Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-quwu-ep21-cyew

Summary Certain AJP protocol connector implementations in Apache Tomcat 7.0.0 through 7.0.20, 6.0.0 through 6.0.33, 5.5.0 through 5.5.33, and possibly other versions allow remote attackers to spoof AJP requests, bypass authentication, and obtain sensitive information by causing the connector to interpret a request body as a new request.

Aliases

alias	CVE-2011-3190

alias	GHSA-c38m-v4m2-524v

Fixed_packages

url pkg:apache/tomcat@5.5.34

purl pkg:apache/tomcat@5.5.34

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-hhk9-cr54-8fgc

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@5.5.34

url pkg:apache/tomcat@6.0.35

purl pkg:apache/tomcat@6.0.35

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-fpuc-fe6m-47c6

vulnerability	VCID-mwk8-b5c9-kbb9

vulnerability	VCID-n76n-ywja-rbhh

vulnerability	VCID-ta1m-dh8x-nubc

vulnerability	VCID-vd1s-m27a-8ucc

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@6.0.35

url pkg:apache/tomcat@7.0.21

purl pkg:apache/tomcat@7.0.21

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-hxj6-mupf-abbc

vulnerability	VCID-j2j9-avuw-n3eq

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@7.0.21

url	pkg:ebuild/www-servers/tomcat@7.0.23
purl	pkg:ebuild/www-servers/tomcat@7.0.23
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-servers/tomcat@7.0.23

Affected_packages

url pkg:apache/tomcat@5.5.0

purl pkg:apache/tomcat@5.5.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-18j8-kwdv-dyak

vulnerability	VCID-1qt3-ctae-sfgw

vulnerability	VCID-241m-q6vd-kudk

vulnerability	VCID-27q8-96un-9fbk

vulnerability	VCID-2jnv-segx-zkfd

vulnerability	VCID-4rcx-xfn5-7kdb

vulnerability	VCID-6epr-2hbd-skcz

vulnerability	VCID-6p3e-4u8s-17ep

vulnerability	VCID-7969-7a8h-zyhh

vulnerability	VCID-7kjm-p97s-zuh8

vulnerability	VCID-86ur-vudp-4yc2

vulnerability	VCID-87p8-zvvf-y7dm

vulnerability	VCID-88v7-kc2y-bfd7

vulnerability	VCID-a9cu-fxqw-xkdg

vulnerability	VCID-acmu-9eqb-fya5

vulnerability	VCID-bhq7-d545-27bj

vulnerability	VCID-bung-pa58-ayfv

vulnerability	VCID-d9ys-kxh6-nkgr

vulnerability	VCID-dcrp-rae1-zfcm

vulnerability	VCID-dhun-hj5q-dfch

vulnerability	VCID-f2zy-gq57-ufat

vulnerability	VCID-fvvt-kufu-k3a6

vulnerability	VCID-g998-xymt-fudu

vulnerability	VCID-hhk9-cr54-8fgc

vulnerability	VCID-mctd-9zgv-5qgp

vulnerability	VCID-mnf8-t3ew-4fgb

vulnerability	VCID-n76n-ywja-rbhh

vulnerability	VCID-peya-mr7j-vugf

vulnerability	VCID-q7jp-hn4a-4kec

vulnerability	VCID-qdck-q54n-rkcv

vulnerability	VCID-quwu-ep21-cyew

vulnerability	VCID-qxkf-4ddv-j3b7

vulnerability	VCID-r84b-7ay9-ekcm

vulnerability	VCID-skar-qk57-qkdv

vulnerability	VCID-su1y-2bxh-9qe2

vulnerability	VCID-tcju-3rvu-wkht

vulnerability	VCID-tfn5-6ckq-wyce

vulnerability	VCID-v94p-bxm3-akfd

vulnerability	VCID-vm4b-26sq-tfev

vulnerability	VCID-wsn2-pd9b-b3g8

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@5.5.0

url pkg:apache/tomcat@5.5.33

purl pkg:apache/tomcat@5.5.33

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-241m-q6vd-kudk

vulnerability	VCID-618c-ar98-qfcr

vulnerability	VCID-d9ys-kxh6-nkgr

vulnerability	VCID-mctd-9zgv-5qgp

vulnerability	VCID-quwu-ep21-cyew

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@5.5.33

url pkg:apache/tomcat@6.0.0

purl pkg:apache/tomcat@6.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-18q4-zark-s7a7

