Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/4427?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4427?format=api", "vulnerability_id": "VCID-2x6a-3gh1-rkhs", "summary": "Allocation of resources for multipart headers with insufficient limits enabled a DoS vulnerability in Apache Commons FileUpload.\n\nThis issue affects Apache Commons FileUpload: from 1.0 before 1.6; from 2.0.0-M1 before 2.0.0-M4.\n\nUsers are recommended to upgrade to versions 1.6 or 2.0.0-M4, which fix the issue.", "aliases": [ { "alias": "CVE-2025-48976" }, { "alias": "GHSA-vv7r-c36w-3prj" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/810?format=api", "purl": "pkg:apache/tomcat@9.0.106", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9kfe-1esf-uydm" }, { "vulnerability": "VCID-fpgj-82wf-ykbw" }, { "vulnerability": "VCID-k59r-wjt3-wqe5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@9.0.106" }, { "url": "http://public2.vulnerablecode.io/api/packages/658?format=api", "purl": "pkg:apache/tomcat@10.1.42", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fpgj-82wf-ykbw" }, { "vulnerability": "VCID-k59r-wjt3-wqe5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@10.1.42" }, { "url": "http://public2.vulnerablecode.io/api/packages/590?format=api", "purl": "pkg:apache/tomcat@11.0.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fpgj-82wf-ykbw" }, { "vulnerability": "VCID-k59r-wjt3-wqe5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@11.0.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/927027?format=api", "purl": "pkg:deb/debian/libcommons-fileupload-java@1.4-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcommons-fileupload-java@1.4-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/927032?format=api", "purl": "pkg:deb/debian/libcommons-fileupload-java@1.4-1%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcommons-fileupload-java@1.4-1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1053018?format=api", "purl": "pkg:deb/debian/libcommons-fileupload-java@1.4-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2x6a-3gh1-rkhs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcommons-fileupload-java@1.4-2" }, { "url": "http://public2.vulnerablecode.io/api/packages/941305?format=api", "purl": "pkg:deb/debian/tomcat10@10.1.34-0%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2rmy-13ym-3bgm" }, { "vulnerability": "VCID-35xg-a746-5qgc" }, { "vulnerability": "VCID-74tx-sx8a-guhs" }, { "vulnerability": "VCID-8e1c-rbkg-v7c2" }, { "vulnerability": "VCID-d1fm-vbd1-n7au" }, { "vulnerability": "VCID-gyed-x6s8-ybhr" }, { "vulnerability": "VCID-rsxs-u5cc-rkgj" }, { "vulnerability": "VCID-yrzk-1dbk-muhy" }, { "vulnerability": "VCID-zw2q-kna8-mqcm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat10@10.1.34-0%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941327?format=api", "purl": "pkg:deb/debian/tomcat10@10.1.46-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat10@10.1.46-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941326?format=api", "purl": "pkg:deb/debian/tomcat10@10.1.52-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat10@10.1.52-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941309?format=api", "purl": "pkg:deb/debian/tomcat10@10.1.52-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2rmy-13ym-3bgm" }, { "vulnerability": "VCID-35xg-a746-5qgc" }, { "vulnerability": "VCID-74tx-sx8a-guhs" }, { "vulnerability": "VCID-8e1c-rbkg-v7c2" }, { "vulnerability": "VCID-d1fm-vbd1-n7au" }, { "vulnerability": "VCID-gyed-x6s8-ybhr" }, { "vulnerability": "VCID-rsxs-u5cc-rkgj" }, { "vulnerability": "VCID-yrzk-1dbk-muhy" }, { "vulnerability": "VCID-zw2q-kna8-mqcm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat10@10.1.52-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941307?format=api", "purl": "pkg:deb/debian/tomcat10@10.1.52-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2rmy-13ym-3bgm" }, { "vulnerability": "VCID-35xg-a746-5qgc" }, { "vulnerability": "VCID-74tx-sx8a-guhs" }, { "vulnerability": "VCID-8e1c-rbkg-v7c2" }, { "vulnerability": "VCID-d1fm-vbd1-n7au" }, { "vulnerability": "VCID-gyed-x6s8-ybhr" }, { "vulnerability": "VCID-rsxs-u5cc-rkgj" }, { "vulnerability": "VCID-yrzk-1dbk-muhy" }, { "vulnerability": "VCID-zw2q-kna8-mqcm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat10@10.1.52-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941308?format=api", "purl": "pkg:deb/debian/tomcat10@10.1.52-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat10@10.1.52-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1066849?format=api", "purl": "pkg:deb/debian/tomcat10@10.1.54-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat10@10.1.54-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941331?format=api", "purl": "pkg:deb/debian/tomcat11@11.0.11-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat11@11.0.11-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941330?format=api", "purl": "pkg:deb/debian/tomcat11@11.0.15-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8war-4v58-eub2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat11@11.0.15-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941328?format=api", "purl": "pkg:deb/debian/tomcat11@11.0.18-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat11@11.0.18-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941336?format=api", "purl": "pkg:deb/debian/tomcat9@9.0.43-2~deb11u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat9@9.0.43-2~deb11u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941334?format=api", "purl": "pkg:deb/debian/tomcat9@9.0.70-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat9@9.0.70-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941338?format=api", "purl": "pkg:deb/debian/tomcat9@9.0.95-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat9@9.0.95-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941365?format=api", "purl": "pkg:deb/debian/tomcat9@9.0.107-0%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat9@9.0.107-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941337?format=api", "purl": "pkg:deb/debian/tomcat9@9.0.115-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat9@9.0.115-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049171?format=api", "purl": "pkg:deb/debian/tomcat9@9.0.115-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat9@9.0.115-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/70733?format=api", "purl": "pkg:maven/commons-fileupload/commons-fileupload@1.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/commons-fileupload/commons-fileupload@1.