Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-p6pa-f1fg-hbhg

Summary

Denial of Service via incomplete cleanup vulnerability in Apache Tomcat. It was possible for WebSocket clients to keep WebSocket connections open leading to increased resource consumption.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M16, from 10.1.0-M1 through 10.1.18, from 9.0.0-M1 through 9.0.85, from 8.5.0 through 8.5.98.

Older, EOL versions may also be affected.


Users are recommended to upgrade to version 11.0.0-M17, 10.1.19, 9.0.86 or 8.5.99 which fix the issue.

Aliases

alias	CVE-2024-23672

alias	GHSA-v682-8vv8-vpwr

Fixed_packages

url	pkg:apache/tomcat@8.5.99
purl	pkg:apache/tomcat@8.5.99
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@8.5.99

url	pkg:apache/tomcat@9.0.86
purl	pkg:apache/tomcat@9.0.86
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@9.0.86

url	pkg:apache/tomcat@10.1.19
purl	pkg:apache/tomcat@10.1.19
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@10.1.19

url	pkg:apache/tomcat@11.0.0-M17
purl	pkg:apache/tomcat@11.0.0-M17
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@11.0.0-M17

url	pkg:deb/debian/tomcat10@10.1.6-1%2Bdeb12u2?distro=trixie
purl	pkg:deb/debian/tomcat10@10.1.6-1%2Bdeb12u2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat10@10.1.6-1%252Bdeb12u2%3Fdistro=trixie

url	pkg:deb/debian/tomcat10@10.1.20-1?distro=trixie
purl	pkg:deb/debian/tomcat10@10.1.20-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat10@10.1.20-1%3Fdistro=trixie

url pkg:deb/debian/tomcat10@10.1.34-0%2Bdeb12u2?distro=trixie

purl pkg:deb/debian/tomcat10@10.1.34-0%2Bdeb12u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2rmy-13ym-3bgm

vulnerability	VCID-35xg-a746-5qgc

vulnerability	VCID-74tx-sx8a-guhs

vulnerability	VCID-8e1c-rbkg-v7c2

vulnerability	VCID-d1fm-vbd1-n7au

vulnerability	VCID-gyed-x6s8-ybhr

vulnerability	VCID-rsxs-u5cc-rkgj

vulnerability	VCID-yrzk-1dbk-muhy

vulnerability	VCID-zw2q-kna8-mqcm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat10@10.1.34-0%252Bdeb12u2%3Fdistro=trixie

url pkg:deb/debian/tomcat10@10.1.52-1~deb13u1?distro=trixie

purl pkg:deb/debian/tomcat10@10.1.52-1~deb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2rmy-13ym-3bgm

vulnerability	VCID-35xg-a746-5qgc

vulnerability	VCID-74tx-sx8a-guhs

vulnerability	VCID-8e1c-rbkg-v7c2

vulnerability	VCID-d1fm-vbd1-n7au

vulnerability	VCID-gyed-x6s8-ybhr

vulnerability	VCID-rsxs-u5cc-rkgj

vulnerability	VCID-yrzk-1dbk-muhy

vulnerability	VCID-zw2q-kna8-mqcm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat10@10.1.52-1~deb13u1%3Fdistro=trixie

url pkg:deb/debian/tomcat10@10.1.52-1?distro=trixie

purl pkg:deb/debian/tomcat10@10.1.52-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2rmy-13ym-3bgm

vulnerability	VCID-35xg-a746-5qgc

vulnerability	VCID-74tx-sx8a-guhs

vulnerability	VCID-8e1c-rbkg-v7c2

vulnerability	VCID-d1fm-vbd1-n7au

vulnerability	VCID-gyed-x6s8-ybhr

vulnerability	VCID-rsxs-u5cc-rkgj

vulnerability	VCID-yrzk-1dbk-muhy

vulnerability	VCID-zw2q-kna8-mqcm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat10@10.1.52-1%3Fdistro=trixie

url	pkg:deb/debian/tomcat10@10.1.52-2?distro=trixie
purl	pkg:deb/debian/tomcat10@10.1.52-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat10@10.1.52-2%3Fdistro=trixie

url	pkg:deb/debian/tomcat10@10.1.54-1?distro=trixie
purl	pkg:deb/debian/tomcat10@10.1.54-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat10@10.1.54-1%3Fdistro=trixie

url pkg:deb/debian/tomcat9@9.0.43-2~deb11u10

purl pkg:deb/debian/tomcat9@9.0.43-2~deb11u10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1e6p-cppr-2bh2