vulnerability	VCID-1k8f-vsg1-k3d6

vulnerability	VCID-1qt3-ctae-sfgw

vulnerability	VCID-241m-q6vd-kudk

vulnerability	VCID-27q8-96un-9fbk

vulnerability	VCID-3cr9-g81m-4ugy

vulnerability	VCID-3n4t-bvb1-5qer

vulnerability	VCID-3r3s-q21j-c3au

vulnerability	VCID-4mkw-7haq-pkgn

vulnerability	VCID-4rcx-xfn5-7kdb

vulnerability	VCID-68fk-4g86-ekbp

vulnerability	VCID-6epr-2hbd-skcz

vulnerability	VCID-6p3e-4u8s-17ep

vulnerability	VCID-7969-7a8h-zyhh

vulnerability	VCID-7cpu-h5fr-8ffd

vulnerability	VCID-7ej8-5f77-cybb

vulnerability	VCID-7kjm-p97s-zuh8

vulnerability	VCID-7pd9-1r19-73fe

vulnerability	VCID-87p8-zvvf-y7dm

vulnerability	VCID-88v7-kc2y-bfd7

vulnerability	VCID-95d1-arxd-hkd1

vulnerability	VCID-a1by-zvtm-akdc

vulnerability	VCID-a9cu-fxqw-xkdg

vulnerability	VCID-acmu-9eqb-fya5

vulnerability	VCID-bung-pa58-ayfv

vulnerability	VCID-d9ys-kxh6-nkgr

vulnerability	VCID-dcrp-rae1-zfcm

vulnerability	VCID-dhun-hj5q-dfch

vulnerability	VCID-egup-27ub-6uaf

vulnerability	VCID-f2zy-gq57-ufat

vulnerability	VCID-fpuc-fe6m-47c6

vulnerability	VCID-g998-xymt-fudu

vulnerability	VCID-h9ds-trhx-m7aj

vulnerability	VCID-hhk9-cr54-8fgc

vulnerability	VCID-hhkg-mfp5-2kax

vulnerability	VCID-jf7u-dvpd-b7f4

vulnerability	VCID-kagr-74d9-kyhx

vulnerability	VCID-kgd1-bzst-muh7

vulnerability	VCID-kzzv-rhya-j7dd

vulnerability	VCID-m1zd-uytj-3bej

vulnerability	VCID-mctd-9zgv-5qgp

vulnerability	VCID-mnf8-t3ew-4fgb

vulnerability	VCID-mwk8-b5c9-kbb9

vulnerability	VCID-n76n-ywja-rbhh

vulnerability	VCID-p4dn-y54m-8fd1

vulnerability	VCID-p6ch-pc73-b3ck

vulnerability	VCID-peya-mr7j-vugf

vulnerability	VCID-qdck-q54n-rkcv

vulnerability	VCID-quwu-ep21-cyew

vulnerability	VCID-qxkf-4ddv-j3b7

vulnerability	VCID-r84b-7ay9-ekcm

vulnerability	VCID-su1y-2bxh-9qe2

vulnerability	VCID-tcbc-3kgt-muam

vulnerability	VCID-tcju-3rvu-wkht

vulnerability	VCID-tfn5-6ckq-wyce

vulnerability	VCID-tfrs-d458-tfaq

vulnerability	VCID-twh8-87va-juf9

vulnerability	VCID-v94p-bxm3-akfd

vulnerability	VCID-vd1s-m27a-8ucc

vulnerability	VCID-vm4b-26sq-tfev

vulnerability	VCID-w82a-7kk2-p3f1

vulnerability	VCID-wsn2-pd9b-b3g8

vulnerability	VCID-xf8r-kqxb-7qdy

vulnerability	VCID-ygvw-69am-s7ae

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@6.0.0

url pkg:apache/tomcat@6.0.33

purl pkg:apache/tomcat@6.0.33

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-a9bd-d31y-k7g6

vulnerability	VCID-hhk9-cr54-8fgc

vulnerability	VCID-hxj6-mupf-abbc

vulnerability	VCID-quwu-ep21-cyew

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@6.0.33

url pkg:apache/tomcat@7.0.0

purl pkg:apache/tomcat@7.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-18q4-zark-s7a7

