015/index.html
64
reference_url http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS14-016/index.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS14-016/index.html
65
reference_url http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS14-017/index.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS14-017/index.html
66
reference_url http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-350733.htm
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-350733.htm
67
reference_url http://www.mandriva.com/security/advisories?name=MDVSA-2015:084
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.mandriva.com/security/advisories?name=MDVSA-2015:084
68
reference_url http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
69
reference_url http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
70
reference_url http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html
71
reference_url http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
72
reference_url http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html
73
reference_url http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
74
reference_url http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html
75
reference_url http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
76
reference_url http://www.securityfocus.com/archive/1/532549/100/0/threaded
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/archive/1/532549/100/0/threaded
77
reference_url http://www.securityfocus.com/archive/1/534161/100/0/threaded
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/archive/1/534161/100/0/threaded
78
reference_url http://www.securityfocus.com/bid/65400
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/65400
79
reference_url http://www.ubuntu.com/usn/USN-2130-1
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-2130-1
80
reference_url http://www.vmware.com/security/advisories/VMSA-2014-0007.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.vmware.com/security/advisories/VMSA-2014-0007.html
81
reference_url http://www.vmware.com/security/advisories/VMSA-2014-0008.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.vmware.com/security/advisories/VMSA-2014-0008.html
82
reference_url http://www.vmware.com/security/advisories/VMSA-2014-0012.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.vmware.com/security/advisories/VMSA-2014-0012.html
83
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0050
reference_id CVE-2014-0050
reference_type
scores
0
value Important
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0050
84
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-0050
reference_id CVE-2014-0050
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-0050
85
reference_url http://blog.spiderlabs.com/2014/02/cve-2014-0050-exploit-with-boundaries-loops-without-boundaries.html
reference_id CVE-2014-0050-EXPLOIT-WITH-BOUNDARIES-LOOPS-WITHOUT-BOUNDARIES.HTML
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://blog.spiderlabs.com/2014/02/cve-2014-0050-exploit-with-boundaries-loops-without-boundaries.html
86
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/31615.rb
reference_id CVE-2014-0050;OSVDB-102945
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/31615.rb
87
reference_url https://github.com/advisories/GHSA-xx68-jfcg-xmmf
reference_id GHSA-xx68-jfcg-xmmf
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-xx68-jfcg-xmmf
88
reference_url https://security.gentoo.org/glsa/201412-29
reference_id GLSA-201412-29
reference_type
scores
url https://security.gentoo.org/glsa/201412-29
89
reference_url https://access.redhat.com/errata/RHSA-2014:0252
reference_id RHSA-2014:0252
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0252
90
reference_url https://access.redhat.com/errata/RHSA-2014:0253
reference_id RHSA-2014:0253
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0253
91
reference_url https://access.redhat.com/errata/RHSA-2014:0373
reference_id RHSA-2014:0373
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0373
92
reference_url https://access.redhat.com/errata/RHSA-2014:0400
reference_id RHSA-2014:0400
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0400
93
reference_url https://access.redhat.com/errata/RHSA-2014:0401
reference_id RHSA-2014:0401
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0401
94
reference_url https://access.redhat.com/errata/RHSA-2014:0429
reference_id RHSA-2014:0429
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0429
95
reference_url https://access.redhat.com/errata/RHSA-2014:0452
reference_id RHSA-2014:0452
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0452
96
reference_url https://access.redhat.com/errata/RHSA-2014:0459
reference_id RHSA-2014:0459
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0459
97
reference_url https://access.redhat.com/errata/RHSA-2014:0473
reference_id RHSA-2014:0473
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0473
98
reference_url https://access.redhat.com/errata/RHSA-2014:0525
reference_id RHSA-2014:0525
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0525
99
reference_url https://access.redhat.com/errata/RHSA-2014:0526
reference_id RHSA-2014:0526
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0526
100
reference_url https://access.redhat.com/errata/RHSA-2014:0527
reference_id RHSA-2014:0527
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0527
101
reference_url https://access.redhat.com/errata/RHSA-2014:0528
reference_id RHSA-2014:0528
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0528
102
reference_url https://access.redhat.com/errata/RHSA-2015:1009
reference_id RHSA-2015:1009
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1009
103
reference_url https://usn.ubuntu.com/2130-1/
reference_id USN-2130-1
reference_type
scores
url https://usn.ubuntu.com/2130-1/
fixed_packages
0
url pkg:apache/tomcat@8.0.3
purl pkg:apache/tomcat@8.0.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1a1b-3pdg-jbfq
1
vulnerability VCID-937w-2w2q-7fdy
2
vulnerability VCID-nnye-4xbb-kuf5
3
vulnerability VCID-xvz4-nm7g-2fee
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@8.0.3
aliases CVE-2014-0050, GHSA-xx68-jfcg-xmmf
risk_score 10.0
exploitability 2.0
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3txt-1psa-5kf5
3
url VCID-4qcn-52ug-mbd5
vulnerability_id VCID-4qcn-52ug-mbd5
summary 
Improper Input Validation
Apache Tomcat before 6.0.39, 7.x before 7.0.50, and 8.x before 8.0.0-RC10 processes chunked transfer coding without properly handling (1) a large total amount of chunked data or (2) whitespace characters in an HTTP header value within a trailer field, which allows remote attackers to cause a denial of service by streaming data. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-3544.
references
0
reference_url http://advisories.mageia.org/MGASA-2014-0148.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://advisories.mageia.org/MGASA-2014-0148.html
1
reference_url http://marc.info/?l=bugtraq&m=144498216801440&w=2
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://marc.info/?l=bugtraq&m=144498216801440&w=2
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4322.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4322.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-4322
reference_id
reference_type
scores
0
value 0.36275
scoring_system epss
scoring_elements 0.97204
published_at 2026-06-08T12:55:00Z
1
value 0.36664
scoring_system epss
scoring_elements 0.97229
published_at 2026-06-06T12:55:00Z
2
value 0.36664
scoring_system epss
scoring_elements 0.97223
published_at 2026-06-04T12:55:00Z
3
value 0.36664
scoring_system epss
scoring_elements 0.97227
published_at 2026-06-05T12:55:00Z
4
value 0.36664
scoring_system epss
scoring_elements 0.9723
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-4322
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1069905
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1069905
5
reference_url http://seclists.org/fulldisclosure/2014/Dec/23
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://seclists.org/fulldisclosure/2014/Dec/23
6
reference_url http://secunia.com/advisories/59036
reference_id
reference_type
scores
url http://secunia.com/advisories/59036
7
reference_url http://secunia.com/advisories/59675
reference_id
reference_type
scores
url http://secunia.com/advisories/59675
8
reference_url http://secunia.com/advisories/59722
reference_id
reference_type
scores
url http://secunia.com/advisories/59722
9
reference_url http://secunia.com/advisories/59724
reference_id
reference_type
scores
url http://secunia.com/advisories/59724
10
reference_url http://secunia.com/advisories/59873
reference_id
reference_type
scores
url http://secunia.com/advisories/59873
11
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
12
reference_url https://github.com/apache/tomcat70/commit/a91516b80deaf1d0c6e04a7931765fdac34c4ccd
reference_id
reference_type
scores
url https://github.com/apache/tomcat70/commit/a91516b80deaf1d0c6e04a7931765fdac34c4ccd
13
reference_url https://github.com/apache/tomcat70/commit/bed3a1a0d06a3c787183c6e90f326bbe17e49dd4
reference_id
reference_type
scores
url https://github.com/apache/tomcat70/commit/bed3a1a0d06a3c787183c6e90f326bbe17e49dd4
14
reference_url https://github.com/apache/tomcat/commit/70dc3b279f7c99136c2c51bce8812508b4893c8b
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/70dc3b279f7c99136c2c51bce8812508b4893c8b
15
reference_url https://github.com/apache/tomcat/commit/72613a0e2f88af789c2acc7093c82ff02b95b6d1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/72613a0e2f88af789c2acc7093c82ff02b95b6d1
16
reference_url https://github.com/apache/tomcat/commit/a91516b80deaf1d0c6e04a7931765fdac34c4ccd
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/a91516b80deaf1d0c6e04a7931765fdac34c4ccd
17
reference_url https://github.com/apache/tomcat/commit/b8cb9f5f91e9210ca107fd80f3e6acd47531daa7
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/b8cb9f5f91e9210ca107fd80f3e6acd47531daa7
18
reference_url https://github.com/apache/tomcat/commit/bed3a1a0d06a3c787183c6e90f326bbe17e49dd4
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/bed3a1a0d06a3c787183c6e90f326bbe17e49dd4
19
reference_url https://github.com/apache/tomcat/commit/d6a9898125f34e593de426e8c7dabb0f224fc00f
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/d6a9898125f34e593de426e8c7dabb0f224fc00f
20
reference_url https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013
21
reference_url https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E
22
reference_url https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E
23
reference_url https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E
24
reference_url https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E
25
reference_url https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E
26
reference_url https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E
27
reference_url https://rhn.redhat.com/errata/RHSA-2014-0686.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://rhn.redhat.com/errata/RHSA-2014-0686.html
28
reference_url https://svn.apache.org/viewvc?view=rev&rev=1521834
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1521834
29
reference_url https://svn.apache.org/viewvc?view=rev&rev=1521864
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1521864
30
reference_url https://svn.apache.org/viewvc?view=rev&rev=1549522
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1549522
31
reference_url https://svn.apache.org/viewvc?view=rev&rev=1549523
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1549523
32
reference_url https://svn.apache.org/viewvc?view=rev&rev=1556540
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1556540
33
reference_url http://svn.apache.org/viewvc?view=revision&revision=1521834
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://svn.apache.org/viewvc?view=revision&revision=1521834
34
reference_url http://svn.apache.org/viewvc?view=revision&revision=1521864
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://svn.apache.org/viewvc?view=revision&revision=1521864
35
reference_url http://svn.apache.org/viewvc?view=revision&revision=1549522
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://svn.apache.org/viewvc?view=revision&revision=1549522
36
reference_url http://svn.apache.org/viewvc?view=revision&revision=1549523
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://svn.apache.org/viewvc?view=revision&revision=1549523
37
reference_url http://svn.apache.org/viewvc?view=revision&revision=1556540
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://svn.apache.org/viewvc?view=revision&revision=1556540
38
reference_url https://web.archive.org/web/20140315211337/http://www.securityfocus.com/bid/65767
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20140315211337/http://www.securityfocus.com/bid/65767
39
