Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-6wvu-2rmc-mfhj

Summary An information disclosure issue was discovered in Apache Tomcat 8.5.7 to 8.5.9 and 9.0.0.M11 to 9.0.0.M15 in reverse-proxy configurations. Http11InputBuffer.java allows remote attackers to read data that was intended to be associated with a different request.

Aliases

alias	CVE-2016-8747

alias	GHSA-fjwp-r6fm-q6qw

Fixed_packages

url pkg:apache/tomcat@8.5.11

purl pkg:apache/tomcat@8.5.11

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-hmbm-5ysw-77bu

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@8.5.11

url pkg:apache/tomcat@9.0.0%2BM17

purl pkg:apache/tomcat@9.0.0%2BM17

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-hmbm-5ysw-77bu

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@9.0.0%252BM17

url pkg:maven/org.apache.tomcat/tomcat@8.5.11

purl pkg:maven/org.apache.tomcat/tomcat@8.5.11

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1hdb-24e3-f3d6

vulnerability	VCID-2sbh-sy57-3uez

vulnerability	VCID-39e3-jfbg-s3hk

vulnerability	VCID-46bv-6b7y-3bca

vulnerability	VCID-4aaa-errb-2qdw

vulnerability	VCID-4tf3-7f5b-2ffu

vulnerability	VCID-a8gk-n8bq-87cp

vulnerability	VCID-aeeu-fpay-wufz

vulnerability	VCID-arkn-bca7-hqam

vulnerability	VCID-ayrd-8ntf-hkh3

vulnerability	VCID-b3bb-9ajg-sfc9

vulnerability	VCID-dy6m-zt6r-9ubd

vulnerability	VCID-dzpn-w4b3-vbcm

vulnerability	VCID-eb37-mkxf-7fgw

vulnerability	VCID-enaj-f97c-jbh7

vulnerability	VCID-f77q-v5xp-e7dy

vulnerability	VCID-fyfz-6tr5-2fc7

vulnerability	VCID-g7bk-891a-uufy

vulnerability	VCID-hmbm-5ysw-77bu

vulnerability	VCID-j8tk-s915-pbfy

vulnerability	VCID-k9cg-ehdw-dbh6

vulnerability	VCID-kwab-3s4q-eka4

vulnerability	VCID-m1zd-uytj-3bej

vulnerability	VCID-m2zn-ja8d-7kg8

vulnerability	VCID-n3zn-tuck-gkfe

vulnerability	VCID-nmq2-8ysj-4fbc

vulnerability	VCID-ran8-rnqn-tkbc

vulnerability	VCID-ruuh-g3fa-m7d8

vulnerability	VCID-u3ck-cvgt-fuhd

vulnerability	VCID-wbaq-j85q-y3c6

vulnerability	VCID-xshb-a2kb-c7gs

vulnerability	VCID-yfx4-4gsc-2kgh

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@8.5.11

url pkg:maven/org.apache.tomcat/tomcat@9.0.0.M17

purl pkg:maven/org.apache.tomcat/tomcat@9.0.0.M17

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1hdb-24e3-f3d6

vulnerability	VCID-4tf3-7f5b-2ffu

vulnerability	VCID-ayrd-8ntf-hkh3

vulnerability	VCID-dzpn-w4b3-vbcm

vulnerability	VCID-fyfz-6tr5-2fc7

vulnerability	VCID-g7bk-891a-uufy

vulnerability	VCID-hmbm-5ysw-77bu

vulnerability	VCID-k9cg-ehdw-dbh6

vulnerability	VCID-m1zd-uytj-3bej

vulnerability	VCID-ruuh-g3fa-m7d8

vulnerability	VCID-u3ck-cvgt-fuhd

vulnerability	VCID-wbaq-j85q-y3c6

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.0.M17

Affected_packages

url pkg:apache/tomcat@8.5.7

purl pkg:apache/tomcat@8.5.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6wvu-2rmc-mfhj

vulnerability	VCID-k9cg-ehdw-dbh6

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@8.5.7

url pkg:apache/tomcat@8.5.9

purl pkg:apache/tomcat@8.5.9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6wvu-2rmc-mfhj

