Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-74tx-sx8a-guhs

Summary

Aliases

alias	CVE-2026-29145

alias	GHSA-95jq-rwvf-vjx4

Fixed_packages

url pkg:apache/tomcat@9.0.116

purl pkg:apache/tomcat@9.0.116

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2rmy-13ym-3bgm

vulnerability	VCID-8e1c-rbkg-v7c2

vulnerability	VCID-abt4-b2cv-eygv

vulnerability	VCID-d1fm-vbd1-n7au

vulnerability	VCID-yrzk-1dbk-muhy

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@9.0.116

url pkg:apache/tomcat@10.1.53

purl pkg:apache/tomcat@10.1.53

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2rmy-13ym-3bgm

vulnerability	VCID-8e1c-rbkg-v7c2

vulnerability	VCID-abt4-b2cv-eygv

vulnerability	VCID-d1fm-vbd1-n7au

vulnerability	VCID-yrzk-1dbk-muhy

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@10.1.53

url pkg:apache/tomcat@11.0.20

purl pkg:apache/tomcat@11.0.20

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2rmy-13ym-3bgm

vulnerability	VCID-8e1c-rbkg-v7c2

vulnerability	VCID-abt4-b2cv-eygv

vulnerability	VCID-d1fm-vbd1-n7au

vulnerability	VCID-yrzk-1dbk-muhy

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@11.0.20

url	pkg:deb/debian/tomcat10@10.1.40-1~bpo12%2B1
purl	pkg:deb/debian/tomcat10@10.1.40-1~bpo12%2B1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat10@10.1.40-1~bpo12%252B1

url	pkg:deb/debian/tomcat10@10.1.54-1?distro=trixie
purl	pkg:deb/debian/tomcat10@10.1.54-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat10@10.1.54-1%3Fdistro=trixie

url	pkg:deb/debian/tomcat10@10.1.54-1
purl	pkg:deb/debian/tomcat10@10.1.54-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat10@10.1.54-1

url	pkg:deb/debian/tomcat11@11.0.21-1?distro=trixie
purl	pkg:deb/debian/tomcat11@11.0.21-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat11@11.0.21-1%3Fdistro=trixie

url	pkg:deb/debian/tomcat9@9.0.43-2~deb11u10?distro=trixie
purl	pkg:deb/debian/tomcat9@9.0.43-2~deb11u10?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat9@9.0.43-2~deb11u10%3Fdistro=trixie

url pkg:deb/debian/tomcat9@9.0.70-2

purl pkg:deb/debian/tomcat9@9.0.70-2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-246u-a4rh-yyd4

vulnerability	VCID-2x6a-3gh1-rkhs

vulnerability	VCID-2zq1-na8s-mfdd

vulnerability	VCID-4cag-c4pb-dfaz

vulnerability	VCID-8myk-ac5b-huh8

vulnerability	VCID-9kfe-1esf-uydm

vulnerability	VCID-cfhw-vmcp-y3bc

vulnerability	VCID-fpgj-82wf-ykbw

vulnerability	VCID-gb2v-96xj-ybad

vulnerability	VCID-gvhy-d4gm-57d3

vulnerability	VCID-k59r-wjt3-wqe5

vulnerability	VCID-kukv-k3z7-7fgs

vulnerability	VCID-sr8e-w1qk-r7fz

vulnerability	VCID-xqjr-7xfw-mbh2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat9@9.0.70-2

url	pkg:deb/debian/tomcat9@9.0.70-2?distro=trixie
purl	pkg:deb/debian/tomcat9@9.0.70-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat9@9.0.70-2%3Fdistro=trixie

url	pkg:deb/debian/tomcat9@9.0.95-1?distro=trixie
purl	pkg:deb/debian/tomcat9@9.0.95-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat9@9.0.95-1%3Fdistro=trixie

url	pkg:deb/debian/tomcat9@9.0.115-1?distro=trixie
purl	pkg:deb/debian/tomcat9@9.0.115-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat9@9.0.115-1%3Fdistro=trixie

