Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-2sr7-c3j5-cfhg
Summaryjava/org/apache/coyote/ajp/AbstractAjpProcessor.java in Apache Tomcat 8.x before 8.0.4 allows remote attackers to cause a denial of service (thread consumption) by using a "Content-Length: 0" AJP request to trigger a hang in request processing.
Aliases
0
alias CVE-2014-0095
1
alias GHSA-wf5v-jhxj-q632
Fixed_packages
0
url pkg:apache/tomcat@8.0.5
purl pkg:apache/tomcat@8.0.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jf7u-dvpd-b7f4
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@8.0.5
1
url pkg:maven/org.apache.tomcat/tomcat@8.0.5
purl pkg:maven/org.apache.tomcat/tomcat@8.0.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-18q4-zark-s7a7
1
vulnerability VCID-1k8f-vsg1-k3d6
2
vulnerability VCID-2sbh-sy57-3uez
3
vulnerability VCID-3n4t-bvb1-5qer
4
vulnerability VCID-3r3s-q21j-c3au
5
vulnerability VCID-4mkw-7haq-pkgn
6
vulnerability VCID-7cpu-h5fr-8ffd
7
vulnerability VCID-95d1-arxd-hkd1
8
vulnerability VCID-9exq-fhv6-bbea
9
vulnerability VCID-a1by-zvtm-akdc
10
vulnerability VCID-aeeu-fpay-wufz
11
vulnerability VCID-e7kd-kk57-mkd6
12
vulnerability VCID-enaj-f97c-jbh7
13
vulnerability VCID-fyfz-6tr5-2fc7
14
vulnerability VCID-g7bk-891a-uufy
15
vulnerability VCID-hmbm-5ysw-77bu
16
vulnerability VCID-jf7u-dvpd-b7f4
17
vulnerability VCID-kagr-74d9-kyhx
18
vulnerability VCID-kgd1-bzst-muh7
19
vulnerability VCID-kyb8-rvyw-s7b1
20
vulnerability VCID-m1zd-uytj-3bej
21
vulnerability VCID-m2zn-ja8d-7kg8
22
vulnerability VCID-n3zn-tuck-gkfe
23
vulnerability VCID-tfrs-d458-tfaq
24
vulnerability VCID-vhjj-dnft-kkf4
25
vulnerability VCID-xf8r-kqxb-7qdy
26
vulnerability VCID-ygvw-69am-s7ae
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@8.0.5
2
url pkg:maven/org.apache.tomcat/tomcat-coyote@8.0.5
purl pkg:maven/org.apache.tomcat/tomcat-coyote@8.0.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3r3s-q21j-c3au
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-coyote@8.0.5
3
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.0.5
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.0.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-18q4-zark-s7a7
1
vulnerability VCID-dzpn-w4b3-vbcm
2
vulnerability VCID-e7kd-kk57-mkd6
3
vulnerability VCID-fyfz-6tr5-2fc7
4
vulnerability VCID-hmbm-5ysw-77bu
5
vulnerability VCID-hves-r5bg-yfes
6
vulnerability VCID-ruuh-g3fa-m7d8
7
vulnerability VCID-yfx4-4gsc-2kgh
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.0.5
Affected_packages
0
url pkg:apache/tomcat@8.0.0-RC2
purl pkg:apache/tomcat@8.0.0-RC2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2sr7-c3j5-cfhg
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@8.0.0-RC2
1
url pkg:apache/tomcat@8.0.3
purl pkg:apache/tomcat@8.0.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2sr7-c3j5-cfhg
1
vulnerability VCID-kgd1-bzst-muh7
2
vulnerability VCID-kzzv-rhya-j7dd
3
vulnerability VCID-ygvw-69am-s7ae
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@8.0.3
2
url pkg:maven/org.apache.tomcat/tomcat@8.0.0-RC2
purl pkg:maven/org.apache.tomcat/tomcat@8.0.0-RC2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2sr7-c3j5-cfhg
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@8.0.0-RC2
3
url pkg:maven/org.apache.tomcat/tomcat@8.0.3
purl pkg:maven/org.apache.tomcat/tomcat@8.0.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-18q4-zark-s7a7
1
vulnerability VCID-1k8f-vsg1-k3d6
2
vulnerability VCID-2sbh-sy57-3uez
3
vulnerability VCID-2sr7-c3j5-cfhg
4
vulnerability VCID-3n4t-bvb1-5qer
5
vulnerability VCID-3r3s-q21j-c3au
6
vulnerability VCID-4mkw-7haq-pkgn
7
vulnerability VCID-7cpu-h5fr-8ffd
8
vulnerability VCID-95d1-arxd-hkd1
9
vulnerability VCID-9exq-fhv6-bbea
10
vulnerability VCID-a1by-zvtm-akdc
11
vulnerability VCID-aeeu-fpay-wufz
12
vulnerability VCID-e7kd-kk57-mkd6
13
vulnerability VCID-enaj-f97c-jbh7
14
vulnerability VCID-fyfz-6tr5-2fc7
15
vulnerability VCID-g7bk-891a-uufy
16
vulnerability VCID-hmbm-5ysw-77bu
17
vulnerability VCID-jf7u-dvpd-b7f4
18
vulnerability VCID-kagr-74d9-kyhx
19
vulnerability VCID-kgd1-bzst-muh7
20
vulnerability VCID-kyb8-rvyw-s7b1
21
vulnerability VCID-kzzv-rhya-j7dd
22
vulnerability VCID-m1zd-uytj-3bej
23
vulnerability VCID-m2zn-ja8d-7kg8
24
vulnerability VCID-n3zn-tuck-gkfe
25
vulnerability VCID-tfrs-d458-tfaq
26
vulnerability VCID-vhjj-dnft-kkf4
27
vulnerability VCID-xf8r-kqxb-7qdy
28
vulnerability VCID-ygvw-69am-s7ae
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@8.0.3
4
url pkg:maven/org.apache.tomcat/tomcat-coyote@8.0.0-RC1
purl pkg:maven/org.apache.tomcat/tomcat-coyote@8.0.0-RC1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2sr7-c3j5-cfhg
1
vulnerability VCID-3r3s-q21j-c3au
