Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-hxj6-mupf-abbc
SummaryApache Tomcat 6.0.30 through 6.0.33 and 7.x before 7.0.22 does not properly perform certain caching and recycling operations involving request objects, which allows remote attackers to obtain unintended read access to IP address and HTTP header information in opportunistic circumstances by reading TCP data.
Aliases
0
alias CVE-2011-3375
1
alias GHSA-rp8h-vr48-4j8p
Fixed_packages
0
url pkg:apache/tomcat@6.0.35
purl pkg:apache/tomcat@6.0.35
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fpuc-fe6m-47c6
1
vulnerability VCID-mwk8-b5c9-kbb9
2
vulnerability VCID-n76n-ywja-rbhh
3
vulnerability VCID-ta1m-dh8x-nubc
4
vulnerability VCID-vd1s-m27a-8ucc
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@6.0.35
1
url pkg:apache/tomcat@7.0.22
purl pkg:apache/tomcat@7.0.22
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-hhk9-cr54-8fgc
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@7.0.22
2
url pkg:ebuild/www-servers/tomcat@7.0.23
purl pkg:ebuild/www-servers/tomcat@7.0.23
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/www-servers/tomcat@7.0.23
Affected_packages
0
url pkg:apache/tomcat@6.0.30
purl pkg:apache/tomcat@6.0.30
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-618c-ar98-qfcr
1
vulnerability VCID-7ej8-5f77-cybb
2
vulnerability VCID-hxj6-mupf-abbc
3
vulnerability VCID-ta1m-dh8x-nubc
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@6.0.30
1
url pkg:apache/tomcat@6.0.33
purl pkg:apache/tomcat@6.0.33
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-a9bd-d31y-k7g6
1
vulnerability VCID-hhk9-cr54-8fgc
2
vulnerability VCID-hxj6-mupf-abbc
3
vulnerability VCID-quwu-ep21-cyew
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@6.0.33
2
url pkg:apache/tomcat@7.0.0
purl pkg:apache/tomcat@7.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-18q4-zark-s7a7
1
vulnerability VCID-1k8f-vsg1-k3d6
2
vulnerability VCID-241m-q6vd-kudk
3
vulnerability VCID-2sbh-sy57-3uez
4
vulnerability VCID-3cr9-g81m-4ugy
5
vulnerability VCID-3n4t-bvb1-5qer
6
vulnerability VCID-3r3s-q21j-c3au
7
vulnerability VCID-4aaa-errb-2qdw
8
vulnerability VCID-4mkw-7haq-pkgn
9
vulnerability VCID-5eqm-218u-p7gq
10
vulnerability VCID-618c-ar98-qfcr
11
vulnerability VCID-66kh-s6cr-tqf9
12
vulnerability VCID-68fk-4g86-ekbp
13
vulnerability VCID-7cpu-h5fr-8ffd
14
vulnerability VCID-7ej8-5f77-cybb
15
vulnerability VCID-886n-1vzv-syc6
16
vulnerability VCID-95d1-arxd-hkd1
17
vulnerability VCID-95fn-d2ad-qyg6
18
vulnerability VCID-9exq-fhv6-bbea
19
vulnerability VCID-a1by-zvtm-akdc
20
vulnerability VCID-a8gk-n8bq-87cp
21
vulnerability VCID-afm2-uj45-xkgx
22
vulnerability VCID-arkn-bca7-hqam
23
vulnerability VCID-c4jv-ws83-x7g2
24
vulnerability VCID-d9ys-kxh6-nkgr
25
vulnerability VCID-dhun-hj5q-dfch
26
vulnerability VCID-dzpn-w4b3-vbcm
27
vulnerability VCID-e2kr-7pmg-gfc9
28
vulnerability VCID-eb37-mkxf-7fgw
29
vulnerability VCID-f2zy-gq57-ufat
30
vulnerability VCID-fpuc-fe6m-47c6
31
vulnerability VCID-fyfz-6tr5-2fc7
32
vulnerability VCID-g7bk-891a-uufy
33
vulnerability VCID-gv12-4ruf-kfhq
34
vulnerability VCID-h9ds-trhx-m7aj
35
vulnerability VCID-hhk9-cr54-8fgc
36
vulnerability VCID-hmbm-5ysw-77bu
37
vulnerability VCID-hves-r5bg-yfes
38
vulnerability VCID-hxj6-mupf-abbc
39
vulnerability VCID-j2j9-avuw-n3eq
40
vulnerability VCID-jf7u-dvpd-b7f4
41
vulnerability VCID-kagr-74d9-kyhx
42
vulnerability VCID-kgd1-bzst-muh7
43
vulnerability VCID-kwab-3s4q-eka4
44
vulnerability VCID-kzzv-rhya-j7dd
45