url pkg:maven/org.apache.tomcat/tomcat@9.0.116

purl pkg:maven/org.apache.tomcat/tomcat@9.0.116

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2rmy-13ym-3bgm

vulnerability	VCID-8e1c-rbkg-v7c2

vulnerability	VCID-abt4-b2cv-eygv

vulnerability	VCID-d1fm-vbd1-n7au

vulnerability	VCID-yrzk-1dbk-muhy

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.116

url pkg:maven/org.apache.tomcat/tomcat@10.1.53

purl pkg:maven/org.apache.tomcat/tomcat@10.1.53

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2rmy-13ym-3bgm

vulnerability	VCID-8e1c-rbkg-v7c2

vulnerability	VCID-abt4-b2cv-eygv

vulnerability	VCID-d1fm-vbd1-n7au

vulnerability	VCID-yrzk-1dbk-muhy

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.53

url pkg:maven/org.apache.tomcat/tomcat@11.0.20

purl pkg:maven/org.apache.tomcat/tomcat@11.0.20

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2rmy-13ym-3bgm

vulnerability	VCID-8e1c-rbkg-v7c2

vulnerability	VCID-abt4-b2cv-eygv

vulnerability	VCID-d1fm-vbd1-n7au

vulnerability	VCID-yrzk-1dbk-muhy

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@11.0.20

url pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.116

purl pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.116

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-abt4-b2cv-eygv

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.116

url pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.53

purl pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.53

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-abt4-b2cv-eygv

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.53

url pkg:maven/org.apache.tomcat/tomcat-catalina@11.0.20

purl pkg:maven/org.apache.tomcat/tomcat-catalina@11.0.20

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-abt4-b2cv-eygv

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-catalina@11.0.20

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.116

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.116

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-abt4-b2cv-eygv

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.116

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.53

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.53

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-abt4-b2cv-eygv

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.53

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@11.0.20

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@11.0.20

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-abt4-b2cv-eygv

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@11.0.20

Affected_packages

url pkg:apache/tomcat@11.0.0-M1

purl pkg:apache/tomcat@11.0.0-M1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1e6p-cppr-2bh2