2
vulnerability VCID-gv12-4ruf-kfhq
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-coyote@8.0.0-RC1
5
url pkg:maven/org.apache.tomcat/tomcat-coyote@8.0.0-RC3
purl pkg:maven/org.apache.tomcat/tomcat-coyote@8.0.0-RC3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2sr7-c3j5-cfhg
1
vulnerability VCID-3r3s-q21j-c3au
2
vulnerability VCID-gv12-4ruf-kfhq
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-coyote@8.0.0-RC3
6
url pkg:maven/org.apache.tomcat/tomcat-coyote@8.0.0-RC5
purl pkg:maven/org.apache.tomcat/tomcat-coyote@8.0.0-RC5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2sr7-c3j5-cfhg
1
vulnerability VCID-3r3s-q21j-c3au
2
vulnerability VCID-gv12-4ruf-kfhq
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-coyote@8.0.0-RC5
7
url pkg:maven/org.apache.tomcat/tomcat-coyote@8.0.0-RC10
purl pkg:maven/org.apache.tomcat/tomcat-coyote@8.0.0-RC10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2sr7-c3j5-cfhg
1
vulnerability VCID-3r3s-q21j-c3au
2
vulnerability VCID-gv12-4ruf-kfhq
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-coyote@8.0.0-RC10
8
url pkg:maven/org.apache.tomcat/tomcat-coyote@8.0.1
purl pkg:maven/org.apache.tomcat/tomcat-coyote@8.0.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2sr7-c3j5-cfhg
1
vulnerability VCID-3r3s-q21j-c3au
2
vulnerability VCID-gv12-4ruf-kfhq
3
vulnerability VCID-kzzv-rhya-j7dd
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-coyote@8.0.1
9
url pkg:maven/org.apache.tomcat/tomcat-coyote@8.0.3
purl pkg:maven/org.apache.tomcat/tomcat-coyote@8.0.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2sr7-c3j5-cfhg
1
vulnerability VCID-3r3s-q21j-c3au
2
vulnerability VCID-kzzv-rhya-j7dd
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-coyote@8.0.3
10
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.0.0-RC1
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.0.0-RC1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2sr7-c3j5-cfhg
1
vulnerability VCID-e7kd-kk57-mkd6
2
vulnerability VCID-vdnj-sqmx-e3ep
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.0.0-RC1
11
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.0.0-RC3
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.0.0-RC3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2sr7-c3j5-cfhg
1
vulnerability VCID-e7kd-kk57-mkd6
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.0.0-RC3
12
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.0.0-RC5
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.0.0-RC5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2sr7-c3j5-cfhg
1
vulnerability VCID-e7kd-kk57-mkd6
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.0.0-RC5
13
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.0.0-RC10
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.0.0-RC10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2sr7-c3j5-cfhg
1
vulnerability VCID-e7kd-kk57-mkd6
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.0.0-RC10
14
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.0.1
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.0.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-18q4-zark-s7a7
1
vulnerability VCID-2sr7-c3j5-cfhg
2
vulnerability VCID-dzpn-w4b3-vbcm
3
vulnerability VCID-e7kd-kk57-mkd6
4
vulnerability VCID-fyfz-6tr5-2fc7
5
vulnerability VCID-hmbm-5ysw-77bu
6
vulnerability VCID-hves-r5bg-yfes
7
vulnerability VCID-ruuh-g3fa-m7d8
8
vulnerability VCID-yfx4-4gsc-2kgh
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.0.1
15
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.0.3
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.0.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-18q4-zark-s7a7
1
vulnerability VCID-2sr7-c3j5-cfhg
2
vulnerability VCID-dzpn-w4b3-vbcm
3
vulnerability VCID-e7kd-kk57-mkd6
4
vulnerability VCID-fyfz-6tr5-2fc7
5
vulnerability VCID-hmbm-5ysw-77bu
6
vulnerability VCID-hves-r5bg-yfes
7
vulnerability VCID-ruuh-g3fa-m7d8
8
vulnerability VCID-yfx4-4gsc-2kgh
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.0.3
References
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0095.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0095.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-0095
reference_id
reference_type
scores
0
value 0.09656
scoring_system epss
scoring_elements 0.92874
published_at 2026-04-01T12:55:00Z
1
value 0.09656
scoring_system epss
scoring_elements 0.92911
published_at 2026-04-16T12:55:00Z
2
value 0.09656
scoring_system epss
scoring_elements 0.929
published_at 2026-04-12T12:55:00Z
3
value 0.09656
scoring_system epss
scoring_elements 0.92901
published_at 2026-04-13T12:55:00Z
4
value 0.09656
scoring_system epss
scoring_elements 0.92897
