Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/4423?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4423?format=api", "vulnerability_id": "VCID-2kku-pzer-9ufv", "summary": "Session Fixation vulnerability in Apache Tomcat via rewrite valve.\n\nThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.7, from 10.1.0-M1 through 10.1.41, from 9.0.0.M1 through 9.0.105.\nOlder, EOL versions may also be affected.\n\nUsers are recommended to upgrade to version 11.0.8, 10.1.42 or 9.0.106, which fix the issue.", "aliases": [ { "alias": "CVE-2025-55668" }, { "alias": "GHSA-23hv-mwm6-g8jf" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/810?format=api", "purl": "pkg:apache/tomcat@9.0.106", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9kfe-1esf-uydm" }, { "vulnerability": "VCID-fpgj-82wf-ykbw" }, { "vulnerability": "VCID-k59r-wjt3-wqe5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@9.0.106" }, { "url": "http://public2.vulnerablecode.io/api/packages/658?format=api", "purl": "pkg:apache/tomcat@10.1.42", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fpgj-82wf-ykbw" }, { "vulnerability": "VCID-k59r-wjt3-wqe5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@10.1.42" }, { "url": "http://public2.vulnerablecode.io/api/packages/590?format=api", "purl": "pkg:apache/tomcat@11.0.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fpgj-82wf-ykbw" }, { "vulnerability": "VCID-k59r-wjt3-wqe5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@11.0.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/941305?format=api", "purl": "pkg:deb/debian/tomcat10@10.1.34-0%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2rmy-13ym-3bgm" }, { "vulnerability": "VCID-35xg-a746-5qgc" }, { "vulnerability": "VCID-74tx-sx8a-guhs" }, { "vulnerability": "VCID-8e1c-rbkg-v7c2" }, { "vulnerability": "VCID-d1fm-vbd1-n7au" }, { "vulnerability": "VCID-gyed-x6s8-ybhr" }, { "vulnerability": "VCID-rsxs-u5cc-rkgj" }, { "vulnerability": "VCID-yrzk-1dbk-muhy" }, { "vulnerability": "VCID-zw2q-kna8-mqcm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat10@10.1.34-0%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941327?format=api", "purl": "pkg:deb/debian/tomcat10@10.1.46-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat10@10.1.46-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941326?format=api", "purl": "pkg:deb/debian/tomcat10@10.1.52-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat10@10.1.52-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941309?format=api", "purl": "pkg:deb/debian/tomcat10@10.1.52-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2rmy-13ym-3bgm" }, { "vulnerability": "VCID-35xg-a746-5qgc" }, { "vulnerability": "VCID-74tx-sx8a-guhs" }, { "vulnerability": "VCID-8e1c-rbkg-v7c2" }, { "vulnerability": "VCID-d1fm-vbd1-n7au" }, { "vulnerability": "VCID-gyed-x6s8-ybhr" }, { "vulnerability": "VCID-rsxs-u5cc-rkgj" }, { "vulnerability": "VCID-yrzk-1dbk-muhy" }, { "vulnerability": "VCID-zw2q-kna8-mqcm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat10@10.1.52-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941307?format=api", "purl": "pkg:deb/debian/tomcat10@10.1.52-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2rmy-13ym-3bgm" }, { "vulnerability": "VCID-35xg-a746-5qgc" }, { "vulnerability": "VCID-74tx-sx8a-guhs" }, { "vulnerability": "VCID-8e1c-rbkg-v7c2" }, { "vulnerability": "VCID-d1fm-vbd1-n7au" }, { "vulnerability": "VCID-gyed-x6s8-ybhr" }, { "vulnerability": "VCID-rsxs-u5cc-rkgj" }, { "vulnerability": "VCID-yrzk-1dbk-muhy" }, { "vulnerability": "VCID-zw2q-kna8-mqcm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat10@10.1.52-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941308?format=api", "purl": "pkg:deb/debian/tomcat10@10.1.52-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat10@10.1.52-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1066849?format=api", "purl": "pkg:deb/debian/tomcat10@10.1.54-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat10@10.1.54-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941331?format=api", "purl": "pkg:deb/debian/tomcat11@11.0.11-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat11@11.0.11-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941330?format=api", "purl": "pkg:deb/debian/tomcat11@11.0.15-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2rmy-13ym-3bgm" }, { "vulnerability": "VCID-35xg-a746-5qgc" }, { "vulnerability": "VCID-74tx-sx8a-guhs" }, { "vulnerability": "VCID-8e1c-rbkg-v7c2" }, { "vulnerability": "VCID-8war-4v58-eub2" }, { "vulnerability": "VCID-d1fm-vbd1-n7au" }, { "vulnerability": "VCID-gyed-x6s8-ybhr" }, { "vulnerability": "VCID-rsxs-u5cc-rkgj" }, { "vulnerability": "VCID-yrzk-1dbk-muhy" }, { "vulnerability": "VCID-zw2q-kna8-mqcm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat11@11.0.15-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941328?format=api", "purl": "pkg:deb/debian/tomcat11@11.