Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-urhs-6aus-syb1

Summary

URL Redirection to Untrusted Site ('Open Redirect') vulnerability in FORM authentication feature Apache Tomcat.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.0.12, from 9.0.0-M1 through 9.0.79 and from 8.5.0 through 8.5.92.

The vulnerability is limited to the ROOT (default) web application.

Aliases

alias	CVE-2023-41080

alias	GHSA-q3mw-pvr8-9ggc

Fixed_packages

url	pkg:maven/org.apache.tomcat/tomcat@8.5.93
purl	pkg:maven/org.apache.tomcat/tomcat@8.5.93
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@8.5.93

url	pkg:maven/org.apache.tomcat/tomcat@9.0.80
purl	pkg:maven/org.apache.tomcat/tomcat@9.0.80
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.80

url	pkg:maven/org.apache.tomcat/tomcat@10.1.13
purl	pkg:maven/org.apache.tomcat/tomcat@10.1.13
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.13

url	pkg:maven/org.apache.tomcat/tomcat@11.0.0-M11
purl	pkg:maven/org.apache.tomcat/tomcat@11.0.0-M11
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@11.0.0-M11

url	pkg:maven/org.apache.tomcat/tomcat-catalina@8.5.93
purl	pkg:maven/org.apache.tomcat/tomcat-catalina@8.5.93
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-catalina@8.5.93

url	pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.80
purl	pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.80
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.80

url	pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.13
purl	pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.13
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.13

url	pkg:maven/org.apache.tomcat/tomcat-coyote@8.5.93
purl	pkg:maven/org.apache.tomcat/tomcat-coyote@8.5.93
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-coyote@8.5.93

url	pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.80
purl	pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.80
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.80

url	pkg:maven/org.apache.tomcat/tomcat-coyote@10.1.13
purl	pkg:maven/org.apache.tomcat/tomcat-coyote@10.1.13
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-coyote@10.1.13

url	pkg:maven/org.apache.tomcat/tomcat-util@8.5.93
purl	pkg:maven/org.apache.tomcat/tomcat-util@8.5.93
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-util@8.5.93

url	pkg:maven/org.apache.tomcat/tomcat-util@9.0.80
purl	pkg:maven/org.apache.tomcat/tomcat-util@9.0.80
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-util@9.0.80

url	pkg:maven/org.apache.tomcat/tomcat-util@10.1.13
purl	pkg:maven/org.apache.tomcat/tomcat-util@10.1.13
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-util@10.1.13

url	pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.93
purl	pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.93
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.93

url	pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.80
purl	pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.80
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.80

url	pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.13
purl	pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.13
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.13

url	pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@11.0.0-M11
purl	pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@11.0.0-M11
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@11.0.0-M11

url	pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@8.5.93
purl	pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@8.5.93
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@8.5.93

url	pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.80
purl	pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.80
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.80

url	pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@10.1.13
purl	pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@10.1.13
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@10.1.13

Affected_packages

url pkg:maven/org.apache.tomcat/coyote@8.5.0

purl pkg:maven/org.apache.tomcat/coyote@8.5.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-h6f2-qgnu-bqf4

vulnerability	VCID-jsyt-cmxf-gbh3

vulnerability	VCID-urhs-6aus-syb1

vulnerability	VCID-zba8-2zc4-9qfh

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/coyote@8.5.0

url pkg:maven/org.apache.tomcat/coyote@8.5.92

purl pkg:maven/org.apache.tomcat/coyote@8.5.92

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-urhs-6aus-syb1

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/coyote@8.5.92

url pkg:maven/org.apache.tomcat/coyote@9.0.0

purl pkg:maven/org.apache.tomcat/coyote@9.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-h6f2-qgnu-bqf4

vulnerability	VCID-jsyt-cmxf-gbh3

vulnerability	VCID-urhs-6aus-syb1

vulnerability	VCID-zba8-2zc4-9qfh

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/coyote@9.0.0

url pkg:maven/org.apache.tomcat/coyote@9.0.79

purl pkg:maven/org.apache.tomcat/coyote@9.0.79

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-urhs-6aus-syb1

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/coyote@9.0.79

url pkg:maven/org.apache.tomcat/coyote@10.1.0

purl pkg:maven/org.apache.tomcat/coyote@10.1.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-9awt-9zjq-yucn

vulnerability	VCID-h6f2-qgnu-bqf4

vulnerability	VCID-jsyt-cmxf-gbh3

vulnerability	VCID-urhs-6aus-syb1

vulnerability	VCID-zba8-2zc4-9qfh

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/coyote@10.1.0

url pkg:maven/org.apache.tomcat/coyote@10.1.12

purl pkg:maven/org.apache.tomcat/coyote@10.1.12

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-urhs-6aus-syb1

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/coyote@10.1.12

url pkg:maven/org.apache.tomcat/coyote@11.0.0

purl pkg:maven/org.apache.tomcat/coyote@11.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-h6f2-qgnu-bqf4