vulnerability	VCID-246u-a4rh-yyd4

vulnerability	VCID-2kku-pzer-9ufv

vulnerability	VCID-2rmy-13ym-3bgm

vulnerability	VCID-2x6a-3gh1-rkhs

vulnerability	VCID-3vdn-j7sj-dfdn

vulnerability	VCID-43j2-w5xt-43g9

vulnerability	VCID-4cag-c4pb-dfaz

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-5sgv-7nsz-5fa8

vulnerability	VCID-74tx-sx8a-guhs

vulnerability	VCID-8mns-kw6c-a7dk

vulnerability	VCID-8myk-ac5b-huh8

vulnerability	VCID-8war-4v58-eub2

vulnerability	VCID-b3bb-9ajg-sfc9

vulnerability	VCID-bks8-nvm9-vbgy

vulnerability	VCID-cfhw-vmcp-y3bc

vulnerability	VCID-d1fm-vbd1-n7au

vulnerability	VCID-fpgj-82wf-ykbw

vulnerability	VCID-gb2v-96xj-ybad

vulnerability	VCID-gvhy-d4gm-57d3

vulnerability	VCID-gyed-x6s8-ybhr

vulnerability	VCID-j6cj-ftyd-3ffa

vulnerability	VCID-k59r-wjt3-wqe5

vulnerability	VCID-kukv-k3z7-7fgs

vulnerability	VCID-maw6-4qs5-ykae

vulnerability	VCID-n9yk-e49f-n7e7

vulnerability	VCID-p6pa-f1fg-hbhg

vulnerability	VCID-rzj2-4kcj-43dq

vulnerability	VCID-sr8e-w1qk-r7fz

vulnerability	VCID-v7tp-1t4h-zqeg

vulnerability	VCID-v8ku-sjc8-wfga

vulnerability	VCID-vsdf-4tfj-uybe

vulnerability	VCID-xqjr-7xfw-mbh2

vulnerability	VCID-y9ne-rw7e-vugf

vulnerability	VCID-yrzk-1dbk-muhy

vulnerability	VCID-zw2q-kna8-mqcm

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@11.0.0-M1

url pkg:apache/tomcat@11.0.18

purl pkg:apache/tomcat@11.0.18

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-35xg-a746-5qgc

vulnerability	VCID-74tx-sx8a-guhs

vulnerability	VCID-gyed-x6s8-ybhr

vulnerability	VCID-yrzk-1dbk-muhy

vulnerability	VCID-zw2q-kna8-mqcm

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@11.0.18

url pkg:deb/debian/tomcat10@10.1.34-0%2Bdeb12u2

purl pkg:deb/debian/tomcat10@10.1.34-0%2Bdeb12u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2rmy-13ym-3bgm

vulnerability	VCID-35xg-a746-5qgc

vulnerability	VCID-74tx-sx8a-guhs

vulnerability	VCID-8e1c-rbkg-v7c2

vulnerability	VCID-d1fm-vbd1-n7au

vulnerability	VCID-gyed-x6s8-ybhr

vulnerability	VCID-rsxs-u5cc-rkgj

vulnerability	VCID-yrzk-1dbk-muhy

vulnerability	VCID-zw2q-kna8-mqcm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat10@10.1.34-0%252Bdeb12u2

url pkg:deb/debian/tomcat10@10.1.34-0%2Bdeb12u2?distro=trixie

purl pkg:deb/debian/tomcat10@10.1.34-0%2Bdeb12u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2rmy-13ym-3bgm

vulnerability	VCID-35xg-a746-5qgc

vulnerability	VCID-74tx-sx8a-guhs

vulnerability	VCID-8e1c-rbkg-v7c2

vulnerability	VCID-d1fm-vbd1-n7au

vulnerability	VCID-gyed-x6s8-ybhr

vulnerability	VCID-rsxs-u5cc-rkgj

vulnerability	VCID-yrzk-1dbk-muhy

vulnerability	VCID-zw2q-kna8-mqcm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat10@10.1.34-0%252Bdeb12u2%3Fdistro=trixie

url pkg:deb/debian/tomcat10@10.1.52-1~deb13u1

purl pkg:deb/debian/tomcat10@10.1.52-1~deb13u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2rmy-13ym-3bgm

vulnerability	VCID-35xg-a746-5qgc

vulnerability	VCID-74tx-sx8a-guhs

vulnerability	VCID-8e1c-rbkg-v7c2

vulnerability	VCID-d1fm-vbd1-n7au

vulnerability	VCID-gyed-x6s8-ybhr

vulnerability	VCID-rsxs-u5cc-rkgj

vulnerability	VCID-yrzk-1dbk-muhy

vulnerability	VCID-zw2q-kna8-mqcm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat10@10.1.52-1~deb13u1

url pkg:deb/debian/tomcat10@10.1.52-1~deb13u1?distro=trixie

purl pkg:deb/debian/tomcat10@10.1.52-1~deb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2rmy-13ym-3bgm

vulnerability	VCID-35xg-a746-5qgc

vulnerability	VCID-74tx-sx8a-guhs

vulnerability	VCID-8e1c-rbkg-v7c2

vulnerability	VCID-d1fm-vbd1-n7au

vulnerability	VCID-gyed-x6s8-ybhr

vulnerability	VCID-rsxs-u5cc-rkgj

vulnerability	VCID-yrzk-1dbk-muhy

vulnerability	VCID-zw2q-kna8-mqcm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat10@10.1.52-1~deb13u1%3Fdistro=trixie

url pkg:deb/debian/tomcat10@10.1.52-1

purl pkg:deb/debian/tomcat10@10.1.52-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2rmy-13ym-3bgm