vulnerability	VCID-246u-a4rh-yyd4

vulnerability	VCID-2kku-pzer-9ufv

vulnerability	VCID-2rmy-13ym-3bgm

vulnerability	VCID-2x6a-3gh1-rkhs

vulnerability	VCID-2zq1-na8s-mfdd

vulnerability	VCID-35xg-a746-5qgc

vulnerability	VCID-3vdn-j7sj-dfdn

vulnerability	VCID-43j2-w5xt-43g9

vulnerability	VCID-4cag-c4pb-dfaz

vulnerability	VCID-5sgv-7nsz-5fa8

vulnerability	VCID-74tx-sx8a-guhs

vulnerability	VCID-8e1c-rbkg-v7c2

vulnerability	VCID-8mns-kw6c-a7dk

vulnerability	VCID-8myk-ac5b-huh8

vulnerability	VCID-8war-4v58-eub2

vulnerability	VCID-9kfe-1esf-uydm

vulnerability	VCID-cfhw-vmcp-y3bc

vulnerability	VCID-d1fm-vbd1-n7au

vulnerability	VCID-fpgj-82wf-ykbw

vulnerability	VCID-gb2v-96xj-ybad

vulnerability	VCID-gvhy-d4gm-57d3

vulnerability	VCID-gyed-x6s8-ybhr

vulnerability	VCID-k59r-wjt3-wqe5

vulnerability	VCID-k9cg-ehdw-dbh6

vulnerability	VCID-kukv-k3z7-7fgs

vulnerability	VCID-maw6-4qs5-ykae

vulnerability	VCID-p8q2-pt96-5ye8

vulnerability	VCID-rsxs-u5cc-rkgj

vulnerability	VCID-sr8e-w1qk-r7fz

vulnerability	VCID-v8ku-sjc8-wfga

vulnerability	VCID-xqjr-7xfw-mbh2

vulnerability	VCID-y9ne-rw7e-vugf

vulnerability	VCID-yrzk-1dbk-muhy

vulnerability	VCID-zw2q-kna8-mqcm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat9@9.0.43-2~deb11u10

url	pkg:deb/debian/tomcat9@9.0.43-2~deb11u10?distro=trixie
purl	pkg:deb/debian/tomcat9@9.0.43-2~deb11u10?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat9@9.0.43-2~deb11u10%3Fdistro=trixie

url	pkg:deb/debian/tomcat9@9.0.70-2?distro=trixie
purl	pkg:deb/debian/tomcat9@9.0.70-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat9@9.0.70-2%3Fdistro=trixie

url	pkg:deb/debian/tomcat9@9.0.95-1?distro=trixie
purl	pkg:deb/debian/tomcat9@9.0.95-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat9@9.0.95-1%3Fdistro=trixie

url	pkg:deb/debian/tomcat9@9.0.115-1?distro=trixie
purl	pkg:deb/debian/tomcat9@9.0.115-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat9@9.0.115-1%3Fdistro=trixie

url pkg:maven/org.apache.tomcat/tomcat@8.5.99

purl pkg:maven/org.apache.tomcat/tomcat@8.5.99

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-g7bk-891a-uufy

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@8.5.99

url pkg:maven/org.apache.tomcat/tomcat@9.0.86

purl pkg:maven/org.apache.tomcat/tomcat@9.0.86

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8war-4v58-eub2

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.86

url pkg:maven/org.apache.tomcat/tomcat@10.1.19

purl pkg:maven/org.apache.tomcat/tomcat@10.1.19

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8war-4v58-eub2

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.19

url pkg:maven/org.apache.tomcat/tomcat@11.0.0-M17

purl pkg:maven/org.apache.tomcat/tomcat@11.0.0-M17

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8war-4v58-eub2

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@11.0.0-M17

url	pkg:maven/org.apache.tomcat/tomcat-websocket@8.5.99
purl	pkg:maven/org.apache.tomcat/tomcat-websocket@8.5.99
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-websocket@8.5.99

url	pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.86
purl	pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.86
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.86

url	pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.19
purl	pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.19
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.19

url	pkg:maven/org.apache.tomcat/tomcat-websocket@11.0.0-M17
purl	pkg:maven/org.apache.tomcat/tomcat-websocket@11.0.0-M17
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-websocket@11.0.0-M17

url	pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@8.5.99
purl	pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@8.5.99
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@8.5.99

url	pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.86
purl	pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.86
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.86

url	pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@10.1.19
purl	pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@10.1.19
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@10.1.19

url	pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@11.0.0-M17
purl	pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@11.0.0-M17
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@11.0.0-M17

Affected_packages

url pkg:apache/tomcat@8.5.0

purl pkg:apache/tomcat@8.5.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-18q4-zark-s7a7