vulnerability	VCID-1k8f-vsg1-k3d6

vulnerability	VCID-241m-q6vd-kudk

vulnerability	VCID-2sbh-sy57-3uez

vulnerability	VCID-3cr9-g81m-4ugy

vulnerability	VCID-3n4t-bvb1-5qer

vulnerability	VCID-3r3s-q21j-c3au

vulnerability	VCID-4aaa-errb-2qdw

vulnerability	VCID-4mkw-7haq-pkgn

vulnerability	VCID-5eqm-218u-p7gq

vulnerability	VCID-618c-ar98-qfcr

vulnerability	VCID-66kh-s6cr-tqf9

vulnerability	VCID-68fk-4g86-ekbp

vulnerability	VCID-7cpu-h5fr-8ffd

vulnerability	VCID-7ej8-5f77-cybb

vulnerability	VCID-886n-1vzv-syc6

vulnerability	VCID-95d1-arxd-hkd1

vulnerability	VCID-95fn-d2ad-qyg6

vulnerability	VCID-9exq-fhv6-bbea

vulnerability	VCID-a1by-zvtm-akdc

vulnerability	VCID-a8gk-n8bq-87cp

vulnerability	VCID-afm2-uj45-xkgx

vulnerability	VCID-arkn-bca7-hqam

vulnerability	VCID-c4jv-ws83-x7g2

vulnerability	VCID-d9ys-kxh6-nkgr

vulnerability	VCID-dhun-hj5q-dfch

vulnerability	VCID-dzpn-w4b3-vbcm

vulnerability	VCID-e2kr-7pmg-gfc9

vulnerability	VCID-eb37-mkxf-7fgw

vulnerability	VCID-f2zy-gq57-ufat

vulnerability	VCID-fpuc-fe6m-47c6

vulnerability	VCID-fyfz-6tr5-2fc7

vulnerability	VCID-g7bk-891a-uufy

vulnerability	VCID-gv12-4ruf-kfhq

vulnerability	VCID-h9ds-trhx-m7aj

vulnerability	VCID-hhk9-cr54-8fgc

vulnerability	VCID-hmbm-5ysw-77bu

vulnerability	VCID-hves-r5bg-yfes

vulnerability	VCID-hxj6-mupf-abbc

vulnerability	VCID-j2j9-avuw-n3eq

vulnerability	VCID-jf7u-dvpd-b7f4

vulnerability	VCID-kagr-74d9-kyhx

vulnerability	VCID-kgd1-bzst-muh7

vulnerability	VCID-kwab-3s4q-eka4

vulnerability	VCID-kzzv-rhya-j7dd

vulnerability	VCID-m1zd-uytj-3bej

vulnerability	VCID-mctd-9zgv-5qgp

vulnerability	VCID-mwk8-b5c9-kbb9

vulnerability	VCID-n3ab-nk7c-hqc9

vulnerability	VCID-n76n-ywja-rbhh

vulnerability	VCID-p4dn-y54m-8fd1

vulnerability	VCID-p6ch-pc73-b3ck

vulnerability	VCID-pqxe-tfhk-47b7

vulnerability	VCID-q6hm-mmfs-zka5

vulnerability	VCID-quwu-ep21-cyew

vulnerability	VCID-ruuh-g3fa-m7d8

vulnerability	VCID-ryha-ndms-afbn

vulnerability	VCID-ta1m-dh8x-nubc

vulnerability	VCID-tcbc-3kgt-muam

vulnerability	VCID-tfn5-6ckq-wyce

vulnerability	VCID-tfrs-d458-tfaq

vulnerability	VCID-vd1s-m27a-8ucc

vulnerability	VCID-vdnj-sqmx-e3ep

vulnerability	VCID-w82a-7kk2-p3f1

vulnerability	VCID-xf8r-kqxb-7qdy

vulnerability	VCID-xqrn-wuv5-x7de

vulnerability	VCID-yfx4-4gsc-2kgh

vulnerability	VCID-ygvw-69am-s7ae

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@7.0.0

url pkg:apache/tomcat@7.0.20

purl pkg:apache/tomcat@7.0.20

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-quwu-ep21-cyew

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@7.0.20

url pkg:maven/org.apache.tomcat/tomcat@5.0.0

purl pkg:maven/org.apache.tomcat/tomcat@5.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-18j8-kwdv-dyak