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/70734?format=api", "purl": "pkg:maven/org.apache.commons/commons-fileupload2-core@2.0.0-M4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.commons/commons-fileupload2-core@2.0.0-M4" }, { "url": "http://public2.vulnerablecode.io/api/packages/811?format=api", "purl": "pkg:maven/org.apache.tomcat/tomcat@9.0.106", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8war-4v58-eub2" }, { "vulnerability": "VCID-9kfe-1esf-uydm" }, { "vulnerability": "VCID-fpgj-82wf-ykbw" }, { "vulnerability": "VCID-k59r-wjt3-wqe5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.106" }, { "url": "http://public2.vulnerablecode.io/api/packages/659?format=api", "purl": "pkg:maven/org.apache.tomcat/tomcat@10.1.42", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8war-4v58-eub2" }, { "vulnerability": "VCID-fpgj-82wf-ykbw" }, { "vulnerability": "VCID-k59r-wjt3-wqe5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.42" }, { "url": "http://public2.vulnerablecode.io/api/packages/591?format=api", "purl": "pkg:maven/org.apache.tomcat/tomcat@11.0.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8war-4v58-eub2" }, { "vulnerability": "VCID-fpgj-82wf-ykbw" }, { "vulnerability": "VCID-k59r-wjt3-wqe5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@11.0.8" } ], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/370942?format=api", "purl": "pkg:alpm/archlinux/tomcat10@10.1.40-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-246u-a4rh-yyd4" }, { "vulnerability": "VCID-2x6a-3gh1-rkhs" }, { "vulnerability": "VCID-2zq1-na8s-mfdd" }, { "vulnerability": "VCID-gb2v-96xj-ybad" }, { "vulnerability": "VCID-sr8e-w1qk-r7fz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/tomcat10@10.1.40-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/370941?format=api", "purl": "pkg:alpm/archlinux/tomcat9@9.0.100-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-246u-a4rh-yyd4" }, { "vulnerability": "VCID-2x6a-3gh1-rkhs" }, { "vulnerability": "VCID-2zq1-na8s-mfdd" }, { "vulnerability": "VCID-gb2v-96xj-ybad" }, { "vulnerability": "VCID-sr8e-w1qk-r7fz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/tomcat9@9.0.100-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/792?format=api", "purl": "pkg:apache/tomcat@9.0.0%2BM1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18q4-zark-s7a7" }, { "vulnerability": "VCID-1e6p-cppr-2bh2" }, { "vulnerability": "VCID-1hdb-24e3-f3d6" }, { "vulnerability": "VCID-1k8f-vsg1-k3d6" }, { "vulnerability": "VCID-246u-a4rh-yyd4" }, { "vulnerability": "VCID-2kku-pzer-9ufv" }, { "vulnerability": "VCID-2sbh-sy57-3uez" }, { "vulnerability": "VCID-2x6a-3gh1-rkhs" }, { "vulnerability": "VCID-39e3-jfbg-s3hk" }, { "vulnerability": "VCID-3cr9-g81m-4ugy" }, { "vulnerability": "VCID-3n4t-bvb1-5qer" }, { "vulnerability": "VCID-3r3s-q21j-c3au" }, { "vulnerability": "VCID-43j2-w5xt-43g9" }, { "vulnerability": "VCID-46bv-6b7y-3bca" }, { "vulnerability": "VCID-4aaa-errb-2qdw" }, { "vulnerability": "VCID-4cag-c4pb-dfaz" }, { "vulnerability": "VCID-4tf3-7f5b-2ffu" }, { "vulnerability": "VCID-5sgv-7nsz-5fa8" }, { "vulnerability": "VCID-66kh-s6cr-tqf9" }, { "vulnerability": "VCID-68fk-4g86-ekbp" }, { "vulnerability": "VCID-885s-t4dx-dybv" }, { "vulnerability": "VCID-95d1-arxd-hkd1" }, { "vulnerability": "VCID-9exq-fhv6-bbea" }, { "vulnerability": "VCID-9kfe-1esf-uydm" }, { "vulnerability": "VCID-a8gk-n8bq-87cp" }, { "vulnerability": "VCID-aeeu-fpay-wufz" }, { "vulnerability": "VCID-arkn-bca7-hqam" }, { "vulnerability": "VCID-ayrd-8ntf-hkh3" }, { "vulnerability": "VCID-dzpn-w4b3-vbcm" }, { "vulnerability": "VCID-eb37-mkxf-7fgw" }, { "vulnerability": "VCID-enaj-f97c-jbh7" }, { "vulnerability": "VCID-f77q-v5xp-e7dy" }, { "vulnerability": "VCID-fpgj-82wf-ykbw" }, { "vulnerability": "VCID-fyfz-6tr5-2fc7" }, { "vulnerability": "VCID-g7bk-891a-uufy" }, { "vulnerability": "VCID-gb2v-96xj-ybad" }, { "vulnerability": "VCID-gvhy-d4gm-57d3" }, { "vulnerability": "VCID-gyed-x6s8-ybhr" }, { "vulnerability": "VCID-hmbm-5ysw-77bu" }, { "vulnerability": "VCID-hves-r5bg-yfes" }, { "vulnerability": "VCID-k59r-wjt3-wqe5" }, { "vulnerability": "VCID-kagr-74d9-kyhx" }, { "vulnerability": "VCID-kukv-k3z7-7fgs" }, { "vulnerability": "VCID-kwab-3s4q-eka4" }, { "vulnerability": "VCID-kyb8-rvyw-s7b1" }, { "vulnerability": "VCID-m1zd-uytj-3bej" }, { "vulnerability": "VCID-m2zn-ja8d-7kg8" }, { "vulnerability": "VCID-maw6-4qs5-ykae" }, { "vulnerability": "VCID-n3ab-nk7c-hqc9" }, { "vulnerability": "VCID-n3zn-tuck-gkfe" }, { "vulnerability": "VCID-nvbx-q971-skgm" }, { "vulnerability": "VCID-pqxe-tfhk-47b7" }, { "vulnerability": "VCID-ruuh-g3fa-m7d8" }, { "vulnerability": "VCID-sr8e-w1qk-r7fz" }, { "vulnerability": "VCID-t2ne-75ck-eqcr" }, { "vulnerability": "VCID-tfrs-d458-tfaq" }, { "vulnerability": "VCID-u3ck-cvgt-fuhd" }, { "vulnerability": "VCID-v8ku-sjc8-wfga" }, { "vulnerability": "VCID-vdnj-sqmx-e3ep" }, { "vulnerability": "VCID-vhjj-dnft-kkf4" }, { "vulnerability": "VCID-wbaq-j85q-y3c6" }, { "vulnerability": "VCID-wgsc-dnn1-ukeq" }, { "vulnerability": "VCID-xf8r-kqxb-7qdy" }, { "vulnerability": "VCID-y9ne-rw7e-vugf" }, { "vulnerability": "VCID-yfx4-4gsc-2kgh" }, { "vulnerability": "VCID-yxpq-rrry-j3h8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@9.0.0%252BM1" }, { "url": "http://public2.vulnerablecode.io/api/packages/812?format=api", "purl": "pkg:apache/tomcat@9.0.105", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-246u-a4rh-yyd4" }, { "vulnerability": "VCID-2kku-pzer-9ufv" }, { "vulnerability": "VCID-2x6a-3gh1-rkhs" }, { "vulnerability": "VCID-bks8-nvm9-vbgy" }, { "vulnerability": "VCID-gb2v-96xj-ybad" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@9.0.105" }, { "url": "http://public2.vulnerablecode.io/api/packages/642?format=api", "purl": "pkg:apache/tomcat@10.1.0-M1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1e6p-cppr-2bh2" }, { "vulnerability": "VCID-246u-a4rh-yyd4" }, { "vulnerability": "VCID-2kku-pzer-9ufv" }, { "vulnerability": "VCID-2rmy-13ym-3bgm" }, { "vulnerability": "VCID-2x6a-3gh1-rkhs" }, { "vulnerability": "VCID-3vdn-j7sj-dfdn" }, { "vulnerability": "VCID-43j2-w5xt-43g9" }, { "vulnerability": "VCID-4cag-c4pb-dfaz" }, { "vulnerability": "VCID-56jv-htmt-rkew" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-5sgv-7nsz-5fa8" }, { "vulnerability": "VCID-6pm1-byhk-eqfg" }, { "vulnerability": "VCID-8mns-kw6c-a7dk" }, { "vulnerability": "VCID-8myk-ac5b-huh8" }, { "vulnerability": "VCID-b3bb-9ajg-sfc9" }, { "vulnerability": "VCID-cfhw-vmcp-y3bc" }, { "vulnerability": "VCID-d1fm-vbd1-n7au" }, { "vulnerability": "VCID-fpgj-82wf-ykbw" }, { "vulnerability": "VCID-gb2v-96xj-ybad" }, { "vulnerability": "VCID-gvhy-d4gm-57d3" }, { "vulnerability": "VCID-gyed-x6s8-ybhr" }, { "vulnerability": "VCID-j6cj-ftyd-3ffa" }, { "vulnerability": "VCID-j8tk-s915-pbfy" }, { "vulnerability": "VCID-k59r-wjt3-wqe5" }, { "vulnerability": "VCID-kukv-k3z7-7fgs" }, { "vulnerability": "VCID-maw6-4qs5-ykae" }, { "vulnerability": "VCID-n9yk-e49f-n7e7" }, { "vulnerability": "VCID-nmq2-8ysj-4fbc" }, { "vulnerability": "VCID-p6pa-f1fg-hbhg" }, { "vulnerability": "VCID-p8q2-pt96-5ye8" }, { "vulnerability": "VCID-qkx6-32cj-jfbp" }, { "vulnerability": "VCID-rzj2-4kcj-43dq" }, { "vulnerability": "VCID-sr8e-w1qk-r7fz" }, { "vulnerability": "VCID-stds-vw5z-auhp" }, { "vulnerability": "VCID-v7tp-1t4h-zqeg" }, { "vulnerability": "VCID-v8ku-sjc8-wfga" }, { "vulnerability": "VCID-vsdf-4tfj-uybe" }, { "vulnerability": "VCID-wptr-hkjx-s7c3" }, { "vulnerability": "VCID-xqjr-7xfw-mbh2" }, { "vulnerability": "VCID-y9ne-rw7e-vugf" }, { "vulnerability": "VCID-zw2q-kna8-mqcm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@10.1.0-M1" }, { "url": "http://public2.vulnerablecode.io/api/packages/660?format=api", "purl": "pkg:apache/tomcat@10.1.41", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-246u-a4rh-yyd4" }, { "vulnerability": "VCID-2kku-pzer-9ufv" }, { "vulnerability": "VCID-2x6a-3gh1-rkhs" }, { "vulnerability": "VCID-bks8-nvm9-vbgy" }, { "vulnerability": "VCID-gb2v-96xj-ybad" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@10.1.41" }, { "url": "http://public2.vulnerablecode.io/api/packages/572?format=api", "purl": "pkg:apache/tomcat@11.0.0-M1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1e6p-cppr-2bh2" }, { "vulnerability": "VCID-246u-a4rh-yyd4" }, { "vulnerability": "VCID-2kku-pzer-9ufv" }, { "vulnerability": "VCID-2rmy-13ym-3bgm" }, { "vulnerability": "VCID-2x6a-3gh1-rkhs" }, { "vulnerability": "VCID-3vdn-j7sj-dfdn" }, { "vulnerability": "VCID-43j2-w5xt-43g9" }, { "vulnerability": "VCID-4cag-c4pb-dfaz" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-5sgv-7nsz-5fa8" }, { "vulnerability": "VCID-74tx-sx8a-guhs" }, { "vulnerability": "VCID-8mns-kw6c-a7dk" }, { "vulnerability": "VCID-8myk-ac5b-huh8" }, { "vulnerability": "VCID-8war-4v58-eub2" }, { "vulnerability": "VCID-b3bb-9ajg-sfc9" }, { "vulnerability": "VCID-bks8-nvm9-vbgy" }, { "vulnerability": "VCID-cfhw-vmcp-y3bc" }, { "vulnerability": "VCID-d1fm-vbd1-n7au" }, { "vulnerability": "VCID-fpgj-82wf-ykbw" }, { "vulnerability": "VCID-gb2v-96xj-ybad" }, { "vulnerability": "VCID-gvhy-d4gm-57d3" }, { "vulnerability": "VCID-gyed-x6s8-ybhr" }, { "vulnerability": "VCID-j6cj-ftyd-3ffa" }, { "vulnerability": "VCID-k59r-wjt3-wqe5" }, { "vulnerability": "VCID-kukv-k3z7-7fgs" }, { "vulnerability": "VCID-maw6-4qs5-ykae" }, { "vulnerability": "VCID-n9yk-e49f-n7e7" }, { "vulnerability": "VCID-p6pa-f1fg-hbhg" }, { "vulnerability": "VCID-rzj2-4kcj-43dq" }, { "vulnerability": "VCID-sr8e-w1qk-r7fz" }, { "vulnerability": "VCID-v7tp-1t4h-zqeg" }, { "vulnerability": "VCID-v8ku-sjc8-wfga" }, { "vulnerability": "VCID-vsdf-4tfj-uybe" }, { "vulnerability": "VCID-xqjr-7xfw-mbh2" }, { "vulnerability": "VCID-y9ne-rw7e-vugf" }, { "vulnerability": "VCID-yrzk-1dbk-muhy" }, { "vulnerability": "VCID-zw2q-kna8-mqcm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@11.0.0-M1" }, { "url": "http://public2.vulnerablecode.io/api/packages/592?format=api", "purl": "pkg:apache/tomcat@11.0.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-246u-a4rh-yyd4" }, { "vulnerability": "VCID-2kku-pzer-9ufv" }, { "vulnerability": "VCID-2x6a-3gh1-rkhs" }, { "vulnerability": "VCID-bks8-nvm9-vbgy" }, { "vulnerability": "VCID-gb2v-96xj-ybad" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@11.0.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/572075?format=api", "purl": "pkg:deb/debian/libcommons-fileupload-java@1.0-12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2x6a-3gh1-rkhs" }, { "vulnerability": "VCID-56jv-htmt-rkew" }, { "vulnerability": "VCID-gv12-4ruf-kfhq" }, { "vulnerability": "VCID-jc2q-ht2b-cfhx" }, { "vulnerability": "VCID-kqjy-kvpx-kub8" }, { "vulnerability": "VCID-pqxe-tfhk-47b7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcommons-fileupload-java@1.0-12" }, { "url": "http://public2.vulnerablecode.io/api/packages/572076?format=api", "purl": "pkg:deb/debian/libcommons-fileupload-java@1.0-14", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2x6a-3gh1-rkhs" }, { "vulnerability": "VCID-56jv-htmt-rkew" }, { "vulnerability": "VCID-gv12-4ruf-kfhq" }, { "vulnerability": "VCID-jc2q-ht2b-cfhx" }, { "vulnerability": "VCID-kqjy-kvpx-kub8" }, { "vulnerability": "VCID-pqxe-tfhk-47b7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcommons-fileupload-java@1.0-14" }, { "url": "http://public2.vulnerablecode.io/api/packages/572077?format=api", "purl": "pkg:deb/debian/libcommons-fileupload-java@1.2.1-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2x6a-3gh1-rkhs" }, { "vulnerability": "VCID-56jv-htmt-rkew" }, { "vulnerability": "VCID-gv12-4ruf-kfhq" }, { "vulnerability": "VCID-jc2q-ht2b-cfhx" }, { "vulnerability": "VCID-kqjy-kvpx-kub8" }, { "vulnerability": "VCID-pqxe-tfhk-47b7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcommons-fileupload-java@1.2.1-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/572078?format=api", "purl": "pkg:deb/debian/libcommons-fileupload-java@1.2.2-1%2Bdeb6u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2x6a-3gh1-rkhs" }, { "vulnerability": "VCID-56jv-htmt-rkew" }, { "vulnerability": "VCID-gv12-4ruf-kfhq" }, { "vulnerability": "VCID-jc2q-ht2b-cfhx" }, { "vulnerability": "VCID-kqjy-kvpx-kub8" }, { "vulnerability": "VCID-pqxe-tfhk-47b7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcommons-fileupload-java@1.2.2-1%252Bdeb6u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/572079?format=api", "purl": "pkg:deb/debian/libcommons-fileupload-java@1.2.2-1%2Bdeb7u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2x6a-3gh1-rkhs" }, { "vulnerability": "VCID-56jv-htmt-rkew" }, { "vulnerability": "VCID-gv12-4ruf-kfhq" }, { "vulnerability": "VCID-jc2q-ht2b-cfhx" }, { "vulnerability": "VCID-kqjy-kvpx-kub8" }, { "vulnerability": "VCID-pqxe-tfhk-47b7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcommons-fileupload-java@1.2.2-1%252Bdeb7u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1048996?format=api", "purl": "pkg:deb/debian/libcommons-fileupload-java@1.3.1-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2x6a-3gh1-rkhs" }, { "vulnerability": "VCID-56jv-htmt-rkew" }, { "vulnerability": "VCID-pqxe-tfhk-47b7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcommons-fileupload-java@1.3.1-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1048997?format=api", "purl": "pkg:deb/debian/libcommons-fileupload-java@1.3.1-1%2Bdeb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2x6a-3gh1-rkhs" }, { "vulnerability": "VCID-56jv-htmt-rkew" }, { "vulnerability": "VCID-pqxe-tfhk-47b7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcommons-fileupload-java@1.3.1-1%252Bdeb8u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1050392?format=api", "purl": "pkg:deb/debian/libcommons-fileupload-java@1.3.2-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2x6a-3gh1-rkhs" }, { "vulnerability": "VCID-56jv-htmt-rkew" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcommons-fileupload-java@1.3.2-2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1053016?format=api", "purl": "pkg:deb/debian/libcommons-fileupload-java@1.3.3-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2x6a-3gh1-rkhs" }, { "vulnerability": "VCID-56jv-htmt-rkew" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcommons-fileupload-java@1.3.3-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1053017?format=api", "purl": "pkg:deb/debian/libcommons-fileupload-java@1.4-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2x6a-3gh1-rkhs" }, { "vulnerability": "VCID-56jv-htmt-rkew" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcommons-fileupload-java@1.