reference_url https://web.archive.org/web/20150503090027/http://www.securityfocus.com/archive/1/534161/100/0/threaded
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20150503090027/http://www.securityfocus.com/archive/1/534161/100/0/threaded
40
reference_url https://web.archive.org/web/20151023203543/http://secunia.com/advisories/59873
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20151023203543/http://secunia.com/advisories/59873
41
reference_url https://web.archive.org/web/20161024215620/http://secunia.com/advisories/59036
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20161024215620/http://secunia.com/advisories/59036
42
reference_url https://web.archive.org/web/20161024215639/http://secunia.com/advisories/59722
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20161024215639/http://secunia.com/advisories/59722
43
reference_url https://web.archive.org/web/20161024215804/http://secunia.com/advisories/59675
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20161024215804/http://secunia.com/advisories/59675
44
reference_url https://web.archive.org/web/20161024220018/http://secunia.com/advisories/59724
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20161024220018/http://secunia.com/advisories/59724
45
reference_url http://tomcat.apache.org/security-6.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-6.html
46
reference_url http://tomcat.apache.org/security-7.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-7.html
47
reference_url http://tomcat.apache.org/security-8.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-8.html
48
reference_url http://www-01.ibm.com/support/docview.wss?uid=swg21667883
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www-01.ibm.com/support/docview.wss?uid=swg21667883
49
reference_url http://www-01.ibm.com/support/docview.wss?uid=swg21675886
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www-01.ibm.com/support/docview.wss?uid=swg21675886
50
reference_url http://www-01.ibm.com/support/docview.wss?uid=swg21677147
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www-01.ibm.com/support/docview.wss?uid=swg21677147
51
reference_url http://www-01.ibm.com/support/docview.wss?uid=swg21678113
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www-01.ibm.com/support/docview.wss?uid=swg21678113
52
reference_url http://www-01.ibm.com/support/docview.wss?uid=swg21678231
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www-01.ibm.com/support/docview.wss?uid=swg21678231
53
reference_url http://www.debian.org/security/2016/dsa-3530
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2016/dsa-3530
54
reference_url http://www.mandriva.com/security/advisories?name=MDVSA-2015:052
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.mandriva.com/security/advisories?name=MDVSA-2015:052
55
reference_url http://www.mandriva.com/security/advisories?name=MDVSA-2015:084
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.mandriva.com/security/advisories?name=MDVSA-2015:084
56
reference_url http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
57
reference_url http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
58
reference_url http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html
59
reference_url http://www.securityfocus.com/archive/1/534161/100/0/threaded
reference_id
reference_type
scores
url http://www.securityfocus.com/archive/1/534161/100/0/threaded
60
reference_url http://www.securityfocus.com/bid/65767
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/65767
61
reference_url http://www.ubuntu.com/usn/USN-2130-1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-2130-1
62
reference_url http://www.vmware.com/security/advisories/VMSA-2014-0008.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.vmware.com/security/advisories/VMSA-2014-0008.html
63
reference_url http://www.vmware.com/security/advisories/VMSA-2014-0012.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.vmware.com/security/advisories/VMSA-2014-0012.html
64
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4322
reference_id CVE-2013-4322
reference_type
scores
0
value Important
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4322
65
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-4322
reference_id CVE-2013-4322
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-4322
66
reference_url https://github.com/advisories/GHSA-wq2p-q66w-q8gp
reference_id GHSA-wq2p-q66w-q8gp
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-wq2p-q66w-q8gp
67
reference_url https://security.gentoo.org/glsa/201412-29
reference_id GLSA-201412-29
reference_type
scores
url https://security.gentoo.org/glsa/201412-29
68
reference_url https://access.redhat.com/errata/RHSA-2014:0429
reference_id RHSA-2014:0429
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0429
69
reference_url https://access.redhat.com/errata/RHSA-2014:0525
reference_id RHSA-2014:0525
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0525
70
reference_url https://access.redhat.com/errata/RHSA-2014:0526
reference_id RHSA-2014:0526
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0526
71
reference_url https://access.redhat.com/errata/RHSA-2014:0527
reference_id RHSA-2014:0527
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0527
72
reference_url https://access.redhat.com/errata/RHSA-2014:0528
reference_id RHSA-2014:0528
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0528
73
reference_url https://access.redhat.com/errata/RHSA-2014:0686
reference_id RHSA-2014:0686
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0686
74
reference_url https://usn.ubuntu.com/2130-1/
reference_id USN-2130-1
reference_type
scores
url https://usn.ubuntu.com/2130-1/
fixed_packages
0
url pkg:apache/tomcat@8.0.0-RC10
purl pkg:apache/tomcat@8.0.0-RC10
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@8.0.0-RC10
aliases CVE-2013-4322, GHSA-wq2p-q66w-q8gp
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4qcn-52ug-mbd5
4
url VCID-6uuq-2a39-yubx
vulnerability_id VCID-6uuq-2a39-yubx
summary 
Uncontrolled Resource Consumption in Apache Tomcat
Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.55, and 8.x before 8.0.9 does not properly handle cases where an HTTP response occurs before finishing the reading of an entire request body, which allows remote attackers to cause a denial of service (thread consumption) via a series of aborted upload attempts.
references
0
reference_url http://mail-archives.apache.org/mod_mbox/tomcat-announce/201505.mbox/%3C554949D1.8030904%40apache.org%3E
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://mail-archives.apache.org/mod_mbox/tomcat-announce/201505.mbox/%3C554949D1.8030904%40apache.org%3E
1
reference_url http://marc.info/?l=bugtraq&m=144498216801440&w=2
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://marc.info/?l=bugtraq&m=144498216801440&w=2
2
reference_url http://marc.info/?l=bugtraq&m=145974991225029&w=2
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://marc.info/?l=bugtraq&m=145974991225029&w=2
3
reference_url http://openwall.com/lists/oss-security/2015/04/10/1
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://openwall.com/lists/oss-security/2015/04/10/1
4
reference_url http://rhn.redhat.com/errata/RHSA-2015-1622.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-1622.html
5
reference_url http://rhn.redhat.com/errata/RHSA-2016-0595.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-0595.html
6
reference_url http://rhn.redhat.com/errata/RHSA-2016-0596.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-0596.html
7
reference_url http://rhn.redhat.com/errata/RHSA-2016-0597.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-0597.html
8
reference_url http://rhn.redhat.com/errata/RHSA-2016-0598.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-0598.html
9
reference_url https://access.redhat.com/errata/RHSA-2015:2659
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2015:2659
10
reference_url https://access.redhat.com/errata/RHSA-2015:2660
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2015:2660
11
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0230.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0230.json
12
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-0230
reference_id
reference_type
scores
0
value 0.03099
scoring_system epss
scoring_elements 0.87067
published_at 2026-06-05T12:55:00Z
1
value 0.03099
scoring_system epss
scoring_elements 0.87053
published_at 2026-06-08T12:55:00Z
2
value 0.03099
scoring_system epss
scoring_elements 0.87064
published_at 2026-06-06T12:55:00Z
3
value 0.03099
scoring_system epss
scoring_elements 0.87059
published_at 2026-06-07T12:55:00Z
4
value 0.03099
scoring_system epss
scoring_elements 0.87044
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-0230
13
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
14
reference_url https://github.com/apache/tomcat70/commit/b1c8477e3e3ee635d19cc4d5987c2b157431e0c1
reference_id
reference_type
scores
url https://github.com/apache/tomcat70/commit/b1c8477e3e3ee635d19cc4d5987c2b157431e0c1
15
reference_url https://github.com/apache/tomcat/commit/6b2cfacf749be186ea77249a979af1d4863e47ba
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/6b2cfacf749be186ea77249a979af1d4863e47ba
16
reference_url https://github.com/apache/tomcat/commit/812088583d0e60717a8fe9c6d14e12bcdc3e6c51
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/812088583d0e60717a8fe9c6d14e12bcdc3e6c51
17
reference_url https://github.com/apache/tomcat/commit/b1c8477e3e3ee635d19cc4d5987c2b157431e0c1
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/b1c8477e3e3ee635d19cc4d5987c2b157431e0c1
18
reference_url https://github.com/apache/tomcat/commit/c1357e649641844109711d60cacb98e4b5fcd3cb
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/c1357e649641844109711d60cacb98e4b5fcd3cb
19
reference_url https://github.com/apache/tomcat/commit/e28dd578fad90a6d5726ec34f3245c9f99d909a5
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/e28dd578fad90a6d5726ec34f3245c9f99d909a5
20
reference_url https://github.com/apache/tomcat/commit/e3146f4b03a2386c3e57597e86134d4ed5c31303
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/e3146f4b03a2386c3e57597e86134d4ed5c31303
21
reference_url https://github.com/apache/tomcat/commit/fc049912464f0dcf9dede3761f38049369057e16
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/fc049912464f0dcf9dede3761f38049369057e16
22
reference_url https://github.com/apache/tomcat/commit/fdd9f11dc24b95e5425076abb58e968336f320a2
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/fdd9f11dc24b95e5425076abb58e968336f320a2
23
reference_url https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013
24
reference_url https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05054964
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05054964
25
reference_url https://issues.jboss.org/browse/JWS-219
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://issues.jboss.org/browse/JWS-219
26
reference_url https://issues.jboss.org/browse/JWS-220
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://issues.jboss.org/browse/JWS-220
27
reference_url https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E
28
reference_url https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E
29
reference_url https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E
30
reference_url https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E
31
reference_url https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E
32
reference_url https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E
33
reference_url https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E
34
reference_url https://svn.apache.org/viewvc?view=rev&rev=1603770
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1603770
35
reference_url https://svn.apache.org/viewvc?view=rev&rev=1603775
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1603775
36
reference_url https://svn.apache.org/viewvc?view=rev&rev=1603779
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1603779
37
reference_url https://svn.apache.org/viewvc?view=rev&rev=1603781
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1603781
38
reference_url https://svn.apache.org/viewvc?view=rev&rev=1603811
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1603811
39
reference_url https://svn.apache.org/viewvc?view=rev&rev=1609175
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1609175
40
reference_url https://svn.apache.org/viewvc?view=rev&rev=1609176
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1609176
41
reference_url https://svn.apache.org/viewvc?view=rev&rev=1659294
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1659294
42
reference_url https://svn.apache.org/viewvc?view=rev&rev=1659295
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1659295
43
reference_url https://svn.apache.org/viewvc?view=rev&rev=1659537