vulnerability	VCID-35xg-a746-5qgc

vulnerability	VCID-74tx-sx8a-guhs

vulnerability	VCID-8e1c-rbkg-v7c2

vulnerability	VCID-d1fm-vbd1-n7au

vulnerability	VCID-gyed-x6s8-ybhr

vulnerability	VCID-rsxs-u5cc-rkgj

vulnerability	VCID-yrzk-1dbk-muhy

vulnerability	VCID-zw2q-kna8-mqcm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat10@10.1.52-1

url pkg:deb/debian/tomcat10@10.1.52-1?distro=trixie

purl pkg:deb/debian/tomcat10@10.1.52-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2rmy-13ym-3bgm

vulnerability	VCID-35xg-a746-5qgc

vulnerability	VCID-74tx-sx8a-guhs

vulnerability	VCID-8e1c-rbkg-v7c2

vulnerability	VCID-d1fm-vbd1-n7au

vulnerability	VCID-gyed-x6s8-ybhr

vulnerability	VCID-rsxs-u5cc-rkgj

vulnerability	VCID-yrzk-1dbk-muhy

vulnerability	VCID-zw2q-kna8-mqcm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat10@10.1.52-1%3Fdistro=trixie

url pkg:deb/debian/tomcat11@11.0.15-1~deb13u1?distro=trixie

purl pkg:deb/debian/tomcat11@11.0.15-1~deb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2rmy-13ym-3bgm

vulnerability	VCID-35xg-a746-5qgc

vulnerability	VCID-74tx-sx8a-guhs

vulnerability	VCID-8e1c-rbkg-v7c2

vulnerability	VCID-8war-4v58-eub2

vulnerability	VCID-d1fm-vbd1-n7au

vulnerability	VCID-gyed-x6s8-ybhr

vulnerability	VCID-rsxs-u5cc-rkgj

vulnerability	VCID-yrzk-1dbk-muhy

vulnerability	VCID-zw2q-kna8-mqcm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat11@11.0.15-1~deb13u1%3Fdistro=trixie

url pkg:deb/debian/tomcat11@11.0.18-1?distro=trixie

purl pkg:deb/debian/tomcat11@11.0.18-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2rmy-13ym-3bgm

vulnerability	VCID-35xg-a746-5qgc

vulnerability	VCID-74tx-sx8a-guhs

vulnerability	VCID-8e1c-rbkg-v7c2

vulnerability	VCID-d1fm-vbd1-n7au

vulnerability	VCID-gyed-x6s8-ybhr

vulnerability	VCID-rsxs-u5cc-rkgj

vulnerability	VCID-yrzk-1dbk-muhy

vulnerability	VCID-zw2q-kna8-mqcm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat11@11.0.18-1%3Fdistro=trixie

url pkg:deb/debian/tomcat9@9.0.31-1~deb10u6

purl pkg:deb/debian/tomcat9@9.0.31-1~deb10u6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1e6p-cppr-2bh2