vulnerability	VCID-1hdb-24e3-f3d6

vulnerability	VCID-2sbh-sy57-3uez

vulnerability	VCID-39e3-jfbg-s3hk

vulnerability	VCID-3cr9-g81m-4ugy

vulnerability	VCID-3n4t-bvb1-5qer

vulnerability	VCID-3r3s-q21j-c3au

vulnerability	VCID-46bv-6b7y-3bca

vulnerability	VCID-4aaa-errb-2qdw

vulnerability	VCID-4tf3-7f5b-2ffu

vulnerability	VCID-56jv-htmt-rkew

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-66kh-s6cr-tqf9

vulnerability	VCID-885s-t4dx-dybv

vulnerability	VCID-95d1-arxd-hkd1

vulnerability	VCID-a8gk-n8bq-87cp

vulnerability	VCID-aeeu-fpay-wufz

vulnerability	VCID-arkn-bca7-hqam

vulnerability	VCID-ayrd-8ntf-hkh3

vulnerability	VCID-b3bb-9ajg-sfc9

vulnerability	VCID-dy6m-zt6r-9ubd

vulnerability	VCID-dzpn-w4b3-vbcm

vulnerability	VCID-eb37-mkxf-7fgw

vulnerability	VCID-enaj-f97c-jbh7

vulnerability	VCID-f77q-v5xp-e7dy

vulnerability	VCID-fyfz-6tr5-2fc7

vulnerability	VCID-g7bk-891a-uufy

vulnerability	VCID-hmbm-5ysw-77bu

vulnerability	VCID-hves-r5bg-yfes

vulnerability	VCID-j6cj-ftyd-3ffa

vulnerability	VCID-j8tk-s915-pbfy

vulnerability	VCID-kagr-74d9-kyhx

vulnerability	VCID-kwab-3s4q-eka4

vulnerability	VCID-m1zd-uytj-3bej

vulnerability	VCID-m2zn-ja8d-7kg8

vulnerability	VCID-n3ab-nk7c-hqc9

vulnerability	VCID-n3zn-tuck-gkfe

vulnerability	VCID-n9yk-e49f-n7e7

vulnerability	VCID-nmq2-8ysj-4fbc

vulnerability	VCID-nvbx-q971-skgm

vulnerability	VCID-p6pa-f1fg-hbhg

vulnerability	VCID-pqxe-tfhk-47b7

vulnerability	VCID-ran8-rnqn-tkbc

vulnerability	VCID-ruuh-g3fa-m7d8

vulnerability	VCID-rzj2-4kcj-43dq

vulnerability	VCID-t2ne-75ck-eqcr

vulnerability	VCID-u3ck-cvgt-fuhd

vulnerability	VCID-v7tp-1t4h-zqeg

vulnerability	VCID-vdnj-sqmx-e3ep

vulnerability	VCID-vsdf-4tfj-uybe

vulnerability	VCID-wbaq-j85q-y3c6

vulnerability	VCID-wgsc-dnn1-ukeq

vulnerability	VCID-xf8r-kqxb-7qdy

vulnerability	VCID-yfx4-4gsc-2kgh

vulnerability	VCID-yxpq-rrry-j3h8

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@8.5.0

url pkg:apache/tomcat@8.5.98

purl pkg:apache/tomcat@8.5.98

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-p6pa-f1fg-hbhg

vulnerability	VCID-vsdf-4tfj-uybe

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@8.5.98

url pkg:apache/tomcat@9.0.0-M1

purl pkg:apache/tomcat@9.0.0-M1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-56jv-htmt-rkew

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-8mns-kw6c-a7dk

vulnerability	VCID-8myk-ac5b-huh8

vulnerability	VCID-b3bb-9ajg-sfc9

vulnerability	VCID-dy6m-zt6r-9ubd

vulnerability	VCID-j6cj-ftyd-3ffa

vulnerability	VCID-j8tk-s915-pbfy

vulnerability	VCID-n9yk-e49f-n7e7

vulnerability	VCID-nmq2-8ysj-4fbc

vulnerability	VCID-p6pa-f1fg-hbhg

vulnerability	VCID-ran8-rnqn-tkbc

vulnerability	VCID-rzj2-4kcj-43dq

vulnerability	VCID-v7tp-1t4h-zqeg

vulnerability	VCID-vsdf-4tfj-uybe

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@9.0.0-M1

url pkg:apache/tomcat@9.0.85

purl pkg:apache/tomcat@9.0.85

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-p6pa-f1fg-hbhg

vulnerability	VCID-vsdf-4tfj-uybe

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@9.0.85

url pkg:apache/tomcat@10.1.0-M1

purl pkg:apache/tomcat@10.1.0-M1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1e6p-cppr-2bh2

vulnerability	VCID-246u-a4rh-yyd4

vulnerability	VCID-2kku-pzer-9ufv

vulnerability	VCID-2rmy-13ym-3bgm

vulnerability	VCID-2x6a-3gh1-rkhs

vulnerability	VCID-3vdn-j7sj-dfdn

vulnerability	VCID-43j2-w5xt-43g9

vulnerability	VCID-4cag-c4pb-dfaz

vulnerability	VCID-56jv-htmt-rkew

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-5sgv-7nsz-5fa8

vulnerability	VCID-6pm1-byhk-eqfg

vulnerability	VCID-8mns-kw6c-a7dk

vulnerability	VCID-8myk-ac5b-huh8

vulnerability	VCID-b3bb-9ajg-sfc9

vulnerability	VCID-cfhw-vmcp-y3bc

vulnerability	VCID-d1fm-vbd1-n7au

vulnerability	VCID-fpgj-82wf-ykbw

vulnerability	VCID-gb2v-96xj-ybad

vulnerability	VCID-gvhy-d4gm-57d3

vulnerability	VCID-gyed-x6s8-ybhr

vulnerability	VCID-j6cj-ftyd-3ffa

vulnerability	VCID-j8tk-s915-pbfy

vulnerability	VCID-k59r-wjt3-wqe5

vulnerability	VCID-kukv-k3z7-7fgs

vulnerability	VCID-maw6-4qs5-ykae

vulnerability	VCID-n9yk-e49f-n7e7

vulnerability	VCID-nmq2-8ysj-4fbc

vulnerability	VCID-p6pa-f1fg-hbhg

vulnerability	VCID-p8q2-pt96-5ye8

vulnerability	VCID-qkx6-32cj-jfbp

vulnerability	VCID-rzj2-4kcj-43dq

vulnerability	VCID-sr8e-w1qk-r7fz

vulnerability	VCID-stds-vw5z-auhp

vulnerability	VCID-v7tp-1t4h-zqeg

vulnerability	VCID-v8ku-sjc8-wfga

vulnerability	VCID-vsdf-4tfj-uybe

vulnerability	VCID-wptr-hkjx-s7c3

vulnerability	VCID-xqjr-7xfw-mbh2

vulnerability	VCID-y9ne-rw7e-vugf

vulnerability	VCID-zw2q-kna8-mqcm

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@10.1.0-M1

url pkg:apache/tomcat@10.1.18

purl pkg:apache/tomcat@10.1.18

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-p6pa-f1fg-hbhg

vulnerability	VCID-vsdf-4tfj-uybe

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@10.1.18

url pkg:apache/tomcat@11.0.0-M1

purl pkg:apache/tomcat@11.0.0-M1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1e6p-cppr-2bh2