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@8.5.9

url pkg:apache/tomcat@9.0.0%2BM11

purl pkg:apache/tomcat@9.0.0%2BM11

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3r3s-q21j-c3au

vulnerability	VCID-6wvu-2rmc-mfhj

vulnerability	VCID-95d1-arxd-hkd1

vulnerability	VCID-xqjr-7xfw-mbh2

vulnerability	VCID-yxpq-rrry-j3h8

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@9.0.0%252BM11

url pkg:apache/tomcat@9.0.0%2BM15

purl pkg:apache/tomcat@9.0.0%2BM15

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6wvu-2rmc-mfhj

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@9.0.0%252BM15

url pkg:maven/org.apache.tomcat/tomcat@8.5.7

purl pkg:maven/org.apache.tomcat/tomcat@8.5.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6wvu-2rmc-mfhj

vulnerability	VCID-k9cg-ehdw-dbh6

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@8.5.7

url pkg:maven/org.apache.tomcat/tomcat@8.5.8

purl pkg:maven/org.apache.tomcat/tomcat@8.5.8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1hdb-24e3-f3d6

vulnerability	VCID-2sbh-sy57-3uez

vulnerability	VCID-39e3-jfbg-s3hk

vulnerability	VCID-46bv-6b7y-3bca

vulnerability	VCID-4aaa-errb-2qdw

vulnerability	VCID-4tf3-7f5b-2ffu

vulnerability	VCID-6wvu-2rmc-mfhj

vulnerability	VCID-a8gk-n8bq-87cp

vulnerability	VCID-aeeu-fpay-wufz

vulnerability	VCID-arkn-bca7-hqam

vulnerability	VCID-ayrd-8ntf-hkh3

vulnerability	VCID-b3bb-9ajg-sfc9

vulnerability	VCID-dy6m-zt6r-9ubd

vulnerability	VCID-dzpn-w4b3-vbcm

vulnerability	VCID-eb37-mkxf-7fgw

vulnerability	VCID-enaj-f97c-jbh7

vulnerability	VCID-f77q-v5xp-e7dy

vulnerability	VCID-fyfz-6tr5-2fc7

vulnerability	VCID-g7bk-891a-uufy

vulnerability	VCID-hmbm-5ysw-77bu

vulnerability	VCID-hves-r5bg-yfes

vulnerability	VCID-j8tk-s915-pbfy

vulnerability	VCID-k9cg-ehdw-dbh6

vulnerability	VCID-kwab-3s4q-eka4

vulnerability	VCID-m1zd-uytj-3bej

vulnerability	VCID-m2zn-ja8d-7kg8

vulnerability	VCID-n3zn-tuck-gkfe

vulnerability	VCID-nmq2-8ysj-4fbc

vulnerability	VCID-ran8-rnqn-tkbc

vulnerability	VCID-ruuh-g3fa-m7d8

vulnerability	VCID-u3ck-cvgt-fuhd

vulnerability	VCID-wbaq-j85q-y3c6

vulnerability	VCID-xshb-a2kb-c7gs

vulnerability	VCID-yfx4-4gsc-2kgh

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@8.5.8

url pkg:maven/org.apache.tomcat/tomcat@8.5.9

purl pkg:maven/org.apache.tomcat/tomcat@8.5.9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1hdb-24e3-f3d6