0.18-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2rmy-13ym-3bgm" }, { "vulnerability": "VCID-35xg-a746-5qgc" }, { "vulnerability": "VCID-74tx-sx8a-guhs" }, { "vulnerability": "VCID-8e1c-rbkg-v7c2" }, { "vulnerability": "VCID-d1fm-vbd1-n7au" }, { "vulnerability": "VCID-gyed-x6s8-ybhr" }, { "vulnerability": "VCID-rsxs-u5cc-rkgj" }, { "vulnerability": "VCID-yrzk-1dbk-muhy" }, { "vulnerability": "VCID-zw2q-kna8-mqcm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat11@11.0.18-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1067645?format=api", "purl": "pkg:deb/debian/tomcat11@11.0.21-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat11@11.0.21-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941336?format=api", "purl": "pkg:deb/debian/tomcat9@9.0.43-2~deb11u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat9@9.0.43-2~deb11u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049169?format=api", "purl": "pkg:deb/debian/tomcat9@9.0.70-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-246u-a4rh-yyd4" }, { "vulnerability": "VCID-2x6a-3gh1-rkhs" }, { "vulnerability": "VCID-2zq1-na8s-mfdd" }, { "vulnerability": "VCID-4cag-c4pb-dfaz" }, { "vulnerability": "VCID-8myk-ac5b-huh8" }, { "vulnerability": "VCID-9kfe-1esf-uydm" }, { "vulnerability": "VCID-cfhw-vmcp-y3bc" }, { "vulnerability": "VCID-fpgj-82wf-ykbw" }, { "vulnerability": "VCID-gb2v-96xj-ybad" }, { "vulnerability": "VCID-gvhy-d4gm-57d3" }, { "vulnerability": "VCID-k59r-wjt3-wqe5" }, { "vulnerability": "VCID-kukv-k3z7-7fgs" }, { "vulnerability": "VCID-sr8e-w1qk-r7fz" }, { "vulnerability": "VCID-xqjr-7xfw-mbh2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat9@9.0.70-2" }, { "url": "http://public2.vulnerablecode.io/api/packages/941334?format=api", "purl": "pkg:deb/debian/tomcat9@9.0.70-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat9@9.0.70-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941338?format=api", "purl": "pkg:deb/debian/tomcat9@9.0.95-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat9@9.0.95-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941337?format=api", "purl": "pkg:deb/debian/tomcat9@9.0.115-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat9@9.0.115-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/811?format=api", "purl": "pkg:maven/org.apache.tomcat/tomcat@9.0.106", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8war-4v58-eub2" }, { "vulnerability": "VCID-9kfe-1esf-uydm" }, { "vulnerability": "VCID-fpgj-82wf-ykbw" }, { "vulnerability": "VCID-k59r-wjt3-wqe5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.106" }, { "url": "http://public2.vulnerablecode.io/api/packages/659?format=api", "purl": "pkg:maven/org.apache.tomcat/tomcat@10.1.42", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8war-4v58-eub2" }, { "vulnerability": "VCID-fpgj-82wf-ykbw" }, { "vulnerability": "VCID-k59r-wjt3-wqe5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.42" }, { "url": "http://public2.vulnerablecode.io/api/packages/591?format=api", "purl": "pkg:maven/org.apache.tomcat/tomcat@11.0.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8war-4v58-eub2" }, { "vulnerability": "VCID-fpgj-82wf-ykbw" }, { "vulnerability": "VCID-k59r-wjt3-wqe5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@11.0.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/69715?format=api", "purl": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.106", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.106" }, { "url": "http://public2.vulnerablecode.io/api/packages/69714?format=api", "purl": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.42", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.42" }, { "url": "http://public2.vulnerablecode.io/api/packages/69713?format=api", "purl": "pkg:maven/org.apache.tomcat/tomcat-catalina@11.0.8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-catalina@11.0.8" } ], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/792?format=api", "purl": "pkg:apache/tomcat@9.0.0%2BM1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18q4-zark-s7a7" }, { "vulnerability": "VCID-1e6p-cppr-2bh2" }, { "vulnerability": "VCID-1hdb-24e3-f3d6" }, { "vulnerability": "VCID-1k8f-vsg1-k3d6" }, { "vulnerability": "VCID-246u-a4rh-yyd4" }, { "vulnerability": "VCID-2kku-pzer-9ufv" }, { "vulnerability": "VCID-2sbh-sy57-3uez" }, { "vulnerability": "VCID-2x6a-3gh1-rkhs" }, { "vulnerability": "VCID-39e3-jfbg-s3hk" }, { "vulnerability": "VCID-3cr9-g81m-4ugy" }, { "vulnerability": "VCID-3n4t-bvb1-5qer" }, { "vulnerability": "VCID-3r3s-q21j-c3au" }, { "vulnerability": "VCID-43j2-w5xt-43g9" }, { "vulnerability": "VCID-46bv-6b7y-3bca" }, { "vulnerability": "VCID-4aaa-errb-2qdw" }, { "vulnerability": "VCID-4cag-c4pb-dfaz" }, { "vulnerability": "VCID-4tf3-7f5b-2ffu" }, { "vulnerability": "VCID-5sgv-7nsz-5fa8" }, { "vulnerability": "VCID-66kh-s6cr-tqf9" }, { "vulnerability": "VCID-68fk-4g86-ekbp" }, { "vulnerability": "VCID-885s-t