vulnerability	VCID-246u-a4rh-yyd4

vulnerability	VCID-2kku-pzer-9ufv

vulnerability	VCID-2rmy-13ym-3bgm

vulnerability	VCID-2x6a-3gh1-rkhs

vulnerability	VCID-3vdn-j7sj-dfdn

vulnerability	VCID-43j2-w5xt-43g9

vulnerability	VCID-4cag-c4pb-dfaz

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-5sgv-7nsz-5fa8

vulnerability	VCID-74tx-sx8a-guhs

vulnerability	VCID-8mns-kw6c-a7dk

vulnerability	VCID-8myk-ac5b-huh8

vulnerability	VCID-8war-4v58-eub2

vulnerability	VCID-b3bb-9ajg-sfc9

vulnerability	VCID-bks8-nvm9-vbgy

vulnerability	VCID-cfhw-vmcp-y3bc

vulnerability	VCID-d1fm-vbd1-n7au

vulnerability	VCID-fpgj-82wf-ykbw

vulnerability	VCID-gb2v-96xj-ybad

vulnerability	VCID-gvhy-d4gm-57d3

vulnerability	VCID-gyed-x6s8-ybhr

vulnerability	VCID-j6cj-ftyd-3ffa

vulnerability	VCID-k59r-wjt3-wqe5

vulnerability	VCID-kukv-k3z7-7fgs

vulnerability	VCID-maw6-4qs5-ykae

vulnerability	VCID-n9yk-e49f-n7e7

vulnerability	VCID-p6pa-f1fg-hbhg

vulnerability	VCID-rzj2-4kcj-43dq

vulnerability	VCID-sr8e-w1qk-r7fz

vulnerability	VCID-v7tp-1t4h-zqeg

vulnerability	VCID-v8ku-sjc8-wfga

vulnerability	VCID-vsdf-4tfj-uybe

vulnerability	VCID-xqjr-7xfw-mbh2

vulnerability	VCID-y9ne-rw7e-vugf

vulnerability	VCID-yrzk-1dbk-muhy

vulnerability	VCID-zw2q-kna8-mqcm

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@11.0.0-M1

url pkg:apache/tomcat@11.0.0-M16

purl pkg:apache/tomcat@11.0.0-M16

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-p6pa-f1fg-hbhg

vulnerability	VCID-vsdf-4tfj-uybe

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@11.0.0-M16

url pkg:deb/debian/tomcat9@9.0.31-1~deb10u6

purl pkg:deb/debian/tomcat9@9.0.31-1~deb10u6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1e6p-cppr-2bh2

vulnerability	VCID-246u-a4rh-yyd4

vulnerability	VCID-2kku-pzer-9ufv

vulnerability	VCID-2rmy-13ym-3bgm

vulnerability	VCID-2x6a-3gh1-rkhs

vulnerability	VCID-2zq1-na8s-mfdd

vulnerability	VCID-35xg-a746-5qgc

vulnerability	VCID-3vdn-j7sj-dfdn

vulnerability	VCID-43j2-w5xt-43g9

vulnerability	VCID-46bv-6b7y-3bca

vulnerability	VCID-4cag-c4pb-dfaz

vulnerability	VCID-56jv-htmt-rkew

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-5sgv-7nsz-5fa8

vulnerability	VCID-66kh-s6cr-tqf9

vulnerability	VCID-6pm1-byhk-eqfg

vulnerability	VCID-74tx-sx8a-guhs

vulnerability	VCID-885s-t4dx-dybv

vulnerability	VCID-8e1c-rbkg-v7c2

vulnerability	VCID-8mns-kw6c-a7dk

vulnerability	VCID-8myk-ac5b-huh8

vulnerability	VCID-8war-4v58-eub2

vulnerability	VCID-9kfe-1esf-uydm

vulnerability	VCID-a8gk-n8bq-87cp

vulnerability	VCID-b3bb-9ajg-sfc9

vulnerability	VCID-cfhw-vmcp-y3bc

vulnerability	VCID-d1fm-vbd1-n7au

vulnerability	VCID-dy6m-zt6r-9ubd

vulnerability	VCID-dzan-r49k-kqab

vulnerability	VCID-dzpn-w4b3-vbcm

vulnerability	VCID-eb37-mkxf-7fgw

vulnerability	VCID-fpgj-82wf-ykbw

vulnerability	VCID-gb2v-96xj-ybad

vulnerability	VCID-gvhy-d4gm-57d3

vulnerability	VCID-gyed-x6s8-ybhr

vulnerability	VCID-j6cj-ftyd-3ffa

vulnerability	VCID-j8tk-s915-pbfy

vulnerability	VCID-k59r-wjt3-wqe5

vulnerability	VCID-k9cg-ehdw-dbh6

vulnerability	VCID-kukv-k3z7-7fgs

vulnerability	VCID-kwab-3s4q-eka4

vulnerability	VCID-maw6-4qs5-ykae

vulnerability	VCID-n3ab-nk7c-hqc9

vulnerability	VCID-n9yk-e49f-n7e7

vulnerability	VCID-nmq2-8ysj-4fbc

vulnerability	VCID-nvbx-q971-skgm

vulnerability	VCID-p6pa-f1fg-hbhg

vulnerability	VCID-p8q2-pt96-5ye8

vulnerability	VCID-qkx6-32cj-jfbp

vulnerability	VCID-ran8-rnqn-tkbc

vulnerability	VCID-rq42-qvsy-hue6

vulnerability	VCID-rsxs-u5cc-rkgj

vulnerability	VCID-ruuh-g3fa-m7d8

vulnerability	VCID-rzj2-4kcj-43dq

vulnerability	VCID-sr8e-w1qk-r7fz

vulnerability	VCID-stds-vw5z-auhp

vulnerability	VCID-t2ne-75ck-eqcr

vulnerability	VCID-v7tp-1t4h-zqeg

vulnerability	VCID-v8ku-sjc8-wfga

vulnerability	VCID-vsdf-4tfj-uybe

vulnerability	VCID-wgsc-dnn1-ukeq

vulnerability	VCID-wptr-hkjx-s7c3

vulnerability	VCID-xqjr-7xfw-mbh2

vulnerability	VCID-xt59-cnmj-2bf8

vulnerability	VCID-y9ne-rw7e-vugf

vulnerability	VCID-yfx4-4gsc-2kgh

vulnerability	VCID-yrzk-1dbk-muhy

vulnerability	VCID-z2pq-cv2w-nfdk

vulnerability	VCID-zw2q-kna8-mqcm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat9@9.0.31-1~deb10u6