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1659537
44
reference_url http://svn.apache.org/viewvc?view=revision&revision=1603770
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://svn.apache.org/viewvc?view=revision&revision=1603770
45
reference_url http://svn.apache.org/viewvc?view=revision&revision=1603775
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://svn.apache.org/viewvc?view=revision&revision=1603775
46
reference_url http://svn.apache.org/viewvc?view=revision&revision=1603779
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://svn.apache.org/viewvc?view=revision&revision=1603779
47
reference_url http://tomcat.apache.org/security-6.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-6.html
48
reference_url http://tomcat.apache.org/security-7.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-7.html
49
reference_url http://tomcat.apache.org/security-8.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-8.html
50
reference_url http://www.debian.org/security/2016/dsa-3447
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2016/dsa-3447
51
reference_url http://www.debian.org/security/2016/dsa-3530
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2016/dsa-3530
52
reference_url http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
53
reference_url http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html
54
reference_url http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html
55
reference_url http://www.ubuntu.com/usn/USN-2654-1
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-2654-1
56
reference_url http://www.ubuntu.com/usn/USN-2655-1
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-2655-1
57
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1191200
reference_id 1191200
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1191200
58
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0230
reference_id CVE-2014-0230
reference_type
scores
0
value Low
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0230
59
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-0230
reference_id CVE-2014-0230
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-0230
60
reference_url https://github.com/advisories/GHSA-pxcx-cxq8-4mmw
reference_id GHSA-pxcx-cxq8-4mmw
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-pxcx-cxq8-4mmw
61
reference_url https://access.redhat.com/errata/RHSA-2015:1621
reference_id RHSA-2015:1621
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1621
62
reference_url https://access.redhat.com/errata/RHSA-2015:1622
reference_id RHSA-2015:1622
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1622
63
reference_url https://access.redhat.com/errata/RHSA-2015:2661
reference_id RHSA-2015:2661
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2661
64
reference_url https://access.redhat.com/errata/RHSA-2016:0595
reference_id RHSA-2016:0595
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:0595
65
reference_url https://access.redhat.com/errata/RHSA-2016:0596
reference_id RHSA-2016:0596
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:0596
66
reference_url https://access.redhat.com/errata/RHSA-2016:0597
reference_id RHSA-2016:0597
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:0597
67
reference_url https://access.redhat.com/errata/RHSA-2016:0598
reference_id RHSA-2016:0598
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:0598
68
reference_url https://access.redhat.com/errata/RHSA-2016:0599
reference_id RHSA-2016:0599
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:0599
69
reference_url https://access.redhat.com/errata/RHSA-2016:2599
reference_id RHSA-2016:2599
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2599
70
reference_url https://usn.ubuntu.com/2654-1/
reference_id USN-2654-1
reference_type
scores
url https://usn.ubuntu.com/2654-1/
71
reference_url https://usn.ubuntu.com/2655-1/
reference_id USN-2655-1
reference_type
scores
url https://usn.ubuntu.com/2655-1/
fixed_packages
0
url pkg:apache/tomcat@8.0.9
purl pkg:apache/tomcat@8.0.9
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@8.0.9
aliases CVE-2014-0230, GHSA-pxcx-cxq8-4mmw
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6uuq-2a39-yubx
5
url VCID-937w-2w2q-7fdy
vulnerability_id VCID-937w-2w2q-7fdy
summary 
Improper Input Validation in Apache Tomcat
java/org/apache/catalina/servlets/DefaultServlet.java in the default servlet in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4 does not properly restrict XSLT stylesheets, which allows remote attackers to bypass security-manager restrictions and read arbitrary files via a crafted web application that provides an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
references
0
reference_url http://advisories.mageia.org/MGASA-2014-0268.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://advisories.mageia.org/MGASA-2014-0268.html
1
reference_url http://linux.oracle.com/errata/ELSA-2014-0865.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://linux.oracle.com/errata/ELSA-2014-0865.html
2
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150282.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150282.html
3
reference_url http://marc.info/?l=bugtraq&m=141017844705317&w=2
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://marc.info/?l=bugtraq&m=141017844705317&w=2
4
reference_url http://marc.info/?l=bugtraq&m=144498216801440&w=2
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://marc.info/?l=bugtraq&m=144498216801440&w=2
5
reference_url http://rhn.redhat.com/errata/RHSA-2015-0675.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0675.html
6
reference_url http://rhn.redhat.com/errata/RHSA-2015-0720.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0720.html
7
reference_url http://rhn.redhat.com/errata/RHSA-2015-0765.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0765.html
8
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0096.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0096.json
9
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-0096
reference_id
reference_type
scores
0
value 0.05795
scoring_system epss
scoring_elements 0.90673
published_at 2026-06-07T12:55:00Z
1
value 0.05795
scoring_system epss
scoring_elements 0.90675
published_at 2026-06-06T12:55:00Z
2
value 0.05795
scoring_system epss
scoring_elements 0.90676
published_at 2026-06-05T12:55:00Z
3
value 0.05795
scoring_system epss
scoring_elements 0.90662
published_at 2026-06-04T12:55:00Z
4
value 0.05795
scoring_system epss
scoring_elements 0.90671
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-0096
10
reference_url http://seclists.org/fulldisclosure/2014/Dec/23
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://seclists.org/fulldisclosure/2014/Dec/23
11
reference_url http://seclists.org/fulldisclosure/2014/May/135
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://seclists.org/fulldisclosure/2014/May/135
12
reference_url http://secunia.com/advisories/59121
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/59121
13
reference_url http://secunia.com/advisories/59616
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/59616
14
reference_url http://secunia.com/advisories/59678
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/59678
15
reference_url http://secunia.com/advisories/59732
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/59732
16
reference_url http://secunia.com/advisories/59835
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/59835
17
reference_url http://secunia.com/advisories/59849
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/59849
18
reference_url http://secunia.com/advisories/59873
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/59873
19
reference_url http://secunia.com/advisories/60729
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/60729
20
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
21
reference_url https://github.com/apache/tomcat70/commit/3c53c4da7bcf300f519eaed5ad1751d24dd59f6b
reference_id
reference_type
scores
url https://github.com/apache/tomcat70/commit/3c53c4da7bcf300f519eaed5ad1751d24dd59f6b
22
reference_url https://github.com/apache/tomcat70/commit/5c545da226b3c71ed9603c38ad2de88057778c1b
reference_id
reference_type
scores
url https://github.com/apache/tomcat70/commit/5c545da226b3c71ed9603c38ad2de88057778c1b
23
reference_url https://github.com/apache/tomcat80/commit/65ed69d96a101dfa99eea2cfe17e9e87b310084c
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat80/commit/65ed69d96a101dfa99eea2cfe17e9e87b310084c
24
reference_url https://github.com/apache/tomcat80/commit/f3f2979df693a9c84c6742fcb162f3671b0a50d3
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat80/commit/f3f2979df693a9c84c6742fcb162f3671b0a50d3
25
reference_url https://github.com/apache/tomcat/commit/3c53c4da7bcf300f519eaed5ad1751d24dd59f6b
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/3c53c4da7bcf300f519eaed5ad1751d24dd59f6b
26
reference_url https://github.com/apache/tomcat/commit/5c545da226b3c71ed9603c38ad2de88057778c1b
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/5c545da226b3c71ed9603c38ad2de88057778c1b
27
reference_url https://github.com/apache/tomcat/commit/913d94b289e056107e521dbab8e79cc72a62a331
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/913d94b289e056107e521dbab8e79cc72a62a331
28
reference_url https://github.com/apache/tomcat/commit/970c23bfd24dfa1dcb86ed917e6c8b47dcfb4433
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/970c23bfd24dfa1dcb86ed917e6c8b47dcfb4433
29
reference_url https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013
30
reference_url https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E
31
reference_url https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E
32
reference_url https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E
33
reference_url https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E
34
reference_url https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E
35
reference_url https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E
36
reference_url https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E
37
reference_url https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E
38
reference_url https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E
39
reference_url https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E
40
reference_url https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E
41
reference_url https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E
42
reference_url https://svn.apache.org/viewvc?view=rev&rev=1578610
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1578610
43
reference_url https://svn.apache.org/viewvc?view=rev&rev=1578611
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1578611
44
reference_url https://svn.apache.org/viewvc?view=rev&rev=1578637
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1578637
45
reference_url https://svn.apache.org/viewvc?view=rev&rev=1578655
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1578655
46
reference_url https://svn.apache.org/viewvc?view=rev&rev=1585853
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1585853
47
reference_url http://svn.apache.org/viewvc?view=revision&revision=1578610
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://svn.apache.org/viewvc?view=revision&revision=1578610
48
reference_url http://svn.apache.org/viewvc?view=revision&revision=1578611
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://svn.apache.org/viewvc?view=revision&revision=1578611
49
reference_url http://svn.apache.org/viewvc?view=revision&revision=1578637
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://svn.apache.org/viewvc?view=revision&revision=1578637
50
reference_url http://svn.apache.org/viewvc?view=revision&revision=1578655
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://svn.apache.org/viewvc?view=revision&revision=1578655
51
reference_url http://svn.apache.org/viewvc?view=revision&revision=1585853
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://svn.apache.org/viewvc?view=revision&revision=1585853
52
reference_url http://tomcat.apache.org/security-6.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-6.html
53
reference_url http://tomcat.apache.org/security-7.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-7.html
54
reference_url http://tomcat.apache.org/security-8.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-8.html
55
reference_url http://www-01.ibm.com/support/docview.wss?uid=swg21678231
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www-01.ibm.com/support/docview.wss?uid=swg21678231
56
reference_url http://www-01.ibm.com/support/docview.wss?uid=swg21681528
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www-01.ibm.com/support/docview.wss?uid=swg21681528
57
reference_url http://www.debian.org/security/2016/dsa-3530
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2016/dsa-3530
58