vulnerability	VCID-246u-a4rh-yyd4

vulnerability	VCID-2kku-pzer-9ufv

vulnerability	VCID-2rmy-13ym-3bgm

vulnerability	VCID-2x6a-3gh1-rkhs

vulnerability	VCID-2zq1-na8s-mfdd

vulnerability	VCID-35xg-a746-5qgc

vulnerability	VCID-3vdn-j7sj-dfdn

vulnerability	VCID-43j2-w5xt-43g9

vulnerability	VCID-46bv-6b7y-3bca

vulnerability	VCID-4cag-c4pb-dfaz

vulnerability	VCID-56jv-htmt-rkew

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-5sgv-7nsz-5fa8

vulnerability	VCID-66kh-s6cr-tqf9

vulnerability	VCID-6pm1-byhk-eqfg

vulnerability	VCID-74tx-sx8a-guhs

vulnerability	VCID-885s-t4dx-dybv

vulnerability	VCID-8e1c-rbkg-v7c2

vulnerability	VCID-8mns-kw6c-a7dk

vulnerability	VCID-8myk-ac5b-huh8

vulnerability	VCID-8war-4v58-eub2

vulnerability	VCID-9kfe-1esf-uydm

vulnerability	VCID-a8gk-n8bq-87cp

vulnerability	VCID-b3bb-9ajg-sfc9

vulnerability	VCID-cfhw-vmcp-y3bc

vulnerability	VCID-d1fm-vbd1-n7au

vulnerability	VCID-dy6m-zt6r-9ubd

vulnerability	VCID-dzan-r49k-kqab

vulnerability	VCID-dzpn-w4b3-vbcm

vulnerability	VCID-eb37-mkxf-7fgw

vulnerability	VCID-fpgj-82wf-ykbw

vulnerability	VCID-gb2v-96xj-ybad

vulnerability	VCID-gvhy-d4gm-57d3

vulnerability	VCID-gyed-x6s8-ybhr

vulnerability	VCID-j6cj-ftyd-3ffa

vulnerability	VCID-j8tk-s915-pbfy

vulnerability	VCID-k59r-wjt3-wqe5

vulnerability	VCID-k9cg-ehdw-dbh6

vulnerability	VCID-kukv-k3z7-7fgs

vulnerability	VCID-kwab-3s4q-eka4

vulnerability	VCID-maw6-4qs5-ykae

vulnerability	VCID-n3ab-nk7c-hqc9

vulnerability	VCID-n9yk-e49f-n7e7

vulnerability	VCID-nmq2-8ysj-4fbc

vulnerability	VCID-nvbx-q971-skgm

vulnerability	VCID-p6pa-f1fg-hbhg

vulnerability	VCID-p8q2-pt96-5ye8

vulnerability	VCID-qkx6-32cj-jfbp

vulnerability	VCID-ran8-rnqn-tkbc

vulnerability	VCID-rq42-qvsy-hue6

vulnerability	VCID-rsxs-u5cc-rkgj

vulnerability	VCID-ruuh-g3fa-m7d8

vulnerability	VCID-rzj2-4kcj-43dq

vulnerability	VCID-sr8e-w1qk-r7fz

vulnerability	VCID-stds-vw5z-auhp

vulnerability	VCID-t2ne-75ck-eqcr

vulnerability	VCID-v7tp-1t4h-zqeg

vulnerability	VCID-v8ku-sjc8-wfga

vulnerability	VCID-vsdf-4tfj-uybe

vulnerability	VCID-wgsc-dnn1-ukeq

vulnerability	VCID-wptr-hkjx-s7c3

vulnerability	VCID-xqjr-7xfw-mbh2

vulnerability	VCID-xt59-cnmj-2bf8

vulnerability	VCID-y9ne-rw7e-vugf

vulnerability	VCID-yfx4-4gsc-2kgh

vulnerability	VCID-yrzk-1dbk-muhy

vulnerability	VCID-z2pq-cv2w-nfdk

vulnerability	VCID-zw2q-kna8-mqcm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat9@9.0.31-1~deb10u6

url pkg:deb/debian/tomcat9@9.0.43-2~deb11u10

purl pkg:deb/debian/tomcat9@9.0.43-2~deb11u10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1e6p-cppr-2bh2