url pkg:maven/org.apache.tomcat/tomcat@8.5.0

purl pkg:maven/org.apache.tomcat/tomcat@8.5.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-18q4-zark-s7a7

vulnerability	VCID-1hdb-24e3-f3d6

vulnerability	VCID-2sbh-sy57-3uez

vulnerability	VCID-39e3-jfbg-s3hk

vulnerability	VCID-3cr9-g81m-4ugy

vulnerability	VCID-3n4t-bvb1-5qer

vulnerability	VCID-3r3s-q21j-c3au

vulnerability	VCID-46bv-6b7y-3bca

vulnerability	VCID-4aaa-errb-2qdw

vulnerability	VCID-4cag-c4pb-dfaz

vulnerability	VCID-4tf3-7f5b-2ffu

vulnerability	VCID-56jv-htmt-rkew

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-66kh-s6cr-tqf9

vulnerability	VCID-885s-t4dx-dybv

vulnerability	VCID-95d1-arxd-hkd1

vulnerability	VCID-a8gk-n8bq-87cp

vulnerability	VCID-aeeu-fpay-wufz

vulnerability	VCID-arkn-bca7-hqam

vulnerability	VCID-ayrd-8ntf-hkh3

vulnerability	VCID-b3bb-9ajg-sfc9

vulnerability	VCID-dy6m-zt6r-9ubd

vulnerability	VCID-dzpn-w4b3-vbcm

vulnerability	VCID-eb37-mkxf-7fgw

vulnerability	VCID-enaj-f97c-jbh7

vulnerability	VCID-f77q-v5xp-e7dy

vulnerability	VCID-fyfz-6tr5-2fc7

vulnerability	VCID-g7bk-891a-uufy

vulnerability	VCID-hmbm-5ysw-77bu

vulnerability	VCID-hves-r5bg-yfes

vulnerability	VCID-j6cj-ftyd-3ffa

vulnerability	VCID-j8tk-s915-pbfy

vulnerability	VCID-kagr-74d9-kyhx

vulnerability	VCID-kwab-3s4q-eka4

vulnerability	VCID-m1zd-uytj-3bej

vulnerability	VCID-m2zn-ja8d-7kg8

vulnerability	VCID-n3ab-nk7c-hqc9

vulnerability	VCID-n3zn-tuck-gkfe

vulnerability	VCID-n9yk-e49f-n7e7

vulnerability	VCID-nmq2-8ysj-4fbc

vulnerability	VCID-nvbx-q971-skgm

vulnerability	VCID-p6pa-f1fg-hbhg

vulnerability	VCID-pqxe-tfhk-47b7

vulnerability	VCID-ran8-rnqn-tkbc

vulnerability	VCID-ruuh-g3fa-m7d8

vulnerability	VCID-rzj2-4kcj-43dq

vulnerability	VCID-t2ne-75ck-eqcr

vulnerability	VCID-u3ck-cvgt-fuhd

vulnerability	VCID-v7tp-1t4h-zqeg

vulnerability	VCID-vdnj-sqmx-e3ep

vulnerability	VCID-vsdf-4tfj-uybe

vulnerability	VCID-wbaq-j85q-y3c6

vulnerability	VCID-wgsc-dnn1-ukeq

vulnerability	VCID-xf8r-kqxb-7qdy

vulnerability	VCID-yfx4-4gsc-2kgh

vulnerability	VCID-yxpq-rrry-j3h8

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@8.5.0

url pkg:maven/org.apache.tomcat/tomcat@8.5.98

purl pkg:maven/org.apache.tomcat/tomcat@8.5.98

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-g7bk-891a-uufy

vulnerability	VCID-p6pa-f1fg-hbhg

vulnerability	VCID-vsdf-4tfj-uybe

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@8.5.98

url pkg:maven/org.apache.tomcat/tomcat@9.0.0-M1

purl pkg:maven/org.apache.tomcat/tomcat@9.0.0-M1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-56jv-htmt-rkew