reference_url http://www.debian.org/security/2016/dsa-3552
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2016/dsa-3552
59
reference_url http://www.mandriva.com/security/advisories?name=MDVSA-2015:052
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.mandriva.com/security/advisories?name=MDVSA-2015:052
60
reference_url http://www.mandriva.com/security/advisories?name=MDVSA-2015:053
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.mandriva.com/security/advisories?name=MDVSA-2015:053
61
reference_url http://www.mandriva.com/security/advisories?name=MDVSA-2015:084
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.mandriva.com/security/advisories?name=MDVSA-2015:084
62
reference_url http://www.novell.com/support/kb/doc.php?id=7010166
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.novell.com/support/kb/doc.php?id=7010166
63
reference_url http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
64
reference_url http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
65
reference_url http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html
66
reference_url http://www.securityfocus.com/archive/1/534161/100/0/threaded
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/archive/1/534161/100/0/threaded
67
reference_url http://www.securityfocus.com/bid/67667
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/67667
68
reference_url http://www.securitytracker.com/id/1030301
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securitytracker.com/id/1030301
69
reference_url http://www.vmware.com/security/advisories/VMSA-2014-0012.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.vmware.com/security/advisories/VMSA-2014-0012.html
70
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1088342
reference_id 1088342
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1088342
71
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0096
reference_id CVE-2014-0096
reference_type
scores
0
value Important
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0096
72
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-0096
reference_id CVE-2014-0096
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-0096
73
reference_url https://github.com/advisories/GHSA-qprx-q2r7-3rx6
reference_id GHSA-qprx-q2r7-3rx6
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-qprx-q2r7-3rx6
74
reference_url https://security.gentoo.org/glsa/201412-29
reference_id GLSA-201412-29
reference_type
scores
url https://security.gentoo.org/glsa/201412-29
75
reference_url https://access.redhat.com/errata/RHSA-2014:0827
reference_id RHSA-2014:0827
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0827
76
reference_url https://access.redhat.com/errata/RHSA-2014:0833
reference_id RHSA-2014:0833
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0833
77
reference_url https://access.redhat.com/errata/RHSA-2014:0834
reference_id RHSA-2014:0834
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0834
78
reference_url https://access.redhat.com/errata/RHSA-2014:0835
reference_id RHSA-2014:0835
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0835
79
reference_url https://access.redhat.com/errata/RHSA-2014:0836
reference_id RHSA-2014:0836
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0836
80
reference_url https://access.redhat.com/errata/RHSA-2014:0842
reference_id RHSA-2014:0842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0842
81
reference_url https://access.redhat.com/errata/RHSA-2014:0843
reference_id RHSA-2014:0843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0843
82
reference_url https://access.redhat.com/errata/RHSA-2014:0865
reference_id RHSA-2014:0865
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0865
83
reference_url https://access.redhat.com/errata/RHSA-2014:0895
reference_id RHSA-2014:0895
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0895
84
reference_url https://access.redhat.com/errata/RHSA-2015:0234
reference_id RHSA-2015:0234
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0234
85
reference_url https://access.redhat.com/errata/RHSA-2015:0235
reference_id RHSA-2015:0235
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0235
86
reference_url https://access.redhat.com/errata/RHSA-2015:0675
reference_id RHSA-2015:0675
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0675
87
reference_url https://access.redhat.com/errata/RHSA-2015:0720
reference_id RHSA-2015:0720
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0720
88
reference_url https://access.redhat.com/errata/RHSA-2015:0765
reference_id RHSA-2015:0765
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0765
89
reference_url https://access.redhat.com/errata/RHSA-2015:1009
reference_id RHSA-2015:1009
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1009
90
reference_url https://usn.ubuntu.com/2302-1/
reference_id USN-2302-1
reference_type
scores
url https://usn.ubuntu.com/2302-1/
fixed_packages
0
url pkg:apache/tomcat@8.0.5
purl pkg:apache/tomcat@8.0.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-xjj5-fy4e-e7ha
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@8.0.5
aliases CVE-2014-0096, GHSA-qprx-q2r7-3rx6
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-937w-2w2q-7fdy
6
url VCID-nnye-4xbb-kuf5
vulnerability_id VCID-nnye-4xbb-kuf5
summary 
Improper Neutralization of CRLF Sequences in HTTP Headers in Apache Tomcat
Integer overflow in java/org/apache/tomcat/util/buf/Ascii.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4, when operated behind a reverse proxy, allows remote attackers to conduct HTTP request smuggling attacks via a crafted Content-Length HTTP header.
references
0
reference_url http://advisories.mageia.org/MGASA-2014-0268.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://advisories.mageia.org/MGASA-2014-0268.html
1
reference_url http://linux.oracle.com/errata/ELSA-2014-0865.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://linux.oracle.com/errata/ELSA-2014-0865.html
2
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150282.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150282.html
3
reference_url http://marc.info/?l=bugtraq&m=141017844705317&w=2
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://marc.info/?l=bugtraq&m=141017844705317&w=2
4
reference_url http://marc.info/?l=bugtraq&m=141390017113542&w=2
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://marc.info/?l=bugtraq&m=141390017113542&w=2
5
reference_url http://marc.info/?l=bugtraq&m=144498216801440&w=2
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://marc.info/?l=bugtraq&m=144498216801440&w=2
6
reference_url http://rhn.redhat.com/errata/RHSA-2015-0675.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0675.html
7
reference_url http://rhn.redhat.com/errata/RHSA-2015-0720.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0720.html
8
reference_url http://rhn.redhat.com/errata/RHSA-2015-0765.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0765.html
9
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0099.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0099.json
10
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-0099
reference_id
reference_type
scores
0
value 0.37857
scoring_system epss
scoring_elements 0.97295
published_at 2026-06-05T12:55:00Z
1
value 0.37857
scoring_system epss
scoring_elements 0.97291
published_at 2026-06-04T12:55:00Z
2
value 0.37857
scoring_system epss
scoring_elements 0.97298
published_at 2026-06-08T12:55:00Z
3
value 0.37857
scoring_system epss
scoring_elements 0.97296
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-0099
11
reference_url http://seclists.org/fulldisclosure/2014/Dec/23
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://seclists.org/fulldisclosure/2014/Dec/23
12
reference_url http://seclists.org/fulldisclosure/2014/May/138
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://seclists.org/fulldisclosure/2014/May/138
13
reference_url http://seclists.org/fulldisclosure/2014/May/140
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://seclists.org/fulldisclosure/2014/May/140
14
reference_url http://secunia.com/advisories/59121
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/59121
15
reference_url http://secunia.com/advisories/59678
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/59678
16
reference_url http://secunia.com/advisories/59732
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/59732
17
reference_url http://secunia.com/advisories/59835
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/59835
18
reference_url http://secunia.com/advisories/59849
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/59849
19
reference_url http://secunia.com/advisories/59873
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/59873
20
reference_url http://secunia.com/advisories/60729
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/60729
21
reference_url http://secunia.com/advisories/60793
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/60793
22
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
23
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
24
reference_url https://github.com/apache/tomcat70/commit/184cdc0d3f03f5737e12d21fff246d7285034597
reference_id
reference_type
scores
url https://github.com/apache/tomcat70/commit/184cdc0d3f03f5737e12d21fff246d7285034597
25
reference_url https://github.com/apache/tomcat80/commit/990de53ab923c126f7402090a4ca53df4bb80cbd
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat80/commit/990de53ab923c126f7402090a4ca53df4bb80cbd
26
reference_url https://github.com/apache/tomcat/commit/184cdc0d3f03f5737e12d21fff246d7285034597
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/184cdc0d3f03f5737e12d21fff246d7285034597
27
reference_url https://github.com/apache/tomcat/commit/fffd63a3bd3a5475379b7c074820a5463b7663b3
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/fffd63a3bd3a5475379b7c074820a5463b7663b3
28
reference_url https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013
29
reference_url https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E
30
reference_url https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E
31
reference_url https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E
32
reference_url https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E
33
reference_url https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E
34
reference_url https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E
35
reference_url https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E
36
reference_url https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E
37
reference_url https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E
38
reference_url https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E
39
reference_url https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E
40
reference_url https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E
41
reference_url https://svn.apache.org/viewvc?view=rev&rev=1578812
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1578812
42
reference_url https://svn.apache.org/viewvc?view=rev&rev=1578814
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1578814
43
reference_url https://svn.apache.org/viewvc?view=rev&rev=1580473
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1580473
44
reference_url http://svn.apache.org/viewvc?view=revision&revision=1578812
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://svn.apache.org/viewvc?view=revision&revision=1578812
45
reference_url http://svn.apache.org/viewvc?view=revision&revision=1578814
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://svn.apache.org/viewvc?view=revision&revision=1578814
46
reference_url http://svn.apache.org/viewvc?view=revision&revision=1580473
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://svn.apache.org/viewvc?view=revision&revision=1580473
47
reference_url http://tomcat.apache.org/security-6.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-6.html
48
reference_url http://tomcat.apache.org/security-7.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-7.html
49
reference_url http://tomcat.apache.org/security-8.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-8.html
50
reference_url http://www-01.ibm.com/support/docview.wss?uid=swg21678231
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www-01.ibm.com/support/docview.wss?uid=swg21678231
51
reference_url http://www-01.ibm.com/support/docview.wss?uid=swg21680603
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www-01.ibm.com/support/docview.wss?uid=swg21680603
52
reference_url http://www-01.ibm.com/support/docview.wss?uid=swg21681528
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www-01.ibm.com/support/docview.wss?uid=swg21681528
53
reference_url http://www.debian.org/security/2016/dsa-3447
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2016/dsa-3447
54
reference_url http://www.debian.org/security/2016/dsa-3530