4-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1053018?format=api", "purl": "pkg:deb/debian/libcommons-fileupload-java@1.4-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2x6a-3gh1-rkhs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcommons-fileupload-java@1.4-2" }, { "url": "http://public2.vulnerablecode.io/api/packages/927025?format=api", "purl": "pkg:deb/debian/libcommons-fileupload-java@1.4-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2x6a-3gh1-rkhs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcommons-fileupload-java@1.4-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/927028?format=api", "purl": "pkg:deb/debian/libcommons-fileupload-java@1.5-1.1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2x6a-3gh1-rkhs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcommons-fileupload-java@1.5-1.1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1055566?format=api", "purl": "pkg:deb/debian/libcommons-fileupload-java@1.5-1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2x6a-3gh1-rkhs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcommons-fileupload-java@1.5-1.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049132?format=api", "purl": "pkg:deb/debian/tomcat9@9.0.31-1~deb10u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1e6p-cppr-2bh2" }, { "vulnerability": "VCID-246u-a4rh-yyd4" }, { "vulnerability": "VCID-2kku-pzer-9ufv" }, { "vulnerability": "VCID-2rmy-13ym-3bgm" }, { "vulnerability": "VCID-2x6a-3gh1-rkhs" }, { "vulnerability": "VCID-2zq1-na8s-mfdd" }, { "vulnerability": "VCID-35xg-a746-5qgc" }, { "vulnerability": "VCID-3vdn-j7sj-dfdn" }, { "vulnerability": "VCID-43j2-w5xt-43g9" }, { "vulnerability": "VCID-46bv-6b7y-3bca" }, { "vulnerability": "VCID-4cag-c4pb-dfaz" }, { "vulnerability": "VCID-56jv-htmt-rkew" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-5sgv-7nsz-5fa8" }, { "vulnerability": "VCID-66kh-s6cr-tqf9" }, { "vulnerability": "VCID-6pm1-byhk-eqfg" }, { "vulnerability": "VCID-74tx-sx8a-guhs" }, { "vulnerability": "VCID-885s-t4dx-dybv" }, { "vulnerability": "VCID-8e1c-rbkg-v7c2" }, { "vulnerability": "VCID-8mns-kw6c-a7dk" }, { "vulnerability": "VCID-8myk-ac5b-huh8" }, { "vulnerability": "VCID-8war-4v58-eub2" }, { "vulnerability": "VCID-9kfe-1esf-uydm" }, { "vulnerability": "VCID-a8gk-n8bq-87cp" }, { "vulnerability": "VCID-b3bb-9ajg-sfc9" }, { "vulnerability": "VCID-cfhw-vmcp-y3bc" }, { "vulnerability": "VCID-d1fm-vbd1-n7au" }, { "vulnerability": "VCID-dy6m-zt6r-9ubd" }, { "vulnerability": "VCID-dzan-r49k-kqab" }, { "vulnerability": "VCID-dzpn-w4b3-vbcm" }, { "vulnerability": "VCID-eb37-mkxf-7fgw" }, { "vulnerability": "VCID-fpgj-82wf-ykbw" }, { "vulnerability": "VCID-gb2v-96xj-ybad" }, { "vulnerability": "VCID-gvhy-d4gm-57d3" }, { "vulnerability": "VCID-gyed-x6s8-ybhr" }, { "vulnerability": "VCID-j6cj-ftyd-3ffa" }, { "vulnerability": "VCID-j8tk-s915-pbfy" }, { "vulnerability": "VCID-k59r-wjt3-wqe5" }, { "vulnerability": "VCID-k9cg-ehdw-dbh6" }, { "vulnerability": "VCID-kukv-k3z7-7fgs" }, { "vulnerability": "VCID-kwab-3s4q-eka4" }, { "vulnerability": "VCID-maw6-4qs5-ykae" }, { "vulnerability": "VCID-n3ab-nk7c-hqc9" }, { "vulnerability": "VCID-n9yk-e49f-n7e7" }, { "vulnerability": "VCID-nmq2-8ysj-4fbc" }, { "vulnerability": "VCID-nvbx-q971-skgm" }, { "vulnerability": "VCID-p6pa-f1fg-hbhg" }, { "vulnerability": "VCID-p8q2-pt96-5ye8" }, { "vulnerability": "VCID-qkx6-32cj-jfbp" }, { "vulnerability": "VCID-ran8-rnqn-tkbc" }, { "vulnerability": "VCID-rq42-qvsy-hue6" }, { "vulnerability": "VCID-rsxs-u5cc-rkgj" }, { "vulnerability": "VCID-ruuh-g3fa-m7d8" }, { "vulnerability": "VCID-rzj2-4kcj-43dq" }, { "vulnerability": "VCID-sr8e-w1qk-r7fz" }, { "vulnerability": "VCID-stds-vw5z-auhp" }, { "vulnerability": "VCID-t2ne-75ck-eqcr" }, { "vulnerability": "VCID-v7tp-1t4h-zqeg" }, { "vulnerability": "VCID-v8ku-sjc8-wfga" }, { "vulnerability": "VCID-vsdf-4tfj-uybe" }, { "vulnerability": "VCID-wgsc-dnn1-ukeq" }, { "vulnerability": "VCID-wptr-hkjx-s7c3" }, { "vulnerability": "VCID-xqjr-7xfw-mbh2" }, { "vulnerability": "VCID-xt59-cnmj-2bf8" }, { "vulnerability": "VCID-y9ne-rw7e-vugf" }, { "vulnerability": "VCID-yfx4-4gsc-2kgh" }, { "vulnerability": "VCID-yrzk-1dbk-muhy" }, { "vulnerability": "VCID-z2pq-cv2w-nfdk" }, { "vulnerability": "VCID-zw2q-kna8-mqcm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat9@9.0.31-1~deb10u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049133?format=api", "purl": "pkg:deb/debian/tomcat9@9.0.43-2~deb11u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1e6p-cppr-2bh2" }, { "vulnerability": "VCID-246u-a4rh-yyd4" }, { "vulnerability": "VCID-2kku-pzer-9ufv" }, { "vulnerability": "VCID-2rmy-13ym-3bgm" }, { "vulnerability": "VCID-2x6a-3gh1-rkhs" }, { "vulnerability": "VCID-2zq1-na8s-mfdd" }, { "vulnerability": "VCID-35xg-a746-5qgc" }, { "vulnerability": "VCID-3vdn-j7sj-dfdn" }, { "vulnerability": "VCID-43j2-w5xt-43g9" }, { "vulnerability": "VCID-4cag-c4pb-dfaz" }, { "vulnerability": "VCID-5sgv-7nsz-5fa8" }, { "vulnerability": "VCID-74tx-sx8a-guhs" }, { "vulnerability": "VCID-8e1c-rbkg-v7c2" }, { "vulnerability": "VCID-8mns-kw6c-a7dk" }, { "vulnerability": "VCID-8myk-ac5b-huh8" }, { "vulnerability": "VCID-8war-4v58-eub2" }, { "vulnerability": "VCID-9kfe-1esf-uydm" }, { "vulnerability": "VCID-cfhw-vmcp-y3bc" }, { "vulnerability": "VCID-d1fm-vbd1-n7au" }, { "vulnerability": "VCID-fpgj-82wf-ykbw" }, { "vulnerability": "VCID-gb2v-96xj-ybad" }, { "vulnerability": "VCID-gvhy-d4gm-57d3" }, { "vulnerability": "VCID-gyed-x6s8-ybhr" }, { "vulnerability": "VCID-k59r-wjt3-wqe5" }, { "vulnerability": "VCID-k9cg-ehdw-dbh6" }, { "vulnerability": "VCID-kukv-k3z7-7fgs" }, { "vulnerability": "VCID-maw6-4qs5-ykae" }, { "vulnerability": "VCID-p8q2-pt96-5ye8" }, { "vulnerability": "VCID-rsxs-u5cc-rkgj" }, { "vulnerability": "VCID-sr8e-w1qk-r7fz" }, { "vulnerability": "VCID-v8ku-sjc8-wfga" }, { "vulnerability": "VCID-xqjr-7xfw-mbh2" }, { "vulnerability": "VCID-y9ne-rw7e-vugf" }, { "vulnerability": "VCID-yrzk-1dbk-muhy" }, { "vulnerability": "VCID-zw2q-kna8-mqcm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat9@9.0.43-2~deb11u10" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049169?format=api", "purl": "pkg:deb/debian/tomcat9@9.0.70-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-246u-a4rh-yyd4" }, { "vulnerability": "VCID-2x6a-3gh1-rkhs" }, { "vulnerability": "VCID-2zq1-na8s-mfdd" }, { "vulnerability": "VCID-4cag-c4pb-dfaz" }, { "vulnerability": "VCID-8myk-ac5b-huh8" }, { "vulnerability": "VCID-9kfe-1esf-uydm" }, { "vulnerability": "VCID-cfhw-vmcp-y3bc" }, { "vulnerability": "VCID-fpgj-82wf-ykbw" }, { "vulnerability": "VCID-gb2v-96xj-ybad" }, { "vulnerability": "VCID-gvhy-d4gm-57d3" }, { "vulnerability": "VCID-k59r-wjt3-wqe5" }, { "vulnerability": "VCID-kukv-k3z7-7fgs" }, { "vulnerability": "VCID-sr8e-w1qk-r7fz" }, { "vulnerability": "VCID-xqjr-7xfw-mbh2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat9@9.0.70-2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049170?format=api", "purl": "pkg:deb/debian/tomcat9@9.0.95-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-246u-a4rh-yyd4" }, { "vulnerability": "VCID-2x6a-3gh1-rkhs" }, { "vulnerability": "VCID-2zq1-na8s-mfdd" }, { "vulnerability": "VCID-4cag-c4pb-dfaz" }, { "vulnerability": "VCID-8myk-ac5b-huh8" }, { "vulnerability": "VCID-9kfe-1esf-uydm" }, { "vulnerability": "VCID-cfhw-vmcp-y3bc" }, { "vulnerability": "VCID-fpgj-82wf-ykbw" }, { "vulnerability": "VCID-gb2v-96xj-ybad" }, { "vulnerability": "VCID-gvhy-d4gm-57d3" }, { "vulnerability": "VCID-k59r-wjt3-wqe5" }, { "vulnerability": "VCID-kukv-k3z7-7fgs" }, { "vulnerability": "VCID-sr8e-w1qk-r7fz" }, { "vulnerability": "VCID-xqjr-7xfw-mbh2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat9@9.0.95-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/143412?format=api", "purl": "pkg:maven/commons-fileupload/commons-fileupload@1.