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-885s-t4dx-dybv

vulnerability	VCID-8mns-kw6c-a7dk

vulnerability	VCID-8myk-ac5b-huh8

vulnerability	VCID-b3bb-9ajg-sfc9

vulnerability	VCID-dy6m-zt6r-9ubd

vulnerability	VCID-j6cj-ftyd-3ffa

vulnerability	VCID-j8tk-s915-pbfy

vulnerability	VCID-n9yk-e49f-n7e7

vulnerability	VCID-nmq2-8ysj-4fbc

vulnerability	VCID-p6pa-f1fg-hbhg

vulnerability	VCID-ran8-rnqn-tkbc

vulnerability	VCID-rzj2-4kcj-43dq

vulnerability	VCID-v7tp-1t4h-zqeg

vulnerability	VCID-vsdf-4tfj-uybe

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.0-M1

url pkg:maven/org.apache.tomcat/tomcat@9.0.85

purl pkg:maven/org.apache.tomcat/tomcat@9.0.85

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8war-4v58-eub2

vulnerability	VCID-p6pa-f1fg-hbhg

vulnerability	VCID-vsdf-4tfj-uybe

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.85

url pkg:maven/org.apache.tomcat/tomcat@10.1.0-M1

purl pkg:maven/org.apache.tomcat/tomcat@10.1.0-M1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1e6p-cppr-2bh2

vulnerability	VCID-246u-a4rh-yyd4

vulnerability	VCID-2kku-pzer-9ufv

vulnerability	VCID-2rmy-13ym-3bgm

vulnerability	VCID-2x6a-3gh1-rkhs

vulnerability	VCID-3vdn-j7sj-dfdn

vulnerability	VCID-43j2-w5xt-43g9

vulnerability	VCID-4cag-c4pb-dfaz

vulnerability	VCID-56jv-htmt-rkew

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-5sgv-7nsz-5fa8

vulnerability	VCID-6pm1-byhk-eqfg

vulnerability	VCID-8mns-kw6c-a7dk

vulnerability	VCID-8myk-ac5b-huh8

vulnerability	VCID-b3bb-9ajg-sfc9

vulnerability	VCID-cfhw-vmcp-y3bc

vulnerability	VCID-d1fm-vbd1-n7au

vulnerability	VCID-fpgj-82wf-ykbw

vulnerability	VCID-gb2v-96xj-ybad

vulnerability	VCID-gvhy-d4gm-57d3

vulnerability	VCID-gyed-x6s8-ybhr

vulnerability	VCID-j6cj-ftyd-3ffa

vulnerability	VCID-j8tk-s915-pbfy

vulnerability	VCID-k59r-wjt3-wqe5

vulnerability	VCID-kukv-k3z7-7fgs

vulnerability	VCID-maw6-4qs5-ykae

vulnerability	VCID-n9yk-e49f-n7e7

vulnerability	VCID-nmq2-8ysj-4fbc

vulnerability	VCID-p6pa-f1fg-hbhg

vulnerability	VCID-p8q2-pt96-5ye8

vulnerability	VCID-qkx6-32cj-jfbp

vulnerability	VCID-rzj2-4kcj-43dq

vulnerability	VCID-sr8e-w1qk-r7fz

vulnerability	VCID-stds-vw5z-auhp

vulnerability	VCID-v7tp-1t4h-zqeg

vulnerability	VCID-v8ku-sjc8-wfga

vulnerability	VCID-vsdf-4tfj-uybe

vulnerability	VCID-wptr-hkjx-s7c3

vulnerability	VCID-xqjr-7xfw-mbh2

vulnerability	VCID-y9ne-rw7e-vugf

vulnerability	VCID-zw2q-kna8-mqcm

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.0-M1

url pkg:maven/org.apache.tomcat/tomcat@10.1.18

purl pkg:maven/org.apache.tomcat/tomcat@10.1.18

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8war-4v58-eub2

vulnerability	VCID-p6pa-f1fg-hbhg

vulnerability	VCID-vsdf-4tfj-uybe

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.18

url pkg:maven/org.apache.tomcat/tomcat@11.0.0-M1

purl pkg:maven/org.apache.tomcat/tomcat@11.0.0-M1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1e6p-cppr-2bh2

vulnerability	VCID-246u-a4rh-yyd4

vulnerability	VCID-2kku-pzer-9ufv

vulnerability	VCID-2rmy-13ym-3bgm

vulnerability	VCID-2x6a-3gh1-rkhs

vulnerability	VCID-3vdn-j7sj-dfdn

vulnerability	VCID-43j2-w5xt-43g9

vulnerability	VCID-4cag-c4pb-dfaz

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-5sgv-7nsz-5fa8

vulnerability	VCID-74tx-sx8a-guhs

vulnerability	VCID-8mns-kw6c-a7dk

vulnerability	VCID-8myk-ac5b-huh8

vulnerability	VCID-8war-4v58-eub2

vulnerability	VCID-b3bb-9ajg-sfc9

vulnerability	VCID-bks8-nvm9-vbgy

vulnerability	VCID-cfhw-vmcp-y3bc

vulnerability	VCID-d1fm-vbd1-n7au

vulnerability	VCID-fpgj-82wf-ykbw

vulnerability	VCID-gb2v-96xj-ybad

vulnerability	VCID-gvhy-d4gm-57d3

vulnerability	VCID-gyed-x6s8-ybhr

vulnerability	VCID-j6cj-ftyd-3ffa

vulnerability	VCID-k59r-wjt3-wqe5

vulnerability	VCID-kukv-k3z7-7fgs

vulnerability	VCID-maw6-4qs5-ykae

vulnerability	VCID-n9yk-e49f-n7e7

vulnerability	VCID-p6pa-f1fg-hbhg

vulnerability	VCID-rzj2-4kcj-43dq

vulnerability	VCID-sr8e-w1qk-r7fz

vulnerability	VCID-v7tp-1t4h-zqeg

vulnerability	VCID-v8ku-sjc8-wfga

vulnerability	VCID-vsdf-4tfj-uybe

vulnerability	VCID-xqjr-7xfw-mbh2

vulnerability	VCID-y9ne-rw7e-vugf

vulnerability	VCID-yrzk-1dbk-muhy

vulnerability	VCID-zw2q-kna8-mqcm

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@11.0.0-M1

url pkg:maven/org.apache.tomcat/tomcat@11.0.0-M16

purl pkg:maven/org.apache.tomcat/tomcat@11.0.0-M16

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8war-4v58-eub2

vulnerability	VCID-p6pa-f1fg-hbhg

vulnerability	VCID-vsdf-4tfj-uybe

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@11.0.0-M16

url pkg:maven/org.apache.tomcat/tomcat-websocket@8.5.0

purl pkg:maven/org.apache.tomcat/tomcat-websocket@8.5.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-p6pa-f1fg-hbhg