vulnerability	VCID-27q8-96un-9fbk

vulnerability	VCID-2jnv-segx-zkfd

vulnerability	VCID-4rcx-xfn5-7kdb

vulnerability	VCID-6epr-2hbd-skcz

vulnerability	VCID-6p3e-4u8s-17ep

vulnerability	VCID-7969-7a8h-zyhh

vulnerability	VCID-86ur-vudp-4yc2

vulnerability	VCID-87p8-zvvf-y7dm

vulnerability	VCID-88v7-kc2y-bfd7

vulnerability	VCID-bhq7-d545-27bj

vulnerability	VCID-jau7-gfz8-dkfa

vulnerability	VCID-peya-mr7j-vugf

vulnerability	VCID-q7jp-hn4a-4kec

vulnerability	VCID-qdck-q54n-rkcv

vulnerability	VCID-quwu-ep21-cyew

vulnerability	VCID-qxkf-4ddv-j3b7

vulnerability	VCID-skar-qk57-qkdv

vulnerability	VCID-tcju-3rvu-wkht

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@5.0.0

url pkg:maven/org.apache.tomcat/tomcat@5.5.0

purl pkg:maven/org.apache.tomcat/tomcat@5.5.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-12du-1vyt-bkgx

vulnerability	VCID-18j8-kwdv-dyak

vulnerability	VCID-1qt3-ctae-sfgw

vulnerability	VCID-1v6c-f56v-hqh1

vulnerability	VCID-241m-q6vd-kudk

vulnerability	VCID-27q8-96un-9fbk

vulnerability	VCID-2jnv-segx-zkfd

vulnerability	VCID-4rcx-xfn5-7kdb

vulnerability	VCID-6epr-2hbd-skcz

vulnerability	VCID-6p3e-4u8s-17ep

vulnerability	VCID-7969-7a8h-zyhh

vulnerability	VCID-7kjm-p97s-zuh8

vulnerability	VCID-86ur-vudp-4yc2

vulnerability	VCID-87p8-zvvf-y7dm

vulnerability	VCID-88v7-kc2y-bfd7

vulnerability	VCID-8ebv-6941-jqdy

vulnerability	VCID-a9cu-fxqw-xkdg

vulnerability	VCID-acmu-9eqb-fya5

vulnerability	VCID-bhq7-d545-27bj

vulnerability	VCID-bung-pa58-ayfv

vulnerability	VCID-d9ys-kxh6-nkgr

vulnerability	VCID-dcrp-rae1-zfcm

vulnerability	VCID-dhun-hj5q-dfch

vulnerability	VCID-egye-da2v-4ybh

vulnerability	VCID-f2zy-gq57-ufat

vulnerability	VCID-fvvt-kufu-k3a6

vulnerability	VCID-g7eg-s99s-xqe7

vulnerability	VCID-g998-xymt-fudu

vulnerability	VCID-hhk9-cr54-8fgc

vulnerability	VCID-mctd-9zgv-5qgp

vulnerability	VCID-mnf8-t3ew-4fgb

vulnerability	VCID-n76n-ywja-rbhh

vulnerability	VCID-peya-mr7j-vugf

vulnerability	VCID-q7jp-hn4a-4kec

vulnerability	VCID-qdck-q54n-rkcv

vulnerability	VCID-quwu-ep21-cyew

vulnerability	VCID-qxkf-4ddv-j3b7

vulnerability	VCID-r5rc-rdd9-bfbk

vulnerability	VCID-r84b-7ay9-ekcm

vulnerability	VCID-rrdj-ssn7-zfdj

vulnerability	VCID-rwvj-tq6x-2ubs

vulnerability	VCID-skar-qk57-qkdv

vulnerability	VCID-su1y-2bxh-9qe2

vulnerability	VCID-tcju-3rvu-wkht

vulnerability	VCID-tfn5-6ckq-wyce

vulnerability	VCID-v94p-bxm3-akfd

vulnerability	VCID-vm4b-26sq-tfev

vulnerability	VCID-wsn2-pd9b-b3g8

vulnerability	VCID-zbbr-wded-9ffj

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@5.5.0

url pkg:maven/org.apache.tomcat/tomcat@5.5.33

purl pkg:maven/org.apache.tomcat/tomcat@5.5.33

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-241m-q6vd-kudk

vulnerability	VCID-618c-ar98-qfcr

vulnerability	VCID-d9ys-kxh6-nkgr

vulnerability	VCID-mctd-9zgv-5qgp

vulnerability	VCID-quwu-ep21-cyew

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@5.5.33

url pkg:maven/org.apache.tomcat/tomcat@6.0.0

purl pkg:maven/org.apache.tomcat/tomcat@6.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-12du-1vyt-bkgx