vulnerability VCID-m1zd-uytj-3bej
46
vulnerability VCID-mctd-9zgv-5qgp
47
vulnerability VCID-mwk8-b5c9-kbb9
48
vulnerability VCID-n3ab-nk7c-hqc9
49
vulnerability VCID-n76n-ywja-rbhh
50
vulnerability VCID-p4dn-y54m-8fd1
51
vulnerability VCID-p6ch-pc73-b3ck
52
vulnerability VCID-pqxe-tfhk-47b7
53
vulnerability VCID-q6hm-mmfs-zka5
54
vulnerability VCID-quwu-ep21-cyew
55
vulnerability VCID-ruuh-g3fa-m7d8
56
vulnerability VCID-ryha-ndms-afbn
57
vulnerability VCID-ta1m-dh8x-nubc
58
vulnerability VCID-tcbc-3kgt-muam
59
vulnerability VCID-tfn5-6ckq-wyce
60
vulnerability VCID-tfrs-d458-tfaq
61
vulnerability VCID-vd1s-m27a-8ucc
62
vulnerability VCID-vdnj-sqmx-e3ep
63
vulnerability VCID-w82a-7kk2-p3f1
64
vulnerability VCID-xf8r-kqxb-7qdy
65
vulnerability VCID-xqrn-wuv5-x7de
66
vulnerability VCID-yfx4-4gsc-2kgh
67
vulnerability VCID-ygvw-69am-s7ae
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@7.0.0
3
url pkg:apache/tomcat@7.0.21
purl pkg:apache/tomcat@7.0.21
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-hxj6-mupf-abbc
1
vulnerability VCID-j2j9-avuw-n3eq
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@7.0.21
4
url pkg:maven/org.apache.tomcat/tomcat@6.0.30
purl pkg:maven/org.apache.tomcat/tomcat@6.0.30
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-618c-ar98-qfcr
1
vulnerability VCID-7ej8-5f77-cybb
2
vulnerability VCID-hxj6-mupf-abbc
3
vulnerability VCID-ta1m-dh8x-nubc
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@6.0.30
5
url pkg:maven/org.apache.tomcat/tomcat@6.0.33
purl pkg:maven/org.apache.tomcat/tomcat@6.0.33
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-a9bd-d31y-k7g6
1
vulnerability VCID-hhk9-cr54-8fgc
2
vulnerability VCID-hxj6-mupf-abbc
3
vulnerability VCID-quwu-ep21-cyew
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@6.0.33
6
url pkg:maven/org.apache.tomcat/tomcat@7.0
purl pkg:maven/org.apache.tomcat/tomcat@7.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-e2kr-7pmg-gfc9
1
vulnerability VCID-fd9j-6vta-ubbp
2
vulnerability VCID-hxj6-mupf-abbc
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@7.0
7
url pkg:maven/org.apache.tomcat/tomcat@7.0.0
purl pkg:maven/org.apache.tomcat/tomcat@7.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-12du-1vyt-bkgx
1
vulnerability VCID-18q4-zark-s7a7
2
vulnerability VCID-1k8f-vsg1-k3d6
3
vulnerability VCID-1v6c-f56v-hqh1
4
vulnerability VCID-241m-q6vd-kudk
5
vulnerability VCID-2sbh-sy57-3uez
6
vulnerability VCID-3cr9-g81m-4ugy
7
vulnerability VCID-3n4t-bvb1-5qer
8
vulnerability VCID-3r3s-q21j-c3au
9
vulnerability VCID-4aaa-errb-2qdw
10
vulnerability VCID-4mkw-7haq-pkgn
11
vulnerability VCID-5eqm-218u-p7gq
12
vulnerability VCID-618c-ar98-qfcr
13
vulnerability VCID-66kh-s6cr-tqf9
14
vulnerability VCID-68fk-4g86-ekbp
15
vulnerability VCID-7cpu-h5fr-8ffd
16
vulnerability VCID-7ej8-5f77-cybb
17
vulnerability VCID-886n-1vzv-syc6
18
vulnerability VCID-8ebv-6941-jqdy
19
vulnerability VCID-95d1-arxd-hkd1
20
vulnerability VCID-95fn-d2ad-qyg6
21
vulnerability VCID-9exq-fhv6-bbea
22
vulnerability VCID-a1by-zvtm-akdc
23
vulnerability VCID-a8gk-n8bq-87cp
24
vulnerability VCID-afm2-uj45-xkgx
25
vulnerability VCID-arkn-bca7-hqam
26
vulnerability VCID-c4jv-ws83-x7g2
27
vulnerability VCID-d9ys-kxh6-nkgr
28
vulnerability VCID-dhun-hj5q-dfch
29
vulnerability VCID-dzpn-w4b3-vbcm
30
vulnerability VCID-e2kr-7pmg-gfc9
31
vulnerability VCID-eb37-mkxf-7fgw
32
vulnerability VCID-egye-da2v-4ybh
33
vulnerability VCID-f2zy-gq57-ufat
34
vulnerability VCID-fpuc-fe6m-47c6
35
