Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/38757?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/38757?format=api", "vulnerability_id": "VCID-u95s-xhwk-vka6", "summary": "Insufficient Verification of Data Authenticity\nThe CORS Filter in Apache Tomcat did not add an HTTP Vary header indicating that the response varies depending on Origin. This permitted client and server side cache poisoning in some circumstances.", "aliases": [ { "alias": "CVE-2017-7674" }, { "alias": "GHSA-73rx-3f9r-x949" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/87110?format=api", "purl": "pkg:apache/tomcat@7.0.79", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-et9y-m4hb-43h7" }, { "vulnerability": "VCID-q1cf-qg1v-3ybr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@7.0.79" }, { "url": "http://public2.vulnerablecode.io/api/packages/87015?format=api", "purl": "pkg:apache/tomcat@8.0.45", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-q1cf-qg1v-3ybr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@8.0.45" }, { "url": "http://public2.vulnerablecode.io/api/packages/87018?format=api", "purl": "pkg:apache/tomcat@8.5.16", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-q1cf-qg1v-3ybr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@8.5.16" }, { "url": "http://public2.vulnerablecode.io/api/packages/86914?format=api", "purl": "pkg:apache/tomcat@9.0.0%2BM22", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-q1cf-qg1v-3ybr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@9.0.0%252BM22" }, { "url": "http://public2.vulnerablecode.io/api/packages/132688?format=api", "purl": "pkg:deb/debian/tomcat9@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat9@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/132690?format=api", "purl": "pkg:deb/debian/tomcat9@9.0.118-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat9@9.0.118-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/132689?format=api", "purl": "pkg:deb/debian/tomcat9@9.0.43-2~deb11u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat9@9.0.43-2~deb11u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/132687?format=api", "purl": "pkg:deb/debian/tomcat9@9.0.70-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat9@9.0.70-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/132691?format=api", "purl": "pkg:deb/debian/tomcat9@9.0.95-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat9@9.0.95-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/53964?format=api", "purl": "pkg:maven/org.apache.tomcat/tomcat@7.0.79", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-et9y-m4hb-43h7" }, { "vulnerability": "VCID-q1cf-qg1v-3ybr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@7.0.79" }, { "url": "http://public2.vulnerablecode.io/api/packages/53965?format=api", "purl": "pkg:maven/org.apache.tomcat/tomcat@8.0.45", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-q1cf-qg1v-3ybr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@8.0.45" }, { "url": "http://public2.vulnerablecode.io/api/packages/53966?format=api", "purl": "pkg:maven/org.apache.tomcat/tomcat@8.5.16", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-q1cf-qg1v-3ybr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@8.5.16" }, { "url": "http://public2.vulnerablecode.io/api/packages/63365?format=api", "purl": "pkg:maven/org.apache.tomcat/tomcat@9.0.0.M22", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-q1cf-qg1v-3ybr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.0.M22" }, { "url": "http://public2.vulnerablecode.io/api/packages/53967?format=api", "purl": "pkg:maven/org.apache.tomcat/tomcat@9.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-q1cf-qg1v-3ybr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/53931?format=api", "purl": "pkg:maven/org.apache.tomcat/tomcat-catalina@7.0.79", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8fn4-hnez-y3eb" }, { "vulnerability": "VCID-et9y-m4hb-43h7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-catalina@7.0.79" }, { "url": "http://public2.vulnerablecode.io/api/packages/53932?format=api", "purl": "pkg:maven/org.apache.tomcat/tomcat-catalina@8.5.16", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-catalina@8.5.16" }, { "url": "http://public2.vulnerablecode.io/api/packages/53933?format=api", "purl": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.0.M22", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.0.M22" } ], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/87103?format=api", "purl": "pkg:apache/tomcat@7.0.41", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-q7g1-m4e7-pya4" }, { "vulnerability": "VCID-u95s-xhwk-vka6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@7.0.41" }, { "url": "http://public2.vulnerablecode.io/api/packages/87116?format=api", "purl": "pkg:apache/tomcat@7.0.78", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-u95s-xhwk-vka6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@7.0.78" }, { "url": "http://public2.vulnerablecode.io/api/packages/87003?format=api", "purl": "pkg:apache/tomcat@8.0.0%2BRC1