vulnerability	VCID-jsyt-cmxf-gbh3

vulnerability	VCID-urhs-6aus-syb1

vulnerability	VCID-zba8-2zc4-9qfh

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/coyote@11.0.0

url pkg:maven/org.apache.tomcat/tomcat-catalina@8.5.0

purl pkg:maven/org.apache.tomcat/tomcat-catalina@8.5.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6umz-z8db-kqcy

vulnerability	VCID-7fh9-36qs-jfg5

vulnerability	VCID-jzta-navk-87bn

vulnerability	VCID-kqng-d1f2-myg5

vulnerability	VCID-rk89-9dw5-w3gg

vulnerability	VCID-urhs-6aus-syb1

vulnerability	VCID-xa95-zsnk-3kg9

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-catalina@8.5.0

url pkg:maven/org.apache.tomcat/tomcat-catalina@8.5.92

purl pkg:maven/org.apache.tomcat/tomcat-catalina@8.5.92

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-urhs-6aus-syb1

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-catalina@8.5.92

url pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.0

purl pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-rk89-9dw5-w3gg

vulnerability	VCID-urhs-6aus-syb1

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.0

url pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.79

purl pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.79

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-urhs-6aus-syb1

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.79

url pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.0

purl pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-urhs-6aus-syb1

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.0

url pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.12

purl pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.12

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-urhs-6aus-syb1

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.12

url pkg:maven/org.apache.tomcat/tomcat-catalina@11.0.0

purl pkg:maven/org.apache.tomcat/tomcat-catalina@11.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-urhs-6aus-syb1

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-catalina@11.0.0

url pkg:maven/org.apache.tomcat/tomcat-coyote@8.5.0

purl pkg:maven/org.apache.tomcat/tomcat-coyote@8.5.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jhm9-cqu3-7yce

vulnerability	VCID-urhs-6aus-syb1

vulnerability	VCID-y4a2-mamb-yqg6

vulnerability	VCID-y9hs-ymcm-3ucx

vulnerability	VCID-zba8-2zc4-9qfh

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-coyote@8.5.0

url pkg:maven/org.apache.tomcat/tomcat-coyote@8.5.92

purl pkg:maven/org.apache.tomcat/tomcat-coyote@8.5.92

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-urhs-6aus-syb1

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-coyote@8.5.92

url pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.0

purl pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jhm9-cqu3-7yce

vulnerability	VCID-urhs-6aus-syb1

vulnerability	VCID-y4a2-mamb-yqg6

vulnerability	VCID-zba8-2zc4-9qfh

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.0

url pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.79

purl pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.79

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-urhs-6aus-syb1

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.79

url pkg:maven/org.apache.tomcat/tomcat-coyote@10.1.0

purl pkg:maven/org.apache.tomcat/tomcat-coyote@10.1.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-urhs-6aus-syb1

vulnerability	VCID-zba8-2zc4-9qfh

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-coyote@10.1.0

url pkg:maven/org.apache.tomcat/tomcat-coyote@10.1.12

purl pkg:maven/org.apache.tomcat/tomcat-coyote@10.1.12

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-urhs-6aus-syb1

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-coyote@10.1.12

url pkg:maven/org.apache.tomcat/tomcat-coyote@11.0.0

purl pkg:maven/org.apache.tomcat/tomcat-coyote@11.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-urhs-6aus-syb1

vulnerability	VCID-zba8-2zc4-9qfh

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-coyote@11.0.0

url pkg:maven/org.apache.tomcat/tomcat-util@8.5.0

purl pkg:maven/org.apache.tomcat/tomcat-util@8.5.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1kgu-zupu-tydw

vulnerability	VCID-59dd-qzpt-aucm

vulnerability	VCID-8xdc-3kn9-b3e6

vulnerability	VCID-nxb3-55eu-auhp

vulnerability	VCID-rtmv-qetu-yqfa

vulnerability	VCID-urhs-6aus-syb1

vulnerability	VCID-xns8-63b5-guf2

vulnerability	VCID-zba8-2zc4-9qfh

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-util@8.5.0

url pkg:maven/org.apache.tomcat/tomcat-util@8.5.92

purl pkg:maven/org.apache.tomcat/tomcat-util@8.5.92

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-urhs-6aus-syb1

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-util@8.5.92

url pkg:maven/org.apache.tomcat/tomcat-util@9.0.0

purl pkg:maven/org.apache.tomcat/tomcat-util@9.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-59dd-qzpt-aucm

