Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-rq42-qvsy-hue6

Summary The refactoring present in Apache Tomcat 9.0.28 to 9.0.30, 8.5.48 to 8.5.50 and 7.0.98 to 7.0.99 introduced a regression. The result of the regression was that invalid Transfer-Encoding headers were incorrectly processed leading to a possibility of HTTP Request Smuggling if Tomcat was located behind a reverse proxy that incorrectly handled the invalid Transfer-Encoding header in a particular manner. Such a reverse proxy is considered unlikely.

Aliases

alias	CVE-2019-17569

alias	GHSA-767j-jfh2-jvrc

Fixed_packages

url	pkg:apache/tomcat@7.0.100
purl	pkg:apache/tomcat@7.0.100
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@7.0.100

url	pkg:apache/tomcat@8.5.51
purl	pkg:apache/tomcat@8.5.51
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@8.5.51

url	pkg:apache/tomcat@9.0.31
purl	pkg:apache/tomcat@9.0.31
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@9.0.31

url	pkg:deb/debian/tomcat8@8.5.54-0%2Bdeb9u1
purl	pkg:deb/debian/tomcat8@8.5.54-0%2Bdeb9u1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat8@8.5.54-0%252Bdeb9u1

url	pkg:deb/debian/tomcat9@9.0.31-1?distro=trixie
purl	pkg:deb/debian/tomcat9@9.0.31-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat9@9.0.31-1%3Fdistro=trixie

url pkg:deb/debian/tomcat9@9.0.43-2~deb11u10

purl pkg:deb/debian/tomcat9@9.0.43-2~deb11u10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1e6p-cppr-2bh2

vulnerability	VCID-246u-a4rh-yyd4

vulnerability	VCID-2kku-pzer-9ufv

vulnerability	VCID-2rmy-13ym-3bgm

vulnerability	VCID-2x6a-3gh1-rkhs

vulnerability	VCID-2zq1-na8s-mfdd

vulnerability	VCID-35xg-a746-5qgc

vulnerability	VCID-3vdn-j7sj-dfdn

vulnerability	VCID-43j2-w5xt-43g9

vulnerability	VCID-4cag-c4pb-dfaz

vulnerability	VCID-5sgv-7nsz-5fa8

vulnerability	VCID-74tx-sx8a-guhs

vulnerability	VCID-8e1c-rbkg-v7c2

vulnerability	VCID-8mns-kw6c-a7dk

vulnerability	VCID-8myk-ac5b-huh8

vulnerability	VCID-8war-4v58-eub2

vulnerability	VCID-9kfe-1esf-uydm

vulnerability	VCID-cfhw-vmcp-y3bc

vulnerability	VCID-d1fm-vbd1-n7au

vulnerability	VCID-fpgj-82wf-ykbw

vulnerability	VCID-gb2v-96xj-ybad

vulnerability	VCID-gvhy-d4gm-57d3

vulnerability	VCID-gyed-x6s8-ybhr

vulnerability	VCID-k59r-wjt3-wqe5

vulnerability	VCID-k9cg-ehdw-dbh6

vulnerability	VCID-kukv-k3z7-7fgs

vulnerability	VCID-maw6-4qs5-ykae

vulnerability	VCID-p8q2-pt96-5ye8

vulnerability	VCID-rsxs-u5cc-rkgj

vulnerability	VCID-sr8e-w1qk-r7fz

vulnerability	VCID-v8ku-sjc8-wfga

vulnerability	VCID-xqjr-7xfw-mbh2

vulnerability	VCID-y9ne-rw7e-vugf

vulnerability	VCID-yrzk-1dbk-muhy

vulnerability	VCID-zw2q-kna8-mqcm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat9@9.0.43-2~deb11u10

url	pkg:deb/debian/tomcat9@9.0.43-2~deb11u10?distro=trixie
purl	pkg:deb/debian/tomcat9@9.0.43-2~deb11u10?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat9@9.0.43-2~deb11u10%3Fdistro=trixie

url	pkg:deb/debian/tomcat9@9.0.70-2?distro=trixie
purl	pkg:deb/debian/tomcat9@9.0.70-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat9@9.0.70-2%3Fdistro=trixie

url	pkg:deb/debian/tomcat9@9.0.95-1?distro=trixie
purl	pkg:deb/debian/tomcat9@9.0.95-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat9@9.0.95-1%3Fdistro=trixie

url	pkg:deb/debian/tomcat9@9.0.115-1?distro=trixie
purl	pkg:deb/debian/tomcat9@9.0.115-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat9@9.0.115-1%3Fdistro=trixie