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2016/dsa-3530
55
reference_url http://www.mandriva.com/security/advisories?name=MDVSA-2015:052
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.mandriva.com/security/advisories?name=MDVSA-2015:052
56
reference_url http://www.mandriva.com/security/advisories?name=MDVSA-2015:053
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.mandriva.com/security/advisories?name=MDVSA-2015:053
57
reference_url http://www.mandriva.com/security/advisories?name=MDVSA-2015:084
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.mandriva.com/security/advisories?name=MDVSA-2015:084
58
reference_url http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
59
reference_url http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
60
reference_url http://www.securityfocus.com/archive/1/532218/100/0/threaded
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/archive/1/532218/100/0/threaded
61
reference_url http://www.securityfocus.com/archive/1/532221/100/0/threaded
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/archive/1/532221/100/0/threaded
62
reference_url http://www.securityfocus.com/archive/1/534161/100/0/threaded
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/archive/1/534161/100/0/threaded
63
reference_url http://www.securityfocus.com/bid/67668
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/67668
64
reference_url http://www.securitytracker.com/id/1030302
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securitytracker.com/id/1030302
65
reference_url http://www.vmware.com/security/advisories/VMSA-2014-0012.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.vmware.com/security/advisories/VMSA-2014-0012.html
66
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1102030
reference_id 1102030
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1102030
67
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0099
reference_id CVE-2014-0099
reference_type
scores
0
value Important
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0099
68
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-0099
reference_id CVE-2014-0099
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-0099
69
reference_url https://github.com/advisories/GHSA-xh5x-j8jf-pcpx
reference_id GHSA-xh5x-j8jf-pcpx
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-xh5x-j8jf-pcpx
70
reference_url https://security.gentoo.org/glsa/201412-29
reference_id GLSA-201412-29
reference_type
scores
url https://security.gentoo.org/glsa/201412-29
71
reference_url https://access.redhat.com/errata/RHSA-2014:0827
reference_id RHSA-2014:0827
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0827
72
reference_url https://access.redhat.com/errata/RHSA-2014:0833
reference_id RHSA-2014:0833
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0833
73
reference_url https://access.redhat.com/errata/RHSA-2014:0834
reference_id RHSA-2014:0834
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0834
74
reference_url https://access.redhat.com/errata/RHSA-2014:0835
reference_id RHSA-2014:0835
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0835
75
reference_url https://access.redhat.com/errata/RHSA-2014:0836
reference_id RHSA-2014:0836
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0836
76
reference_url https://access.redhat.com/errata/RHSA-2014:0842
reference_id RHSA-2014:0842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0842
77
reference_url https://access.redhat.com/errata/RHSA-2014:0843
reference_id RHSA-2014:0843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0843
78
reference_url https://access.redhat.com/errata/RHSA-2014:0865
reference_id RHSA-2014:0865
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0865
79
reference_url https://access.redhat.com/errata/RHSA-2014:0895
reference_id RHSA-2014:0895
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0895
80
reference_url https://access.redhat.com/errata/RHSA-2014:1149
reference_id RHSA-2014:1149
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1149
81
reference_url https://access.redhat.com/errata/RHSA-2015:0234
reference_id RHSA-2015:0234
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0234
82
reference_url https://access.redhat.com/errata/RHSA-2015:0235
reference_id RHSA-2015:0235
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0235
83
reference_url https://access.redhat.com/errata/RHSA-2015:0675
reference_id RHSA-2015:0675
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0675
84
reference_url https://access.redhat.com/errata/RHSA-2015:0720
reference_id RHSA-2015:0720
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0720
85
reference_url https://access.redhat.com/errata/RHSA-2015:0765
reference_id RHSA-2015:0765
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0765
86
reference_url https://access.redhat.com/errata/RHSA-2015:1009
reference_id RHSA-2015:1009
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1009
87
reference_url https://usn.ubuntu.com/2302-1/
reference_id USN-2302-1
reference_type
scores
url https://usn.ubuntu.com/2302-1/
fixed_packages
0
url pkg:apache/tomcat@8.0.5
purl pkg:apache/tomcat@8.0.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-xjj5-fy4e-e7ha
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@8.0.5
aliases CVE-2014-0099, GHSA-xh5x-j8jf-pcpx
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nnye-4xbb-kuf5
7
url VCID-pq53-6deg-abfx
vulnerability_id VCID-pq53-6deg-abfx
summary 
Improper Input Validation in Apache Tomcat
java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat 6.x before 6.0.42, 7.x before 7.0.55, and 8.x before 8.0.9 does not properly handle attempts to continue reading data after an error has occurred, which allows remote attackers to conduct HTTP request smuggling attacks or cause a denial of service (resource consumption) by streaming data with malformed chunked transfer coding.
references
0
reference_url http://advisories.mageia.org/MGASA-2015-0081.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://advisories.mageia.org/MGASA-2015-0081.html
1
reference_url http://archives.neohapsis.com/archives/bugtraq/2015-02/0067.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://archives.neohapsis.com/archives/bugtraq/2015-02/0067.html
2
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150282.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150282.html
3
reference_url http://marc.info/?l=bugtraq&m=143393515412274&w=2
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://marc.info/?l=bugtraq&m=143393515412274&w=2
4
reference_url http://marc.info/?l=bugtraq&m=143403519711434&w=2
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://marc.info/?l=bugtraq&m=143403519711434&w=2
5
reference_url http://rhn.redhat.com/errata/RHSA-2015-0675.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0675.html
6
reference_url http://rhn.redhat.com/errata/RHSA-2015-0720.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0720.html
7
reference_url http://rhn.redhat.com/errata/RHSA-2015-0765.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0765.html
8
reference_url http://rhn.redhat.com/errata/RHSA-2015-0983.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0983.html
9
reference_url http://rhn.redhat.com/errata/RHSA-2015-0991.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0991.html
10
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0227.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0227.json
11
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-0227
reference_id
reference_type
scores
0
value 0.69385
scoring_system epss
scoring_elements 0.98667
published_at 2026-06-08T12:55:00Z
1
value 0.78235
scoring_system epss
scoring_elements 0.99041
published_at 2026-06-04T12:55:00Z
2
value 0.78235
scoring_system epss
scoring_elements 0.99043
published_at 2026-06-06T12:55:00Z
3
value 0.78235
scoring_system epss
scoring_elements 0.99042
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-0227
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1109196
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1109196
13
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
14
reference_url https://github.com/apache/tomcat70/commit/6b23790bf7dc4233affaacec57e06cff6b6c6fd3
reference_id
reference_type
scores
url https://github.com/apache/tomcat70/commit/6b23790bf7dc4233affaacec57e06cff6b6c6fd3
15
reference_url https://github.com/apache/tomcat/commit/593a2447e6ebe465585cfa07e93b5635dffa1c70
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/593a2447e6ebe465585cfa07e93b5635dffa1c70
16
reference_url https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E
17
reference_url https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E
18
reference_url https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E
19
reference_url https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E
20
reference_url https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E
21
reference_url https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E
22
reference_url https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E
23
reference_url https://source.jboss.org/changelog/JBossWeb?cs=2455
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://source.jboss.org/changelog/JBossWeb?cs=2455
24
reference_url https://svn.apache.org/viewvc?view=rev&rev=1600984
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1600984
25
reference_url https://svn.apache.org/viewvc?view=rev&rev=1601329
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1601329
26
reference_url https://svn.apache.org/viewvc?view=rev&rev=1601330
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1601330
27
reference_url https://svn.apache.org/viewvc?view=rev&rev=1601332
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1601332
28
reference_url https://svn.apache.org/viewvc?view=rev&rev=1601333
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1601333
29
reference_url https://svn.apache.org/viewvc?view=rev&rev=1603628
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1603628
30
reference_url http://svn.apache.org/viewvc?view=revision&revision=1600984
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://svn.apache.org/viewvc?view=revision&revision=1600984
31
reference_url http://tomcat.apache.org/security-6.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-6.html
32
reference_url http://tomcat.apache.org/security-7.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-7.html
33
reference_url http://tomcat.apache.org/security-8.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-8.html
34
reference_url http://www.debian.org/security/2016/dsa-3447
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2016/dsa-3447
35
reference_url http://www.debian.org/security/2016/dsa-3530
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2016/dsa-3530
36
reference_url http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
37
reference_url http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html
38
reference_url http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html
39
reference_url http://www.ubuntu.com/usn/USN-2654-1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-2654-1
40
reference_url http://www.ubuntu.com/usn/USN-2655-1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-2655-1
41
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0227
reference_id CVE-2014-0227
reference_type
scores
0
value Important
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0227
42
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-0227
reference_id CVE-2014-0227
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-0227
43
reference_url https://github.com/advisories/GHSA-42j3-498q-m6vp
reference_id GHSA-42j3-498q-m6vp
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-42j3-498q-m6vp
44
reference_url https://access.redhat.com/errata/RHSA-2014:1019
reference_id RHSA-2014:1019
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1019
45
reference_url https://access.redhat.com/errata/RHSA-2014:1020
reference_id RHSA-2014:1020
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1020
46
reference_url https://access.redhat.com/errata/RHSA-2014:1021
reference_id RHSA-2014:1021
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1021
47
reference_url https://access.redhat.com/errata/RHSA-2014:1086
reference_id RHSA-2014:1086
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1086
48
reference_url https://access.redhat.com/errata/RHSA-2014:1087
reference_id RHSA-2014:1087
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1087
49
reference_url https://access.redhat.com/errata/RHSA-2014:1088
reference_id RHSA-2014:1088
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1088
50
reference_url https://access.redhat.com/errata/RHSA-2014:1904
reference_id RHSA-2014:1904
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1904
51