vulnerability VCID-fyfz-6tr5-2fc7
36
vulnerability VCID-g7bk-891a-uufy
37
vulnerability VCID-g7eg-s99s-xqe7
38
vulnerability VCID-gv12-4ruf-kfhq
39
vulnerability VCID-gyed-x6s8-ybhr
40
vulnerability VCID-h9ds-trhx-m7aj
41
vulnerability VCID-hhk9-cr54-8fgc
42
vulnerability VCID-hmbm-5ysw-77bu
43
vulnerability VCID-hves-r5bg-yfes
44
vulnerability VCID-hxj6-mupf-abbc
45
vulnerability VCID-j2j9-avuw-n3eq
46
vulnerability VCID-jau7-gfz8-dkfa
47
vulnerability VCID-jf7u-dvpd-b7f4
48
vulnerability VCID-kagr-74d9-kyhx
49
vulnerability VCID-kgd1-bzst-muh7
50
vulnerability VCID-kwab-3s4q-eka4
51
vulnerability VCID-kyb8-rvyw-s7b1
52
vulnerability VCID-kzzv-rhya-j7dd
53
vulnerability VCID-m1zd-uytj-3bej
54
vulnerability VCID-mctd-9zgv-5qgp
55
vulnerability VCID-mwk8-b5c9-kbb9
56
vulnerability VCID-n3ab-nk7c-hqc9
57
vulnerability VCID-n76n-ywja-rbhh
58
vulnerability VCID-p4dn-y54m-8fd1
59
vulnerability VCID-p6ch-pc73-b3ck
60
vulnerability VCID-pqxe-tfhk-47b7
61
vulnerability VCID-q6hm-mmfs-zka5
62
vulnerability VCID-quwu-ep21-cyew
63
vulnerability VCID-r5rc-rdd9-bfbk
64
vulnerability VCID-rrdj-ssn7-zfdj
65
vulnerability VCID-ruuh-g3fa-m7d8
66
vulnerability VCID-ryha-ndms-afbn
67
vulnerability VCID-ta1m-dh8x-nubc
68
vulnerability VCID-tcbc-3kgt-muam
69
vulnerability VCID-tfn5-6ckq-wyce
70
vulnerability VCID-tfrs-d458-tfaq
71
vulnerability VCID-vd1s-m27a-8ucc
72
vulnerability VCID-vdnj-sqmx-e3ep
73
vulnerability VCID-w82a-7kk2-p3f1
74
vulnerability VCID-xf8r-kqxb-7qdy
75
vulnerability VCID-xqrn-wuv5-x7de
76
vulnerability VCID-yfx4-4gsc-2kgh
77
vulnerability VCID-ygvw-69am-s7ae
78
vulnerability VCID-zbbr-wded-9ffj
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@7.0.0
8
url pkg:maven/org.apache.tomcat/tomcat@7.0.21
purl pkg:maven/org.apache.tomcat/tomcat@7.0.21
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-hxj6-mupf-abbc
1
vulnerability VCID-j2j9-avuw-n3eq
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@7.0.21
9
url pkg:rpm/redhat/tomcat6@6.0.32-24_patch_07.ep5?arch=el6
purl pkg:rpm/redhat/tomcat6@6.0.32-24_patch_07.ep5?arch=el6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1v6c-f56v-hqh1
1
vulnerability VCID-241m-q6vd-kudk
2
vulnerability VCID-8ebv-6941-jqdy
3
vulnerability VCID-d9ys-kxh6-nkgr
4
vulnerability VCID-egye-da2v-4ybh
5
vulnerability VCID-hhk9-cr54-8fgc
6
vulnerability VCID-hxj6-mupf-abbc
7
vulnerability VCID-mctd-9zgv-5qgp
8
vulnerability VCID-quwu-ep21-cyew
9
vulnerability VCID-zbbr-wded-9ffj
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/tomcat6@6.0.32-24_patch_07.ep5%3Farch=el6
10
url pkg:rpm/redhat/tomcat6@6.0.32-24_patch_07.ep5?arch=el5
purl pkg:rpm/redhat/tomcat6@6.0.32-24_patch_07.ep5?arch=el5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1v6c-f56v-hqh1
1
vulnerability VCID-241m-q6vd-kudk
2
vulnerability VCID-8ebv-6941-jqdy
3
vulnerability VCID-d9ys-kxh6-nkgr
4
vulnerability VCID-egye-da2v-4ybh
5
vulnerability VCID-hhk9-cr54-8fgc
6
vulnerability VCID-hxj6-mupf-abbc
7
vulnerability VCID-mctd-9zgv-5qgp
8
vulnerability VCID-quwu-ep21-cyew
9
vulnerability VCID-zbbr-wded-9ffj
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/tomcat6@6.0.32-24_patch_07.ep5%3Farch=el5
References
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3375.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3375.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-3375
reference_id
reference_type
scores
0
value 0.02015
scoring_system epss
scoring_elements 0.8373
published_at 2026-04-13T12:55:00Z
1
value 0.02015
scoring_system epss