vulnerability	VCID-2sbh-sy57-3uez

vulnerability	VCID-39e3-jfbg-s3hk

vulnerability	VCID-46bv-6b7y-3bca

vulnerability	VCID-4aaa-errb-2qdw

vulnerability	VCID-4tf3-7f5b-2ffu

vulnerability	VCID-6wvu-2rmc-mfhj

vulnerability	VCID-a8gk-n8bq-87cp

vulnerability	VCID-aeeu-fpay-wufz

vulnerability	VCID-arkn-bca7-hqam

vulnerability	VCID-ayrd-8ntf-hkh3

vulnerability	VCID-b3bb-9ajg-sfc9

vulnerability	VCID-dy6m-zt6r-9ubd

vulnerability	VCID-dzpn-w4b3-vbcm

vulnerability	VCID-eb37-mkxf-7fgw

vulnerability	VCID-enaj-f97c-jbh7

vulnerability	VCID-f77q-v5xp-e7dy

vulnerability	VCID-fyfz-6tr5-2fc7

vulnerability	VCID-g7bk-891a-uufy

vulnerability	VCID-hmbm-5ysw-77bu

vulnerability	VCID-j8tk-s915-pbfy

vulnerability	VCID-k9cg-ehdw-dbh6

vulnerability	VCID-kwab-3s4q-eka4

vulnerability	VCID-m1zd-uytj-3bej

vulnerability	VCID-m2zn-ja8d-7kg8

vulnerability	VCID-n3zn-tuck-gkfe

vulnerability	VCID-nmq2-8ysj-4fbc

vulnerability	VCID-ran8-rnqn-tkbc

vulnerability	VCID-ruuh-g3fa-m7d8

vulnerability	VCID-u3ck-cvgt-fuhd

vulnerability	VCID-wbaq-j85q-y3c6

vulnerability	VCID-xshb-a2kb-c7gs

vulnerability	VCID-yfx4-4gsc-2kgh

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@8.5.9

url pkg:maven/org.apache.tomcat/tomcat@9.0.0.M11

purl pkg:maven/org.apache.tomcat/tomcat@9.0.0.M11

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1hdb-24e3-f3d6

vulnerability	VCID-3r3s-q21j-c3au

vulnerability	VCID-4tf3-7f5b-2ffu

vulnerability	VCID-6wvu-2rmc-mfhj

vulnerability	VCID-95d1-arxd-hkd1

vulnerability	VCID-ayrd-8ntf-hkh3

vulnerability	VCID-dzpn-w4b3-vbcm

vulnerability	VCID-fyfz-6tr5-2fc7

vulnerability	VCID-g7bk-891a-uufy

vulnerability	VCID-hmbm-5ysw-77bu

vulnerability	VCID-k9cg-ehdw-dbh6

vulnerability	VCID-m1zd-uytj-3bej

vulnerability	VCID-ruuh-g3fa-m7d8

vulnerability	VCID-u3ck-cvgt-fuhd

vulnerability	VCID-wbaq-j85q-y3c6

vulnerability	VCID-xqjr-7xfw-mbh2

vulnerability	VCID-yxpq-rrry-j3h8

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.0.M11

url pkg:maven/org.apache.tomcat/tomcat@9.0.0.M13

purl pkg:maven/org.apache.tomcat/tomcat@9.0.0.M13

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1hdb-24e3-f3d6

vulnerability	VCID-4tf3-7f5b-2ffu

vulnerability	VCID-6wvu-2rmc-mfhj

vulnerability	VCID-ayrd-8ntf-hkh3

vulnerability	VCID-dzpn-w4b3-vbcm

vulnerability	VCID-fyfz-6tr5-2fc7

vulnerability	VCID-g7bk-891a-uufy

vulnerability	VCID-hmbm-5ysw-77bu

vulnerability	VCID-hves-r5bg-yfes

vulnerability	VCID-k9cg-ehdw-dbh6

vulnerability	VCID-m1zd-uytj-3bej

vulnerability	VCID-ruuh-g3fa-m7d8

vulnerability	VCID-u3ck-cvgt-fuhd

vulnerability	VCID-wbaq-j85q-y3c6

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.0.M13

url pkg:maven/org.apache.tomcat/tomcat@9.0.0.M15

purl pkg:maven/org.apache.tomcat/tomcat@9.0.0.M15

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1hdb-24e3-f3d6

vulnerability	VCID-4tf3-7f5b-2ffu

vulnerability	VCID-6wvu-2rmc-mfhj

vulnerability	VCID-ayrd-8ntf-hkh3

vulnerability	VCID-dzpn-w4b3-vbcm

vulnerability	VCID-fyfz-6tr5-2fc7

vulnerability	VCID-g7bk-891a-uufy

vulnerability	VCID-hmbm-5ysw-77bu

vulnerability	VCID-k9cg-ehdw-dbh6

vulnerability	VCID-m1zd-uytj-3bej

vulnerability	VCID-ruuh-g3fa-m7d8

vulnerability	VCID-u3ck-cvgt-fuhd

vulnerability	VCID-wbaq-j85q-y3c6

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.0.M15

References

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8747.json

reference_id

reference_type

scores

value	4.7
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8747.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-8747

reference_id

reference_type

scores

value	0.02945
scoring_system	epss
scoring_elements	0.86465
published_at	2026-04-18T12:55:00Z

value	0.03149
scoring_system	epss
scoring_elements	0.86894
published_at	2026-04-13T12:55:00Z

value	0.03149
scoring_system	epss
scoring_elements	0.86899
published_at	2026-04-12T12:55:00Z