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5m85-3zyu-7qak" }, { "vulnerability": "VCID-5udv-rheh-kqfy" }, { "vulnerability": "VCID-6umz-z8db-kqcy" }, { "vulnerability": "VCID-7fh9-36qs-jfg5" }, { "vulnerability": "VCID-9gz4-7etq-pyba" }, { "vulnerability": "VCID-axzz-cadr-b7fv" }, { "vulnerability": "VCID-e2gy-1c6a-6fdf" }, { "vulnerability": "VCID-fukm-h3r6-s7cr" }, { "vulnerability": "VCID-g3vd-74yh-s7bn" }, { "vulnerability": "VCID-gmjm-6ck2-skgu" }, { "vulnerability": "VCID-hqzu-shyu-j3hp" }, { "vulnerability": "VCID-j1m6-79yt-f7h5" }, { "vulnerability": "VCID-jzta-navk-87bn" }, { "vulnerability": "VCID-n4zk-mdyw-3fcz" }, { "vulnerability": "VCID-q7g1-m4e7-pya4" }, { "vulnerability": "VCID-qthw-u9bp-zkdp" }, { "vulnerability": "VCID-rtmv-qetu-yqfa" }, { "vulnerability": "VCID-s37s-p75k-27e6" }, { "vulnerability": "VCID-se44-f85s-xyex" }, { "vulnerability": "VCID-tcmv-6ftg-fqen" }, { "vulnerability": "VCID-u95s-xhwk-vka6" }, { "vulnerability": "VCID-vu84-dfwa-z3dg" }, { "vulnerability": "VCID-xa95-zsnk-3kg9" }, { "vulnerability": "VCID-xra9-q91u-rfd5" }, { "vulnerability": "VCID-y9hs-ymcm-3ucx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@8.0.0%252BRC1" }, { "url": "http://public2.vulnerablecode.io/api/packages/87025?format=api", "purl": "pkg:apache/tomcat@8.0.44", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-u95s-xhwk-vka6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@8.0.44" }, { "url": "http://public2.vulnerablecode.io/api/packages/86933?format=api", "purl": "pkg:apache/tomcat@8.5.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1kgu-zupu-tydw" }, { "vulnerability": "VCID-2mj1-8nz1-43cd" }, { "vulnerability": "VCID-2qhv-x4j1-jqa7" }, { "vulnerability": "VCID-3nsr-9s9y-ckft" }, { "vulnerability": "VCID-3tme-zh53-7ubx" }, { "vulnerability": "VCID-4nx6-t8vd-bqcu" }, { "vulnerability": "VCID-4q7w-adqc-kydu" }, { "vulnerability": "VCID-59dd-qzpt-aucm" }, { "vulnerability": "VCID-5udv-rheh-kqfy" }, { "vulnerability": "VCID-6umz-z8db-kqcy" }, { "vulnerability": "VCID-7fh9-36qs-jfg5" }, { "vulnerability": "VCID-9e2b-7qtg-tbaj" }, { "vulnerability": "VCID-9gz4-7etq-pyba" }, { "vulnerability": "VCID-axzz-cadr-b7fv" }, { "vulnerability": "VCID-ct4z-hxx3-53bw" }, { "vulnerability": "VCID-dast-z2hv-2yfe" }, { "vulnerability": "VCID-dbu6-fhrs-aubn" }, { "vulnerability": "VCID-dk58-p9py-rka9" }, { "vulnerability": "VCID-em96-kd99-3kf8" }, { "vulnerability": "VCID-essq-6syu-6ygm" }, { "vulnerability": "VCID-g3vd-74yh-s7bn" }, { "vulnerability": "VCID-gmjm-6ck2-skgu" }, { "vulnerability": "VCID-h6f2-qgnu-bqf4" }, { "vulnerability": "VCID-hqzu-shyu-j3hp" }, { "vulnerability": "VCID-j66a-6et3-mfha" }, { "vulnerability": "VCID-jbh7-zmq6-bfgs" }, { "vulnerability": "VCID-jhm9-cqu3-7yce" }, { "vulnerability": "VCID-jsyt-cmxf-gbh3" }, { "vulnerability": "VCID-jzta-navk-87bn" }, { "vulnerability": "VCID-m1k8-9pwc-1qb9" }, { "vulnerability": "VCID-m7ja-6efp-tyh1" }, { "vulnerability": "VCID-nxb3-55eu-auhp" }, { "vulnerability": "VCID-paqj-ye46-8bdb" }, { "vulnerability": "VCID-q7g1-m4e7-pya4" }, { "vulnerability": "VCID-qth9-7326-hffp" }, { "vulnerability": "VCID-qthw-u9bp-zkdp" }, { "vulnerability": "VCID-rbvh-4npk-nub9" }, { "vulnerability": "VCID-rhtz-91ke-kfbj" }, { "vulnerability": "VCID-rk89-9dw5-w3gg" }, { "vulnerability": "VCID-rtmv-qetu-yqfa" }, { "vulnerability": "VCID-s37s-p75k-27e6" }, { "vulnerability": "VCID-se44-f85s-xyex" }, { "vulnerability": "VCID-tcmv-6ftg-fqen" }, { "vulnerability": "VCID-u95s-xhwk-vka6" }, { "vulnerability": "VCID-urhs-6aus-syb1" }, { "vulnerability": "VCID-uuya-uqgv-kyfb" }, { "vulnerability": "VCID-vu84-dfwa-z3dg" }, { "vulnerability": "VCID-webw-gryb-7ucv" }, { "vulnerability": "VCID-wmb3-3j7y-due7" }, { "vulnerability": "VCID-wmrh-m1m3-uyav" }, { "vulnerability": "VCID-xa95-zsnk-3kg9" }, { "vulnerability": "VCID-xns8-63b5-guf2" }, { "vulnerability": "VCID-y4a2-mamb-yqg6" }, { "vulnerability": "VCID-y9hs-ymcm-3ucx" }, { "vulnerability": "VCID-zba8-2zc4-9qfh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@8.5.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/87026?format=api", "purl": "pkg:apache/tomcat@8.5.15", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dast-z2hv-2yfe" }, { "vulnerability": "VCID-u95s-xhwk-vka6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@8.5.15" }, { "url": "http://public2.vulnerablecode.io/api/packages/86780?format=api", "purl": "pkg:apache/tomcat@9.0.0%2BM1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18rb-u2tu-affk" }, { "vulnerability": "VCID-1kgu-zupu-tydw" }, { "vulnerability": "VCID-2mj1-8nz1-43cd" }, { "vulnerability": "VCID-3nsr-9s9y-ckft" }, { "vulnerability": "VCID-3tme-zh53-7ubx" }, { "vulnerability": "VCID-4nx6-t8vd-bqcu" }, { "vulnerability": "VCID-4uag-c2s8-ubcd" }, { "vulnerability": "VCID-59dd-qzpt-aucm" }, { "vulnerability": "VCID-5ebw-zerz-u7bh" }, { "vulnerability": "VCID-5m85-3zyu-7qak" }, { "vulnerability": "VCID-5udv-rheh-kqfy" }, { "vulnerability": "VCID-5ztb-ns6b-fuf9" }, { "vulnerability": "VCID-6kdt-2q2t-aqgy" }, { "vulnerability": "VCID-6umz-z8db-kqcy" }, { "vulnerability": "VCID-71mw-xrnv-9kec" }, { "vulnerability": "VCID-7fh9-36qs-jfg5" }, { "vulnerability": "VCID-84a8-y1hg-vuep" }, { "vulnerability": "VCID-9e2b-7qtg-tbaj" }, { "vulnerability": "VCID-9gz4-7etq-pyba" }, { "vulnerability": "VCID-ac8p-uerd-ubfj" }, { "vulnerability": "VCID-axzz-cadr-b7fv" }, { "vulnerability": "VCID-bxwn-g8gu-kkbn" }, { "vulnerability": "VCID-ct4z-hxx3-53bw" }, { "vulnerability": "VCID-cugj-j48z-jub5" }, { "vulnerability": "VCID-dast-z2hv-2yfe" }, { "vulnerability": "VCID-dk58-p9py-rka9" }, { "vulnerability": "VCID-e2gy-1c6a-6fdf" }, { "vulnerability": "VCID-em96-kd99-3kf8" }, { "vulnerability": "VCID-essq-6syu-6ygm" }, { "vulnerability": "VCID-fukm-h3r6-s7cr" }, { "vulnerability": "VCID-g3vd-74yh-s7bn" }, { "vulnerability": "VCID-gmjm-6ck2-skgu" }, { "vulnerability": "VCID-gqtv-jvn4-eqe5" }, { "vulnerability": "VCID-hf8e-m14m-mbcx" }, { "vulnerability": "VCID-hqzu-shyu-j3hp" }, { "vulnerability": "VCID-hy8s-ks53-u3aq" }, { "vulnerability": "VCID-j1m6-79yt-f7h5" }, { "vulnerability": "VCID-j7w8-ean1-33b8" }, { "vulnerability": "VCID-jbh7-zmq6-bfgs" }, { "vulnerability": "VCID-jhm9-cqu3-7yce" }, { "vulnerability": "VCID-jzta-navk-87bn" }, { "vulnerability": "VCID-kqng-d1f2-myg5" }, { "vulnerability": "VCID-m7ja-6efp-tyh1" }, { "vulnerability": "VCID-n4zk-mdyw-3fcz" }, { "vulnerability": "VCID-nxb3-55eu-auhp" }, { "vulnerability": "VCID-pmav-cxu6-1ua9" }, { "vulnerability": "VCID-q7g1-m4e7-pya4" }, { "vulnerability": "VCID-qjqr-axrq-xkcf" }, { "vulnerability": "VCID-qth9-7326-hffp" }, { "vulnerability": "VCID-qthw-u9bp-zkdp" }, { "vulnerability": "VCID-rbvh-4npk-nub9" }, { "vulnerability": "VCID-rhtz-91ke-kfbj" }, { "vulnerability": "VCID-rk89-9dw5-w3gg" }, { "vulnerability": "VCID-rtmv-qetu-yqfa" }, { "vulnerability": "VCID-s37s-p75k-27e6" }, { "vulnerability": "VCID-s5kh-nebr-tba9" }, { "vulnerability": "VCID-se44-f85s-xyex" }, { "vulnerability": "VCID-tcmv-6ftg-fqen" }, { "vulnerability": "VCID-u95s-xhwk-vka6" }, { "vulnerability": "VCID-ud36-sb2d-8ych" }, { "vulnerability": "VCID-ujxe-ggfj-k3bh" }, { "vulnerability": "VCID-vhbh-3a89-x7cw" }, { "vulnerability": "VCID-vu84-dfwa-z3dg" }, { "vulnerability": "VCID-w9nk-wv5n-2kg9" }, { "vulnerability": "VCID-webw-gryb-7ucv" }, { "vulnerability": "VCID-wmb3-3j7y-due7" }, { "vulnerability": "VCID-xa95-zsnk-3kg9" }, { "vulnerability": "VCID-xns8-63b5-guf2" }, { "vulnerability": "VCID-xra9-q91u-rfd5" }, { "vulnerability": "VCID-xtdv-ygus-xuds" }, { "vulnerability": "VCID-y9hs-ymcm-3ucx" }, { "vulnerability": "VCID-z4zd-puyg-g3bz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@9.0.0%252BM1" }, { "url": "http://public2.vulnerablecode.io/api/packages/86917?format=api", "purl": "pkg:apache/tomcat@9.0.0%2BM21", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dast-z2hv-2yfe" }, { "vulnerability": "VCID-u95s-xhwk-vka6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@9.0.0%252BM21" }, { "url": "http://public2.vulnerablecode.io/api/packages/53955?format=api", "purl": "pkg:maven/org.apache.tomcat/tomcat@7.0.41", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-q7g1-m4e7-pya4" }, { "vulnerability": "VCID-u95s-xhwk-vka6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@7.0.41" }, { "url": "http://public2.vulnerablecode.io/api/packages/53956?format=api", "purl": "pkg:maven/org.apache.tomcat/tomcat@7.0.50", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3txt-1psa-5kf5" }, { "vulnerability": "VCID-u95s-xhwk-vka6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@7.0.50" }, { "url": "http://public2.vulnerablecode.io/api/packages/53957?format=api", "purl": "pkg:maven/org.apache.tomcat/tomcat@7.0.52", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1a1b-3pdg-jbfq" }, { "vulnerability": "VCID-937w-2w2q-7fdy" }, { "vulnerability": "VCID-nnye-4xbb-kuf5" }, { "vulnerability": "VCID-u95s-xhwk-vka6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@7.0.52" }, { "url": "http://public2.vulnerablecode.io/api/packages/53958?format=api", "purl": "pkg:maven/org.apache.tomcat/tomcat@7.0.78", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-u95s-xhwk-vka6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@7.0.78" }, { "url": "http://public2.vulnerablecode.io/api/packages/62428?format=api", "purl": "pkg:maven/org.apache.tomcat/tomcat@8.0.0.RC1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5m85-3zyu-7qak" }, { "vulnerability": "VCID-5udv-rheh-kqfy" }, { "vulnerability": "VCID-6umz-z8db-kqcy" }, { "vulnerability": "VCID-7fh9-36qs-jfg5" }, { "vulnerability": "VCID-9gz4-7etq-pyba" }, { "vulnerability": "VCID-axzz-cadr-b7fv" }, { "vulnerability": "VCID-e2gy-1c6a-6fdf" }, { "vulnerability": "VCID-fukm-h3r6-s7cr" }, { "vulnerability": "VCID-g3vd-74yh-s7bn" }, { "vulnerability": "VCID-gmjm-6ck2-skgu" }, { "vulnerability": "VCID-hqzu-shyu-j3hp" }, { "vulnerability": "VCID-j1m6-79yt-f7h5" }, { "vulnerability": "VCID-jzta-navk-87bn" }, { "vulnerability": "VCID-n4zk-mdyw-3fcz" }, { "vulnerability": "VCID-q7g1-m4e7-pya4" }, { "vulnerability": "VCID-qthw-u9bp-zkdp" }, { "vulnerability": "VCID-rtmv-qetu-yqfa" }, { "vulnerability": "VCID-s37s-p75k-27e6" }, { "vulnerability": "VCID-se44-f85s-xyex" }, { "vulnerability": "VCID-tcmv-6ftg-fqen" }, { "vulnerability": "VCID-u95s-xhwk-vka6" }, { "vulnerability": "VCID-vu84-dfwa-z3dg" }, { "vulnerability": "VCID-xa95-zsnk-3kg9" }, { "vulnerability": "VCID-xra9-q91u-rfd5" }, { "vulnerability": "VCID-y9hs-ymcm-3ucx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@8.0.0.RC1" }, { "url": "http://public2.vulnerablecode.io/api/packages/53959?format=api", "purl": "pkg:maven/org.apache.tomcat/tomcat@8.