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2x6a-3gh1-rkhs" }, { "vulnerability": "VCID-kqjy-kvpx-kub8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/commons-fileupload/commons-fileupload@1.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/148388?format=api", "purl": "pkg:maven/commons-fileupload/commons-fileupload@1.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2x6a-3gh1-rkhs" }, { "vulnerability": "VCID-56jv-htmt-rkew" }, { "vulnerability": "VCID-d571-6zkc-jfdy" }, { "vulnerability": "VCID-gv12-4ruf-kfhq" }, { "vulnerability": "VCID-jc2q-ht2b-cfhx" }, { "vulnerability": "VCID-kqjy-kvpx-kub8" }, { "vulnerability": "VCID-pqxe-tfhk-47b7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/commons-fileupload/commons-fileupload@1.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/148389?format=api", "purl": "pkg:maven/commons-fileupload/commons-fileupload@1.2.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2x6a-3gh1-rkhs" }, { "vulnerability": "VCID-56jv-htmt-rkew" }, { "vulnerability": "VCID-d571-6zkc-jfdy" }, { "vulnerability": "VCID-gv12-4ruf-kfhq" }, { "vulnerability": "VCID-jc2q-ht2b-cfhx" }, { "vulnerability": "VCID-kqjy-kvpx-kub8" }, { "vulnerability": "VCID-pqxe-tfhk-47b7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/commons-fileupload/commons-fileupload@1.2.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/20250?format=api", "purl": "pkg:maven/commons-fileupload/commons-fileupload@1.2.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2x6a-3gh1-rkhs" }, { "vulnerability": "VCID-56jv-htmt-rkew" }, { "vulnerability": "VCID-d571-6zkc-jfdy" }, { "vulnerability": "VCID-gv12-4ruf-kfhq" }, { "vulnerability": "VCID-jc2q-ht2b-cfhx" }, { "vulnerability": "VCID-kqjy-kvpx-kub8" }, { "vulnerability": "VCID-pqxe-tfhk-47b7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/commons-fileupload/commons-fileupload@1.2.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/20251?format=api", "purl": "pkg:maven/commons-fileupload/commons-fileupload@1.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2x6a-3gh1-rkhs" }, { "vulnerability": "VCID-56jv-htmt-rkew" }, { "vulnerability": "VCID-d571-6zkc-jfdy" }, { "vulnerability": "VCID-gv12-4ruf-kfhq" }, { "vulnerability": "VCID-jc2q-ht2b-cfhx" }, { "vulnerability": "VCID-pqxe-tfhk-47b7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/commons-fileupload/commons-fileupload@1.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/20459?format=api", "purl": "pkg:maven/commons-fileupload/commons-fileupload@1.3.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2x6a-3gh1-rkhs" }, { "vulnerability": "VCID-56jv-htmt-rkew" }, { "vulnerability": "VCID-d571-6zkc-jfdy" }, { "vulnerability": "VCID-pqxe-tfhk-47b7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/commons-fileupload/commons-fileupload@1.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/22668?format=api", "purl": "pkg:maven/commons-fileupload/commons-fileupload@1.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2x6a-3gh1-rkhs" }, { "vulnerability": "VCID-56jv-htmt-rkew" }, { "vulnerability": "VCID-d571-6zkc-jfdy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/commons-fileupload/commons-fileupload@1.3.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/23226?format=api", "purl": "pkg:maven/commons-fileupload/commons-fileupload@1.3.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2x6a-3gh1-rkhs" }, { "vulnerability": "VCID-56jv-htmt-rkew" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/commons-fileupload/commons-fileupload@1.3.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/360457?format=api", "purl": "pkg:maven/commons-fileupload/commons-fileupload@1.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2x6a-3gh1-rkhs" }, { "vulnerability": "VCID-56jv-htmt-rkew" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/commons-fileupload/commons-fileupload@1.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/56018?format=api", "purl": "pkg:maven/commons-fileupload/commons-fileupload@1.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2x6a-3gh1-rkhs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/commons-fileupload/commons-fileupload@1.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/570556?format=api", "purl": "pkg:maven/org.apache.commons/commons-fileupload2-core@2.0.0-M1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2x6a-3gh1-rkhs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.commons/commons-fileupload2-core@2.0.0-M1" }, { "url": "http://public2.vulnerablecode.io/api/packages/774586?format=api", "purl": "pkg:maven/org.apache.commons/commons-fileupload2-core@2.0.0-M2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2x6a-3gh1-rkhs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.commons/commons-fileupload2-core@2.0.0-M2" }, { "url": "http://public2.vulnerablecode.io/api/packages/774587?format=api", "purl": "pkg:maven/org.apache.commons/commons-fileupload2-core@2.0.0-M3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2x6a-3gh1-rkhs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.commons/commons-fileupload2-core@2.0.0-M3" }, { "url": "http://public2.vulnerablecode.io/api/packages/795?format=api", "purl": "pkg:maven/org.apache.tomcat/tomcat@9.0.0.M1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18q4-zark-s7a7" }, { "vulnerability": "VCID-1e6p-cppr-2bh2" }, { "vulnerability": "VCID-1hdb-24e3-f3d6" }, { "vulnerability": "VCID-1k8f-vsg1-k3d6" }, { "vulnerability": "VCID-246u-a4rh-yyd4" }, { "vulnerability": "VCID-2kku-pzer-9ufv" }, { "vulnerability": "VCID-2sbh-sy57-3uez" }, { "vulnerability": "VCID-2x6a-3gh1-rkhs" }, { "vulnerability": "VCID-39e3-jfbg-s3hk" }, { "vulnerability": "VCID-3cr9-g81m-4ugy" }, { "vulnerability": "VCID-3n4t-bvb1-5qer" }, { "vulnerability": "VCID-3r3s-q21j-c3au" }, { "vulnerability": "VCID-43j2-w5xt-43g9" }, { "vulnerability": "VCID-46bv-6b7y-3bca" }, { "vulnerability": "VCID-4aaa-errb-2qdw" }, { "vulnerability": "VCID-4cag-c4pb-dfaz" }, { "vulnerability": "VCID-4tf3-7f5b-2ffu" }, { "vulnerability": "VCID-5sgv-7nsz-5fa8" }, { "vulnerability": "VCID-66kh-s6cr-tqf9" }, { "vulnerability": "VCID-68fk-4g86-ekbp" }, { "vulnerability": "VCID-885s-t4dx-dybv" }, { "vulnerability": "VCID-95d1-arxd-hkd1" }, { "vulnerability": "VCID-9exq-fhv6-bbea" }, { "vulnerability": "VCID-9kfe-1esf-uydm" }, { "vulnerability": "VCID-a8gk-n8bq-87cp" }, { "vulnerability": "VCID-aeeu-fpay-wufz" }, { "vulnerability": "VCID-arkn-bca7-hqam" }, { "vulnerability": "VCID-ayrd-8ntf-hkh3" }, { "vulnerability": "VCID-dzpn-w4b3-vbcm" }, { "vulnerability": "VCID-eb37-mkxf-7fgw" }, { "vulnerability": "VCID-enaj-f97c-jbh7" }, { "vulnerability": "VCID-f77q-v5xp-e7dy" }, { "vulnerability": "VCID-fpgj-82wf-ykbw" }, { "vulnerability": "VCID-fyfz-6tr5-2fc7" }, { "vulnerability": "VCID-g7bk-891a-uufy" }, { "vulnerability": "VCID-gb2v-96xj-ybad" }, { "vulnerability": "VCID-gvhy-d4gm-57d3" }, { "vulnerability": "VCID-gyed-x6s8-ybhr" }, { "vulnerability": "VCID-hmbm-5ysw-77bu" }, { "vulnerability": "VCID-hves-r5bg-yfes" }, { "vulnerability": "VCID-k59r-wjt3-wqe5" }, { "vulnerability": "VCID-k9cg-ehdw-dbh6" }, { "vulnerability": "VCID-kagr-74d9-kyhx" }, { "vulnerability": "VCID-kukv-k3z7-7fgs" }, { "vulnerability": "VCID-kwab-3s4q-eka4" }, { "vulnerability": "VCID-kyb8-rvyw-s7b1" }, { "vulnerability": "VCID-m1zd-uytj-3bej" }, { "vulnerability": "VCID-m2zn-ja8d-7kg8" }, { "vulnerability": "VCID-maw6-4qs5-ykae" }, { "vulnerability": "VCID-n3ab-nk7c-hqc9" }, { "vulnerability": "VCID-n3zn-tuck-gkfe" }, { "vulnerability": "VCID-nvbx-q971-skgm" }, { "vulnerability": "VCID-pqxe-tfhk-47b7" }, { "vulnerability": "VCID-ruuh-g3fa-m7d8" }, { "vulnerability": "VCID-sr8e-w1qk-r7fz" }, { "vulnerability": "VCID-t2ne-75ck-eqcr" }, { "vulnerability": "VCID-tfrs-d458-tfaq" }, { "vulnerability": "VCID-u3ck-cvgt-fuhd" }, { "vulnerability": "VCID-v8ku-sjc8-wfga" }, { "vulnerability": "VCID-vdnj-sqmx-e3ep" }, { "vulnerability": "VCID-vhjj-dnft-kkf4" }, { "vulnerability": "VCID-wbaq-j85q-y3c6" }, { "vulnerability": "VCID-wgsc-dnn1-ukeq" }, { "vulnerability": "VCID-xf8r-kqxb-7qdy" }, { "vulnerability": "VCID-y9ne-rw7e-vugf" }, { "vulnerability": "VCID-yfx4-4gsc-2kgh" }, { "vulnerability": "VCID-yxpq-rrry-j3h8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.0.M1" }, { "url": "http://public2.vulnerablecode.io/api/packages/813?format=api", "purl": "pkg:maven/org.apache.tomcat/tomcat@9.0.105", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-246u-a4rh-yyd4" }, { "vulnerability": "VCID-2kku-pzer-9ufv" }, { "vulnerability": "VCID-2x6a-3gh1-rkhs" }, { "vulnerability": "VCID-8war-4v58-eub2" }, { "vulnerability": "VCID-bks8-nvm9-vbgy" }, { "vulnerability": "VCID-gb2v-96xj-ybad" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.105" }, { "url": "http://public2.vulnerablecode.io/api/packages/645?format=api", "purl": "pkg:maven/org.apache.tomcat/tomcat@10.1.0-M1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1e6p-cppr-2bh2" }, { "vulnerability": "VCID-246u-a4rh-yyd4" }, { "vulnerability": "VCID-2kku-pzer-9ufv" }, { "vulnerability": "VCID-2rmy-13ym-3bgm" }, { "vulnerability": "VCID-2x6a-3gh1-rkhs" }, { "vulnerability": "VCID-3vdn-j7sj-dfdn" }, { "vulnerability": "VCID-43j2-w5xt-43g9" }, { "vulnerability": "VCID-4cag-c4pb-dfaz" }, { "vulnerability": "VCID-56jv-htmt-rkew" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-5sgv-7nsz-5fa8" }, { "vulnerability": "VCID-6pm1-byhk-eqfg" }, { "vulnerability": "VCID-8mns-kw6c-a7dk" }, { "vulnerability": "VCID-8myk-ac5b-huh8" }, { "vulnerability": "VCID-b3bb-9ajg-sfc9" }, { "vulnerability": "VCID-cfhw-vmcp-y3bc" }, { "vulnerability": "VCID-d1fm-vbd1-n7au" }, { "vulnerability": "VCID-fpgj-82wf-ykbw" }, { "vulnerability": "VCID-gb2v-96xj-ybad" }, { "vulnerability": "VCID-gvhy-d4gm-57d3" }, { "vulnerability": "VCID-gyed-x6s8-ybhr" }, { "vulnerability": "VCID-j6cj-ftyd-3ffa" }, { "vulnerability": "VCID-j8tk-s915-pbfy" }, { "vulnerability": "VCID-k59r-wjt3-wqe5" }, { "vulnerability": "VCID-kukv-k3z7-7fgs" }, { "vulnerability": "VCID-maw6-4qs5-ykae" }, { "vulnerability": "VCID-n9yk-e49f-n7e7" }, { "vulnerability": "VCID-nmq2-8ysj-4fbc" }, { "vulnerability": "VCID-p6pa-f1fg-hbhg" }, { "vulnerability": "VCID-p8q2-pt96-5ye8" }, { "vulnerability": "VCID-qkx6-32cj-jfbp" }, { "vulnerability": "VCID-rzj2-4kcj-43dq" }, { "vulnerability": "VCID-sr8e-w1qk-r7fz" }, { "vulnerability": "VCID-stds-vw5z-auhp" }, { "vulnerability": "VCID-v7tp-1t4h-zqeg" }, { "vulnerability": "VCID-v8ku-sjc8-wfga" }, { "vulnerability": "VCID-vsdf-4tfj-uybe" }, { "vulnerability": "VCID-wptr-hkjx-s7c3" }, { "vulnerability": "VCID-xqjr-7xfw-mbh2" }, { "vulnerability": "VCID-y9ne-rw7e-vugf" }, { "vulnerability": "VCID-zw2q-kna8-mqcm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.0-M1" }, { "url": "http://public2.vulnerablecode.io/api/packages/661?format=api", "purl": "pkg:maven/org.apache.tomcat/tomcat@10.1.41", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-246u-a4rh-yyd4" }, { "vulnerability": "VCID-2kku-pzer-9ufv" }, { "vulnerability": "VCID-2x6a-3gh1-rkhs" }, { "vulnerability": "VCID-8war-4v58-eub2" }, { "vulnerability": "VCID-bks8-nvm9-vbgy" }, { "vulnerability": "VCID-gb2v-96xj-ybad" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.41" }, { "url": "http://public2.vulnerablecode.io/api/packages/575?format=api", "purl": "pkg:maven/org.apache.tomcat/tomcat@11.0.0-M1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1e6p-cppr-2bh2" }, { "vulnerability": "VCID-246u-a4rh-yyd4" }, { "vulnerability": "VCID-2kku-pzer-9ufv" }, { "vulnerability": "VCID-2rmy-13ym-3bgm" }, { "vulnerability": "VCID-2x6a-3gh1-rkhs" }, { "vulnerability": "VCID-3vdn-j7sj-dfdn" }, { "vulnerability": "VCID-43j2-w5xt-43g9" }, { "vulnerability": "VCID-4cag-c4pb-dfaz" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-5sgv-7nsz-5fa8" }, { "vulnerability": "VCID-74tx-sx8a-guhs" }, { "vulnerability": "VCID-8mns-kw6c-a7dk" }, { "vulnerability": "VCID-8myk-ac5b-huh8" }, { "vulnerability": "VCID-8war-4v58-eub2" }, { "vulnerability": "VCID-b3bb-9ajg-sfc9" }, { "vulnerability": "VCID-bks8-nvm9-vbgy" }, { "vulnerability": "VCID-cfhw-vmcp-y3bc" }, { "vulnerability": "VCID-d1fm-vbd1-n7au" }, { "vulnerability": "VCID-fpgj-82wf-ykbw" }, { "vulnerability": "VCID-gb2v-96xj-ybad" }, { "vulnerability": "VCID-gvhy-d4gm-57d3" }, { "vulnerability": "VCID-gyed-x6s8-ybhr" }, { "vulnerability": "VCID-j6cj-ftyd-3ffa" }, { "vulnerability": "VCID-k59r-wjt3-wqe5" }, { "vulnerability": "VCID-kukv-k3z7-7fgs" }, { "vulnerability": "VCID-maw6-4qs5-ykae" }, { "vulnerability": "VCID-n9yk-e49f-n7e7" }, { "vulnerability": "VCID-p6pa-f1fg-hbhg" }, { "vulnerability": "VCID-rzj2-4kcj-43dq" }, { "vulnerability": "VCID-sr8e-w1qk-r7fz" }, { "vulnerability": "VCID-v7tp-1t4h-zqeg" }, { "vulnerability": "VCID-v8ku-sjc8-wfga" }, { "vulnerability": "VCID-vsdf-4tfj-uybe" }, { "vulnerability": "VCID-xqjr-7xfw-mbh2" }, { "vulnerability": "VCID-y9ne-rw7e-vugf" }, { "vulnerability": "VCID-yrzk-1dbk-muhy" }, { "vulnerability": "VCID-zw2q-kna8-mqcm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@11.0.0-M1" }, { "url": "http://public2.vulnerablecode.io/api/packages/593?format=api", "purl": "pkg:maven/org.apache.tomcat/tomcat@11.0.