value	0.03149
scoring_system	epss
scoring_elements	0.86904
published_at	2026-04-11T12:55:00Z

value	0.03149
scoring_system	epss
scoring_elements	0.86891
published_at	2026-04-09T12:55:00Z

value	0.03149
scoring_system	epss
scoring_elements	0.86883
published_at	2026-04-08T12:55:00Z

value	0.03149
scoring_system	epss
scoring_elements	0.86863
published_at	2026-04-07T12:55:00Z

value	0.03149
scoring_system	epss
scoring_elements	0.86869
published_at	2026-04-04T12:55:00Z

value	0.03149
scoring_system	epss
scoring_elements	0.8685
published_at	2026-04-02T12:55:00Z

value	0.03149
scoring_system	epss
scoring_elements	0.8684
published_at	2026-04-01T12:55:00Z

value	0.03149
scoring_system	epss
scoring_elements	0.86911
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-8747

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/apache/tomcat

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat

reference_url	https://github.com/apache/tomcat85/commit/9601a937ff3b7ef5d04b2a0e950d0e44e1bb4cbd
reference_id
reference_type
scores
url	https://github.com/apache/tomcat85/commit/9601a937ff3b7ef5d04b2a0e950d0e44e1bb4cbd

reference_url

https://github.com/apache/tomcat/commit/452c8094a665ef6375530e81c033da4eeb2e4865

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/452c8094a665ef6375530e81c033da4eeb2e4865

reference_url

https://github.com/apache/tomcat/commit/9601a937ff3b7ef5d04b2a0e950d0e44e1bb4cbd

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/9601a937ff3b7ef5d04b2a0e950d0e44e1bb4cbd

reference_url

https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:30:18Z/

url

https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:30:18Z/

url

https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a%40%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:30:18Z/

url

https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a%40%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:30:18Z/

url

https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d%40%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:30:18Z/

url

https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d%40%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0%40%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:30:18Z/

url

https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0%40%3Cdev.tomcat.apache.org%3E

reference_url

https://security.netapp.com/advisory/ntap-20180614-0002

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20180614-0002

reference_url	https://svn.apache.org/viewvc?view=rev&rev=1774161
reference_id
reference_type
scores
url	https://svn.apache.org/viewvc?view=rev&rev=1774161

reference_url	https://svn.apache.org/viewvc?view=rev&rev=1774166
reference_id
reference_type
scores
url	https://svn.apache.org/viewvc?view=rev&rev=1774166

reference_url

http://svn.apache.org/viewvc?view=revision&revision=1774161

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:30:18Z/

url

http://svn.apache.org/viewvc?view=revision&revision=1774161

reference_url

http://svn.apache.org/viewvc?view=revision&revision=1774166

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:30:18Z/

url

http://svn.apache.org/viewvc?view=revision&revision=1774166

reference_url

https://web.archive.org/web/20200227183332/http://www.securityfocus.com/bid/96895

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20200227183332/http://www.securityfocus.com/bid/96895

reference_url

http://tomcat.apache.org/security-8.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:30:18Z/

url

http://tomcat.apache.org/security-8.html

reference_url

http://tomcat.apache.org/security-9.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:30:18Z/

url

http://tomcat.apache.org/security-9.html

reference_url

http://www.securityfocus.com/bid/96895

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:30:18Z/

url

http://www.securityfocus.com/bid/96895

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1432006
reference_id	1432006
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1432006

reference_url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8747

reference_id

CVE-2016-8747

reference_type

scores

value	Moderate
scoring_system	apache_tomcat
scoring_elements

url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8747

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-8747

reference_id

CVE-2016-8747

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2016-8747

reference_url

https://github.com/advisories/GHSA-fjwp-r6fm-q6qw

reference_id

GHSA-fjwp-r6fm-q6qw

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-fjwp-r6fm-q6qw

reference_url

https://security.netapp.com/advisory/ntap-20180614-0002/

reference_id

ntap-20180614-0002

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:30:18Z/

url

https://security.netapp.com/advisory/ntap-20180614-0002/

Weaknesses

cwe_id	200
name	Exposure of Sensitive Information to an Unauthorized Actor
description	The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

cwe_id	937
name	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.

cwe_id	1035
name	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.

Exploits

Severity_range_score 4.0 - 8.9

Exploitability 0.5

Weighted_severity 8.0

Risk_score 4.0

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6wvu-2rmc-mfhj

Vulnerability Instance