url pkg:maven/org.apache.tomcat/tomcat@7.0.100

purl pkg:maven/org.apache.tomcat/tomcat@7.0.100

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-a8gk-n8bq-87cp

vulnerability	VCID-e7kd-kk57-mkd6

vulnerability	VCID-kwab-3s4q-eka4

vulnerability	VCID-yrzk-1dbk-muhy

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@7.0.100

url pkg:maven/org.apache.tomcat/tomcat@8.5.51

purl pkg:maven/org.apache.tomcat/tomcat@8.5.51

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-46bv-6b7y-3bca

vulnerability	VCID-a8gk-n8bq-87cp

vulnerability	VCID-ayrd-8ntf-hkh3

vulnerability	VCID-b3bb-9ajg-sfc9

vulnerability	VCID-dy6m-zt6r-9ubd

vulnerability	VCID-g7bk-891a-uufy

vulnerability	VCID-j8tk-s915-pbfy

vulnerability	VCID-k9cg-ehdw-dbh6

vulnerability	VCID-kwab-3s4q-eka4

vulnerability	VCID-nmq2-8ysj-4fbc

vulnerability	VCID-p8q2-pt96-5ye8

vulnerability	VCID-qkx6-32cj-jfbp

vulnerability	VCID-ran8-rnqn-tkbc

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@8.5.51

url pkg:maven/org.apache.tomcat/tomcat@9.0.31

purl pkg:maven/org.apache.tomcat/tomcat@9.0.31

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-46bv-6b7y-3bca

vulnerability	VCID-a8gk-n8bq-87cp

vulnerability	VCID-b3bb-9ajg-sfc9

vulnerability	VCID-dy6m-zt6r-9ubd

vulnerability	VCID-e7kd-kk57-mkd6

vulnerability	VCID-j8tk-s915-pbfy

vulnerability	VCID-k9cg-ehdw-dbh6

vulnerability	VCID-kwab-3s4q-eka4

vulnerability	VCID-nmq2-8ysj-4fbc

vulnerability	VCID-p8q2-pt96-5ye8

vulnerability	VCID-qkx6-32cj-jfbp

vulnerability	VCID-ran8-rnqn-tkbc

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.31

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@7.0.100

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@7.0.100

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-66kh-s6cr-tqf9

vulnerability	VCID-a8gk-n8bq-87cp

vulnerability	VCID-e7kd-kk57-mkd6

vulnerability	VCID-kwab-3s4q-eka4

vulnerability	VCID-n3ab-nk7c-hqc9

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@7.0.100

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.51

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.51

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-46bv-6b7y-3bca

vulnerability	VCID-66kh-s6cr-tqf9

vulnerability	VCID-a8gk-n8bq-87cp

vulnerability	VCID-ayrd-8ntf-hkh3

vulnerability	VCID-dy6m-zt6r-9ubd

vulnerability	VCID-dzan-r49k-kqab

vulnerability	VCID-fpgj-82wf-ykbw

vulnerability	VCID-j6cj-ftyd-3ffa

vulnerability	VCID-j8tk-s915-pbfy

vulnerability	VCID-k9cg-ehdw-dbh6

vulnerability	VCID-kwab-3s4q-eka4

vulnerability	VCID-n3ab-nk7c-hqc9

vulnerability	VCID-nmq2-8ysj-4fbc

vulnerability	VCID-p8q2-pt96-5ye8

vulnerability	VCID-qkx6-32cj-jfbp

vulnerability	VCID-ran8-rnqn-tkbc

vulnerability	VCID-t2ne-75ck-eqcr

vulnerability	VCID-v7tp-1t4h-zqeg

vulnerability	VCID-vsdf-4tfj-uybe

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.51

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.31

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.31

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-46bv-6b7y-3bca

vulnerability	VCID-66kh-s6cr-tqf9

vulnerability	VCID-a8gk-n8bq-87cp

vulnerability	VCID-dy6m-zt6r-9ubd

vulnerability	VCID-dzan-r49k-kqab

vulnerability	VCID-e7kd-kk57-mkd6

vulnerability	VCID-fpgj-82wf-ykbw

vulnerability	VCID-j6cj-ftyd-3ffa

vulnerability	VCID-j8tk-s915-pbfy

vulnerability	VCID-kwab-3s4q-eka4

vulnerability	VCID-n3ab-nk7c-hqc9

vulnerability	VCID-nmq2-8ysj-4fbc

vulnerability	VCID-p8q2-pt96-5ye8

vulnerability	VCID-qkx6-32cj-jfbp

vulnerability	VCID-ran8-rnqn-tkbc

vulnerability	VCID-t2ne-75ck-eqcr

vulnerability	VCID-v7tp-1t4h-zqeg

vulnerability	VCID-vsdf-4tfj-uybe

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.31

Affected_packages

url pkg:apache/tomcat@7.0.98

purl pkg:apache/tomcat@7.0.98

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-dzpn-w4b3-vbcm

vulnerability	VCID-rq42-qvsy-hue6

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@7.0.98

url pkg:apache/tomcat@7.0.99

purl pkg:apache/tomcat@7.0.99

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-eb37-mkxf-7fgw

vulnerability	VCID-rq42-qvsy-hue6

vulnerability	VCID-yfx4-4gsc-2kgh

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@7.0.99

url pkg:apache/tomcat@8.5.48

purl pkg:apache/tomcat@8.5.48

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-rq42-qvsy-hue6

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@8.5.48

url pkg:apache/tomcat@8.5.50

purl pkg:apache/tomcat@8.5.50

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-eb37-mkxf-7fgw

vulnerability	VCID-p8q2-pt96-5ye8

vulnerability	VCID-rq42-qvsy-hue6

vulnerability	VCID-yfx4-4gsc-2kgh

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@8.5.50

url pkg:apache/tomcat@9.0.28

purl pkg:apache/tomcat@9.0.28

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-rq42-qvsy-hue6

vulnerability	VCID-ruuh-g3fa-m7d8

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@9.0.28

url pkg:apache/tomcat@9.0.30

purl pkg:apache/tomcat@9.0.30

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-eb37-mkxf-7fgw

vulnerability	VCID-p8q2-pt96-5ye8

vulnerability	VCID-rq42-qvsy-hue6

vulnerability	VCID-yfx4-4gsc-2kgh

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@9.0.30

url pkg:deb/debian/tomcat8@8.0.14-1~bpo70%2B2

purl pkg:deb/debian/tomcat8@8.0.14-1~bpo70%2B2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-18q4-zark-s7a7