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-246u-a4rh-yyd4" }, { "vulnerability": "VCID-2kku-pzer-9ufv" }, { "vulnerability": "VCID-2x6a-3gh1-rkhs" }, { "vulnerability": "VCID-8war-4v58-eub2" }, { "vulnerability": "VCID-bks8-nvm9-vbgy" }, { "vulnerability": "VCID-gb2v-96xj-ybad" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@11.0.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/89782?format=api", "purl": "pkg:rpm/redhat/jws5-tomcat@9.0.87-12.redhat_00011.1?arch=el8jws", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-246u-a4rh-yyd4" }, { "vulnerability": "VCID-2x6a-3gh1-rkhs" }, { "vulnerability": "VCID-9kfe-1esf-uydm" }, { "vulnerability": "VCID-fpgj-82wf-ykbw" }, { "vulnerability": "VCID-gb2v-96xj-ybad" }, { "vulnerability": "VCID-k59r-wjt3-wqe5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jws5-tomcat@9.0.87-12.redhat_00011.1%3Farch=el8jws" }, { "url": "http://public2.vulnerablecode.io/api/packages/89781?format=api", "purl": "pkg:rpm/redhat/jws5-tomcat@9.0.87-12.redhat_00011.1?arch=el9jws", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-246u-a4rh-yyd4" }, { "vulnerability": "VCID-2x6a-3gh1-rkhs" }, { "vulnerability": "VCID-9kfe-1esf-uydm" }, { "vulnerability": "VCID-fpgj-82wf-ykbw" }, { "vulnerability": "VCID-gb2v-96xj-ybad" }, { "vulnerability": "VCID-k59r-wjt3-wqe5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jws5-tomcat@9.0.87-12.redhat_00011.1%3Farch=el9jws" }, { "url": "http://public2.vulnerablecode.io/api/packages/89783?format=api", "purl": "pkg:rpm/redhat/jws5-tomcat@9.0.87-12.redhat_00011.1?arch=el7jws", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-246u-a4rh-yyd4" }, { "vulnerability": "VCID-2x6a-3gh1-rkhs" }, { "vulnerability": "VCID-9kfe-1esf-uydm" }, { "vulnerability": "VCID-fpgj-82wf-ykbw" }, { "vulnerability": "VCID-gb2v-96xj-ybad" }, { "vulnerability": "VCID-k59r-wjt3-wqe5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jws5-tomcat@9.0.87-12.redhat_00011.1%3Farch=el7jws" }, { "url": "http://public2.vulnerablecode.io/api/packages/89784?format=api", "purl": "pkg:rpm/redhat/jws6-tomcat@10.1.36-7.redhat_00008.1?arch=el8jws", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-246u-a4rh-yyd4" }, { "vulnerability": "VCID-2x6a-3gh1-rkhs" }, { "vulnerability": "VCID-fpgj-82wf-ykbw" }, { "vulnerability": "VCID-gb2v-96xj-ybad" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jws6-tomcat@10.1.36-7.redhat_00008.1%3Farch=el8jws" }, { "url": "http://public2.vulnerablecode.io/api/packages/89785?format=api", "purl": "pkg:rpm/redhat/jws6-tomcat@10.1.36-7.redhat_00008.1?arch=el9jws", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-246u-a4rh-yyd4" }, { "vulnerability": "VCID-2x6a-3gh1-rkhs" }, { "vulnerability": "VCID-fpgj-82wf-ykbw" }, { "vulnerability": "VCID-gb2v-96xj-ybad" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jws6-tomcat@10.1.36-7.redhat_00008.1%3Farch=el9jws" }, { "url": "http://public2.vulnerablecode.io/api/packages/89786?format=api", "purl": "pkg:rpm/redhat/jws6-tomcat@10.1.36-7.redhat_00008.1?arch=el10jws", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-246u-a4rh-yyd4" }, { "vulnerability": "VCID-2x6a-3gh1-rkhs" }, { "vulnerability": "VCID-fpgj-82wf-ykbw" }, { "vulnerability": "VCID-gb2v-96xj-ybad" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jws6-tomcat@10.1.36-7.redhat_00008.1%3Farch=el10jws" }, { "url": "http://public2.vulnerablecode.io/api/packages/89443?format=api", "purl": "pkg:rpm/redhat/tomcat@1:9.0.87-1.el8_8?arch=7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1e6p-cppr-2bh2" }, { "vulnerability": "VCID-246u-a4rh-yyd4" }, { "vulnerability": "VCID-2x6a-3gh1-rkhs" }, { "vulnerability": "VCID-9kfe-1esf-uydm" }, { "vulnerability": "VCID-fpgj-82wf-ykbw" }, { "vulnerability": "VCID-gb2v-96xj-ybad" }, { "vulnerability": "VCID-k59r-wjt3-wqe5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/tomcat@1:9.0.87-1.el8_8%3Farch=7" }, { "url": "http://public2.vulnerablecode.io/api/packages/89444?format=api", "purl": "pkg:rpm/redhat/tomcat@1:9.0.87-1.el8_10?arch=6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1e6p-cppr-2bh2" }, { "vulnerability": "VCID-246u-a4rh-yyd4" }, { "vulnerability": "VCID-2x6a-3gh1-rkhs" }, { "vulnerability": "VCID-9kfe-1esf-uydm" }, { "vulnerability": "VCID-fpgj-82wf-ykbw" }, { "vulnerability": "VCID-gb2v-96xj-ybad" }, { "vulnerability": "VCID-k59r-wjt3-wqe5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/tomcat@1:9.0.87-1.el8_10%3Farch=6" }, { "url": "http://public2.vulnerablecode.io/api/packages/89451?format=api", "purl": "pkg:rpm/redhat/tomcat@1:9.0.87-1.el9_2?arch=6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1e6p-cppr-2bh2" }, { "vulnerability": "VCID-246u-a4rh-yyd4" }, { "vulnerability": "VCID-2x6a-3gh1-rkhs" }, { "vulnerability": "VCID-9kfe-1esf-uydm" }, { "vulnerability": "VCID-fpgj-82wf-ykbw" }, { "vulnerability": "VCID-gb2v-96xj-ybad" }, { "vulnerability": "VCID-k59r-wjt3-wqe5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/tomcat@1:9.0.87-1.el9_2%3Farch=6" }, { "url": "http://public2.vulnerablecode.io/api/packages/89450?format=api", "purl": "pkg:rpm/redhat/tomcat@1:9.0.87-1.el9_4?arch=6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1e6p-cppr-2bh2" }, { "vulnerability": "VCID-246u-a4rh-yyd4" }, { "vulnerability": "VCID-2x6a-3gh1-rkhs" }, { "vulnerability": "VCID-9kfe-1esf-uydm" }, { "vulnerability": "VCID-fpgj-82wf-ykbw" }, { "vulnerability": "VCID-gb2v-96xj-ybad" }, { "vulnerability": "VCID-k59r-wjt3-wqe5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/tomcat@1:9.0.87-1.el9_4%3Farch=6" }, { "url": "http://public2.vulnerablecode.io/api/packages/89449?format=api", "purl": "pkg:rpm/redhat/tomcat@1:9.0.87-3.el9_6?arch=3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1e6p-cppr-2bh2" }, { "vulnerability": "VCID-246u-a4rh-yyd4" }, { "vulnerability": "VCID-2x6a-3gh1-rkhs" }, { "vulnerability": "VCID-9kfe-1esf-uydm" }, { "vulnerability": "VCID-fpgj-82wf-ykbw" }, { "vulnerability": "VCID-gb2v-96xj-ybad" }, { "vulnerability": "VCID-k59r-wjt3-wqe5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/tomcat@1:9.0.87-3.el9_6%3Farch=3" }, { "url": "http://public2.vulnerablecode.io/api/packages/89452?format=api", "purl": "pkg:rpm/redhat/tomcat@1:10.1.36-1.el10_0?arch=2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1e6p-cppr-2bh2" }, { "vulnerability": "VCID-246u-a4rh-yyd4" }, { "vulnerability": "VCID-2x6a-3gh1-rkhs" }, { "vulnerability": "VCID-fpgj-82wf-ykbw" }, { "vulnerability": "VCID-gb2v-96xj-ybad" }, { "vulnerability": "VCID-k59r-wjt3-wqe5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/tomcat@1:10.1.36-1.el10_0%3Farch=2" }, { "url": "http://public2.vulnerablecode.io/api/packages/89448?format=api", "purl": "pkg:rpm/redhat/tomcat9@1:9.0.87-5.el10_0?arch=3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1e6p-cppr-2bh2" }, { "vulnerability": "VCID-246u-a4rh-yyd4" }, { "vulnerability": "VCID-2x6a-3gh1-rkhs" }, { "vulnerability": "VCID-9kfe-1esf-uydm" }, { "vulnerability": "VCID-fpgj-82wf-ykbw" }, { "vulnerability": "VCID-gb2v-96xj-ybad" }, { "vulnerability": "VCID-k59r-wjt3-wqe5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/tomcat9@1:9.0.87-5.el10_0%3Farch=3" } ], "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-48976.