4dx-dybv" }, { "vulnerability": "VCID-95d1-arxd-hkd1" }, { "vulnerability": "VCID-9exq-fhv6-bbea" }, { "vulnerability": "VCID-9kfe-1esf-uydm" }, { "vulnerability": "VCID-a8gk-n8bq-87cp" }, { "vulnerability": "VCID-aeeu-fpay-wufz" }, { "vulnerability": "VCID-arkn-bca7-hqam" }, { "vulnerability": "VCID-ayrd-8ntf-hkh3" }, { "vulnerability": "VCID-dzpn-w4b3-vbcm" }, { "vulnerability": "VCID-eb37-mkxf-7fgw" }, { "vulnerability": "VCID-enaj-f97c-jbh7" }, { "vulnerability": "VCID-f77q-v5xp-e7dy" }, { "vulnerability": "VCID-fpgj-82wf-ykbw" }, { "vulnerability": "VCID-fyfz-6tr5-2fc7" }, { "vulnerability": "VCID-g7bk-891a-uufy" }, { "vulnerability": "VCID-gb2v-96xj-ybad" }, { "vulnerability": "VCID-gvhy-d4gm-57d3" }, { "vulnerability": "VCID-gyed-x6s8-ybhr" }, { "vulnerability": "VCID-hmbm-5ysw-77bu" }, { "vulnerability": "VCID-hves-r5bg-yfes" }, { "vulnerability": "VCID-k59r-wjt3-wqe5" }, { "vulnerability": "VCID-kagr-74d9-kyhx" }, { "vulnerability": "VCID-kukv-k3z7-7fgs" }, { "vulnerability": "VCID-kwab-3s4q-eka4" }, { "vulnerability": "VCID-kyb8-rvyw-s7b1" }, { "vulnerability": "VCID-m1zd-uytj-3bej" }, { "vulnerability": "VCID-m2zn-ja8d-7kg8" }, { "vulnerability": "VCID-maw6-4qs5-ykae" }, { "vulnerability": "VCID-n3ab-nk7c-hqc9" }, { "vulnerability": "VCID-n3zn-tuck-gkfe" }, { "vulnerability": "VCID-nvbx-q971-skgm" }, { "vulnerability": "VCID-pqxe-tfhk-47b7" }, { "vulnerability": "VCID-ruuh-g3fa-m7d8" }, { "vulnerability": "VCID-sr8e-w1qk-r7fz" }, { "vulnerability": "VCID-t2ne-75ck-eqcr" }, { "vulnerability": "VCID-tfrs-d458-tfaq" }, { "vulnerability": "VCID-u3ck-cvgt-fuhd" }, { "vulnerability": "VCID-v8ku-sjc8-wfga" }, { "vulnerability": "VCID-vdnj-sqmx-e3ep" }, { "vulnerability": "VCID-vhjj-dnft-kkf4" }, { "vulnerability": "VCID-wbaq-j85q-y3c6" }, { "vulnerability": "VCID-wgsc-dnn1-ukeq" }, { "vulnerability": "VCID-xf8r-kqxb-7qdy" }, { "vulnerability": "VCID-y9ne-rw7e-vugf" }, { "vulnerability": "VCID-yfx4-4gsc-2kgh" }, { "vulnerability": "VCID-yxpq-rrry-j3h8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@9.0.0%252BM1" }, { "url": "http://public2.vulnerablecode.io/api/packages/812?format=api", "purl": "pkg:apache/tomcat@9.0.105", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-246u-a4rh-yyd4" }, { "vulnerability": "VCID-2kku-pzer-9ufv" }, { "vulnerability": "VCID-2x6a-3gh1-rkhs" }, { "vulnerability": "VCID-bks8-nvm9-vbgy" }, { "vulnerability": "VCID-gb2v-96xj-ybad" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@9.0.105" }, { "url": "http://public2.vulnerablecode.io/api/packages/642?format=api", "purl": "pkg:apache/tomcat@10.1.0-M1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1e6p-cppr-2bh2" }, { "vulnerability": "VCID-246u-a4rh-yyd4" }, { "vulnerability": "VCID-2kku-pzer-9ufv" }, { "vulnerability": "VCID-2rmy-13ym-3bgm" }, { "vulnerability": "VCID-2x6a-3gh1-rkhs" }, { "vulnerability": "VCID-3vdn-j7sj-dfdn" }, { "vulnerability": "VCID-43j2-w5xt-43g9" }, { "vulnerability": "VCID-4cag-c4pb-dfaz" }, { "vulnerability": "VCID-56jv-htmt-rkew" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-5sgv-7nsz-5fa8" }, { "vulnerability": "VCID-6pm1-byhk-eqfg" }, { "vulnerability": "VCID-8mns-kw6c-a7dk" }, { "vulnerability": "VCID-8myk-ac5b-huh8" }, { "vulnerability": "VCID-b3bb-9ajg-sfc9" }, { "vulnerability": "VCID-cfhw-vmcp-y3bc" }, { "vulnerability": "VCID-d1fm-vbd1-n7au" }, { "vulnerability": "VCID-fpgj-82wf-ykbw" }, { "vulnerability": "VCID-gb2v-96xj-ybad" }, { "vulnerability": "VCID-gvhy-d4gm-57d3" }, { "vulnerability": "VCID-gyed-x6s8-ybhr" }, { "vulnerability": "VCID-j6cj-ftyd-3ffa" }, { "vulnerability": "VCID-j8tk-s915-pbfy" }, { "vulnerability": "VCID-k59r-wjt3-wqe5" }, { "vulnerability": "VCID-kukv-k3z7-7fgs" }, { "vulnerability": "VCID-maw6-4qs5-ykae" }, { "vulnerability": "VCID-n9yk-e49f-n7e7" }, { "vulnerability": "VCID-nmq2-8ysj-4fbc" }, { "vulnerability": "VCID-p6pa-f1fg-hbhg" }, { "vulnerability": "VCID-p8q2-pt96-5ye8" }, { "vulnerability": "VCID-qkx6-32cj-jfbp" }, { "vulnerability": "VCID-rzj2-4kcj-43dq" }, { "vulnerability": "VCID-sr8e-w1qk-r7fz" }, { "vulnerability": "VCID-stds-vw5z-auhp" }, { "vulnerability": "VCID-v7tp-1t4h-zqeg" }, { "vulnerability": "VCID-v8ku-sjc8-wfga" }, { "vulnerability": "VCID-vsdf-4tfj-uybe" }, { "vulnerability": "VCID-wptr-hkjx-s7c3" }, { "vulnerability": "VCID-xqjr-7xfw-mbh2" }, { "vulnerability": "VCID-y9ne-rw7e-vugf" }, { "vulnerability": "VCID-zw2q-kna8-mqcm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@10.1.0-M1" }, { "url": "http://public2.vulnerablecode.io/api/packages/660?format=api", "purl": "pkg:apache/tomcat@10.1.41", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-246u-a4rh-yyd4" }, { "vulnerability": "VCID-2kku-pzer-9ufv" }, { "vulnerability": "VCID-2x6a-3gh1-rkhs" }, { "vulnerability": "VCID-bks8-nvm9-vbgy" }, { "vulnerability": "VCID-gb2v-96xj-ybad" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@10.1.41" }, { "url": "http://public2.vulnerablecode.io/api/packages