reference_url https://access.redhat.com/errata/RHSA-2015:0091
reference_id RHSA-2015:0091
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0091
52
reference_url https://access.redhat.com/errata/RHSA-2015:0234
reference_id RHSA-2015:0234
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0234
53
reference_url https://access.redhat.com/errata/RHSA-2015:0235
reference_id RHSA-2015:0235
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0235
54
reference_url https://access.redhat.com/errata/RHSA-2015:0675
reference_id RHSA-2015:0675
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0675
55
reference_url https://access.redhat.com/errata/RHSA-2015:0720
reference_id RHSA-2015:0720
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0720
56
reference_url https://access.redhat.com/errata/RHSA-2015:0765
reference_id RHSA-2015:0765
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0765
57
reference_url https://access.redhat.com/errata/RHSA-2015:0983
reference_id RHSA-2015:0983
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0983
58
reference_url https://access.redhat.com/errata/RHSA-2015:0991
reference_id RHSA-2015:0991
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0991
59
reference_url https://access.redhat.com/errata/RHSA-2015:1009
reference_id RHSA-2015:1009
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1009
60
reference_url https://usn.ubuntu.com/2654-1/
reference_id USN-2654-1
reference_type
scores
url https://usn.ubuntu.com/2654-1/
61
reference_url https://usn.ubuntu.com/2655-1/
reference_id USN-2655-1
reference_type
scores
url https://usn.ubuntu.com/2655-1/
fixed_packages
0
url pkg:apache/tomcat@8.0.9
purl pkg:apache/tomcat@8.0.9
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@8.0.9
aliases CVE-2014-0227, GHSA-42j3-498q-m6vp
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pq53-6deg-abfx
8
url VCID-sk1w-8yt4-93cv
vulnerability_id VCID-sk1w-8yt4-93cv
summary 
Exposure of Sensitive Information to an Unauthorized Actor
Apache Tomcat before 6.0.39, 7.x before 7.0.50, and 8.x before 8.0.0-RC10 allows attackers to obtain "Tomcat internals" information by leveraging the presence of an untrusted web application with a context.xml, web.xml, *.jspx, *.tagx, or *.tld XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
references
0
reference_url http://advisories.mageia.org/MGASA-2014-0148.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://advisories.mageia.org/MGASA-2014-0148.html
1
reference_url http://marc.info/?l=bugtraq&m=144498216801440&w=2
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://marc.info/?l=bugtraq&m=144498216801440&w=2
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4590.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4590.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-4590
reference_id
reference_type
scores
0
value 0.00662
scoring_system epss
scoring_elements 0.71566
published_at 2026-06-08T12:55:00Z
1
value 0.00922
scoring_system epss
scoring_elements 0.76391
published_at 2026-06-07T12:55:00Z
2
value 0.00922
scoring_system epss
scoring_elements 0.76401
published_at 2026-06-06T12:55:00Z
3
value 0.00922
scoring_system epss
scoring_elements 0.76399
published_at 2026-06-05T12:55:00Z
4
value 0.00922
scoring_system epss
scoring_elements 0.76372
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-4590
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1069911
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1069911
5
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
6
reference_url https://github.com/apache/tomcat70/commit/b9e06ead01984483af73f48e7861bc7897f5e84f
reference_id
reference_type
scores
url https://github.com/apache/tomcat70/commit/b9e06ead01984483af73f48e7861bc7897f5e84f
7
reference_url https://github.com/apache/tomcat/commit/05c84ff8304a69a30b251f207a7b93c2c882564d
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/05c84ff8304a69a30b251f207a7b93c2c882564d
8
reference_url https://github.com/apache/tomcat/commit/78dd7e6f3d8481bc3bcd71ca5b20296de1283888
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/78dd7e6f3d8481bc3bcd71ca5b20296de1283888
9
reference_url https://github.com/apache/tomcat/commit/b9e06ead01984483af73f48e7861bc7897f5e84f
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/b9e06ead01984483af73f48e7861bc7897f5e84f
10
reference_url https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013
11
reference_url https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E
13
reference_url https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E
14
reference_url https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E
15
reference_url https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E
16
reference_url https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E
17
reference_url https://svn.apache.org/viewvc?view=rev&rev=1549528
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1549528
18
reference_url https://svn.apache.org/viewvc?view=rev&rev=1549529
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1549529
19
reference_url https://svn.apache.org/viewvc?view=rev&rev=1558828
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1558828
20
reference_url http://svn.apache.org/viewvc?view=revision&revision=1549528
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://svn.apache.org/viewvc?view=revision&revision=1549528
21
reference_url http://svn.apache.org/viewvc?view=revision&revision=1549529
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://svn.apache.org/viewvc?view=revision&revision=1549529
22
reference_url http://svn.apache.org/viewvc?view=revision&revision=1558828
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://svn.apache.org/viewvc?view=revision&revision=1558828
23
reference_url http://tomcat.apache.org/security-6.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-6.html
24
reference_url http://tomcat.apache.org/security-7.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-7.html
25
reference_url http://tomcat.apache.org/security-8.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-8.html
26
reference_url http://www-01.ibm.com/support/docview.wss?uid=swg21667883
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www-01.ibm.com/support/docview.wss?uid=swg21667883
27
reference_url http://www-01.ibm.com/support/docview.wss?uid=swg21675886
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www-01.ibm.com/support/docview.wss?uid=swg21675886
28
reference_url http://www-01.ibm.com/support/docview.wss?uid=swg21677147
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www-01.ibm.com/support/docview.wss?uid=swg21677147
29
reference_url http://www-01.ibm.com/support/docview.wss?uid=swg21678231
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www-01.ibm.com/support/docview.wss?uid=swg21678231
30
reference_url http://www.debian.org/security/2016/dsa-3530
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2016/dsa-3530
31
reference_url http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
32
reference_url http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html
33
reference_url http://www.vmware.com/security/advisories/VMSA-2014-0008.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.vmware.com/security/advisories/VMSA-2014-0008.html
34
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4590
reference_id CVE-2013-4590
reference_type
scores
0
value Low
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4590
35
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-4590
reference_id CVE-2013-4590
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-4590
36
reference_url https://github.com/advisories/GHSA-87w9-x2c3-hrjj
reference_id GHSA-87w9-x2c3-hrjj
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-87w9-x2c3-hrjj
37
reference_url https://security.gentoo.org/glsa/201412-29
reference_id GLSA-201412-29
reference_type
scores
url https://security.gentoo.org/glsa/201412-29
38
reference_url https://access.redhat.com/errata/RHSA-2014:1038
reference_id RHSA-2014:1038
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1038
39
reference_url https://access.redhat.com/errata/RHSA-2014:1086
reference_id RHSA-2014:1086
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1086
40
reference_url https://access.redhat.com/errata/RHSA-2014:1087
reference_id RHSA-2014:1087
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1087
41
reference_url https://access.redhat.com/errata/RHSA-2014:1088
reference_id RHSA-2014:1088
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1088
fixed_packages
0
url pkg:apache/tomcat@8.0.0-RC10
purl pkg:apache/tomcat@8.0.0-RC10
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@8.0.0-RC10
aliases CVE-2013-4590, GHSA-87w9-x2c3-hrjj
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sk1w-8yt4-93cv
9
url VCID-xjj5-fy4e-e7ha
vulnerability_id VCID-xjj5-fy4e-e7ha
summary 
Missing XML Validation in Apache Tomcat
Apache Tomcat before 6.0.40, 7.x before 7.0.54, and 8.x before 8.0.6 does not properly constrain the class loader that accesses the XML parser used with an XSLT stylesheet, which allows remote attackers to (1) read arbitrary files via a crafted web application that provides an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, or (2) read files associated with different web applications on a single Tomcat instance via a crafted web application.
references
0
reference_url http://advisories.mageia.org/MGASA-2014-0268.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://advisories.mageia.org/MGASA-2014-0268.html
1
reference_url http://marc.info/?l=bugtraq&m=141017844705317&w=2
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://marc.info/?l=bugtraq&m=141017844705317&w=2
2
reference_url http://marc.info/?l=bugtraq&m=144498216801440&w=2
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://marc.info/?l=bugtraq&m=144498216801440&w=2
3
reference_url http://rhn.redhat.com/errata/RHSA-2015-0675.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0675.html
4
reference_url http://rhn.redhat.com/errata/RHSA-2015-0720.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0720.html
5
reference_url http://rhn.redhat.com/errata/RHSA-2015-0765.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0765.html
6
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0119.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0119.json
7
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-0119
reference_id
reference_type
scores
0
value 0.04351
scoring_system epss
scoring_elements 0.89139
published_at 2026-06-07T12:55:00Z
1
value 0.04351
scoring_system epss
scoring_elements 0.8914
published_at 2026-06-06T12:55:00Z
2
value 0.04351
scoring_system epss
scoring_elements 0.89123
published_at 2026-06-04T12:55:00Z
3
value 0.05328
scoring_system epss
scoring_elements 0.90231
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-0119
8
reference_url http://seclists.org/fulldisclosure/2014/Dec/23
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://seclists.org/fulldisclosure/2014/Dec/23
9
reference_url http://seclists.org/fulldisclosure/2014/May/141
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://seclists.org/fulldisclosure/2014/May/141
10
reference_url http://secunia.com/advisories/59732
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/59732
11
reference_url http://secunia.com/advisories/59873
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/59873
12
reference_url http://secunia.com/advisories/60729
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/60729
13
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 2.1
scoring_system cvssv2
scoring_elements AV:N/AC:H/Au:S/C:P/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
14
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
15
reference_url https://github.com/apache/tomcat70/commit/080878ea519d8c74c53721a9ebf7be6fcf6f1f2f
reference_id
reference_type
scores
url https://github.com/apache/tomcat70/commit/080878ea519d8c74c53721a9ebf7be6fcf6f1f2f
16
reference_url https://github.com/apache/tomcat70/commit/6246d8307fb5f2b4ff0b0f4d6d1b0250dff01a81
reference_id
reference_type
scores
url https://github.com/apache/tomcat70/commit/6246d8307fb5f2b4ff0b0f4d6d1b0250dff01a81
17
reference_url https://github.com/apache/tomcat70/commit/934f884f330dad192d2c5dc950e28f4cd281461b
reference_id
reference_type
scores
url https://github.com/apache/tomcat70/commit/934f884f330dad192d2c5dc950e28f4cd281461b
18
reference_url https://github.com/apache/tomcat70/commit/f8b316acbbf9fabf87cc137e9777e912eda0d834
reference_id
reference_type
scores
url https://github.com/apache/tomcat70/commit/f8b316acbbf9fabf87cc137e9777e912eda0d834
19
reference_url https://github.com/apache/tomcat80/commit/25251de791a6a7be13f2f3d3a66119a77025272d
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat80/commit/25251de791a6a7be13f2f3d3a66119a77025272d
20
reference_url https://github.com/apache/tomcat80/commit/4d90e355dc5ced4c53585c2b4700f71a52d8f447