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-websocket@8.5.0

url pkg:maven/org.apache.tomcat/tomcat-websocket@8.5.98

purl pkg:maven/org.apache.tomcat/tomcat-websocket@8.5.98

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-p6pa-f1fg-hbhg

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-websocket@8.5.98

url pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.0-M1

purl pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.0-M1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-p6pa-f1fg-hbhg

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.0-M1

url pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.85

purl pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.85

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-p6pa-f1fg-hbhg

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.85

url pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.0-M1

purl pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.0-M1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-p6pa-f1fg-hbhg

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.0-M1

url pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18

purl pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-p6pa-f1fg-hbhg

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18

url pkg:maven/org.apache.tomcat/tomcat-websocket@11.0.0-M1

purl pkg:maven/org.apache.tomcat/tomcat-websocket@11.0.0-M1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-p6pa-f1fg-hbhg

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-websocket@11.0.0-M1

url pkg:maven/org.apache.tomcat/tomcat-websocket@11.0.0-M16

purl pkg:maven/org.apache.tomcat/tomcat-websocket@11.0.0-M16

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-p6pa-f1fg-hbhg

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-websocket@11.0.0-M16

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@8.5.0

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@8.5.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-a8gk-n8bq-87cp

vulnerability	VCID-b3bb-9ajg-sfc9

vulnerability	VCID-j6cj-ftyd-3ffa

vulnerability	VCID-j8tk-s915-pbfy

vulnerability	VCID-nvbx-q971-skgm

vulnerability	VCID-p6pa-f1fg-hbhg

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@8.5.0

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@8.5.98

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@8.5.98

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-p6pa-f1fg-hbhg

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@8.5.98

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.0-M1

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.0-M1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-p6pa-f1fg-hbhg

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.0-M1

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.85

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.85

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-p6pa-f1fg-hbhg

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.85

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@10.1.0-M1

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@10.1.0-M1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-p6pa-f1fg-hbhg

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@10.1.0-M1

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@10.1.18

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@10.1.18

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-p6pa-f1fg-hbhg

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@10.1.18

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@11.0.0-M1

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@11.0.0-M1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-p6pa-f1fg-hbhg

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@11.0.0-M1

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@11.0.0-M16

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@11.0.0-M16

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-p6pa-f1fg-hbhg

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@11.0.0-M16

url pkg:rpm/redhat/jws5-tomcat@9.0.87-3.redhat_00003.1?arch=el8jws

purl pkg:rpm/redhat/jws5-tomcat@9.0.87-3.redhat_00003.1?arch=el8jws

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-p6pa-f1fg-hbhg

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jws5-tomcat@9.0.87-3.redhat_00003.1%3Farch=el8jws

url pkg:rpm/redhat/jws5-tomcat@9.0.87-3.redhat_00003.1?arch=el7jws

purl pkg:rpm/redhat/jws5-tomcat@9.0.87-3.redhat_00003.1?arch=el7jws

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-p6pa-f1fg-hbhg

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jws5-tomcat@9.0.87-3.redhat_00003.1%3Farch=el7jws

url pkg:rpm/redhat/jws5-tomcat@9.0.87-3.redhat_00003.1?arch=el9jws

purl pkg:rpm/redhat/jws5-tomcat@9.0.87-3.redhat_00003.1?arch=el9jws

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-p6pa-f1fg-hbhg

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jws5-tomcat@9.0.87-3.redhat_00003.1%3Farch=el9jws

url pkg:rpm/redhat/jws6-tomcat@10.1.8-7.redhat_00014.1?arch=el8jws

purl pkg:rpm/redhat/jws6-tomcat@10.1.8-7.redhat_00014.1?arch=el8jws

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-p6pa-f1fg-hbhg

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jws6-tomcat@10.1.8-7.redhat_00014.1%3Farch=el8jws

url pkg:rpm/redhat/jws6-tomcat@10.1.8-7.redhat_00014.1?arch=el9jws

purl pkg:rpm/redhat/jws6-tomcat@10.1.8-7.redhat_00014.1?arch=el9jws

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-p6pa-f1fg-hbhg

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jws6-tomcat@10.1.8-7.redhat_00014.1%3Farch=el9jws

url pkg:rpm/redhat/tomcat@1:9.0.87-1.el8_8?arch=2

purl pkg:rpm/redhat/tomcat@1:9.0.87-1.el8_8?arch=2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-p6pa-f1fg-hbhg

vulnerability	VCID-vsdf-4tfj-uybe

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/tomcat@1:9.0.87-1.el8_8%3Farch=2

url pkg:rpm/redhat/tomcat@1:9.0.87-1.el8_10?arch=1

purl pkg:rpm/redhat/tomcat@1:9.0.87-1.el8_10?arch=1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-p6pa-f1fg-hbhg

vulnerability	VCID-vsdf-4tfj-uybe

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/tomcat@1:9.0.87-1.el8_10%3Farch=1

url pkg:rpm/redhat/tomcat@1:9.0.87-1.el9_2?arch=1

purl pkg:rpm/redhat/tomcat@1:9.0.87-1.el9_2?arch=1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-p6pa-f1fg-hbhg

vulnerability	VCID-vsdf-4tfj-uybe

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/tomcat@1:9.0.87-1.el9_2%3Farch=1

url pkg:rpm/redhat/tomcat@1:9.0.87-1.el9_4?arch=1

purl pkg:rpm/redhat/tomcat@1:9.0.87-1.el9_4?arch=1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-p6pa-f1fg-hbhg

vulnerability	VCID-vsdf-4tfj-uybe

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/tomcat@1:9.0.87-1.el9_4%3Farch=1