vulnerability	VCID-1k8f-vsg1-k3d6

vulnerability	VCID-2sbh-sy57-3uez

vulnerability	VCID-3cr9-g81m-4ugy

vulnerability	VCID-3n4t-bvb1-5qer

vulnerability	VCID-3r3s-q21j-c3au

vulnerability	VCID-68fk-4g86-ekbp

vulnerability	VCID-7cpu-h5fr-8ffd

vulnerability	VCID-95d1-arxd-hkd1

vulnerability	VCID-9exq-fhv6-bbea

vulnerability	VCID-aeeu-fpay-wufz

vulnerability	VCID-arkn-bca7-hqam

vulnerability	VCID-bk88-51w4-mfcn

vulnerability	VCID-ce78-p29q-4khb

vulnerability	VCID-dzpn-w4b3-vbcm

vulnerability	VCID-eb37-mkxf-7fgw

vulnerability	VCID-enaj-f97c-jbh7

vulnerability	VCID-f77q-v5xp-e7dy

vulnerability	VCID-fyfz-6tr5-2fc7

vulnerability	VCID-g45v-nvj6-ekat

vulnerability	VCID-g7bk-891a-uufy

vulnerability	VCID-hmbm-5ysw-77bu

vulnerability	VCID-hves-r5bg-yfes

vulnerability	VCID-kagr-74d9-kyhx

vulnerability	VCID-kp65-9ap8-yuau

vulnerability	VCID-kyb8-rvyw-s7b1

vulnerability	VCID-m1zd-uytj-3bej

vulnerability	VCID-m2zn-ja8d-7kg8

vulnerability	VCID-n3zn-tuck-gkfe

vulnerability	VCID-p6ch-pc73-b3ck

vulnerability	VCID-pqxe-tfhk-47b7

vulnerability	VCID-qrpd-nsdz-3ba5

vulnerability	VCID-rq42-qvsy-hue6

vulnerability	VCID-ruuh-g3fa-m7d8

vulnerability	VCID-tfrs-d458-tfaq

vulnerability	VCID-vhjj-dnft-kkf4

vulnerability	VCID-wbaq-j85q-y3c6

vulnerability	VCID-xf8r-kqxb-7qdy

vulnerability	VCID-xshb-a2kb-c7gs

vulnerability	VCID-yfx4-4gsc-2kgh

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat8@8.0.14-1~bpo70%252B2

url pkg:deb/debian/tomcat8@8.0.14-1

purl pkg:deb/debian/tomcat8@8.0.14-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-18q4-zark-s7a7