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-u95s-xhwk-vka6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@8.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/53960?format=api", "purl": "pkg:maven/org.apache.tomcat/tomcat@8.0.44", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-u95s-xhwk-vka6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@8.0.44" }, { "url": "http://public2.vulnerablecode.io/api/packages/53961?format=api", "purl": "pkg:maven/org.apache.tomcat/tomcat@8.5.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1kgu-zupu-tydw" }, { "vulnerability": "VCID-2mj1-8nz1-43cd" }, { "vulnerability": "VCID-2qhv-x4j1-jqa7" }, { "vulnerability": "VCID-3nsr-9s9y-ckft" }, { "vulnerability": "VCID-3tme-zh53-7ubx" }, { "vulnerability": "VCID-4nx6-t8vd-bqcu" }, { "vulnerability": "VCID-4q7w-adqc-kydu" }, { "vulnerability": "VCID-59dd-qzpt-aucm" }, { "vulnerability": "VCID-5udv-rheh-kqfy" }, { "vulnerability": "VCID-6umz-z8db-kqcy" }, { "vulnerability": "VCID-7fh9-36qs-jfg5" }, { "vulnerability": "VCID-9e2b-7qtg-tbaj" }, { "vulnerability": "VCID-9gz4-7etq-pyba" }, { "vulnerability": "VCID-axzz-cadr-b7fv" }, { "vulnerability": "VCID-ct4z-hxx3-53bw" }, { "vulnerability": "VCID-dast-z2hv-2yfe" }, { "vulnerability": "VCID-dbu6-fhrs-aubn" }, { "vulnerability": "VCID-dk58-p9py-rka9" }, { "vulnerability": "VCID-em96-kd99-3kf8" }, { "vulnerability": "VCID-essq-6syu-6ygm" }, { "vulnerability": "VCID-g3vd-74yh-s7bn" }, { "vulnerability": "VCID-gmjm-6ck2-skgu" }, { "vulnerability": "VCID-h6f2-qgnu-bqf4" }, { "vulnerability": "VCID-hqzu-shyu-j3hp" }, { "vulnerability": "VCID-j66a-6et3-mfha" }, { "vulnerability": "VCID-jbh7-zmq6-bfgs" }, { "vulnerability": "VCID-jhm9-cqu3-7yce" }, { "vulnerability": "VCID-jsyt-cmxf-gbh3" }, { "vulnerability": "VCID-jzta-navk-87bn" }, { "vulnerability": "VCID-kqng-d1f2-myg5" }, { "vulnerability": "VCID-m1k8-9pwc-1qb9" }, { "vulnerability": "VCID-m7ja-6efp-tyh1" }, { "vulnerability": "VCID-nxb3-55eu-auhp" }, { "vulnerability": "VCID-paqj-ye46-8bdb" }, { "vulnerability": "VCID-q7g1-m4e7-pya4" }, { "vulnerability": "VCID-qth9-7326-hffp" }, { "vulnerability": "VCID-qthw-u9bp-zkdp" }, { "vulnerability": "VCID-rbvh-4npk-nub9" }, { "vulnerability": "VCID-rhtz-91ke-kfbj" }, { "vulnerability": "VCID-rk89-9dw5-w3gg" }, { "vulnerability": "VCID-rtmv-qetu-yqfa" }, { "vulnerability": "VCID-s37s-p75k-27e6" }, { "vulnerability": "VCID-se44-f85s-xyex" }, { "vulnerability": "VCID-tcmv-6ftg-fqen" }, { "vulnerability": "VCID-u95s-xhwk-vka6" }, { "vulnerability": "VCID-urhs-6aus-syb1" }, { "vulnerability": "VCID-uuya-uqgv-kyfb" }, { "vulnerability": "VCID-vu84-dfwa-z3dg" }, { "vulnerability": "VCID-webw-gryb-7ucv" }, { "vulnerability": "VCID-wmb3-3j7y-due7" }, { "vulnerability": "VCID-wmrh-m1m3-uyav" }, { "vulnerability": "VCID-xa95-zsnk-3kg9" }, { "vulnerability": "VCID-xns8-63b5-guf2" }, { "vulnerability": "VCID-y4a2-mamb-yqg6" }, { "vulnerability": "VCID-y9hs-ymcm-3ucx" }, { "vulnerability": "VCID-zba8-2zc4-9qfh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@8.5.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/53962?format=api", "purl": "pkg:maven/org.apache.tomcat/tomcat@8.5.15", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dast-z2hv-2yfe" }, { "vulnerability": "VCID-u95s-xhwk-vka6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@8.5.15" }, { "url": "http://public2.vulnerablecode.io/api/packages/57776?format=api", "purl": "pkg:maven/org.apache.tomcat/tomcat@9.0.0.M1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18rb-u2tu-affk" }, { "vulnerability": "VCID-1kgu-zupu-tydw" }, { "vulnerability": "VCID-2mj1-8nz1-43cd" }, { "vulnerability": "VCID-3nsr-9s9y-ckft" }, { "vulnerability": "VCID-3tme-zh53-7ubx" }, { "vulnerability": "VCID-4nx6-t8vd-bqcu" }, { "vulnerability": "VCID-4uag-c2s8-ubcd" }, { "vulnerability": "VCID-59dd-qzpt-aucm" }, { "vulnerability": "VCID-5ebw-zerz-u7bh" }, { "vulnerability": "VCID-5m85-3zyu-7qak" }, { "vulnerability": "VCID-5udv-rheh-kqfy" }, { "vulnerability": "VCID-5ztb-ns6b-fuf9" }, { "vulnerability": "VCID-6kdt-2q2t-aqgy" }, { "vulnerability": "VCID-6umz-z8db-kqcy" }, { "vulnerability": "VCID-71mw-xrnv-9kec" }, { "vulnerability": "VCID-7fh9-36qs-jfg5" }, { "vulnerability": "VCID-84a8-y1hg-vuep" }, { "vulnerability": "VCID-9e2b-7qtg-tbaj" }, { "vulnerability": "VCID-9gz4-7etq-pyba" }, { "vulnerability": "VCID-ac8p-uerd-ubfj" }, { "vulnerability": "VCID-axzz-cadr-b7fv" }, { "vulnerability": "VCID-bxwn-g8gu-kkbn" }, { "vulnerability": "VCID-ct4z-hxx3-53bw" }, { "vulnerability": "VCID-cugj-j48z-jub5" }, { "vulnerability": "VCID-dast