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-48976.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-48976", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00347", "scoring_system": "epss", "scoring_elements": "0.57306", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00347", "scoring_system": "epss", "scoring_elements": "0.57255", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00457", "scoring_system": "epss", "scoring_elements": "0.63894", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00457", "scoring_system": "epss", "scoring_elements": "0.63959", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00457", "scoring_system": "epss", "scoring_elements": "0.63947", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00457", "scoring_system": "epss", "scoring_elements": "0.63921", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01278", "scoring_system": "epss", "scoring_elements": "0.79556", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01278", "scoring_system": "epss", "scoring_elements": "0.79586", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01278", "scoring_system": "epss", "scoring_elements": "0.79564", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-48976" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/apache/commons-fileupload", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/commons-fileupload" }, { "reference_url": "https://github.com/apache/commons-fileupload/commit/b247774a72a044f5d5380ae947140ee80af4e78b", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/commons-fileupload/commit/b247774a72a044f5d5380ae947140ee80af4e78b" }, { "reference_url": "https://github.com/apache/commons-fileupload/commit/bf68f63cfb312ef4710fb3dfb4d8e4e1665f4497", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/commons-fileupload/commit/bf68f63cfb312ef4710fb3dfb4d8e4e1665f4497" }, { "reference_url": "https://github.com/apache/tomcat/commit/667ddd76e2a0e762f3a784d86f0d25e7fd7cdb86", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/apache/tomcat/commit/667ddd76e2a0e762f3a784d86f0d25e7fd7cdb86" }, { "reference_url": "https://github.com/apache/tomcat/commit/74f69ffaf61e54c727603e7e831fe20f0ac5d2a7", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/apache/tomcat/commit/74f69ffaf61e54c727603e7e831fe20f0ac5d2a7" }, { "reference_url": "https://github.com/apache/tomcat/commit/97790a35a27d236fa053e660676c3f8196284d93", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/tomcat/commit/97790a35a27d236fa053e660676c3f8196284d93" }, { "reference_url": "https://lists.apache.org/thread/fbs3wrr3p67vkjcxogqqqqz45pqtso12", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:04:56Z/" } ], "url": "https://lists.apache.org/thread/fbs3wrr3p67vkjcxogqqqqz45pqtso12" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2025/07/msg00008.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2025/07/msg00008.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2025/07/msg00009.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2025/07/msg00009.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-48976", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-48976" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2025/06/16/4", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2025/06/16/4" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108118", "reference_id": "1108118", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108118" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108119", "reference_id": "1108119", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108119" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108120", "reference_id": "1108120", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108120" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2373020", "reference_id": "2373020", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2373020" }, { "reference_url": "https://security.archlinux.org/AVG-2888", "reference_id": "AVG-2888", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2888" }, { "reference_url": "https://security.archlinux.org/AVG-2889", "reference_id": "AVG-2889", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2889" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48976", "reference_id": "CVE-2025-48976", "reference_type": "", "scores": [ { "value": "Important", "scoring_system": "apache_tomcat", "scoring_elements": "" } ], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48976" }, { "reference_url": "https://github.com/advisories/GHSA-vv7r-c36w-3prj", "reference_id": "GHSA-vv7r-c36w-3prj", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-vv7r-c36w-3prj" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:11695", "reference_id": "RHSA-2025:11695", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:11695" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:11696", "reference_id": "RHSA-2025:11696", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:11696" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:11741", "reference_id": "RHSA-2025:11741", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:11741" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:11742", "reference_id": "RHSA-2025:11742", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:11742" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14177", "reference_id": "RHSA-2025:14177", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14177" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14178", "reference_id": "RHSA-2025:14178", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14178" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14179", "reference_id": "RHSA-2025:14179", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14179" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14180", "reference_id": "RHSA-2025:14180", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14180" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14181", "reference_id": "RHSA-2025:14181", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14181" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14182", "reference_id": "RHSA-2025:14182", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14182" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14183", "reference_id": "RHSA-2025:14183", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14183" } ], "weaknesses": [ { "cwe_id": 770, "name": "Allocation of Resources Without Limits or Throttling", "description": "The product allocates a reusable resource or group of resources on behalf of an actor without imposing any restrictions on the size or number of resources that can be allocated, in violation of the intended security policy for that actor." }, { "cwe_id": 937, "name": "OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013." }, { "cwe_id": 1035, "name": "OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017." } ], "exploits": [], "severity_range_score": "5.3 - 8.9", "exploitability": "0.5", "weighted_severity": "8.0", "risk_score": 4.0, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2x6a-3gh1-rkhs" }