vulnerability	VCID-1k8f-vsg1-k3d6

vulnerability	VCID-2sbh-sy57-3uez

vulnerability	VCID-3cr9-g81m-4ugy

vulnerability	VCID-3n4t-bvb1-5qer

vulnerability	VCID-3r3s-q21j-c3au

vulnerability	VCID-68fk-4g86-ekbp

vulnerability	VCID-7cpu-h5fr-8ffd

vulnerability	VCID-95d1-arxd-hkd1

vulnerability	VCID-9exq-fhv6-bbea

vulnerability	VCID-aeeu-fpay-wufz

vulnerability	VCID-arkn-bca7-hqam

vulnerability	VCID-bk88-51w4-mfcn

vulnerability	VCID-ce78-p29q-4khb

vulnerability	VCID-dzpn-w4b3-vbcm

vulnerability	VCID-eb37-mkxf-7fgw

vulnerability	VCID-enaj-f97c-jbh7

vulnerability	VCID-f77q-v5xp-e7dy

vulnerability	VCID-fyfz-6tr5-2fc7

vulnerability	VCID-g45v-nvj6-ekat

vulnerability	VCID-g7bk-891a-uufy

vulnerability	VCID-hmbm-5ysw-77bu

vulnerability	VCID-hves-r5bg-yfes

vulnerability	VCID-kagr-74d9-kyhx

vulnerability	VCID-kp65-9ap8-yuau

vulnerability	VCID-kyb8-rvyw-s7b1

vulnerability	VCID-m1zd-uytj-3bej

vulnerability	VCID-m2zn-ja8d-7kg8

vulnerability	VCID-n3zn-tuck-gkfe

vulnerability	VCID-p6ch-pc73-b3ck

vulnerability	VCID-pqxe-tfhk-47b7

vulnerability	VCID-qrpd-nsdz-3ba5

vulnerability	VCID-rq42-qvsy-hue6

vulnerability	VCID-ruuh-g3fa-m7d8

vulnerability	VCID-tfrs-d458-tfaq

vulnerability	VCID-vhjj-dnft-kkf4

vulnerability	VCID-wbaq-j85q-y3c6

vulnerability	VCID-xf8r-kqxb-7qdy

vulnerability	VCID-xshb-a2kb-c7gs

vulnerability	VCID-yfx4-4gsc-2kgh

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat8@8.0.14-1

url pkg:deb/debian/tomcat8@8.0.14-1%2Bdeb8u11

purl pkg:deb/debian/tomcat8@8.0.14-1%2Bdeb8u11

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2sbh-sy57-3uez

vulnerability	VCID-aeeu-fpay-wufz

vulnerability	VCID-arkn-bca7-hqam

vulnerability	VCID-dzpn-w4b3-vbcm

vulnerability	VCID-eb37-mkxf-7fgw

vulnerability	VCID-enaj-f97c-jbh7

vulnerability	VCID-f77q-v5xp-e7dy

vulnerability	VCID-fyfz-6tr5-2fc7

vulnerability	VCID-g7bk-891a-uufy

vulnerability	VCID-m2zn-ja8d-7kg8

vulnerability	VCID-n3zn-tuck-gkfe

vulnerability	VCID-rq42-qvsy-hue6

vulnerability	VCID-ruuh-g3fa-m7d8

vulnerability	VCID-wbaq-j85q-y3c6

vulnerability	VCID-xshb-a2kb-c7gs

vulnerability	VCID-yfx4-4gsc-2kgh

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat8@8.0.14-1%252Bdeb8u11

url pkg:deb/debian/tomcat8@8.5.11-1~bpo7%2B1

purl pkg:deb/debian/tomcat8@8.5.11-1~bpo7%2B1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2sbh-sy57-3uez

vulnerability	VCID-aeeu-fpay-wufz

vulnerability	VCID-arkn-bca7-hqam

vulnerability	VCID-dzpn-w4b3-vbcm

vulnerability	VCID-eb37-mkxf-7fgw

vulnerability	VCID-enaj-f97c-jbh7

vulnerability	VCID-f77q-v5xp-e7dy

vulnerability	VCID-fyfz-6tr5-2fc7

vulnerability	VCID-g7bk-891a-uufy

vulnerability	VCID-m2zn-ja8d-7kg8

vulnerability	VCID-n3zn-tuck-gkfe

vulnerability	VCID-rq42-qvsy-hue6

vulnerability	VCID-ruuh-g3fa-m7d8

vulnerability	VCID-wbaq-j85q-y3c6

vulnerability	VCID-xshb-a2kb-c7gs

vulnerability	VCID-yfx4-4gsc-2kgh

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat8@8.5.11-1~bpo7%252B1

url pkg:deb/debian/tomcat8@8.5.14-1~bpo8%2B1

purl pkg:deb/debian/tomcat8@8.5.14-1~bpo8%2B1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2sbh-sy57-3uez

vulnerability	VCID-aeeu-fpay-wufz

vulnerability	VCID-arkn-bca7-hqam

vulnerability	VCID-dzpn-w4b3-vbcm

vulnerability	VCID-eb37-mkxf-7fgw

vulnerability	VCID-enaj-f97c-jbh7

vulnerability	VCID-f77q-v5xp-e7dy

vulnerability	VCID-fyfz-6tr5-2fc7

vulnerability	VCID-g7bk-891a-uufy

vulnerability	VCID-m2zn-ja8d-7kg8

vulnerability	VCID-n3zn-tuck-gkfe

vulnerability	VCID-rq42-qvsy-hue6

vulnerability	VCID-ruuh-g3fa-m7d8

vulnerability	VCID-wbaq-j85q-y3c6

vulnerability	VCID-xshb-a2kb-c7gs

vulnerability	VCID-yfx4-4gsc-2kgh

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat8@8.5.14-1~bpo8%252B1

url pkg:deb/debian/tomcat9@9.0.31-1~deb10u6

purl pkg:deb/debian/tomcat9@9.0.31-1~deb10u6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1e6p-cppr-2bh2