/572?format=api", "purl": "pkg:apache/tomcat@11.0.0-M1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1e6p-cppr-2bh2" }, { "vulnerability": "VCID-246u-a4rh-yyd4" }, { "vulnerability": "VCID-2kku-pzer-9ufv" }, { "vulnerability": "VCID-2rmy-13ym-3bgm" }, { "vulnerability": "VCID-2x6a-3gh1-rkhs" }, { "vulnerability": "VCID-3vdn-j7sj-dfdn" }, { "vulnerability": "VCID-43j2-w5xt-43g9" }, { "vulnerability": "VCID-4cag-c4pb-dfaz" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-5sgv-7nsz-5fa8" }, { "vulnerability": "VCID-74tx-sx8a-guhs" }, { "vulnerability": "VCID-8mns-kw6c-a7dk" }, { "vulnerability": "VCID-8myk-ac5b-huh8" }, { "vulnerability": "VCID-8war-4v58-eub2" }, { "vulnerability": "VCID-b3bb-9ajg-sfc9" }, { "vulnerability": "VCID-bks8-nvm9-vbgy" }, { "vulnerability": "VCID-cfhw-vmcp-y3bc" }, { "vulnerability": "VCID-d1fm-vbd1-n7au" }, { "vulnerability": "VCID-fpgj-82wf-ykbw" }, { "vulnerability": "VCID-gb2v-96xj-ybad" }, { "vulnerability": "VCID-gvhy-d4gm-57d3" }, { "vulnerability": "VCID-gyed-x6s8-ybhr" }, { "vulnerability": "VCID-j6cj-ftyd-3ffa" }, { "vulnerability": "VCID-k59r-wjt3-wqe5" }, { "vulnerability": "VCID-kukv-k3z7-7fgs" }, { "vulnerability": "VCID-maw6-4qs5-ykae" }, { "vulnerability": "VCID-n9yk-e49f-n7e7" }, { "vulnerability": "VCID-p6pa-f1fg-hbhg" }, { "vulnerability": "VCID-rzj2-4kcj-43dq" }, { "vulnerability": "VCID-sr8e-w1qk-r7fz" }, { "vulnerability": "VCID-v7tp-1t4h-zqeg" }, { "vulnerability": "VCID-v8ku-sjc8-wfga" }, { "vulnerability": "VCID-vsdf-4tfj-uybe" }, { "vulnerability": "VCID-xqjr-7xfw-mbh2" }, { "vulnerability": "VCID-y9ne-rw7e-vugf" }, { "vulnerability": "VCID-yrzk-1dbk-muhy" }, { "vulnerability": "VCID-zw2q-kna8-mqcm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@11.0.0-M1" }, { "url": "http://public2.vulnerablecode.io/api/packages/592?format=api", "purl": "pkg:apache/tomcat@11.0.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-246u-a4rh-yyd4" }, { "vulnerability": "VCID-2kku-pzer-9ufv" }, { "vulnerability": "VCID-2x6a-3gh1-rkhs" }, { "vulnerability": "VCID-bks8-nvm9-vbgy" }, { "vulnerability": "VCID-gb2v-96xj-ybad" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@11.0.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049132?format=api", "purl": "pkg:deb/debian/tomcat9@9.0.31-1~deb10u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1e6p-cppr-2bh2" }, { "vulnerability": "VCID-246u-a4rh-yyd4" }, { "vulnerability": "VCID-2kku-pzer-9ufv" }, { "vulnerability": "VCID-2rmy-13ym-3bgm" }, { "vulnerability": "VCID-2x6a-3gh1-rkhs" }, { "vulnerability": "VCID-2zq1-na8s-mfdd" }, { "vulnerability": "VCID-35xg-a746-5qgc" }, { "vulnerability": "VCID-3vdn-j7sj-dfdn" }, { "vulnerability": "VCID-43j2-w5xt-43g9" }, { "vulnerability": "VCID-46bv-6b7y-3bca" }, { "vulnerability": "VCID-4cag-c4pb-dfaz" }, { "vulnerability": "VCID-56jv-htmt-rkew" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-5sgv-7nsz-5fa8" }, { "vulnerability": "VCID-66kh-s6cr-tqf9" }, { "vulnerability": "VCID-6pm1-byhk-eqfg" }, { "vulnerability": "VCID-74tx-sx8a-guhs" }, { "vulnerability": "VCID-885s-t4dx-dybv" }, { "vulnerability": "VCID-8e1c-rbkg-v7c2" }, { "vulnerability": "VCID-8mns-kw6c-a7dk" }, { "vulnerability": "VCID-8myk-ac5b-huh8" }, { "vulnerability": "VCID-8war-4v58-eub2" }, { "vulnerability": "VCID-9kfe-1esf-uydm" }, { "vulnerability": "VCID-a8gk-n8bq-87cp" }, { "vulnerability": "VCID-b3bb-9ajg-sfc9" }, { "vulnerability": "VCID-cfhw-vmcp-y3bc" }, { "vulnerability": "VCID-d1fm-vbd1-n7au" }, { "vulnerability": "VCID-dy6m-zt6r-9ubd" }, { "vulnerability": "VCID-dzan-r49k-kqab" }, { "vulnerability": "VCID-dzpn-w4b3-vbcm" }, { "vulnerability": "VCID-eb37-mkxf-7fgw" }, { "vulnerability": "VCID-fpgj-82wf-ykbw" }, { "vulnerability": "VCID-gb2v-96xj-ybad" }, { "vulnerability": "VCID-gvhy-d4gm-57d3" }, { "vulnerability": "VCID-gyed-x6s8-ybhr" }, { "vulnerability": "VCID-j6cj-ftyd-3ffa" }, { "vulnerability": "VCID-j8tk-s915-pbfy" }, { "vulnerability": "VCID-k59r-wjt3-wqe5" }, { "vulnerability": "VCID-k9cg-ehdw-dbh6" }, { "vulnerability": "VCID-kukv-k3z7-7fgs" }, { "vulnerability": "VCID-kwab-3s4q-eka4" }, { "vulnerability": "VCID-maw6-4qs5-ykae" }, { "vulnerability": "VCID-n3ab-nk7c-hqc9" }, { "vulnerability": "VCID-n9yk-e49f-n7e7" }, { "vulnerability": "VCID-nmq2-8ysj-4fbc" }, { "vulnerability": "VCID-nvbx-q971-skgm" }, { "vulnerability": "VCID-p6pa-f1fg-hbhg" }, { "vulnerability": "VCID-p8q2-pt96-5ye8" }, { "vulnerability": "VCID-qkx6-32cj-jfbp" }, { "vulnerability": "VCID-ran8-rnqn-tkbc" }, { "vulnerability": "VCID-rq42-qvsy-hue6" }, { "vulnerability": "VCID-rsxs-u5cc-rkgj" }, { "vulnerability": "VCID-ruuh-g3fa-m7d8" }, { "vulnerability": "VCID-rzj2-4kcj-43dq" }, { "vulnerability": "VCID-sr8e-w1qk-r7fz" }, { "vulnerability": "VCID-stds-vw5z-auhp" }, { "vulnerability": "VCID-t2ne-75ck-eqcr" }, { "vulnerability": "VCID-v7tp-1t4h-zqeg" }, { "vulnerability": "VCID-v8ku-sjc8-wfga" }, { "vulnerability": "VCID-vsdf-4tfj-uybe" }, { "vulnerability": "VCID-wgsc-dnn1-ukeq" }, { "vulnerability": "VCID-wptr-hkjx-s7c3" }, { "vulnerability": "VCID-xqjr-7xfw-mbh2" }, { "vulnerability": "VCID-xt59-cnmj-2bf8" }, { "vulnerability": "VCID-y9ne-rw7e-vugf" }, { "vulnerability": "VCID-yfx4-4gsc-2kgh" }, { "vulnerability": "VCID-yrzk-1dbk-muhy" }, { "vulnerability": "VCID-z2pq-cv2w-nfdk" }, { "vulnerability": "VCID-zw2q-kna8-mqcm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat9@9.0.31-1~deb10u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049133?format=api", "purl": "pkg:deb/debian/tomcat9@9.0.43-2~deb11u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1e6p-cppr-2bh2" }, { "vulnerability": "VCID-246u-a4rh-yyd4" }, { "vulnerability": "VCID-2kku-pzer-9ufv" }, { "vulnerability": "VCID-2rmy-13ym-3bgm" }, { "vulnerability": "VCID-2x6a-3gh1-rkhs" }, { "vulnerability": "VCID-2zq1-na8s-mfdd" }, { "vulnerability": "VCID-35xg-a746-5qgc" }, { "vulnerability": "VCID-3vdn-j7sj-dfdn" }, { "vulnerability": "VCID-43j2-w5xt-43g9" }, { "vulnerability": "VCID-4cag-c4pb-dfaz" }, { "vulnerability": "VCID-5sgv-7nsz-5fa8" }, { "vulnerability": "VCID-74tx-sx8a-guhs" }, { "vulnerability": "VCID-8e1c-rbkg-v7c2" }, { "vulnerability": "VCID-8mns-kw6c-a7dk" }, { "vulnerability": "VCID-8myk-ac5b-huh8" }, { "vulnerability": "VCID-8war-4v58-eub2" }, { "vulnerability": "VCID-9kfe-1esf-uydm" }, { "vulnerability": "VCID-cfhw-vmcp-y3bc" }, { "vulnerability": "VCID-d1fm-vbd1-n7au" }, { "vulnerability": "VCID-fpgj-82wf-ykbw" }, { "vulnerability": "VCID-gb2v-96xj-ybad" }, { "vulnerability": "VCID-gvhy-d4gm-57d3" }, { "vulnerability": "VCID-gyed-x6s8-ybhr" }, { "vulnerability": "VCID-k59r-wjt3-wqe5" }, { "vulnerability": "VCID-k9cg-ehdw-dbh6" }, { "vulnerability": "VCID-kukv-k3z7-7fgs" }, { "vulnerability": "VCID-maw6-4qs5-ykae" }, { "vulnerability": "VCID-p8q2-pt96-5ye8" }, { "vulnerability": "VCID-rsxs-u5cc-rkgj" }, { "vulnerability": "VCID-sr8e-w1qk-r7fz" }, { "vulnerability": "VCID-v8ku-sjc8-wfga" }, { "vulnerability": "VCID-xqjr-7xfw-mbh2" }, { "vulnerability": "VCID-y9ne-rw7e-vugf" }, { "vulnerability": "VCID-yrzk-1dbk-muhy" }, { "vulnerability": "VCID-zw2q-kna8-mqcm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat9@9.0.43-2~deb11u10" }, { "url": "http://public2.vulnerablecode.io/api/packages/795?format=api", "purl": "pkg:maven/org.apache.tomcat/tomcat@9.0.0.M1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18q4-zark-s7a7" }, { "vulnerability": "VCID-1e6p-cppr-2bh2" }, { "vulnerability": "VCID-1hdb-24e3-f3d6" }, { "vulnerability": "VCID-1k8f-vsg1-k3d6" }, { "vulnerability": "VCID-246u-a4rh-yyd4" }, { "vulnerability": "VCID-2kku-pzer-9ufv" }, { "vulnerability": "VCID-2sbh-sy57-3uez" }, { "vulnerability": "VCID-2x6a-3gh1-rkhs" }, { "vulnerability": "VCID-39e3-jfbg-s3hk" }, { "vulnerability": "VCID-3cr9-g81m-4ugy" }, { "vulnerability": "VCID-3n4t-bvb1-5qer" }, { "vulnerability": "VCID-3r3s-q21j-c3au" }, { "vulnerability": "VCID-43j2-w5xt-43g9" }, { "vulnerability": "VCID-46bv-6b7y-3bca" }, { "vulnerability": "VCID-4aaa-errb-2qdw" }, { "vulnerability": "VCID-4cag-c4pb-dfaz" }, { "vulnerability": "VCID-4tf3-7f5b-2ffu" }, { "vulnerability": "VCID-5sgv-7nsz-5fa8" }, { "vulnerability": "VCID-66kh-s6cr-tqf9" }, { "vulnerability": "VCID-68fk-4g86-ekbp" }, { "vulnerability": "VCID-885s-t4dx-dybv" }, { "vulnerability": "VCID-95d1-arxd-hkd1" }, { "vulnerability": "VCID-9exq-fhv6-bbea" }, { "vulnerability": "VCID-9kfe-1esf-uydm" }, { "vulnerability": "VCID-a8gk-n8bq-87cp" }, { "vulnerability": "VCID-aeeu-fpay-wufz" }, { "vulnerability": "VCID-arkn-bca7-hqam" }, { "vulnerability": "VCID-ayrd-8ntf-hkh3" }, { "vulnerability": "VCID-dzpn-w4b3-vbcm" }, { "vulnerability": "VCID-eb37-mkxf-7fgw" }, { "vulnerability": "VCID-enaj-f97c-jbh7" }, { "vulnerability": "VCID-f77q-v5xp-e7dy" }, { "vulnerability": "VCID-fpgj-82wf-ykbw" }, { "vulnerability": "VCID-fyfz-6tr5-2fc7" }, { "vulnerability": "VCID-g7bk-891a-uufy" }, { "vulnerability": "VCID-gb2v-96xj-ybad" }, { "vulnerability": "VCID-gvhy-d4gm-57d3" }, { "vulnerability": "VCID-gyed-x6s8-ybhr" }, { "vulnerability": "VCID-hmbm-5ysw-77bu" }, { "vulnerability": "VCID-hves-r5bg-yfes" }, { "vulnerability": "VCID-k59r-wjt3-wqe5" }, { "vulnerability": "VCID-k9cg-ehdw-dbh6" }, { "vulnerability": "VCID-kagr-74d9-kyhx" }, { "vulnerability": "VCID-kukv-k3z7-7fgs" }, { "vulnerability": "VCID-kwab-3s4q-eka4" }, { "vulnerability": "VCID-kyb8-rvyw-s7b1" }, { "vulnerability": "VCID-m1zd-uytj-3bej" }, { "vulnerability": "VCID-m2zn-ja8d-7kg8" }, { "vulnerability": "VCID-maw6-4qs5-ykae" }, { "vulnerability": "VCID-n3ab-nk7c-hqc9" }, { "vulnerability": "VCID-n3zn-tuck-gkfe" }, { "vulnerability": "VCID-nvbx-q971-skgm" }, { "vulnerability": "VCID-pqxe-tfhk-47b7" }, { "vulnerability": "VCID-ruuh-g3fa-m7d8" }, { "vulnerability": "VCID-sr8e-w1qk-r7fz" }, { "vulnerability": "VCID-t2ne-75ck-eqcr" }, { "vulnerability": "VCID-tfrs-d458-tfaq" }, { "vulnerability": "VCID-u3ck-cvgt-fuhd" }, { "vulnerability