scoring_elements 0.83665
published_at 2026-04-01T12:55:00Z
2
value 0.02015
scoring_system epss
scoring_elements 0.83678
published_at 2026-04-02T12:55:00Z
3
value 0.02015
scoring_system epss
scoring_elements 0.83692
published_at 2026-04-04T12:55:00Z
4
value 0.02015
scoring_system epss
scoring_elements 0.83695
published_at 2026-04-07T12:55:00Z
5
value 0.02015
scoring_system epss
scoring_elements 0.83718
published_at 2026-04-08T12:55:00Z
6
value 0.02015
scoring_system epss
scoring_elements 0.83725
published_at 2026-04-09T12:55:00Z
7
value 0.02015
scoring_system epss
scoring_elements 0.83741
published_at 2026-04-11T12:55:00Z
8
value 0.02015
scoring_system epss
scoring_elements 0.83735
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-3375
2
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
3
reference_url https://github.com/apache/tomcat70/commit/9eae334e9492f55a841e6eb7ab302ff11d03ab21
reference_id
reference_type
scores
url https://github.com/apache/tomcat70/commit/9eae334e9492f55a841e6eb7ab302ff11d03ab21
4
reference_url https://github.com/apache/tomcat/commit/9eae334e9492f55a841e6eb7ab302ff11d03ab21
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/9eae334e9492f55a841e6eb7ab302ff11d03ab21
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2011-3375
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2011-3375
6
reference_url https://svn.apache.org/viewvc?view=rev&rev=1176592
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1176592
7
reference_url https://svn.apache.org/viewvc?view=rev&rev=1185998
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1185998
8
reference_url http://tomcat.apache.org/security-6.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-6.html
9
reference_url http://tomcat.apache.org/security-7.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-7.html
10
reference_url http://www.debian.org/security/2012/dsa-2401
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2012/dsa-2401
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=782624
reference_id 782624
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=782624
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3375
reference_id CVE-2011-3375
reference_type
scores
0
value Important
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3375
13
reference_url https://github.com/advisories/GHSA-rp8h-vr48-4j8p
reference_id GHSA-rp8h-vr48-4j8p
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-rp8h-vr48-4j8p
14
reference_url https://security.gentoo.org/glsa/201206-24
reference_id GLSA-201206-24
reference_type
scores
url https://security.gentoo.org/glsa/201206-24
15
reference_url https://access.redhat.com/errata/RHSA-2012:0681
reference_id RHSA-2012:0681
reference_type
scores
url https://access.redhat.com/errata/RHSA-2012:0681
16
reference_url https://access.redhat.com/errata/RHSA-2012:0682
reference_id RHSA-2012:0682
reference_type
scores
url https://access.redhat.com/errata/RHSA-2012:0682
17
reference_url https://usn.ubuntu.com/1359-1/
reference_id USN-1359-1
reference_type
scores
url https://usn.ubuntu.com/1359-1/
Weaknesses
0
cwe_id 200
name Exposure of Sensitive Information to an Unauthorized Actor
description The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
1
cwe_id 1035
name OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.
2
cwe_id 937
name OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.
Exploits
Severity_range_score4.0 - 8.9
Exploitability0.5
Weighted_severity8.0
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-hxj6-mupf-abbc