vulnerability	VCID-246u-a4rh-yyd4

vulnerability	VCID-2kku-pzer-9ufv

vulnerability	VCID-2rmy-13ym-3bgm

vulnerability	VCID-2x6a-3gh1-rkhs

vulnerability	VCID-2zq1-na8s-mfdd

vulnerability	VCID-35xg-a746-5qgc

vulnerability	VCID-3vdn-j7sj-dfdn

vulnerability	VCID-43j2-w5xt-43g9

vulnerability	VCID-46bv-6b7y-3bca

vulnerability	VCID-4cag-c4pb-dfaz

vulnerability	VCID-56jv-htmt-rkew

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-5sgv-7nsz-5fa8

vulnerability	VCID-66kh-s6cr-tqf9

vulnerability	VCID-6pm1-byhk-eqfg

vulnerability	VCID-74tx-sx8a-guhs

vulnerability	VCID-885s-t4dx-dybv

vulnerability	VCID-8e1c-rbkg-v7c2

vulnerability	VCID-8mns-kw6c-a7dk

vulnerability	VCID-8myk-ac5b-huh8

vulnerability	VCID-8war-4v58-eub2

vulnerability	VCID-9kfe-1esf-uydm

vulnerability	VCID-a8gk-n8bq-87cp

vulnerability	VCID-b3bb-9ajg-sfc9

vulnerability	VCID-cfhw-vmcp-y3bc

vulnerability	VCID-d1fm-vbd1-n7au

vulnerability	VCID-dy6m-zt6r-9ubd

vulnerability	VCID-dzan-r49k-kqab

vulnerability	VCID-dzpn-w4b3-vbcm

vulnerability	VCID-eb37-mkxf-7fgw

vulnerability	VCID-fpgj-82wf-ykbw

vulnerability	VCID-gb2v-96xj-ybad

vulnerability	VCID-gvhy-d4gm-57d3

vulnerability	VCID-gyed-x6s8-ybhr

vulnerability	VCID-j6cj-ftyd-3ffa

vulnerability	VCID-j8tk-s915-pbfy

vulnerability	VCID-k59r-wjt3-wqe5

vulnerability	VCID-k9cg-ehdw-dbh6

vulnerability	VCID-kukv-k3z7-7fgs

vulnerability	VCID-kwab-3s4q-eka4

vulnerability	VCID-maw6-4qs5-ykae

vulnerability	VCID-n3ab-nk7c-hqc9

vulnerability	VCID-n9yk-e49f-n7e7

vulnerability	VCID-nmq2-8ysj-4fbc

vulnerability	VCID-nvbx-q971-skgm

vulnerability	VCID-p6pa-f1fg-hbhg

vulnerability	VCID-p8q2-pt96-5ye8

vulnerability	VCID-qkx6-32cj-jfbp

vulnerability	VCID-ran8-rnqn-tkbc

vulnerability	VCID-rq42-qvsy-hue6

vulnerability	VCID-rsxs-u5cc-rkgj

vulnerability	VCID-ruuh-g3fa-m7d8

vulnerability	VCID-rzj2-4kcj-43dq

vulnerability	VCID-sr8e-w1qk-r7fz

vulnerability	VCID-stds-vw5z-auhp

vulnerability	VCID-t2ne-75ck-eqcr

vulnerability	VCID-v7tp-1t4h-zqeg

vulnerability	VCID-v8ku-sjc8-wfga

vulnerability	VCID-vsdf-4tfj-uybe

vulnerability	VCID-wgsc-dnn1-ukeq

vulnerability	VCID-wptr-hkjx-s7c3

vulnerability	VCID-xqjr-7xfw-mbh2

vulnerability	VCID-xt59-cnmj-2bf8

vulnerability	VCID-y9ne-rw7e-vugf

vulnerability	VCID-yfx4-4gsc-2kgh

vulnerability	VCID-yrzk-1dbk-muhy

vulnerability	VCID-z2pq-cv2w-nfdk

vulnerability	VCID-zw2q-kna8-mqcm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat9@9.0.31-1~deb10u6