published_at 2026-04-09T12:55:00Z
5
value 0.09656
scoring_system epss
scoring_elements 0.92892
published_at 2026-04-08T12:55:00Z
6
value 0.09656
scoring_system epss
scoring_elements 0.92884
published_at 2026-04-07T12:55:00Z
7
value 0.09656
scoring_system epss
scoring_elements 0.92886
published_at 2026-04-04T12:55:00Z
8
value 0.09656
scoring_system epss
scoring_elements 0.92882
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-0095
2
reference_url http://seclists.org/fulldisclosure/2014/May/134
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://seclists.org/fulldisclosure/2014/May/134
3
reference_url http://secunia.com/advisories/59873
reference_id
reference_type
scores
url http://secunia.com/advisories/59873
4
reference_url http://secunia.com/advisories/60729
reference_id
reference_type
scores
url http://secunia.com/advisories/60729
5
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
6
reference_url https://github.com/apache/tomcat80/commit/77590c897f0e542fe363d70efdf3b82209510aee
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat80/commit/77590c897f0e542fe363d70efdf3b82209510aee
7
reference_url https://github.com/apache/tomcat/commit/8884dae60ace77a87ed9385442ce429e98c3a479
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/8884dae60ace77a87ed9385442ce429e98c3a479
8
reference_url https://svn.apache.org/viewvc?view=rev&rev=1578392
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1578392
9
reference_url http://svn.apache.org/viewvc?view=revision&revision=1578392
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://svn.apache.org/viewvc?view=revision&revision=1578392
10
reference_url https://web.archive.org/web/20140713043210/http://www.securitytracker.com/id/1030300
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20140713043210/http://www.securitytracker.com/id/1030300
11
reference_url https://web.archive.org/web/20141126170141/http://www.securityfocus.com/bid/67673
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20141126170141/http://www.securityfocus.com/bid/67673
12
reference_url https://web.archive.org/web/20151017043748/http://secunia.com/advisories/60729
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20151017043748/http://secunia.com/advisories/60729
13
reference_url https://web.archive.org/web/20161024215453/http://secunia.com/advisories/59873
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20161024215453/http://secunia.com/advisories/59873
14
reference_url http://tomcat.apache.org/security-8.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-8.html
15
reference_url http://www-01.ibm.com/support/docview.wss?uid=swg21678231
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www-01.ibm.com/support/docview.wss?uid=swg21678231
16
reference_url http://www-01.ibm.com/support/docview.wss?uid=swg21681528
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www-01.ibm.com/support/docview.wss?uid=swg21681528
17
reference_url http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html
18
reference_url http://www.securityfocus.com/bid/67673
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/67673
19
reference_url http://www.securitytracker.com/id/1030300
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1030300
20
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1103804
reference_id 1103804
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1103804
21
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0095
reference_id CVE-2014-0095
reference_type
scores
0
value Important
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0095
22
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-0095
reference_id CVE-2014-0095
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-0095
23
reference_url https://github.com/advisories/GHSA-wf5v-jhxj-q632
reference_id GHSA-wf5v-jhxj-q632
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-wf5v-jhxj-q632
Weaknesses
0
cwe_id 1035
name OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.
1
cwe_id 20
name Improper Input Validation
description The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
2
cwe_id 937
name OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.
3
cwe_id 130
name Improper Handling of Length Parameter Inconsistency
description The product parses a formatted message or structure, but it does not handle or incorrectly handles a length field that is inconsistent with the actual length of the associated data.
4
cwe_id 835
name Loop with Unreachable Exit Condition ('Infinite Loop')
description The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.
Exploits
Severity_range_score4.0 - 8.9
Exploitability0.5
Weighted_severity8.0
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-2sr7-c3j5-cfhg