-z2hv-2yfe" }, { "vulnerability": "VCID-dk58-p9py-rka9" }, { "vulnerability": "VCID-e2gy-1c6a-6fdf" }, { "vulnerability": "VCID-em96-kd99-3kf8" }, { "vulnerability": "VCID-essq-6syu-6ygm" }, { "vulnerability": "VCID-fukm-h3r6-s7cr" }, { "vulnerability": "VCID-g3vd-74yh-s7bn" }, { "vulnerability": "VCID-gmjm-6ck2-skgu" }, { "vulnerability": "VCID-gqtv-jvn4-eqe5" }, { "vulnerability": "VCID-hf8e-m14m-mbcx" }, { "vulnerability": "VCID-hqzu-shyu-j3hp" }, { "vulnerability": "VCID-hy8s-ks53-u3aq" }, { "vulnerability": "VCID-j1m6-79yt-f7h5" }, { "vulnerability": "VCID-j7w8-ean1-33b8" }, { "vulnerability": "VCID-jbh7-zmq6-bfgs" }, { "vulnerability": "VCID-jhm9-cqu3-7yce" }, { "vulnerability": "VCID-jzta-navk-87bn" }, { "vulnerability": "VCID-kqng-d1f2-myg5" }, { "vulnerability": "VCID-m7ja-6efp-tyh1" }, { "vulnerability": "VCID-n4zk-mdyw-3fcz" }, { "vulnerability": "VCID-nxb3-55eu-auhp" }, { "vulnerability": "VCID-pmav-cxu6-1ua9" }, { "vulnerability": "VCID-q7g1-m4e7-pya4" }, { "vulnerability": "VCID-qjqr-axrq-xkcf" }, { "vulnerability": "VCID-qth9-7326-hffp" }, { "vulnerability": "VCID-qthw-u9bp-zkdp" }, { "vulnerability": "VCID-rbvh-4npk-nub9" }, { "vulnerability": "VCID-rhtz-91ke-kfbj" }, { "vulnerability": "VCID-rk89-9dw5-w3gg" }, { "vulnerability": "VCID-rtmv-qetu-yqfa" }, { "vulnerability": "VCID-s37s-p75k-27e6" }, { "vulnerability": "VCID-s5kh-nebr-tba9" }, { "vulnerability": "VCID-se44-f85s-xyex" }, { "vulnerability": "VCID-tcmv-6ftg-fqen" }, { "vulnerability": "VCID-u95s-xhwk-vka6" }, { "vulnerability": "VCID-ud36-sb2d-8ych" }, { "vulnerability": "VCID-ujxe-ggfj-k3bh" }, { "vulnerability": "VCID-vhbh-3a89-x7cw" }, { "vulnerability": "VCID-vu84-dfwa-z3dg" }, { "vulnerability": "VCID-w9nk-wv5n-2kg9" }, { "vulnerability": "VCID-webw-gryb-7ucv" }, { "vulnerability": "VCID-wmb3-3j7y-due7" }, { "vulnerability": "VCID-xa95-zsnk-3kg9" }, { "vulnerability": "VCID-xns8-63b5-guf2" }, { "vulnerability": "VCID-xra9-q91u-rfd5" }, { "vulnerability": "VCID-xtdv-ygus-xuds" }, { "vulnerability": "VCID-y9hs-ymcm-3ucx" }, { "vulnerability": "VCID-z4zd-puyg-g3bz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.0.M1" }, { "url": "http://public2.vulnerablecode.io/api/packages/62559?format=api", "purl": "pkg:maven/org.apache.tomcat/tomcat@9.0.0.M21", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dast-z2hv-2yfe" }, { "vulnerability": "VCID-u95s-xhwk-vka6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.0.M21" }, { "url": "http://public2.vulnerablecode.io/api/packages/53963?format=api", "purl": "pkg:maven/org.apache.tomcat/tomcat@9.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3tme-zh53-7ubx" }, { "vulnerability": "VCID-59dd-qzpt-aucm" }, { "vulnerability": "VCID-8xdc-3kn9-b3e6" }, { "vulnerability": "VCID-9gz4-7etq-pyba" }, { "vulnerability": "VCID-dbu6-fhrs-aubn" }, { "vulnerability": "VCID-dk58-p9py-rka9" }, { "vulnerability": "VCID-essq-6syu-6ygm" }, { "vulnerability": "VCID-fqyx-8pgs-uqgg" }, { "vulnerability": "VCID-g3vd-74yh-s7bn" }, { "vulnerability": "VCID-nxb3-55eu-auhp" }, { "vulnerability": "VCID-q1cf-qg1v-3ybr" }, { "vulnerability": "VCID-q7g1-m4e7-pya4" }, { "vulnerability": "VCID-qth9-7326-hffp" }, { "vulnerability": "VCID-rtmv-qetu-yqfa" }, { "vulnerability": "VCID-u95s-xhwk-vka6" }, { "vulnerability": "VCID-vu84-dfwa-z3dg" }, { "vulnerability": "VCID-webw-gryb-7ucv" }, { "vulnerability": "VCID-wmb3-3j7y-due7" }, { "vulnerability": "VCID-wmrh-m1m3-uyav" }, { "vulnerability": "VCID-xns8-63b5-guf2" }, { "vulnerability": "VCID-zba8-2zc4-9qfh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/53923?format=api", "purl": "pkg:maven/org.apache.tomcat/tomcat-catalina@7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-u95s-xhwk-vka6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-catalina@7" }, { "url": "http://public2.vulnerablecode.io/api/packages/53924?format=api", "purl": "pkg:maven/org.apache.tomcat/tomcat-catalina@7.0.78", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-u95s-xhwk-vka6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-catalina@7.0.78" }, { "url": "http://public2.vulnerablecode.io/api/packages/53925?format=api", "purl": "pkg:maven/org.apache.tomcat/tomcat-catalina@8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-u95s-xhwk-vka6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-catalina@8" }, { "url": "http://public2.vulnerablecode.io/api/packages/53926?format=api", "purl": "pkg:maven/org.apache.tomcat/tomcat-catalina@8.0.44", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-u95s-xhwk-vka6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-catalina@8.0.44" }, { "url": "http://public2.vulnerablecode.io/api/packages/53927?format=api", "purl": "pkg:maven/org.apache.tomcat/tomcat-catalina@8.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-u95s-xhwk-vka6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-catalina@8.