url pkg:maven/org.apache.tomcat/tomcat@7.0.98

purl pkg:maven/org.apache.tomcat/tomcat@7.0.98

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-dzpn-w4b3-vbcm

vulnerability	VCID-rq42-qvsy-hue6

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@7.0.98

url pkg:maven/org.apache.tomcat/tomcat@7.0.99

purl pkg:maven/org.apache.tomcat/tomcat@7.0.99

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-a8gk-n8bq-87cp

vulnerability	VCID-e7kd-kk57-mkd6

vulnerability	VCID-eb37-mkxf-7fgw

vulnerability	VCID-kwab-3s4q-eka4

vulnerability	VCID-rq42-qvsy-hue6

vulnerability	VCID-yfx4-4gsc-2kgh

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@7.0.99

url pkg:maven/org.apache.tomcat/tomcat@8.5.48

purl pkg:maven/org.apache.tomcat/tomcat@8.5.48

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-rq42-qvsy-hue6

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@8.5.48

url pkg:maven/org.apache.tomcat/tomcat@8.5.49

purl pkg:maven/org.apache.tomcat/tomcat@8.5.49

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-46bv-6b7y-3bca

vulnerability	VCID-a8gk-n8bq-87cp

vulnerability	VCID-ayrd-8ntf-hkh3

vulnerability	VCID-b3bb-9ajg-sfc9

vulnerability	VCID-dy6m-zt6r-9ubd

vulnerability	VCID-dzpn-w4b3-vbcm

vulnerability	VCID-eb37-mkxf-7fgw

vulnerability	VCID-g7bk-891a-uufy

vulnerability	VCID-j8tk-s915-pbfy

vulnerability	VCID-k9cg-ehdw-dbh6

vulnerability	VCID-kwab-3s4q-eka4

vulnerability	VCID-nmq2-8ysj-4fbc

vulnerability	VCID-qkx6-32cj-jfbp

vulnerability	VCID-ran8-rnqn-tkbc

vulnerability	VCID-rq42-qvsy-hue6

vulnerability	VCID-yfx4-4gsc-2kgh

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@8.5.49

url pkg:maven/org.apache.tomcat/tomcat@8.5.50

purl pkg:maven/org.apache.tomcat/tomcat@8.5.50

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-46bv-6b7y-3bca

vulnerability	VCID-a8gk-n8bq-87cp

vulnerability	VCID-ayrd-8ntf-hkh3

vulnerability	VCID-b3bb-9ajg-sfc9

vulnerability	VCID-dy6m-zt6r-9ubd

vulnerability	VCID-eb37-mkxf-7fgw

vulnerability	VCID-g7bk-891a-uufy

vulnerability	VCID-j8tk-s915-pbfy

vulnerability	VCID-k9cg-ehdw-dbh6

vulnerability	VCID-kwab-3s4q-eka4

vulnerability	VCID-nmq2-8ysj-4fbc

vulnerability	VCID-p8q2-pt96-5ye8

vulnerability	VCID-qkx6-32cj-jfbp

vulnerability	VCID-ran8-rnqn-tkbc

vulnerability	VCID-rq42-qvsy-hue6

vulnerability	VCID-yfx4-4gsc-2kgh

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@8.5.50

url pkg:maven/org.apache.tomcat/tomcat@9.0.28

purl pkg:maven/org.apache.tomcat/tomcat@9.0.28

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-rq42-qvsy-hue6

vulnerability	VCID-ruuh-g3fa-m7d8

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.28

url pkg:maven/org.apache.tomcat/tomcat@9.0.29

purl pkg:maven/org.apache.tomcat/tomcat@9.0.29

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-46bv-6b7y-3bca

vulnerability	VCID-a8gk-n8bq-87cp

vulnerability	VCID-b3bb-9ajg-sfc9

vulnerability	VCID-dy6m-zt6r-9ubd

vulnerability	VCID-dzpn-w4b3-vbcm

vulnerability	VCID-e7kd-kk57-mkd6

vulnerability	VCID-eb37-mkxf-7fgw

vulnerability	VCID-j8tk-s915-pbfy

vulnerability	VCID-k9cg-ehdw-dbh6

vulnerability	VCID-kwab-3s4q-eka4

vulnerability	VCID-nmq2-8ysj-4fbc

vulnerability	VCID-qkx6-32cj-jfbp

vulnerability	VCID-ran8-rnqn-tkbc

vulnerability	VCID-rq42-qvsy-hue6

vulnerability	VCID-yfx4-4gsc-2kgh

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.29

url pkg:maven/org.apache.tomcat/tomcat@9.0.30

purl pkg:maven/org.apache.tomcat/tomcat@9.0.30

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-46bv-6b7y-3bca

vulnerability	VCID-a8gk-n8bq-87cp

vulnerability	VCID-b3bb-9ajg-sfc9

vulnerability	VCID-dy6m-zt6r-9ubd

vulnerability	VCID-e7kd-kk57-mkd6

vulnerability	VCID-eb37-mkxf-7fgw

vulnerability	VCID-j8tk-s915-pbfy

vulnerability	VCID-k9cg-ehdw-dbh6

vulnerability	VCID-kwab-3s4q-eka4

vulnerability	VCID-nmq2-8ysj-4fbc

vulnerability	VCID-p8q2-pt96-5ye8

vulnerability	VCID-qkx6-32cj-jfbp

vulnerability	VCID-ran8-rnqn-tkbc

vulnerability	VCID-rq42-qvsy-hue6

vulnerability	VCID-yfx4-4gsc-2kgh

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.30

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@7.0.98

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@7.0.98

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-rq42-qvsy-hue6

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@7.0.98

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@7.0.99

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@7.0.99

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-66kh-s6cr-tqf9

vulnerability	VCID-a8gk-n8bq-87cp

vulnerability	VCID-e7kd-kk57-mkd6

vulnerability	VCID-kwab-3s4q-eka4

vulnerability	VCID-n3ab-nk7c-hqc9

vulnerability	VCID-rq42-qvsy-hue6

vulnerability	VCID-yfx4-4gsc-2kgh

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@7.0.99

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.48

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.48

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-rq42-qvsy-hue6

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.48

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.49

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.49

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-46bv-6b7y-3bca

vulnerability	VCID-66kh-s6cr-tqf9

vulnerability	VCID-a8gk-n8bq-87cp

vulnerability	VCID-ayrd-8ntf-hkh3

vulnerability	VCID-dy6m-zt6r-9ubd

vulnerability	VCID-dzan-r49k-kqab

vulnerability	VCID-dzpn-w4b3-vbcm

vulnerability	VCID-fpgj-82wf-ykbw

vulnerability	VCID-j6cj-ftyd-3ffa

vulnerability	VCID-j8tk-s915-pbfy

vulnerability	VCID-k9cg-ehdw-dbh6

vulnerability	VCID-kwab-3s4q-eka4

vulnerability	VCID-n3ab-nk7c-hqc9

vulnerability	VCID-nmq2-8ysj-4fbc

vulnerability	VCID-qkx6-32cj-jfbp

vulnerability	VCID-ran8-rnqn-tkbc

vulnerability	VCID-rq42-qvsy-hue6

vulnerability	VCID-t2ne-75ck-eqcr