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat80/commit/4d90e355dc5ced4c53585c2b4700f71a52d8f447
21
reference_url https://github.com/apache/tomcat80/commit/51e59532ad4c604f55575963dc7a7f0250cb420f
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat80/commit/51e59532ad4c604f55575963dc7a7f0250cb420f
22
reference_url https://github.com/apache/tomcat80/commit/69a8a72283c3395ece8b899cf8562e126de97a27
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat80/commit/69a8a72283c3395ece8b899cf8562e126de97a27
23
reference_url https://github.com/apache/tomcat80/commit/77e014cef5d5af619bcf77eaebf22c284d420802
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat80/commit/77e014cef5d5af619bcf77eaebf22c284d420802
24
reference_url https://github.com/apache/tomcat80/commit/7d33457de5fc5a652a88fb9bbc9ba4cbbda58f04
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat80/commit/7d33457de5fc5a652a88fb9bbc9ba4cbbda58f04
25
reference_url https://github.com/apache/tomcat80/commit/d59fd4398c8ae6361e0b13c491f66b51e49a7441
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat80/commit/d59fd4398c8ae6361e0b13c491f66b51e49a7441
26
reference_url https://github.com/apache/tomcat/commit/080878ea519d8c74c53721a9ebf7be6fcf6f1f2f
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/080878ea519d8c74c53721a9ebf7be6fcf6f1f2f
27
reference_url https://github.com/apache/tomcat/commit/50311bed8d87e452ff0e69838ba312c4fe899b2d
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/50311bed8d87e452ff0e69838ba312c4fe899b2d
28
reference_url https://github.com/apache/tomcat/commit/5517c5517e8a7ddb994504f0c5c05001a376b10c
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/5517c5517e8a7ddb994504f0c5c05001a376b10c
29
reference_url https://github.com/apache/tomcat/commit/5aae1323c31d643afa9f2db80713b8e97b5123af
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/5aae1323c31d643afa9f2db80713b8e97b5123af
30
reference_url https://github.com/apache/tomcat/commit/6246d8307fb5f2b4ff0b0f4d6d1b0250dff01a81
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/6246d8307fb5f2b4ff0b0f4d6d1b0250dff01a81
31
reference_url https://github.com/apache/tomcat/commit/769477b9bc8442db3f571385fa0c3e206242cbf1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/769477b9bc8442db3f571385fa0c3e206242cbf1
32
reference_url https://github.com/apache/tomcat/commit/934f884f330dad192d2c5dc950e28f4cd281461b
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/934f884f330dad192d2c5dc950e28f4cd281461b
33
reference_url https://github.com/apache/tomcat/commit/ad3b34a290a0255d2a4c356a3611ab41ed9d04f5
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/ad3b34a290a0255d2a4c356a3611ab41ed9d04f5
34
reference_url https://github.com/apache/tomcat/commit/ce70ee6b8fe437a498a375215011056702b0c481
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/ce70ee6b8fe437a498a375215011056702b0c481
35
reference_url https://github.com/apache/tomcat/commit/ebe5c16f18ce1559e8462a94b3876a98525980d2
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/ebe5c16f18ce1559e8462a94b3876a98525980d2
36
reference_url https://github.com/apache/tomcat/commit/f8b316acbbf9fabf87cc137e9777e912eda0d834
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/f8b316acbbf9fabf87cc137e9777e912eda0d834
37
reference_url https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013
38
reference_url https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E
39
reference_url https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E
40
reference_url https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E
41
reference_url https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E
42
reference_url https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E
43
reference_url https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E
44
reference_url https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E
45
reference_url https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E
46
reference_url https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E
47
reference_url https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E
48
reference_url https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E
49
reference_url https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E
50
reference_url https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E
51
reference_url https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E
52
reference_url https://svn.apache.org/viewvc?view=rev&rev=1588193
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1588193
53
reference_url https://svn.apache.org/viewvc?view=rev&rev=1588199
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1588199
54
reference_url https://svn.apache.org/viewvc?view=rev&rev=1589640
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1589640
55
reference_url https://svn.apache.org/viewvc?view=rev&rev=1589837
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1589837
56
reference_url https://svn.apache.org/viewvc?view=rev&rev=1589980
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1589980
57
reference_url https://svn.apache.org/viewvc?view=rev&rev=1589983
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1589983
58
reference_url https://svn.apache.org/viewvc?view=rev&rev=1589985
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1589985
59
reference_url https://svn.apache.org/viewvc?view=rev&rev=1589990
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1589990
60
reference_url https://svn.apache.org/viewvc?view=rev&rev=1589992
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1589992
61
reference_url https://svn.apache.org/viewvc?view=rev&rev=1589997
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1589997
62
reference_url https://svn.apache.org/viewvc?view=rev&rev=1590028
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1590028
63
reference_url https://svn.apache.org/viewvc?view=rev&rev=1590036
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1590036
64
reference_url https://svn.apache.org/viewvc?view=rev&rev=1593815
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1593815
65
reference_url https://svn.apache.org/viewvc?view=rev&rev=1593821
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1593821
66
reference_url http://svn.apache.org/viewvc?view=revision&revision=1588193
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://svn.apache.org/viewvc?view=revision&revision=1588193
67
reference_url http://svn.apache.org/viewvc?view=revision&revision=1588199
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://svn.apache.org/viewvc?view=revision&revision=1588199
68
reference_url http://svn.apache.org/viewvc?view=revision&revision=1589640
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://svn.apache.org/viewvc?view=revision&revision=1589640
69
reference_url http://svn.apache.org/viewvc?view=revision&revision=1589837
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://svn.apache.org/viewvc?view=revision&revision=1589837
70
reference_url http://svn.apache.org/viewvc?view=revision&revision=1589980
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://svn.apache.org/viewvc?view=revision&revision=1589980
71
reference_url http://svn.apache.org/viewvc?view=revision&revision=1589983
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://svn.apache.org/viewvc?view=revision&revision=1589983
72
reference_url http://svn.apache.org/viewvc?view=revision&revision=1589985
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://svn.apache.org/viewvc?view=revision&revision=1589985
73
reference_url http://svn.apache.org/viewvc?view=revision&revision=1589990
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://svn.apache.org/viewvc?view=revision&revision=1589990
74
reference_url http://svn.apache.org/viewvc?view=revision&revision=1589992
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://svn.apache.org/viewvc?view=revision&revision=1589992
75
reference_url http://svn.apache.org/viewvc?view=revision&revision=1589997
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://svn.apache.org/viewvc?view=revision&revision=1589997
76
reference_url http://svn.apache.org/viewvc?view=revision&revision=1590028
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://svn.apache.org/viewvc?view=revision&revision=1590028
77
reference_url http://svn.apache.org/viewvc?view=revision&revision=1590036
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://svn.apache.org/viewvc?view=revision&revision=1590036
78
reference_url http://svn.apache.org/viewvc?view=revision&revision=1593815
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://svn.apache.org/viewvc?view=revision&revision=1593815
79
reference_url http://svn.apache.org/viewvc?view=revision&revision=1593821
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://svn.apache.org/viewvc?view=revision&revision=1593821
80
reference_url http://tomcat.apache.org/security-6.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-6.html
81
reference_url http://tomcat.apache.org/security-7.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-7.html
82
reference_url http://tomcat.apache.org/security-8.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-8.html
83
reference_url http://www-01.ibm.com/support/docview.wss?uid=swg21678231
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www-01.ibm.com/support/docview.wss?uid=swg21678231
84
reference_url http://www-01.ibm.com/support/docview.wss?uid=swg21681528
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www-01.ibm.com/support/docview.wss?uid=swg21681528
85
reference_url http://www.debian.org/security/2016/dsa-3530
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2016/dsa-3530
86
reference_url http://www.debian.org/security/2016/dsa-3552
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2016/dsa-3552
87
reference_url http://www.mandriva.com/security/advisories?name=MDVSA-2015:052
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.mandriva.com/security/advisories?name=MDVSA-2015:052
88
reference_url http://www.mandriva.com/security/advisories?name=MDVSA-2015:053
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.mandriva.com/security/advisories?name=MDVSA-2015:053
89
reference_url http://www.mandriva.com/security/advisories?name=MDVSA-2015:084
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.mandriva.com/security/advisories?name=MDVSA-2015:084
90
reference_url http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
91
reference_url http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
92
reference_url http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html
93
reference_url http://www.securityfocus.com/archive/1/534161/100/0/threaded
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/archive/1/534161/100/0/threaded
94
reference_url http://www.securityfocus.com/bid/67669
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/67669
95
reference_url http://www.securitytracker.com/id/1030298
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securitytracker.com/id/1030298
96
reference_url http://www.ubuntu.com/usn/USN-2654-1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-2654-1
97
reference_url http://www.vmware.com/security/advisories/VMSA-2014-0012.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.vmware.com/security/advisories/VMSA-2014-0012.html
98
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1102038
reference_id 1102038
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1102038
99
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0119
reference_id CVE-2014-0119
reference_type
scores
0
value Low
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0119
100
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-0119
reference_id CVE-2014-0119
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-0119
101
reference_url https://github.com/advisories/GHSA-prc3-7f44-w48j
reference_id GHSA-prc3-7f44-w48j
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-prc3-7f44-w48j
102
reference_url https://security.gentoo.org/glsa/201412-29
reference_id GLSA-201412-29
reference_type
scores
url https://security.gentoo.org/glsa/201412-29
103
reference_url https://access.redhat.com/errata/RHSA-2014:0842
reference_id RHSA-2014:0842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0842
104
reference_url https://access.redhat.com/errata/RHSA-2014:0843
reference_id RHSA-2014:0843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0843
105
reference_url https://access.redhat.com/errata/RHSA-2014:0895
reference_id RHSA-2014:0895
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0895
106
reference_url https://access.redhat.com/errata/RHSA-2014:1034
reference_id RHSA-2014:1034
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1034
107
reference_url https://access.redhat.com/errata/RHSA-2014:1038
reference_id RHSA-2014:1038
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1038
108