": "VCID-v8ku-sjc8-wfga" }, { "vulnerability": "VCID-vdnj-sqmx-e3ep" }, { "vulnerability": "VCID-vhjj-dnft-kkf4" }, { "vulnerability": "VCID-wbaq-j85q-y3c6" }, { "vulnerability": "VCID-wgsc-dnn1-ukeq" }, { "vulnerability": "VCID-xf8r-kqxb-7qdy" }, { "vulnerability": "VCID-y9ne-rw7e-vugf" }, { "vulnerability": "VCID-yfx4-4gsc-2kgh" }, { "vulnerability": "VCID-yxpq-rrry-j3h8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.0.M1" }, { "url": "http://public2.vulnerablecode.io/api/packages/813?format=api", "purl": "pkg:maven/org.apache.tomcat/tomcat@9.0.105", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-246u-a4rh-yyd4" }, { "vulnerability": "VCID-2kku-pzer-9ufv" }, { "vulnerability": "VCID-2x6a-3gh1-rkhs" }, { "vulnerability": "VCID-8war-4v58-eub2" }, { "vulnerability": "VCID-bks8-nvm9-vbgy" }, { "vulnerability": "VCID-gb2v-96xj-ybad" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.105" }, { "url": "http://public2.vulnerablecode.io/api/packages/645?format=api", "purl": "pkg:maven/org.apache.tomcat/tomcat@10.1.0-M1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1e6p-cppr-2bh2" }, { "vulnerability": "VCID-246u-a4rh-yyd4" }, { "vulnerability": "VCID-2kku-pzer-9ufv" }, { "vulnerability": "VCID-2rmy-13ym-3bgm" }, { "vulnerability": "VCID-2x6a-3gh1-rkhs" }, { "vulnerability": "VCID-3vdn-j7sj-dfdn" }, { "vulnerability": "VCID-43j2-w5xt-43g9" }, { "vulnerability": "VCID-4cag-c4pb-dfaz" }, { "vulnerability": "VCID-56jv-htmt-rkew" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-5sgv-7nsz-5fa8" }, { "vulnerability": "VCID-6pm1-byhk-eqfg" }, { "vulnerability": "VCID-8mns-kw6c-a7dk" }, { "vulnerability": "VCID-8myk-ac5b-huh8" }, { "vulnerability": "VCID-b3bb-9ajg-sfc9" }, { "vulnerability": "VCID-cfhw-vmcp-y3bc" }, { "vulnerability": "VCID-d1fm-vbd1-n7au" }, { "vulnerability": "VCID-fpgj-82wf-ykbw" }, { "vulnerability": "VCID-gb2v-96xj-ybad" }, { "vulnerability": "VCID-gvhy-d4gm-57d3" }, { "vulnerability": "VCID-gyed-x6s8-ybhr" }, { "vulnerability": "VCID-j6cj-ftyd-3ffa" }, { "vulnerability": "VCID-j8tk-s915-pbfy" }, { "vulnerability": "VCID-k59r-wjt3-wqe5" }, { "vulnerability": "VCID-kukv-k3z7-7fgs" }, { "vulnerability": "VCID-maw6-4qs5-ykae" }, { "vulnerability": "VCID-n9yk-e49f-n7e7" }, { "vulnerability": "VCID-nmq2-8ysj-4fbc" }, { "vulnerability": "VCID-p6pa-f1fg-hbhg" }, { "vulnerability": "VCID-p8q2-pt96-5ye8" }, { "vulnerability": "VCID-qkx6-32cj-jfbp" }, { "vulnerability": "VCID-rzj2-4kcj-43dq" }, { "vulnerability": "VCID-sr8e-w1qk-r7fz" }, { "vulnerability": "VCID-stds-vw5z-auhp" }, { "vulnerability": "VCID-v7tp-1t4h-zqeg" }, { "vulnerability": "VCID-v8ku-sjc8-wfga" }, { "vulnerability": "VCID-vsdf-4tfj-uybe" }, { "vulnerability": "VCID-wptr-hkjx-s7c3" }, { "vulnerability": "VCID-xqjr-7xfw-mbh2" }, { "vulnerability": "VCID-y9ne-rw7e-vugf" }, { "vulnerability": "VCID-zw2q-kna8-mqcm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.0-M1" }, { "url": "http://public2.vulnerablecode.io/api/packages/661?format=api", "purl": "pkg:maven/org.apache.tomcat/tomcat@10.1.41", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-246u-a4rh-yyd4" }, { "vulnerability": "VCID-2kku-pzer-9ufv" }, { "vulnerability": "VCID-2x6a-3gh1-rkhs" }, { "vulnerability": "VCID-8war-4v58-eub2" }, { "vulnerability": "VCID-bks8-nvm9-vbgy" }, { "vulnerability": "VCID-gb2v-96xj-ybad" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.41" }, { "url": "http://public2.vulnerablecode.io/api/packages/575?format=api", "purl": "pkg:maven/org.apache.tomcat/tomcat@11.0.0-M1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1e6p-cppr-2bh2" }, { "vulnerability": "VCID-246u-a4rh-yyd4" }, { "vulnerability": "VCID-2kku-pzer-9ufv" }, { "vulnerability": "VCID-2rmy-13ym-3bgm" }, { "vulnerability": "VCID-2x6a-3gh1-rkhs" }, { "vulnerability": "VCID-3vdn-j7sj-dfdn" }, { "vulnerability": "VCID-43j2-w5xt-43g9" }, { "vulnerability": "VCID-4cag-c4pb-dfaz" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-5sgv-7nsz-5fa8" }, { "vulnerability": "VCID-74tx-sx8a-guhs" }, { "vulnerability": "VCID-8mns-kw6c-a7dk" }, { "vulnerability": "VCID-8myk-ac5b-huh8" }, { "vulnerability": "VCID-8war-4v58-eub2" }, { "vulnerability": "VCID-b3bb-9ajg-sfc9" }, { "vulnerability": "VCID-bks8-nvm9-vbgy" }, { "vulnerability": "VCID-cfhw-vmcp-y3bc" }, { "vulnerability": "VCID-d1fm-vbd1-n7au" }, { "vulnerability": "VCID-fpgj-82wf-ykbw" }, { "vulnerability": "VCID-gb2v-96xj-ybad" }, { "vulnerability": "VCID-gvhy-d4gm-57d3" }, { "vulnerability": "VCID-gyed-x6s8-ybhr" }, { "vulnerability": "VCID-j6cj-ftyd-3ffa" }, { "vulnerability": "VCID-k59r-wjt3-wqe5" }, { "vulnerability": "VCID-kukv-k3z7-7fgs" }, { "vulnerability": "VCID-maw6-4qs5-ykae" }, { "vulnerability": "VCID-n9yk-e49f-n7e7" }, { "vulnerability": "VCID-p6pa-f1fg-hbhg" }, { "vulnerability": "VCID-rzj2-4kcj-43dq" }, { "vulnerability": "VCID-sr8e-w1qk-r7fz" }, { "vulnerability": "VCID-v7tp-1t4h-zqeg" }, { "vulnerability": "VCID-v8ku-sjc8-wfga" }, { "vulnerability": "VCID-vsdf-4tfj-uybe" }, { "vulnerability": "VCID-xqjr-7xfw-mbh2" }, { "vulnerability": "VCID-y9ne-rw7e-vugf" }, { "vulnerability": "VCID-yrzk-1dbk-muhy" }, { "vulnerability": "VCID-zw2q-kna8-mqcm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@11.0.0-M1" }, { "url": "http://public2.vulnerablecode.io/api/packages/593?format=api", "purl": "pkg:maven/org.apache.tomcat/tomcat@11.0.