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/53928?format=api", "purl": "pkg:maven/org.apache.tomcat/tomcat-catalina@8.5.15", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-u95s-xhwk-vka6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-catalina@8.5.15" }, { "url": "http://public2.vulnerablecode.io/api/packages/53930?format=api", "purl": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.0.M21", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-u95s-xhwk-vka6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.0.M21" }, { "url": "http://public2.vulnerablecode.io/api/packages/53929?format=api", "purl": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.0.M1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6umz-z8db-kqcy" }, { "vulnerability": "VCID-7fh9-36qs-jfg5" }, { "vulnerability": "VCID-jzta-navk-87bn" }, { "vulnerability": "VCID-u95s-xhwk-vka6" }, { "vulnerability": "VCID-xa95-zsnk-3kg9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.0.M1" }, { "url": "http://public2.vulnerablecode.io/api/packages/142642?format=api", "purl": "pkg:rpm/redhat/log4j-eap6@1.2.16-12.redhat_3.1.ep6?arch=el6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4wy2-zsz2-a3ew" }, { "vulnerability": "VCID-bubv-9mb8-2bgh" }, { "vulnerability": "VCID-gmjm-6ck2-skgu" }, { "vulnerability": "VCID-hqzu-shyu-j3hp" }, { "vulnerability": "VCID-n74y-fd83-ybem" }, { "vulnerability": "VCID-rg7k-kaxv-2ubx" }, { "vulnerability": "VCID-se44-f85s-xyex" }, { "vulnerability": "VCID-u95s-xhwk-vka6" }, { "vulnerability": "VCID-xpn8-u26e-77ge" }, { "vulnerability": "VCID-yr3a-tnm4-wydt" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/log4j-eap6@1.2.16-12.redhat_3.1.ep6%3Farch=el6" }, { "url": "http://public2.vulnerablecode.io/api/packages/142644?format=api", "purl": "pkg:rpm/redhat/log4j-eap6@1.2.16-12.redhat_3.1.ep6?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4wy2-zsz2-a3ew" }, { "vulnerability": "VCID-bubv-9mb8-2bgh" }, { "vulnerability": "VCID-gmjm-6ck2-skgu" }, { "vulnerability": "VCID-hqzu-shyu-j3hp" }, { "vulnerability": "VCID-n74y-fd83-ybem" }, { "vulnerability": "VCID-rg7k-kaxv-2ubx" }, { "vulnerability": "VCID-se44-f85s-xyex" }, { "vulnerability": "VCID-u95s-xhwk-vka6" }, { "vulnerability": "VCID-xpn8-u26e-77ge" }, { "vulnerability": "VCID-yr3a-tnm4-wydt" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/log4j-eap6@1.2.16-12.redhat_3.1.ep6%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/152976?format=api", "purl": "pkg:rpm/redhat/tomcat@7.0.76-3?arch=el7_4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9gz4-7etq-pyba" }, { "vulnerability": "VCID-et9y-m4hb-43h7" }, { "vulnerability": "VCID-hqzu-shyu-j3hp" }, { "vulnerability": "VCID-u95s-xhwk-vka6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/tomcat@7.0.76-3%3Farch=el7_4" }, { "url": "http://public2.vulnerablecode.io/api/packages/142645?format=api", "purl": "pkg:rpm/redhat/tomcat7@7.0.70-22.ep7?arch=el6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4wy2-zsz2-a3ew" }, { "vulnerability": "VCID-bubv-9mb8-2bgh" }, { "vulnerability": "VCID-gmjm-6ck2-skgu" }, { "vulnerability": "VCID-hqzu-shyu-j3hp" }, { "vulnerability": "VCID-n74y-fd83-ybem" }, { "vulnerability": "VCID-se44-f85s-xyex" }, { "vulnerability": "VCID-u95s-xhwk-vka6" }, { "vulnerability": "VCID-xpn8-u26e-77ge" }, { "vulnerability": "VCID-yr3a-tnm4-wydt" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/tomcat7@7.0.70-22.ep7%3Farch=el6" }, { "url": "http://public2.vulnerablecode.io/api/packages/142646?format=api", "purl": "pkg:rpm/redhat/tomcat7@7.0.70-22.ep7?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4wy2-zsz2-a3ew" }, { "vulnerability": "VCID-bubv-9mb8-2bgh" }, { "vulnerability": "VCID-gmjm-6ck2-skgu" }, { "vulnerability": "VCID-hqzu-shyu-j3hp" }, { "vulnerability": "VCID-n74y-fd83-ybem" }, { "vulnerability": "VCID-se44-f85s-xyex" }, { "vulnerability": "VCID-u95s-xhwk-vka6" }, { "vulnerability": "VCID-xpn8-u26e-77ge" }, { "vulnerability": "VCID-yr3a-tnm4-wydt" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/tomcat7@7.0.70-22.ep7%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/142639?format=api", "purl": "pkg:rpm/redhat/tomcat8@8.0.36-24.ep7?arch=el6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4wy2-zsz2-a3ew" }, { "vulnerability": "VCID-bubv-9mb8-2bgh" }, { "vulnerability": "VCID-gmjm-6ck2-skgu" }, { "vulnerability": "VCID-hqzu-shyu-j3hp" }, { "vulnerability": "VCID-n74y-fd83-ybem" }, { "vulnerability": "VCID-se44-f85s-xyex" }, { "vulnerability": "VCID-u95s-xhwk-vka6" }, { "vulnerability": "VCID-xpn8-u26e-77ge" }, { "vulnerability": "VCID-yr3a-tnm4-wydt" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/tomcat8@8.0.36-24.ep7%3Farch=el6" }, { "url": "http://public2.vulnerablecode.io/api/packages/142638?format=api", "purl": "pkg:rpm/redhat/tomcat8@8.0.36-24.ep7?