vulnerability	VCID-246u-a4rh-yyd4

vulnerability	VCID-2kku-pzer-9ufv

vulnerability	VCID-2rmy-13ym-3bgm

vulnerability	VCID-2x6a-3gh1-rkhs

vulnerability	VCID-2zq1-na8s-mfdd

vulnerability	VCID-35xg-a746-5qgc

vulnerability	VCID-3vdn-j7sj-dfdn

vulnerability	VCID-43j2-w5xt-43g9

vulnerability	VCID-4cag-c4pb-dfaz

vulnerability	VCID-5sgv-7nsz-5fa8

vulnerability	VCID-74tx-sx8a-guhs

vulnerability	VCID-8e1c-rbkg-v7c2

vulnerability	VCID-8mns-kw6c-a7dk

vulnerability	VCID-8myk-ac5b-huh8

vulnerability	VCID-8war-4v58-eub2

vulnerability	VCID-9kfe-1esf-uydm

vulnerability	VCID-cfhw-vmcp-y3bc

vulnerability	VCID-d1fm-vbd1-n7au

vulnerability	VCID-fpgj-82wf-ykbw

vulnerability	VCID-gb2v-96xj-ybad

vulnerability	VCID-gvhy-d4gm-57d3

vulnerability	VCID-gyed-x6s8-ybhr

vulnerability	VCID-k59r-wjt3-wqe5

vulnerability	VCID-k9cg-ehdw-dbh6

vulnerability	VCID-kukv-k3z7-7fgs

vulnerability	VCID-maw6-4qs5-ykae

vulnerability	VCID-p8q2-pt96-5ye8

vulnerability	VCID-rsxs-u5cc-rkgj

vulnerability	VCID-sr8e-w1qk-r7fz

vulnerability	VCID-v8ku-sjc8-wfga

vulnerability	VCID-xqjr-7xfw-mbh2

vulnerability	VCID-y9ne-rw7e-vugf

vulnerability	VCID-yrzk-1dbk-muhy

vulnerability	VCID-zw2q-kna8-mqcm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat9@9.0.43-2~deb11u10

url pkg:maven/org.apache.tomcat/tomcat@9.0.83

purl pkg:maven/org.apache.tomcat/tomcat@9.0.83

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-74tx-sx8a-guhs

vulnerability	VCID-8war-4v58-eub2

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.83

url pkg:maven/org.apache.tomcat/tomcat@10.1.0-M7

purl pkg:maven/org.apache.tomcat/tomcat@10.1.0-M7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-74tx-sx8a-guhs

vulnerability	VCID-8war-4v58-eub2

vulnerability	VCID-wptr-hkjx-s7c3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.0-M7

url pkg:maven/org.apache.tomcat/tomcat@11.0.0-M1

purl pkg:maven/org.apache.tomcat/tomcat@11.0.0-M1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1e6p-cppr-2bh2