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-246u-a4rh-yyd4" }, { "vulnerability": "VCID-2kku-pzer-9ufv" }, { "vulnerability": "VCID-2x6a-3gh1-rkhs" }, { "vulnerability": "VCID-8war-4v58-eub2" }, { "vulnerability": "VCID-bks8-nvm9-vbgy" }, { "vulnerability": "VCID-gb2v-96xj-ybad" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@11.0.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/24529?format=api", "purl": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.0.M1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-246u-a4rh-yyd4" }, { "vulnerability": "VCID-2kku-pzer-9ufv" }, { "vulnerability": "VCID-3cr9-g81m-4ugy" }, { "vulnerability": "VCID-4cag-c4pb-dfaz" }, { "vulnerability": "VCID-5sgv-7nsz-5fa8" }, { "vulnerability": "VCID-8mns-kw6c-a7dk" }, { "vulnerability": "VCID-95d1-arxd-hkd1" }, { "vulnerability": "VCID-enaj-f97c-jbh7" }, { "vulnerability": "VCID-gb2v-96xj-ybad" }, { "vulnerability": "VCID-gvhy-d4gm-57d3" }, { "vulnerability": "VCID-hmbm-5ysw-77bu" }, { "vulnerability": "VCID-hves-r5bg-yfes" }, { "vulnerability": "VCID-k59r-wjt3-wqe5" }, { "vulnerability": "VCID-pqxe-tfhk-47b7" }, { "vulnerability": "VCID-sr8e-w1qk-r7fz" }, { "vulnerability": "VCID-v8ku-sjc8-wfga" }, { "vulnerability": "VCID-vdnj-sqmx-e3ep" }, { "vulnerability": "VCID-xf8r-kqxb-7qdy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.0.M1" }, { "url": "http://public2.vulnerablecode.io/api/packages/146608?format=api", "purl": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.0-M1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-246u-a4rh-yyd4" }, { "vulnerability": "VCID-2kku-pzer-9ufv" }, { "vulnerability": "VCID-2rmy-13ym-3bgm" }, { "vulnerability": "VCID-43j2-w5xt-43g9" }, { "vulnerability": "VCID-4cag-c4pb-dfaz" }, { "vulnerability": "VCID-5sgv-7nsz-5fa8" }, { "vulnerability": "VCID-8mns-kw6c-a7dk" }, { "vulnerability": "VCID-b3bb-9ajg-sfc9" }, { "vulnerability": "VCID-cfhw-vmcp-y3bc" }, { "vulnerability": "VCID-d1fm-vbd1-n7au" }, { "vulnerability": "VCID-gb2v-96xj-ybad" }, { "vulnerability": "VCID-gvhy-d4gm-57d3" }, { "vulnerability": "VCID-gyed-x6s8-ybhr" }, { "vulnerability": "VCID-k59r-wjt3-wqe5" }, { "vulnerability": "VCID-maw6-4qs5-ykae" }, { "vulnerability": "VCID-sr8e-w1qk-r7fz" }, { "vulnerability": "VCID-v7tp-1t4h-zqeg" }, { "vulnerability": "VCID-v8ku-sjc8-wfga" }, { "vulnerability": "VCID-xqjr-7xfw-mbh2" }, { "vulnerability": "VCID-y9ne-rw7e-vugf" }, { "vulnerability": "VCID-zw2q-kna8-mqcm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.0-M1" }, { "url": "http://public2.vulnerablecode.io/api/packages/146606?format=api", "purl": "pkg:maven/org.apache.tomcat/tomcat-catalina@11.0.0-M1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-246u-a4rh-yyd4" }, { "vulnerability": "VCID-2kku-pzer-9ufv" }, { "vulnerability": "VCID-2rmy-13ym-3bgm" }, { "vulnerability": "VCID-43j2-w5xt-43g9" }, { "vulnerability": "VCID-4cag-c4pb-dfaz" }, { "vulnerability": "VCID-5sgv-7nsz-5fa8" }, { "vulnerability": "VCID-74tx-sx8a-guhs" }, { "vulnerability": "VCID-8mns-kw6c-a7dk" }, { "vulnerability": "VCID-b3bb-9ajg-sfc9" }, { "vulnerability": "VCID-bks8-nvm9-vbgy" }, { "vulnerability": "VCID-cfhw-vmcp-y3bc" }, { "vulnerability": "VCID-d1fm-vbd1-n7au" }, { "vulnerability": "VCID-gb2v-96xj-ybad" }, { "vulnerability": "VCID-gvhy-d4gm-57d3" }, { "vulnerability": "VCID-gyed-x6s8-ybhr" }, { "vulnerability": "VCID-k59r-wjt3-wqe5" }, { "vulnerability": "VCID-maw6-4qs5-ykae" }, { "vulnerability": "VCID-sr8e-w1qk-r7fz" }, { "vulnerability": "VCID-v7tp-1t4h-zqeg" }, { "vulnerability": "VCID-v8ku-sjc8-wfga" }, { "vulnerability": "VCID-xqjr-7xfw-mbh2" }, { "vulnerability": "VCID-y9ne-rw7e-vugf" }, { "vulnerability": "VCID-yrzk-1dbk-muhy" }, { "vulnerability": "VCID-zw2q-kna8-mqcm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-catalina@11.0.0-M1" }, { "url": "http://public2.vulnerablecode.io/api/packages/88380?format=api", "purl": "pkg:rpm/redhat/jws6-tomcat@10.1.49-7.redhat_00006.1?arch=el8jws", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2kku-pzer-9ufv" }, { "vulnerability": "VCID-cfhw-vmcp-y3bc" }, { "vulnerability": "VCID-sr8e-w1qk-r7fz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jws6-tomcat@10.1.49-7.redhat_00006.1%3Farch=el8jws" }, { "url": "http://public2.vulnerablecode.io/api/packages/88382?format=api", "purl": "pkg:rpm/redhat/jws6-tomcat@10.1.49-7.redhat_00006.1?arch=el10jws", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2kku-pzer-9ufv" }, { "vulnerability": "VCID-cfhw-vmcp-y3bc" }, { "vulnerability": "VCID-sr8e-w1qk-r7fz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jws6-tomcat@10.1.49-7.redhat_00006.1%3Farch=el10jws" }, { "url": "http://public2.vulnerablecode.io/api/packages/88381?format=api", "purl": "pkg:rpm/redhat/jws6-tomcat@10.1.49-7.redhat_00006.1?arch=el9jws", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2kku-pzer-9ufv" }, { "vulnerability": "VCID-cfhw-vmcp-y3bc" }, { "vulnerability": "VCID-sr8e-w1qk-r7fz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jws6-tomcat@10.1.49-7.redhat_00006.1%3Farch=el9jws" } ], "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-55668.