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4wy2-zsz2-a3ew" }, { "vulnerability": "VCID-bubv-9mb8-2bgh" }, { "vulnerability": "VCID-gmjm-6ck2-skgu" }, { "vulnerability": "VCID-hqzu-shyu-j3hp" }, { "vulnerability": "VCID-n74y-fd83-ybem" }, { "vulnerability": "VCID-se44-f85s-xyex" }, { "vulnerability": "VCID-u95s-xhwk-vka6" }, { "vulnerability": "VCID-xpn8-u26e-77ge" }, { "vulnerability": "VCID-yr3a-tnm4-wydt" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/tomcat8@8.0.36-24.ep7%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/142650?format=api", "purl": "pkg:rpm/redhat/tomcat-native@1.2.8-10.redhat_10.ep7?arch=el6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4wy2-zsz2-a3ew" }, { "vulnerability": "VCID-bubv-9mb8-2bgh" }, { "vulnerability": "VCID-gmjm-6ck2-skgu" }, { "vulnerability": "VCID-hqzu-shyu-j3hp" }, { "vulnerability": "VCID-n74y-fd83-ybem" }, { "vulnerability": "VCID-se44-f85s-xyex" }, { "vulnerability": "VCID-u95s-xhwk-vka6" }, { "vulnerability": "VCID-xpn8-u26e-77ge" }, { "vulnerability": "VCID-yr3a-tnm4-wydt" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/tomcat-native@1.2.8-10.redhat_10.ep7%3Farch=el6" }, { "url": "http://public2.vulnerablecode.io/api/packages/142649?format=api", "purl": "pkg:rpm/redhat/tomcat-native@1.2.8-10.redhat_10.ep7?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4wy2-zsz2-a3ew" }, { "vulnerability": "VCID-bubv-9mb8-2bgh" }, { "vulnerability": "VCID-gmjm-6ck2-skgu" }, { "vulnerability": "VCID-hqzu-shyu-j3hp" }, { "vulnerability": "VCID-n74y-fd83-ybem" }, { "vulnerability": "VCID-se44-f85s-xyex" }, { "vulnerability": "VCID-u95s-xhwk-vka6" }, { "vulnerability": "VCID-xpn8-u26e-77ge" }, { "vulnerability": "VCID-yr3a-tnm4-wydt" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/tomcat-native@1.2.8-10.redhat_10.ep7%3Farch=el7" } ], "references": [ { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1801", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2017:1801" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1802", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2017:1802" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3081", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3081" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7674.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7674.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7674", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0592", "scoring_system": "epss", "scoring_elements": "0.90781", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7674" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1480618", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1480618" }, { "reference_url": "https://github.com/apache/tomcat", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/tomcat" }, { "reference_url": "https://github.com/apache/tomcat70/commit/52382ebfbce20a98b01cd9d37184a12703987a5a", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/apache/tomcat70/commit/52382ebfbce20a98b01cd9d37184a12703987a5a" }, { "reference_url": "https://github.com/apache/tomcat80/commit/f52c242d92d4563dd1226dcc993ec37370ba9ce3", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/tomcat80/commit/f52c242d92d4563dd1226dcc993ec37370ba9ce3" }, { "reference_url": "https://github.com/apache/tomcat85/commit/9044c1672bbe4b2cf4c55028cc8b977cc62650e7", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/apache/tomcat85/commit/9044c1672bbe4b2cf4c55028cc8b977cc62650e7" }, { "reference_url": "https://github.com/apache/tomcat/commit/52382ebfbce20a98b01cd9d37184a12703987a5a", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/tomcat/commit/52382ebfbce20a98b01cd9d37184a12703987a5a" }, { "reference_url": "https://github.com/apache/tomcat/commit/9044c1672bbe4b2cf4c55028cc8b977cc62650e7", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/tomcat/commit/9044c1672bbe4b2cf4c55028cc8b977cc62650e7" }, { "reference_url": "https://github.com/apache/tomcat/commit/b94478d45b7e1fc06134a785571f78772fa30fed", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/tomcat/commit/b94478d45b7e1fc06134a785571f78772fa30fed" }, { "reference_url": "https://lists.apache.org/thread/bol4f8wyjfsbo135tw9gy49o5nf8qpth", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread/bol4f8wyjfsbo135tw9gy49o5nf8qpth" }, { "reference_url": "https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/22b4bb077502f847e2b9fcf00b96e81e734466ab459780ff73b60c0f@%3Cannounce.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/22b4bb077502f847e2b9fcf00b96e81e734466ab459780ff73b60c0f@%3Cannounce.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/22b4bb077502f847e2b9fcf00b96e81e734466ab459780ff73b60c0f%40%3Cannounce.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/22b4bb077502f847e2b9fcf00b96e81e734466ab459780ff73b60c0f%40%3Cannounce.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/e85e83e9954f169bbb77b44baae5a33d8de878df557bb32b7f793661@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/e85e83e9954f169bbb77b44baae5a33d8de878df557bb32b7f793661@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/e85e83e9954f169bbb77b44baae5a33d8de878df557bb32b7f793661%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/e85e83e9954f169bbb77b44baae5a33d8de878df557bb32b7f793661%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/eb6efa8d59c45a7a9eff94c4b925467d3b3fec8ba7697f3daa314b04@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/eb6efa8d59c45a7a9eff94c4b925467d3b3fec8ba7697f3daa314b04@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/eb6efa8d59c45a7a9eff94c4b925467d3b3fec8ba7697f3daa314b04%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/eb6efa8d59c45a7a9eff94c4b925467d3b3fec8ba7697f3daa314b04%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r15695e6203b026c9e9070ca9fa95fb17dd4cd88e5342a7dc5e1e7b85@%3Cusers.