vulnerability	VCID-246u-a4rh-yyd4

vulnerability	VCID-2kku-pzer-9ufv

vulnerability	VCID-2rmy-13ym-3bgm

vulnerability	VCID-2x6a-3gh1-rkhs

vulnerability	VCID-3vdn-j7sj-dfdn

vulnerability	VCID-43j2-w5xt-43g9

vulnerability	VCID-4cag-c4pb-dfaz

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-5sgv-7nsz-5fa8

vulnerability	VCID-74tx-sx8a-guhs

vulnerability	VCID-8mns-kw6c-a7dk

vulnerability	VCID-8myk-ac5b-huh8

vulnerability	VCID-8war-4v58-eub2

vulnerability	VCID-b3bb-9ajg-sfc9

vulnerability	VCID-bks8-nvm9-vbgy

vulnerability	VCID-cfhw-vmcp-y3bc

vulnerability	VCID-d1fm-vbd1-n7au

vulnerability	VCID-fpgj-82wf-ykbw

vulnerability	VCID-gb2v-96xj-ybad

vulnerability	VCID-gvhy-d4gm-57d3

vulnerability	VCID-gyed-x6s8-ybhr

vulnerability	VCID-j6cj-ftyd-3ffa

vulnerability	VCID-k59r-wjt3-wqe5

vulnerability	VCID-kukv-k3z7-7fgs

vulnerability	VCID-maw6-4qs5-ykae

vulnerability	VCID-n9yk-e49f-n7e7

vulnerability	VCID-p6pa-f1fg-hbhg

vulnerability	VCID-rzj2-4kcj-43dq

vulnerability	VCID-sr8e-w1qk-r7fz

vulnerability	VCID-v7tp-1t4h-zqeg

vulnerability	VCID-v8ku-sjc8-wfga

vulnerability	VCID-vsdf-4tfj-uybe

vulnerability	VCID-xqjr-7xfw-mbh2

vulnerability	VCID-y9ne-rw7e-vugf

vulnerability	VCID-yrzk-1dbk-muhy

vulnerability	VCID-zw2q-kna8-mqcm

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@11.0.0-M1

url pkg:maven/org.apache.tomcat/tomcat@11.0.18

purl pkg:maven/org.apache.tomcat/tomcat@11.0.18

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-35xg-a746-5qgc

vulnerability	VCID-74tx-sx8a-guhs

vulnerability	VCID-gyed-x6s8-ybhr

vulnerability	VCID-rsxs-u5cc-rkgj

vulnerability	VCID-yrzk-1dbk-muhy

vulnerability	VCID-zw2q-kna8-mqcm

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@11.0.18

url pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.83

purl pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.83

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-74tx-sx8a-guhs

vulnerability	VCID-8mns-kw6c-a7dk

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.83

url pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.0-M7

purl pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.0-M7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-74tx-sx8a-guhs

vulnerability	VCID-8mns-kw6c-a7dk

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.0-M7

url pkg:maven/org.apache.tomcat/tomcat-catalina@11.0.0-M1

purl pkg:maven/org.apache.tomcat/tomcat-catalina@11.0.0-M1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-246u-a4rh-yyd4

vulnerability	VCID-2kku-pzer-9ufv

vulnerability	VCID-2rmy-13ym-3bgm

vulnerability	VCID-43j2-w5xt-43g9

vulnerability	VCID-4cag-c4pb-dfaz

vulnerability	VCID-5sgv-7nsz-5fa8

vulnerability	VCID-74tx-sx8a-guhs

vulnerability	VCID-8mns-kw6c-a7dk

vulnerability	VCID-b3bb-9ajg-sfc9

vulnerability	VCID-bks8-nvm9-vbgy

vulnerability	VCID-cfhw-vmcp-y3bc

vulnerability	VCID-d1fm-vbd1-n7au

vulnerability	VCID-gb2v-96xj-ybad

vulnerability	VCID-gvhy-d4gm-57d3

vulnerability	VCID-gyed-x6s8-ybhr

vulnerability	VCID-k59r-wjt3-wqe5

vulnerability	VCID-maw6-4qs5-ykae

vulnerability	VCID-sr8e-w1qk-r7fz

vulnerability	VCID-v7tp-1t4h-zqeg

vulnerability	VCID-v8ku-sjc8-wfga

vulnerability	VCID-xqjr-7xfw-mbh2

vulnerability	VCID-y9ne-rw7e-vugf

vulnerability	VCID-yrzk-1dbk-muhy

vulnerability	VCID-zw2q-kna8-mqcm

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-catalina@11.0.0-M1

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.83

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.83

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-74tx-sx8a-guhs

vulnerability	VCID-8war-4v58-eub2

vulnerability	VCID-fpgj-82wf-ykbw

vulnerability	VCID-vsdf-4tfj-uybe

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.83

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.0-M7

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.0-M7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-74tx-sx8a-guhs

vulnerability	VCID-8war-4v58-eub2

vulnerability	VCID-fpgj-82wf-ykbw

vulnerability	VCID-j6cj-ftyd-3ffa

vulnerability	VCID-v7tp-1t4h-zqeg

vulnerability	VCID-vsdf-4tfj-uybe

vulnerability	VCID-wptr-hkjx-s7c3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.0-M7