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-55668.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-55668", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03594", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.0362", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03645", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03668", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03706", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03684", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.0368", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.0367", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03655", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04307", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-55668" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/apache/tomcat", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/tomcat" }, { "reference_url": "https://github.com/apache/tomcat/commit/8621e4c6ba2c916a41eb34cb0f781171ead33fb6", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/tomcat/commit/8621e4c6ba2c916a41eb34cb0f781171ead33fb6" }, { "reference_url": "https://github.com/apache/tomcat/commit/90306d971bb8b8393336d893644124fb2ca11d21", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/tomcat/commit/90306d971bb8b8393336d893644124fb2ca11d21" }, { "reference_url": "https://github.com/apache/tomcat/commit/9c3673ba04009377cb0c81ccb6cf5078aec1aa95", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/tomcat/commit/9c3673ba04009377cb0c81ccb6cf5078aec1aa95" }, { "reference_url": "https://lists.apache.org/thread/v6bknr96rl7l1qxkl1c03v0qdvbbqs47", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-13T13:38:12Z/" } ], "url": "https://lists.apache.org/thread/v6bknr96rl7l1qxkl1c03v0qdvbbqs47" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-55668", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-55668" }, { "reference_url": "https://tomcat.apache.org/security-10.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://tomcat.apache.org/security-10.html" }, { "reference_url": "https://tomcat.apache.org/security-11.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://tomcat.apache.org/security-11.html" }, { "reference_url": "https://tomcat.apache.org/security-9.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://tomcat.apache.org/security-9.html" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2025/08/13/3", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2025/08/13/3" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1111098", "reference_id": "1111098", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1111098" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1111099", "reference_id": "1111099", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1111099" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2388226", "reference_id": "2388226", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2388226" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-55668", "reference_id": "CVE-2025-55668", "reference_type": "", "scores": [ { "value": "Moderate", "scoring_system": "apache_tomcat", "scoring_elements": "" } ], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-55668" }, { "reference_url": "https://github.com/advisories/GHSA-23hv-mwm6-g8jf", "reference_id": "GHSA-23hv-mwm6-g8jf", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-23hv-mwm6-g8jf" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2740", "reference_id": "RHSA-2026:2740", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2740" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2741", "reference_id": "RHSA-2026:2741", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2741" } ], "weaknesses": [ { "cwe_id": 384, "name": "Session Fixation", "description": "Authenticating a user, or otherwise establishing a new user session, without invalidating any existing session identifier gives an attacker the opportunity to steal authenticated sessions." }, { "cwe_id": 937, "name": "OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013." }, { "cwe_id": 1035, "name": "OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017." } ], "exploits": [], "severity_range_score": "4.0 - 6.9", "exploitability": "0.5", "weighted_severity": "6.2", "risk_score": 3.1, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2kku-pzer-9ufv" }