vulnerability	VCID-18q4-zark-s7a7

vulnerability	VCID-1k8f-vsg1-k3d6

vulnerability	VCID-1qt3-ctae-sfgw

vulnerability	VCID-1v6c-f56v-hqh1

vulnerability	VCID-241m-q6vd-kudk

vulnerability	VCID-27q8-96un-9fbk

vulnerability	VCID-3cr9-g81m-4ugy

vulnerability	VCID-3n4t-bvb1-5qer

vulnerability	VCID-3r3s-q21j-c3au

vulnerability	VCID-4mkw-7haq-pkgn

vulnerability	VCID-4rcx-xfn5-7kdb

vulnerability	VCID-68fk-4g86-ekbp

vulnerability	VCID-6epr-2hbd-skcz

vulnerability	VCID-6p3e-4u8s-17ep

vulnerability	VCID-7969-7a8h-zyhh

vulnerability	VCID-7cpu-h5fr-8ffd

vulnerability	VCID-7ej8-5f77-cybb

vulnerability	VCID-7kjm-p97s-zuh8

vulnerability	VCID-7pd9-1r19-73fe

vulnerability	VCID-87p8-zvvf-y7dm

vulnerability	VCID-88v7-kc2y-bfd7

vulnerability	VCID-8ebv-6941-jqdy

vulnerability	VCID-95d1-arxd-hkd1

vulnerability	VCID-a1by-zvtm-akdc

vulnerability	VCID-a9cu-fxqw-xkdg

vulnerability	VCID-acmu-9eqb-fya5

vulnerability	VCID-bung-pa58-ayfv

vulnerability	VCID-d9ys-kxh6-nkgr

vulnerability	VCID-dcrp-rae1-zfcm

vulnerability	VCID-dhun-hj5q-dfch

vulnerability	VCID-egup-27ub-6uaf

vulnerability	VCID-egye-da2v-4ybh

vulnerability	VCID-f2zy-gq57-ufat

vulnerability	VCID-fpuc-fe6m-47c6

vulnerability	VCID-g7eg-s99s-xqe7

vulnerability	VCID-g998-xymt-fudu

vulnerability	VCID-h9ds-trhx-m7aj

vulnerability	VCID-hhk9-cr54-8fgc

vulnerability	VCID-hhkg-mfp5-2kax

vulnerability	VCID-jau7-gfz8-dkfa

vulnerability	VCID-jf7u-dvpd-b7f4

vulnerability	VCID-jtg7-217a-qqhk

vulnerability	VCID-kagr-74d9-kyhx

vulnerability	VCID-kgd1-bzst-muh7

vulnerability	VCID-kzzv-rhya-j7dd

vulnerability	VCID-m1zd-uytj-3bej

vulnerability	VCID-mctd-9zgv-5qgp

vulnerability	VCID-mnf8-t3ew-4fgb

vulnerability	VCID-mwk8-b5c9-kbb9

vulnerability	VCID-n76n-ywja-rbhh

vulnerability	VCID-p4dn-y54m-8fd1

vulnerability	VCID-p6ch-pc73-b3ck

vulnerability	VCID-peya-mr7j-vugf

vulnerability	VCID-qdck-q54n-rkcv

vulnerability	VCID-quwu-ep21-cyew

vulnerability	VCID-qxkf-4ddv-j3b7

vulnerability	VCID-r5rc-rdd9-bfbk

vulnerability	VCID-r84b-7ay9-ekcm

vulnerability	VCID-rrdj-ssn7-zfdj

vulnerability	VCID-rwvj-tq6x-2ubs

vulnerability	VCID-su1y-2bxh-9qe2

vulnerability	VCID-t9y6-suc2-2kcg

vulnerability	VCID-ta1m-dh8x-nubc

vulnerability	VCID-tcbc-3kgt-muam

vulnerability	VCID-tcju-3rvu-wkht

vulnerability	VCID-tfn5-6ckq-wyce

vulnerability	VCID-tfrs-d458-tfaq

vulnerability	VCID-twh8-87va-juf9

vulnerability	VCID-v94p-bxm3-akfd

vulnerability	VCID-vd1s-m27a-8ucc

vulnerability	VCID-vm4b-26sq-tfev

vulnerability	VCID-w82a-7kk2-p3f1

vulnerability	VCID-wsn2-pd9b-b3g8

vulnerability	VCID-xf8r-kqxb-7qdy

vulnerability	VCID-ygvw-69am-s7ae

vulnerability	VCID-zbbr-wded-9ffj

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@6.0.0

url pkg:maven/org.apache.tomcat/tomcat@6.0.33

purl pkg:maven/org.apache.tomcat/tomcat@6.0.33

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-a9bd-d31y-k7g6

vulnerability	VCID-hhk9-cr54-8fgc

vulnerability	VCID-hxj6-mupf-abbc

vulnerability	VCID-quwu-ep21-cyew

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@6.0.33

url pkg:maven/org.apache.tomcat/tomcat@7.0.0

purl pkg:maven/org.apache.tomcat/tomcat@7.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-12du-1vyt-bkgx