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@11.0.0-M1

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@11.0.0-M1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1e6p-cppr-2bh2

vulnerability	VCID-246u-a4rh-yyd4

vulnerability	VCID-2rmy-13ym-3bgm

vulnerability	VCID-43j2-w5xt-43g9

vulnerability	VCID-4cag-c4pb-dfaz

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-5sgv-7nsz-5fa8

vulnerability	VCID-74tx-sx8a-guhs

vulnerability	VCID-8myk-ac5b-huh8

vulnerability	VCID-8war-4v58-eub2

vulnerability	VCID-b3bb-9ajg-sfc9

vulnerability	VCID-bks8-nvm9-vbgy

vulnerability	VCID-cfhw-vmcp-y3bc

vulnerability	VCID-d1fm-vbd1-n7au

vulnerability	VCID-fpgj-82wf-ykbw

vulnerability	VCID-gb2v-96xj-ybad

vulnerability	VCID-gyed-x6s8-ybhr

vulnerability	VCID-j6cj-ftyd-3ffa

vulnerability	VCID-k59r-wjt3-wqe5

vulnerability	VCID-maw6-4qs5-ykae

vulnerability	VCID-n9yk-e49f-n7e7

vulnerability	VCID-rzj2-4kcj-43dq

vulnerability	VCID-sr8e-w1qk-r7fz

vulnerability	VCID-v7tp-1t4h-zqeg

vulnerability	VCID-v8ku-sjc8-wfga

vulnerability	VCID-vsdf-4tfj-uybe

vulnerability	VCID-xqjr-7xfw-mbh2

vulnerability	VCID-y9ne-rw7e-vugf

vulnerability	VCID-yrzk-1dbk-muhy

vulnerability	VCID-zw2q-kna8-mqcm

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@11.0.0-M1

References

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-29145.json

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-29145.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-29145

reference_id

reference_type

scores

value	0.00063
scoring_system	epss
scoring_elements	0.19636
published_at	2026-04-11T12:55:00Z

value	0.00063
scoring_system	epss
scoring_elements	0.19529
published_at	2026-04-13T12:55:00Z

value	0.00063
scoring_system	epss
scoring_elements	0.19588
published_at	2026-04-12T12:55:00Z

value	0.0012
scoring_system	epss
scoring_elements	0.3096
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-29145

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/apache/tomcat

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat

reference_url	https://github.com/apache/tomcat/commit/721591f7bff424c693f26adc18ae9b9abac3655b
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/721591f7bff424c693f26adc18ae9b9abac3655b

reference_url	https://github.com/apache/tomcat/commit/d1406df5ae0326f39f54c3f64ac30d8fca55cd5b
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/d1406df5ae0326f39f54c3f64ac30d8fca55cd5b

reference_url	https://github.com/apache/tomcat/commit/fe26667cd2385045ac73f4dea086cc9971209b90
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/fe26667cd2385045ac73f4dea086cc9971209b90

reference_url

https://lists.apache.org/thread/yz5fxmhd2j43wgqykssdo7kltws57jfz

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T18:10:50Z/

url

https://lists.apache.org/thread/yz5fxmhd2j43wgqykssdo7kltws57jfz

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2026-29145

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2026-29145

reference_url

http://www.openwall.com/lists/oss-security/2026/04/09/23

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2026/04/09/23

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133356
reference_id	1133356
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133356

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133357
reference_id	1133357
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133357

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2457037
reference_id	2457037
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2457037

reference_url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-29145

reference_id

CVE-2026-29145

reference_type

scores

value	Moderate
scoring_system	apache_tomcat
scoring_elements

url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-29145

reference_url

https://github.com/advisories/GHSA-95jq-rwvf-vjx4

reference_id

GHSA-95jq-rwvf-vjx4

reference_type

scores

value	CRITICAL
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-95jq-rwvf-vjx4

Weaknesses

cwe_id	287
name	Improper Authentication
description	When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

cwe_id	303
name	Incorrect Implementation of Authentication Algorithm
description	The requirements for the product dictate the use of an established authentication algorithm, but the implementation of the algorithm is incorrect.

Exploits

Severity_range_score 4.0 - 10.0

Exploitability 0.5

Weighted_severity 9.0

Risk_score 4.5

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-74tx-sx8a-guhs

Vulnerability Instance