vulnerability	VCID-v7tp-1t4h-zqeg

vulnerability	VCID-vsdf-4tfj-uybe

vulnerability	VCID-yfx4-4gsc-2kgh

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.49

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.50

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.50

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-46bv-6b7y-3bca

vulnerability	VCID-66kh-s6cr-tqf9

vulnerability	VCID-a8gk-n8bq-87cp

vulnerability	VCID-ayrd-8ntf-hkh3

vulnerability	VCID-dy6m-zt6r-9ubd

vulnerability	VCID-dzan-r49k-kqab

vulnerability	VCID-fpgj-82wf-ykbw

vulnerability	VCID-j6cj-ftyd-3ffa

vulnerability	VCID-j8tk-s915-pbfy

vulnerability	VCID-k9cg-ehdw-dbh6

vulnerability	VCID-kwab-3s4q-eka4

vulnerability	VCID-n3ab-nk7c-hqc9

vulnerability	VCID-nmq2-8ysj-4fbc

vulnerability	VCID-p8q2-pt96-5ye8

vulnerability	VCID-qkx6-32cj-jfbp

vulnerability	VCID-ran8-rnqn-tkbc

vulnerability	VCID-rq42-qvsy-hue6

vulnerability	VCID-t2ne-75ck-eqcr

vulnerability	VCID-v7tp-1t4h-zqeg

vulnerability	VCID-vsdf-4tfj-uybe

vulnerability	VCID-yfx4-4gsc-2kgh

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.50

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.28

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.28

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-rq42-qvsy-hue6

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.28

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.29

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.29

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-46bv-6b7y-3bca

vulnerability	VCID-66kh-s6cr-tqf9

vulnerability	VCID-a8gk-n8bq-87cp

vulnerability	VCID-dy6m-zt6r-9ubd

vulnerability	VCID-dzan-r49k-kqab

vulnerability	VCID-dzpn-w4b3-vbcm

vulnerability	VCID-e7kd-kk57-mkd6

vulnerability	VCID-fpgj-82wf-ykbw

vulnerability	VCID-j6cj-ftyd-3ffa

vulnerability	VCID-j8tk-s915-pbfy

vulnerability	VCID-kwab-3s4q-eka4

vulnerability	VCID-n3ab-nk7c-hqc9

vulnerability	VCID-nmq2-8ysj-4fbc

vulnerability	VCID-qkx6-32cj-jfbp

vulnerability	VCID-ran8-rnqn-tkbc

vulnerability	VCID-rq42-qvsy-hue6

vulnerability	VCID-t2ne-75ck-eqcr

vulnerability	VCID-v7tp-1t4h-zqeg

vulnerability	VCID-vsdf-4tfj-uybe

vulnerability	VCID-yfx4-4gsc-2kgh

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.29

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.30

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.30

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-46bv-6b7y-3bca

vulnerability	VCID-66kh-s6cr-tqf9

vulnerability	VCID-a8gk-n8bq-87cp

vulnerability	VCID-dy6m-zt6r-9ubd

vulnerability	VCID-dzan-r49k-kqab

vulnerability	VCID-e7kd-kk57-mkd6

vulnerability	VCID-fpgj-82wf-ykbw

vulnerability	VCID-j6cj-ftyd-3ffa

vulnerability	VCID-j8tk-s915-pbfy

vulnerability	VCID-kwab-3s4q-eka4

vulnerability	VCID-n3ab-nk7c-hqc9

vulnerability	VCID-nmq2-8ysj-4fbc

vulnerability	VCID-p8q2-pt96-5ye8

vulnerability	VCID-qkx6-32cj-jfbp

vulnerability	VCID-ran8-rnqn-tkbc

vulnerability	VCID-rq42-qvsy-hue6

vulnerability	VCID-t2ne-75ck-eqcr

vulnerability	VCID-v7tp-1t4h-zqeg

vulnerability	VCID-vsdf-4tfj-uybe

vulnerability	VCID-yfx4-4gsc-2kgh

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.30

url pkg:rpm/redhat/jws5-tomcat@9.0.30-3.redhat_4.1?arch=el8jws

purl pkg:rpm/redhat/jws5-tomcat@9.0.30-3.redhat_4.1?arch=el8jws

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-dzpn-w4b3-vbcm

vulnerability	VCID-eb37-mkxf-7fgw

vulnerability	VCID-rq42-qvsy-hue6

vulnerability	VCID-ruuh-g3fa-m7d8

vulnerability	VCID-yfx4-4gsc-2kgh

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jws5-tomcat@9.0.30-3.redhat_4.1%3Farch=el8jws

url pkg:rpm/redhat/jws5-tomcat@9.0.30-3.redhat_4.1?arch=el7jws

purl pkg:rpm/redhat/jws5-tomcat@9.0.30-3.redhat_4.1?arch=el7jws

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-dzpn-w4b3-vbcm

vulnerability	VCID-eb37-mkxf-7fgw

vulnerability	VCID-rq42-qvsy-hue6

vulnerability	VCID-ruuh-g3fa-m7d8

vulnerability	VCID-yfx4-4gsc-2kgh

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jws5-tomcat@9.0.30-3.redhat_4.1%3Farch=el7jws

url pkg:rpm/redhat/jws5-tomcat@9.0.30-3.redhat_4.1?arch=el6jws

purl pkg:rpm/redhat/jws5-tomcat@9.0.30-3.redhat_4.1?arch=el6jws

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-dzpn-w4b3-vbcm

vulnerability	VCID-eb37-mkxf-7fgw

vulnerability	VCID-rq42-qvsy-hue6

vulnerability	VCID-ruuh-g3fa-m7d8

vulnerability	VCID-yfx4-4gsc-2kgh

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jws5-tomcat@9.0.30-3.redhat_4.1%3Farch=el6jws

url pkg:rpm/redhat/jws5-tomcat-native@1.2.23-4.redhat_4?arch=el7jws

purl pkg:rpm/redhat/jws5-tomcat-native@1.2.23-4.redhat_4?arch=el7jws

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-dzpn-w4b3-vbcm

vulnerability	VCID-eb37-mkxf-7fgw

vulnerability	VCID-rq42-qvsy-hue6

vulnerability	VCID-ruuh-g3fa-m7d8

vulnerability	VCID-yfx4-4gsc-2kgh

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jws5-tomcat-native@1.2.23-4.redhat_4%3Farch=el7jws

url pkg:rpm/redhat/jws5-tomcat-native@1.2.23-4.redhat_4?arch=el8jws

purl pkg:rpm/redhat/jws5-tomcat-native@1.2.23-4.redhat_4?arch=el8jws

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-dzpn-w4b3-vbcm

vulnerability	VCID-eb37-mkxf-7fgw

vulnerability	VCID-rq42-qvsy-hue6

vulnerability	VCID-ruuh-g3fa-m7d8

vulnerability	VCID-yfx4-4gsc-2kgh

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jws5-tomcat-native@1.2.23-4.redhat_4%3Farch=el8jws

url pkg:rpm/redhat/jws5-tomcat-native@1.2.23-4.redhat_4?arch=el6jws

purl pkg:rpm/redhat/jws5-tomcat-native@1.2.23-4.redhat_4?arch=el6jws

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-dzpn-w4b3-vbcm

vulnerability	VCID-eb37-mkxf-7fgw

vulnerability	VCID-rq42-qvsy-hue6

vulnerability	VCID-ruuh-g3fa-m7d8

vulnerability	VCID-yfx4-4gsc-2kgh

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jws5-tomcat-native@1.2.23-4.redhat_4%3Farch=el6jws