vulnerability	VCID-18q4-zark-s7a7

vulnerability	VCID-1k8f-vsg1-k3d6

vulnerability	VCID-1v6c-f56v-hqh1

vulnerability	VCID-241m-q6vd-kudk

vulnerability	VCID-2sbh-sy57-3uez

vulnerability	VCID-3cr9-g81m-4ugy

vulnerability	VCID-3n4t-bvb1-5qer

vulnerability	VCID-3r3s-q21j-c3au

vulnerability	VCID-4aaa-errb-2qdw

vulnerability	VCID-4mkw-7haq-pkgn

vulnerability	VCID-5eqm-218u-p7gq

vulnerability	VCID-618c-ar98-qfcr

vulnerability	VCID-66kh-s6cr-tqf9

vulnerability	VCID-68fk-4g86-ekbp

vulnerability	VCID-7cpu-h5fr-8ffd

vulnerability	VCID-7ej8-5f77-cybb

vulnerability	VCID-886n-1vzv-syc6

vulnerability	VCID-8ebv-6941-jqdy

vulnerability	VCID-95d1-arxd-hkd1

vulnerability	VCID-95fn-d2ad-qyg6

vulnerability	VCID-9exq-fhv6-bbea

vulnerability	VCID-a1by-zvtm-akdc

vulnerability	VCID-a8gk-n8bq-87cp

vulnerability	VCID-afm2-uj45-xkgx

vulnerability	VCID-arkn-bca7-hqam

vulnerability	VCID-c4jv-ws83-x7g2

vulnerability	VCID-d9ys-kxh6-nkgr

vulnerability	VCID-dhun-hj5q-dfch

vulnerability	VCID-dzpn-w4b3-vbcm

vulnerability	VCID-e2kr-7pmg-gfc9

vulnerability	VCID-eb37-mkxf-7fgw

vulnerability	VCID-egye-da2v-4ybh

vulnerability	VCID-f2zy-gq57-ufat

vulnerability	VCID-fpuc-fe6m-47c6

vulnerability	VCID-fyfz-6tr5-2fc7

vulnerability	VCID-g7bk-891a-uufy

vulnerability	VCID-g7eg-s99s-xqe7

vulnerability	VCID-gv12-4ruf-kfhq

vulnerability	VCID-gyed-x6s8-ybhr

vulnerability	VCID-h9ds-trhx-m7aj

vulnerability	VCID-hhk9-cr54-8fgc

vulnerability	VCID-hmbm-5ysw-77bu

vulnerability	VCID-hves-r5bg-yfes

vulnerability	VCID-hxj6-mupf-abbc

vulnerability	VCID-j2j9-avuw-n3eq

vulnerability	VCID-jau7-gfz8-dkfa

vulnerability	VCID-jf7u-dvpd-b7f4

vulnerability	VCID-kagr-74d9-kyhx

vulnerability	VCID-kgd1-bzst-muh7

vulnerability	VCID-kwab-3s4q-eka4

vulnerability	VCID-kyb8-rvyw-s7b1

vulnerability	VCID-kzzv-rhya-j7dd

vulnerability	VCID-m1zd-uytj-3bej

vulnerability	VCID-mctd-9zgv-5qgp

vulnerability	VCID-mwk8-b5c9-kbb9

vulnerability	VCID-n3ab-nk7c-hqc9

vulnerability	VCID-n76n-ywja-rbhh

vulnerability	VCID-p4dn-y54m-8fd1

vulnerability	VCID-p6ch-pc73-b3ck

vulnerability	VCID-pqxe-tfhk-47b7

vulnerability	VCID-q6hm-mmfs-zka5

vulnerability	VCID-quwu-ep21-cyew

vulnerability	VCID-r5rc-rdd9-bfbk

vulnerability	VCID-rrdj-ssn7-zfdj

vulnerability	VCID-ruuh-g3fa-m7d8

vulnerability	VCID-ryha-ndms-afbn

vulnerability	VCID-ta1m-dh8x-nubc

vulnerability	VCID-tcbc-3kgt-muam

vulnerability	VCID-tfn5-6ckq-wyce

vulnerability	VCID-tfrs-d458-tfaq

vulnerability	VCID-vd1s-m27a-8ucc

vulnerability	VCID-vdnj-sqmx-e3ep

vulnerability	VCID-w82a-7kk2-p3f1

vulnerability	VCID-xf8r-kqxb-7qdy

vulnerability	VCID-xqrn-wuv5-x7de

vulnerability	VCID-yfx4-4gsc-2kgh