vulnerability	VCID-urhs-6aus-syb1

vulnerability	VCID-zba8-2zc4-9qfh

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-util@9.0.0

url pkg:maven/org.apache.tomcat/tomcat-util@9.0.79

purl pkg:maven/org.apache.tomcat/tomcat-util@9.0.79

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-urhs-6aus-syb1

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-util@9.0.79

url pkg:maven/org.apache.tomcat/tomcat-util@10.1.0

purl pkg:maven/org.apache.tomcat/tomcat-util@10.1.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-urhs-6aus-syb1

vulnerability	VCID-zba8-2zc4-9qfh

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-util@10.1.0

url pkg:maven/org.apache.tomcat/tomcat-util@10.1.12

purl pkg:maven/org.apache.tomcat/tomcat-util@10.1.12

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-urhs-6aus-syb1

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-util@10.1.12

url pkg:maven/org.apache.tomcat/tomcat-util@11.0.0

purl pkg:maven/org.apache.tomcat/tomcat-util@11.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-urhs-6aus-syb1

vulnerability	VCID-zba8-2zc4-9qfh

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-util@11.0.0

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.0

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3nsr-9s9y-ckft

vulnerability	VCID-4nx6-t8vd-bqcu

vulnerability	VCID-axzz-cadr-b7fv

vulnerability	VCID-dast-z2hv-2yfe

vulnerability	VCID-dbu6-fhrs-aubn

vulnerability	VCID-dk58-p9py-rka9

vulnerability	VCID-gmjm-6ck2-skgu

vulnerability	VCID-j66a-6et3-mfha

vulnerability	VCID-kqng-d1f2-myg5

vulnerability	VCID-paqj-ye46-8bdb

vulnerability	VCID-qth9-7326-hffp

vulnerability	VCID-rk89-9dw5-w3gg

vulnerability	VCID-se44-f85s-xyex

vulnerability	VCID-urhs-6aus-syb1

vulnerability	VCID-xa95-zsnk-3kg9

vulnerability	VCID-xns8-63b5-guf2

vulnerability	VCID-y4a2-mamb-yqg6

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.0

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.0-M1

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.0-M1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-j66a-6et3-mfha

vulnerability	VCID-paqj-ye46-8bdb

vulnerability	VCID-urhs-6aus-syb1

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.0-M1

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.0-M1

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.0-M1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-d8re-94xd-nycp

vulnerability	VCID-j66a-6et3-mfha

vulnerability	VCID-kqng-d1f2-myg5

vulnerability	VCID-paqj-ye46-8bdb

vulnerability	VCID-urhs-6aus-syb1

vulnerability	VCID-wcnj-bna8-7fh7

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.0-M1

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@11.0.0-M1

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@11.0.0-M1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-d8re-94xd-nycp

vulnerability	VCID-j66a-6et3-mfha

vulnerability	VCID-kqng-d1f2-myg5

vulnerability	VCID-paqj-ye46-8bdb

vulnerability	VCID-urhs-6aus-syb1

vulnerability	VCID-wcnj-bna8-7fh7

vulnerability	VCID-y4a2-mamb-yqg6

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@11.0.0-M1

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@8.5.0

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@8.5.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-urhs-6aus-syb1

vulnerability	VCID-zba8-2zc4-9qfh

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@8.5.0

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@8.5.92

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@8.5.92

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-urhs-6aus-syb1

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@8.5.92

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.0

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-urhs-6aus-syb1

vulnerability	VCID-zba8-2zc4-9qfh

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.0

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.79

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.79

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-urhs-6aus-syb1

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.79

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@10.1.0

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@10.1.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-urhs-6aus-syb1

vulnerability	VCID-zba8-2zc4-9qfh

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@10.1.0

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@10.1.12

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@10.1.12

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-urhs-6aus-syb1

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@10.1.12

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@11.0.0

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@11.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-urhs-6aus-syb1

vulnerability	VCID-zba8-2zc4-9qfh

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@11.0.0

url pkg:maven/tomcat/catalina@8.5.0

purl pkg:maven/tomcat/catalina@8.5.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-urhs-6aus-syb1

vulnerability	VCID-zba8-2zc4-9qfh

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/tomcat/catalina@8.5.0

url pkg:maven/tomcat/catalina@8.5.92

purl pkg:maven/tomcat/catalina@8.5.92

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-urhs-6aus-syb1

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/tomcat/catalina@8.5.92

url pkg:maven/tomcat/catalina@9.0.0

purl pkg:maven/tomcat/catalina@9.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-urhs-6aus-syb1

vulnerability	VCID-zba8-2zc4-9qfh

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/tomcat/catalina@9.0.0

url pkg:maven/tomcat/catalina@9.0.79

purl pkg:maven/tomcat/catalina@9.0.79

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-urhs-6aus-syb1

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/tomcat/catalina@9.0.79

url pkg:maven/tomcat/catalina@10.1.0

purl pkg:maven/tomcat/catalina@10.1.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-urhs-6aus-syb1