References

reference_url

http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00025.html

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00025.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17569.json

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17569.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-17569

reference_id

reference_type

scores

value	0.06163
scoring_system	epss
scoring_elements	0.90835
published_at	2026-04-12T12:55:00Z

value	0.06163
scoring_system	epss
scoring_elements	0.90834
published_at	2026-04-11T12:55:00Z

value	0.06163
scoring_system	epss
scoring_elements	0.90826
published_at	2026-04-09T12:55:00Z

value	0.06163
scoring_system	epss
scoring_elements	0.90819
published_at	2026-04-08T12:55:00Z

value	0.06163
scoring_system	epss
scoring_elements	0.90808
published_at	2026-04-07T12:55:00Z

value	0.06163
scoring_system	epss
scoring_elements	0.90797
published_at	2026-04-04T12:55:00Z

value	0.06163
scoring_system	epss
scoring_elements	0.90786
published_at	2026-04-02T12:55:00Z

value	0.06163
scoring_system	epss
scoring_elements	0.9078
published_at	2026-04-01T12:55:00Z

value	0.06163
scoring_system	epss
scoring_elements	0.90832
published_at	2026-04-13T12:55:00Z

value	0.06163
scoring_system	epss
scoring_elements	0.90852
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-17569

reference_url	https://github.com/apache/tomcat/commit/060ecc5eb839208687b7fcc9e35287ac8eb46998
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/060ecc5eb839208687b7fcc9e35287ac8eb46998

reference_url	https://github.com/apache/tomcat/commit/959f1dfd767bf3cb64776b44f7395d1d8d8f7ab3
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/959f1dfd767bf3cb64776b44f7395d1d8d8f7ab3

reference_url	https://github.com/apache/tomcat/commit/b191a0d9cf06f4e04257c221bfe41d2b108a9cc8
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/b191a0d9cf06f4e04257c221bfe41d2b108a9cc8

reference_url

https://lists.apache.org/thread.html/r7bc994c965a34876bd94d5ff15b4e1e30b6220a15eb9b47c81915b78@%3Ccommits.tomee.apache.org%3E

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r7bc994c965a34876bd94d5ff15b4e1e30b6220a15eb9b47c81915b78@%3Ccommits.tomee.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r88def002c5c78534674ca67472e035099fbe088813d50062094a1390%40%3Cannounce.tomcat.apache.org%3E

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r88def002c5c78534674ca67472e035099fbe088813d50062094a1390%40%3Cannounce.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rc31cbabb46cdc58bbdd8519a8f64b6236b2635a3922bbeba0f0e3743@%3Ccommits.tomee.apache.org%3E

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rc31cbabb46cdc58bbdd8519a8f64b6236b2635a3922bbeba0f0e3743@%3Ccommits.tomee.apache.org%3E

reference_url

https://lists.debian.org/debian-lts-announce/2020/03/msg00006.html

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2020/03/msg00006.html

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-17569

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2019-17569

reference_url

https://security.netapp.com/advisory/ntap-20200327-0005

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20200327-0005

reference_url	https://security.netapp.com/advisory/ntap-20200327-0005/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20200327-0005/

reference_url

https://www.debian.org/security/2020/dsa-4673

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://www.debian.org/security/2020/dsa-4673

reference_url

https://www.debian.org/security/2020/dsa-4680

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://www.debian.org/security/2020/dsa-4680

reference_url

https://www.oracle.com/security-alerts/cpujan2021.html

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpujan2021.html

reference_url

https://www.oracle.com/security-alerts/cpujul2020.html

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpujul2020.html

reference_url

https://www.oracle.com/security-alerts/cpuoct2020.html

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuoct2020.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1806849
reference_id	1806849
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1806849

reference_url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17569

reference_id

CVE-2019-17569

reference_type

scores

value	Low
scoring_system	apache_tomcat
scoring_elements

url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17569

reference_url

https://github.com/advisories/GHSA-767j-jfh2-jvrc

reference_id

GHSA-767j-jfh2-jvrc

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-767j-jfh2-jvrc

reference_url	https://access.redhat.com/errata/RHSA-2020:1520
reference_id	RHSA-2020:1520
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1520

reference_url	https://access.redhat.com/errata/RHSA-2020:1521
reference_id	RHSA-2020:1521
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1521

Weaknesses

cwe_id	444
name	Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
description	The product acts as an intermediary HTTP agent (such as a proxy or firewall) in the data flow between two entities such as a client and server, but it does not interpret malformed HTTP requests or responses in ways that are consistent with how the messages will be processed by those entities that are at the ultimate destination.

cwe_id	1035
name	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.

cwe_id	707
name	Improper Neutralization
description	The product does not ensure or incorrectly ensures that structured messages or data are well-formed and that certain security properties are met before being read from an upstream component or sent to a downstream component.

cwe_id	937
name	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.

Exploits

Severity_range_score 0.1 - 6.9

Exploitability 0.5

Weighted_severity 6.2

Risk_score 3.1

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rq42-qvsy-hue6

Vulnerability Instance