References

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-23672.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-23672.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-23672

reference_id

reference_type

scores

value	0.01061
scoring_system	epss
scoring_elements	0.77679
published_at	2026-04-18T12:55:00Z

value	0.01061
scoring_system	epss
scoring_elements	0.77681
published_at	2026-04-16T12:55:00Z

value	0.01061
scoring_system	epss
scoring_elements	0.77643
published_at	2026-04-13T12:55:00Z

value	0.01061
scoring_system	epss
scoring_elements	0.77645
published_at	2026-04-12T12:55:00Z

value	0.01061
scoring_system	epss
scoring_elements	0.77661
published_at	2026-04-11T12:55:00Z

value	0.01061
scoring_system	epss
scoring_elements	0.77635
published_at	2026-04-09T12:55:00Z

value	0.01061
scoring_system	epss
scoring_elements	0.77629
published_at	2026-04-08T12:55:00Z

value	0.01061
scoring_system	epss
scoring_elements	0.776
published_at	2026-04-07T12:55:00Z

value	0.01061
scoring_system	epss
scoring_elements	0.77618
published_at	2026-04-04T12:55:00Z

value	0.01061
scoring_system	epss
scoring_elements	0.77592
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-23672

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/apache/tomcat

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat

reference_url

https://github.com/apache/tomcat/commit/0052b374684b613b0c849899b325ebe334ac6501

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/0052b374684b613b0c849899b325ebe334ac6501

reference_url

https://github.com/apache/tomcat/commit/3631adb1342d8bbd8598802a12b63ad02c37d591

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/3631adb1342d8bbd8598802a12b63ad02c37d591

reference_url

https://github.com/apache/tomcat/commit/52d6650e062d880704898d7d8c1b2b7a3efe8068

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/52d6650e062d880704898d7d8c1b2b7a3efe8068

reference_url

https://github.com/apache/tomcat/commit/b0e3b1bd78de270d53e319d7cb79eb282aa53cb9

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/b0e3b1bd78de270d53e319d7cb79eb282aa53cb9

reference_url

https://lists.apache.org/thread/cmpswfx6tj4s7x0nxxosvfqs11lvdx2f

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-13T18:10:26Z/

url

https://lists.apache.org/thread/cmpswfx6tj4s7x0nxxosvfqs11lvdx2f

reference_url

https://lists.debian.org/debian-lts-announce/2024/04/msg00001.html

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2024/04/msg00001.html

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UWIS5MMGYDZBLJYT674ZI5AWFHDZ46B

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UWIS5MMGYDZBLJYT674ZI5AWFHDZ46B

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/736G4GPZWS2DSQO5WKXO3G6OMZKFEK55

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/736G4GPZWS2DSQO5WKXO3G6OMZKFEK55

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2024-23672

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2024-23672

reference_url

https://security.netapp.com/advisory/ntap-20240402-0002

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20240402-0002

reference_url

http://www.openwall.com/lists/oss-security/2024/03/13/4

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2024/03/13/4

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1066877
reference_id	1066877
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1066877

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2269608
reference_id	2269608
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2269608

reference_url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-23672

reference_id

CVE-2024-23672

reference_type

scores

value	Important
scoring_system	apache_tomcat
scoring_elements

url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-23672

reference_url

https://github.com/advisories/GHSA-v682-8vv8-vpwr

reference_id

GHSA-v682-8vv8-vpwr

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-v682-8vv8-vpwr

reference_url	https://access.redhat.com/errata/RHSA-2024:1913
reference_id	RHSA-2024:1913
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1913

reference_url	https://access.redhat.com/errata/RHSA-2024:1914
reference_id	RHSA-2024:1914
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1914

reference_url	https://access.redhat.com/errata/RHSA-2024:1916
reference_id	RHSA-2024:1916
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1916

reference_url	https://access.redhat.com/errata/RHSA-2024:1917
reference_id	RHSA-2024:1917
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1917

reference_url	https://access.redhat.com/errata/RHSA-2024:3307
reference_id	RHSA-2024:3307
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3307

reference_url	https://access.redhat.com/errata/RHSA-2024:3308
reference_id	RHSA-2024:3308
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3308

reference_url	https://access.redhat.com/errata/RHSA-2024:3666
reference_id	RHSA-2024:3666
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3666

reference_url	https://access.redhat.com/errata/RHSA-2024:3814
reference_id	RHSA-2024:3814
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3814

reference_url	https://usn.ubuntu.com/7106-1/
reference_id	USN-7106-1
reference_type
scores
url	https://usn.ubuntu.com/7106-1/

reference_url	https://usn.ubuntu.com/7562-1/
reference_id	USN-7562-1
reference_type
scores
url	https://usn.ubuntu.com/7562-1/

Weaknesses

cwe_id	459
name	Incomplete Cleanup
description	The product does not properly clean up and remove temporary or supporting resources after they have been used.

cwe_id	937
name	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.

cwe_id	1035
name	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.

Exploits

Severity_range_score 4.0 - 8.9

Exploitability 0.5

Weighted_severity 8.0

Risk_score 4.0

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p6pa-f1fg-hbhg

Vulnerability Instance