reference_url https://access.redhat.com/errata/RHSA-2014:1086
reference_id RHSA-2014:1086
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1086
109
reference_url https://access.redhat.com/errata/RHSA-2014:1087
reference_id RHSA-2014:1087
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1087
110
reference_url https://access.redhat.com/errata/RHSA-2014:1088
reference_id RHSA-2014:1088
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1088
111
reference_url https://access.redhat.com/errata/RHSA-2015:0234
reference_id RHSA-2015:0234
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0234
112
reference_url https://access.redhat.com/errata/RHSA-2015:0235
reference_id RHSA-2015:0235
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0235
113
reference_url https://access.redhat.com/errata/RHSA-2015:0675
reference_id RHSA-2015:0675
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0675
114
reference_url https://access.redhat.com/errata/RHSA-2015:0720
reference_id RHSA-2015:0720
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0720
115
reference_url https://access.redhat.com/errata/RHSA-2015:0765
reference_id RHSA-2015:0765
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0765
116
reference_url https://access.redhat.com/errata/RHSA-2015:1009
reference_id RHSA-2015:1009
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1009
117
reference_url https://usn.ubuntu.com/2654-1/
reference_id USN-2654-1
reference_type
scores
url https://usn.ubuntu.com/2654-1/
fixed_packages
0
url pkg:apache/tomcat@8.0.8
purl pkg:apache/tomcat@8.0.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6uuq-2a39-yubx
1
vulnerability VCID-pq53-6deg-abfx
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@8.0.8
aliases CVE-2014-0119, GHSA-prc3-7f44-w48j
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xjj5-fy4e-e7ha
10
url VCID-zrc5-bf77-aygn
vulnerability_id VCID-zrc5-bf77-aygn
summary 
Improper Limitation of a Pathname to a Restricted Directory in Apache Tomcat
Directory traversal vulnerability in RequestUtil.java in Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.65, and 8.x before 8.0.27 allows remote authenticated users to bypass intended SecurityManager restrictions and list a parent directory via a /.. (slash dot dot) in a pathname used by a web application in a getResource, getResourceAsStream, or getResourcePaths call, as demonstrated by the $CATALINA_BASE/webapps directory.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00047.html
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00047.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00069.html
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00069.html
2
reference_url http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00082.html
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00082.html
3
reference_url http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00085.html
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00085.html
4
reference_url http://marc.info/?l=bugtraq&m=145974991225029&w=2
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://marc.info/?l=bugtraq&m=145974991225029&w=2
5
reference_url http://packetstormsecurity.com/files/135883/Apache-Tomcat-Limited-Directory-Traversal.html
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://packetstormsecurity.com/files/135883/Apache-Tomcat-Limited-Directory-Traversal.html
6
reference_url http://rhn.redhat.com/errata/RHSA-2016-1435.html
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-1435.html
7
reference_url http://rhn.redhat.com/errata/RHSA-2016-2045.html
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-2045.html
8
reference_url http://rhn.redhat.com/errata/RHSA-2016-2599.html
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-2599.html
9
reference_url https://access.redhat.com/errata/RHSA-2016:1432
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2016:1432
10
reference_url https://access.redhat.com/errata/RHSA-2016:1433
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2016:1433
11
reference_url https://access.redhat.com/errata/RHSA-2016:1434
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2016:1434
12
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5174.json
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5174.json
13
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-5174
reference_id
reference_type
scores
0
value 0.04459
scoring_system epss
scoring_elements 0.89282
published_at 2026-06-08T12:55:00Z
1
value 0.04801
scoring_system epss
scoring_elements 0.89692
published_at 2026-06-07T12:55:00Z
2
value 0.04801
scoring_system epss
scoring_elements 0.89693
published_at 2026-06-06T12:55:00Z
3
value 0.04801
scoring_system epss
scoring_elements 0.89674
published_at 2026-06-04T12:55:00Z
4
value 0.04801
scoring_system epss
scoring_elements 0.89691
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-5174
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3092
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3092
15
reference_url http://seclists.org/bugtraq/2016/Feb/149
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://seclists.org/bugtraq/2016/Feb/149
16
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:A/AC:M/Au:N/C:P/I:P/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
17
reference_url https://github.com/apache/tomcat70/commit/5ea5171b735ab0c636850e23e154fc957b0ab39d
reference_id
reference_type
scores
url https://github.com/apache/tomcat70/commit/5ea5171b735ab0c636850e23e154fc957b0ab39d
18
reference_url https://github.com/apache/tomcat70/commit/e1bbd13d393229e4e3724cb8a86b18a969e90fb2
reference_id
reference_type
scores
url https://github.com/apache/tomcat70/commit/e1bbd13d393229e4e3724cb8a86b18a969e90fb2
19
reference_url https://github.com/apache/tomcat80/commit/2fc9d03ffbc3fe7eabfd272380807ac0ddcf748d
reference_id
reference_type
scores
url https://github.com/apache/tomcat80/commit/2fc9d03ffbc3fe7eabfd272380807ac0ddcf748d
20
reference_url https://github.com/apache/tomcat80/commit/50f0179c78721e7fc60f679d8af9b8889ab1f106
reference_id
reference_type
scores
url https://github.com/apache/tomcat80/commit/50f0179c78721e7fc60f679d8af9b8889ab1f106
21
reference_url https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05054964
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05054964
22
reference_url https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150442
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150442
23
reference_url https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158626
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158626
24
reference_url https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E
25
reference_url https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E
26
reference_url https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E
27
reference_url https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E
28
reference_url https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E
29
reference_url https://lists.apache.org/thread.html/r0b24f2c7507f702348e2c2d64e8a5de72bad6173658e8d8e45322ac2@%3Cusers.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r0b24f2c7507f702348e2c2d64e8a5de72bad6173658e8d8e45322ac2@%3Cusers.tomcat.apache.org%3E
30
reference_url https://lists.apache.org/thread.html/r15695e6203b026c9e9070ca9fa95fb17dd4cd88e5342a7dc5e1e7b85@%3Cusers.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r15695e6203b026c9e9070ca9fa95fb17dd4cd88e5342a7dc5e1e7b85@%3Cusers.tomcat.apache.org%3E
31
reference_url https://lists.apache.org/thread.html/r1c62634b7426bee5f553307063457b99c84af73b078ede4f2592b34e@%3Cusers.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r1c62634b7426bee5f553307063457b99c84af73b078ede4f2592b34e@%3Cusers.tomcat.apache.org%3E
32
reference_url https://lists.apache.org/thread.html/r409efdf706c2077ae5c37018a87da725a3ca89570a9530342cdc53e4@%3Cusers.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r409efdf706c2077ae5c37018a87da725a3ca89570a9530342cdc53e4@%3Cusers.tomcat.apache.org%3E
33
reference_url https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E
34
reference_url https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E
35
reference_url https://lists.apache.org/thread.html/rd4863c79bf729aabb95571fd845a9ea4ee3ae3fcee48f35aba007350@%3Cusers.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rd4863c79bf729aabb95571fd845a9ea4ee3ae3fcee48f35aba007350@%3Cusers.tomcat.apache.org%3E
36
reference_url https://security.gentoo.org/glsa/201705-09
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/201705-09
37
reference_url https://security.netapp.com/advisory/ntap-20180531-0001
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20180531-0001
38
reference_url https://svn.apache.org/viewvc?view=rev&rev=1696281
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1696281
39
reference_url https://svn.apache.org/viewvc?view=rev&rev=1696284
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1696284
40
reference_url https://svn.apache.org/viewvc?view=rev&rev=1700897
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1700897
41
reference_url https://svn.apache.org/viewvc?view=rev&rev=1700898
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1700898
42
reference_url https://svn.apache.org/viewvc?view=rev&rev=1700900
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1700900
43
reference_url http://svn.apache.org/viewvc?view=revision&revision=1696281
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://svn.apache.org/viewvc?view=revision&revision=1696281
44
reference_url http://svn.apache.org/viewvc?view=revision&revision=1696284
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://svn.apache.org/viewvc?view=revision&revision=1696284
45
reference_url http://svn.apache.org/viewvc?view=revision&revision=1700897
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://svn.apache.org/viewvc?view=revision&revision=1700897
46
reference_url http://svn.apache.org/viewvc?view=revision&revision=1700898
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://svn.apache.org/viewvc?view=revision&revision=1700898
47
reference_url http://svn.apache.org/viewvc?view=revision&revision=1700900
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://svn.apache.org/viewvc?view=revision&revision=1700900
48
reference_url http://tomcat.apache.org/security-6.html
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-6.html
49
reference_url http://tomcat.apache.org/security-7.html
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-7.html
50
reference_url http://tomcat.apache.org/security-8.html
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-8.html
51
reference_url http://www.debian.org/security/2016/dsa-3530
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2016/dsa-3530
52
reference_url http://www.debian.org/security/2016/dsa-3552
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2016/dsa-3552
53
reference_url http://www.debian.org/security/2016/dsa-3609
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2016/dsa-3609
54
reference_url http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
55
reference_url http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html
56
reference_url http://www.ubuntu.com/usn/USN-3024-1
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-3024-1
57
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1265698
reference_id 1265698
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1265698
58
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5174
reference_id CVE-2015-5174
reference_type
scores
0
value Low
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5174
59
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-5174
reference_id CVE-2015-5174
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-5174
60
reference_url https://github.com/advisories/GHSA-6qr6-x7jm-x2q6
reference_id GHSA-6qr6-x7jm-x2q6
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-6qr6-x7jm-x2q6
61
reference_url https://access.redhat.com/errata/RHSA-2015:2661
reference_id RHSA-2015:2661
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2661
62
reference_url https://access.redhat.com/errata/RHSA-2016:1435
reference_id RHSA-2016:1435
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1435
63
reference_url https://access.redhat.com/errata/RHSA-2016:2599
reference_id RHSA-2016:2599
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2599
64
reference_url https://usn.ubuntu.com/3024-1/
reference_id USN-3024-1
reference_type
scores
url https://usn.ubuntu.com/3024-1/
fixed_packages
0
url pkg:apache/tomcat@8.0.27
purl pkg:apache/tomcat@8.0.27
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@8.0.27
aliases CVE-2015-5174, GHSA-6qr6-x7jm-x2q6
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zrc5-bf77-aygn
Fixing_vulnerabilities
Risk_score10.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:apache/tomcat@8.0.0-RC1