vulnerability	VCID-zba8-2zc4-9qfh

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/tomcat/catalina@10.1.0

url pkg:maven/tomcat/catalina@10.1.12

purl pkg:maven/tomcat/catalina@10.1.12

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-urhs-6aus-syb1

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/tomcat/catalina@10.1.12

url pkg:maven/tomcat/catalina@11.0.0

purl pkg:maven/tomcat/catalina@11.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-urhs-6aus-syb1

vulnerability	VCID-zba8-2zc4-9qfh

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/tomcat/catalina@11.0.0

url pkg:maven/tomcat/jasper-runtime@8.5.0

purl pkg:maven/tomcat/jasper-runtime@8.5.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-urhs-6aus-syb1

vulnerability	VCID-zba8-2zc4-9qfh

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/tomcat/jasper-runtime@8.5.0

url pkg:maven/tomcat/jasper-runtime@8.5.92

purl pkg:maven/tomcat/jasper-runtime@8.5.92

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-urhs-6aus-syb1

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/tomcat/jasper-runtime@8.5.92

url pkg:maven/tomcat/jasper-runtime@9.0.0

purl pkg:maven/tomcat/jasper-runtime@9.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-urhs-6aus-syb1

vulnerability	VCID-zba8-2zc4-9qfh

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/tomcat/jasper-runtime@9.0.0

url pkg:maven/tomcat/jasper-runtime@9.0.79

purl pkg:maven/tomcat/jasper-runtime@9.0.79

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-urhs-6aus-syb1

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/tomcat/jasper-runtime@9.0.79

url pkg:maven/tomcat/jasper-runtime@10.1.0

purl pkg:maven/tomcat/jasper-runtime@10.1.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-urhs-6aus-syb1

vulnerability	VCID-zba8-2zc4-9qfh

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/tomcat/jasper-runtime@10.1.0

url pkg:maven/tomcat/jasper-runtime@10.1.12

purl pkg:maven/tomcat/jasper-runtime@10.1.12

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-urhs-6aus-syb1

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/tomcat/jasper-runtime@10.1.12

url pkg:maven/tomcat/jasper-runtime@11.0.0

purl pkg:maven/tomcat/jasper-runtime@11.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-urhs-6aus-syb1

vulnerability	VCID-zba8-2zc4-9qfh

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/tomcat/jasper-runtime@11.0.0

References

reference_url	https://github.com/apache/tomcat
reference_id
reference_type
scores
url	https://github.com/apache/tomcat

reference_url	https://github.com/apache/tomcat/commit/4998ad745b67edeadefe541c94ed029b53933d3b
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/4998ad745b67edeadefe541c94ed029b53933d3b

reference_url	https://github.com/apache/tomcat/commit/77c0ce2d169efa248b64b992e547aad549ec906b
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/77c0ce2d169efa248b64b992e547aad549ec906b

reference_url	https://github.com/apache/tomcat/commit/bb4624a9f3e69d495182ebfa68d7983076407a27
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/bb4624a9f3e69d495182ebfa68d7983076407a27

reference_url	https://github.com/apache/tomcat/commit/e3703c9abb8fe0d5602f6ba8a8f11d4b6940815a
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/e3703c9abb8fe0d5602f6ba8a8f11d4b6940815a

reference_url	https://lists.apache.org/thread/71wvwprtx2j2m54fovq9zr7gbm2wow2f
reference_id
reference_type
scores
url	https://lists.apache.org/thread/71wvwprtx2j2m54fovq9zr7gbm2wow2f

reference_url	https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html

reference_url	https://security.netapp.com/advisory/ntap-20230921-0006
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20230921-0006

reference_url	https://www.debian.org/security/2023/dsa-5521
reference_id
reference_type
scores
url	https://www.debian.org/security/2023/dsa-5521

reference_url	https://www.debian.org/security/2023/dsa-5522
reference_id
reference_type
scores
url	https://www.debian.org/security/2023/dsa-5522

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2023-41080
reference_id	CVE-2023-41080
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2023-41080

reference_url	https://github.com/advisories/GHSA-q3mw-pvr8-9ggc
reference_id	GHSA-q3mw-pvr8-9ggc
reference_type
scores
url	https://github.com/advisories/GHSA-q3mw-pvr8-9ggc

Weaknesses

cwe_id	1035
name	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.

cwe_id	601
name	URL Redirection to Untrusted Site ('Open Redirect')
description	A web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a Redirect. This simplifies phishing attacks.

cwe_id	937
name	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.

Exploits

Severity_range_score null

Exploitability null

Weighted_severity null

Risk_score null

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-urhs-6aus-syb1

Vulnerability Instance