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r15695e6203b026c9e9070ca9fa95fb17dd4cd88e5342a7dc5e1e7b85@%3Cusers.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r15695e6203b026c9e9070ca9fa95fb17dd4cd88e5342a7dc5e1e7b85%40%3Cusers.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r15695e6203b026c9e9070ca9fa95fb17dd4cd88e5342a7dc5e1e7b85%40%3Cusers.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r1c62634b7426bee5f553307063457b99c84af73b078ede4f2592b34e@%3Cusers.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r1c62634b7426bee5f553307063457b99c84af73b078ede4f2592b34e@%3Cusers.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r1c62634b7426bee5f553307063457b99c84af73b078ede4f2592b34e%40%3Cusers.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r1c62634b7426bee5f553307063457b99c84af73b078ede4f2592b34e%40%3Cusers.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r409efdf706c2077ae5c37018a87da725a3ca89570a9530342cdc53e4@%3Cusers.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r409efdf706c2077ae5c37018a87da725a3ca89570a9530342cdc53e4@%3Cusers.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r409efdf706c2077ae5c37018a87da725a3ca89570a9530342cdc53e4%40%3Cusers.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r409efdf706c2077ae5c37018a87da725a3ca89570a9530342cdc53e4%40%3Cusers.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/06/msg00008.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2018/06/msg00008.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20180614-0003", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20180614-0003" }, { "reference_url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03828en_us", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03828en_us" }, { "reference_url": "https://svn.apache.org/viewvc?view=revision&revision=1795816", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://svn.apache.org/viewvc?view=revision&revision=1795816" }, { "reference_url": "https://svn.apache.org/viewvc?view=rev&rev=1795813", "reference_id": "", "reference_type": "", "scores": [], "url": "https://svn.apache.org/viewvc?view=rev&rev=1795813" }, { "reference_url": "https://svn.apache.org/viewvc?view=rev&rev=1795814", "reference_id": "", "reference_type": "", "scores": [], "url": "https://svn.apache.org/viewvc?view=rev&rev=1795814" }, { "reference_url": "https://svn.apache.org/viewvc?view=rev&rev=1795815", "reference_id": "", "reference_type": "", "scores": [], "url": "https://svn.apache.org/viewvc?view=rev&rev=1795815" }, { "reference_url": "https://svn.apache.org/viewvc?view=rev&rev=1795816", "reference_id": "", "reference_type": "", "scores": [], "url": "https://svn.apache.org/viewvc?view=rev&rev=1795816" }, { "reference_url": "https://tomcat.apache.org/security-7.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://tomcat.apache.org/security-7.html" }, { "reference_url": "https://tomcat.apache.org/security-8.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://tomcat.apache.org/security-8.html" }, { "reference_url": "https://web.archive.org/web/20171115015045/http://www.securityfocus.com/bid/100280", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20171115015045/http://www.securityfocus.com/bid/100280" }, { "reference_url": "https://web.archive.org/web/20210116171055/http://www.securityfocus.com/bid/100280", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210116171055/http://www.securityfocus.com/bid/100280" }, { "reference_url": "http://www.debian.org/security/2017/dsa-3974", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.debian.org/security/2017/dsa-3974" }, { "reference_url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html" }, { "reference_url": "http://www.securityfocus.com/bid/100280", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/100280" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7674", "reference_id": "CVE-2017-7674", "reference_type": "", "scores": [ { "value": "Moderate", "scoring_system": "apache_tomcat", "scoring_elements": "" } ], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7674" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7674", "reference_id": "CVE-2017-7674", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7674" } ], "weaknesses": [ { "cwe_id": 1035, "name": "OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017." }, { "cwe_id": 345, "name": "Insufficient Verification of Data Authenticity", "description": "The product does not sufficiently verify the origin or authenticity of data, in a way that causes it to accept invalid data." }, { "cwe_id": 937, "name": "OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013." } ], "exploits": [], "severity_range_score": "4.0 - 6.9", "exploitability": "0.5", "weighted_severity": "6.2", "risk_score": 3.1, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u95s-xhwk-vka6" }