vulnerability	VCID-ygvw-69am-s7ae

vulnerability	VCID-zbbr-wded-9ffj

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@7.0.0

url pkg:maven/org.apache.tomcat/tomcat@7.0.20

purl pkg:maven/org.apache.tomcat/tomcat@7.0.20

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-quwu-ep21-cyew

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@7.0.20

url pkg:rpm/redhat/tomcat5@5.5.33-27_patch_07.ep5?arch=el5

purl pkg:rpm/redhat/tomcat5@5.5.33-27_patch_07.ep5?arch=el5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1v6c-f56v-hqh1

vulnerability	VCID-241m-q6vd-kudk

vulnerability	VCID-8ebv-6941-jqdy

vulnerability	VCID-d9ys-kxh6-nkgr

vulnerability	VCID-egye-da2v-4ybh

vulnerability	VCID-hhk9-cr54-8fgc

vulnerability	VCID-mctd-9zgv-5qgp

vulnerability	VCID-quwu-ep21-cyew

vulnerability	VCID-zbbr-wded-9ffj

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/tomcat5@5.5.33-27_patch_07.ep5%3Farch=el5

url pkg:rpm/redhat/tomcat5@5.5.33-28_patch_07.ep5?arch=el6

purl pkg:rpm/redhat/tomcat5@5.5.33-28_patch_07.ep5?arch=el6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1v6c-f56v-hqh1

vulnerability	VCID-241m-q6vd-kudk

vulnerability	VCID-8ebv-6941-jqdy

vulnerability	VCID-d9ys-kxh6-nkgr

vulnerability	VCID-egye-da2v-4ybh

vulnerability	VCID-hhk9-cr54-8fgc

vulnerability	VCID-mctd-9zgv-5qgp

vulnerability	VCID-quwu-ep21-cyew

vulnerability	VCID-zbbr-wded-9ffj

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/tomcat5@5.5.33-28_patch_07.ep5%3Farch=el6

url pkg:rpm/redhat/tomcat6@6.0.24-35?arch=el6_1

purl pkg:rpm/redhat/tomcat6@6.0.24-35?arch=el6_1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1v6c-f56v-hqh1

vulnerability	VCID-241m-q6vd-kudk

vulnerability	VCID-8ebv-6941-jqdy

vulnerability	VCID-d9ys-kxh6-nkgr

vulnerability	VCID-egye-da2v-4ybh

vulnerability	VCID-mctd-9zgv-5qgp

vulnerability	VCID-quwu-ep21-cyew

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/tomcat6@6.0.24-35%3Farch=el6_1

url pkg:rpm/redhat/tomcat6@6.0.32-24_patch_07.ep5?arch=el6

purl pkg:rpm/redhat/tomcat6@6.0.32-24_patch_07.ep5?arch=el6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1v6c-f56v-hqh1

vulnerability	VCID-241m-q6vd-kudk

vulnerability	VCID-8ebv-6941-jqdy

vulnerability	VCID-d9ys-kxh6-nkgr

vulnerability	VCID-egye-da2v-4ybh

vulnerability	VCID-hhk9-cr54-8fgc

vulnerability	VCID-hxj6-mupf-abbc

vulnerability	VCID-mctd-9zgv-5qgp

vulnerability	VCID-quwu-ep21-cyew

vulnerability	VCID-zbbr-wded-9ffj

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/tomcat6@6.0.32-24_patch_07.ep5%3Farch=el6

url pkg:rpm/redhat/tomcat6@6.0.32-24_patch_07.ep5?arch=el5

purl pkg:rpm/redhat/tomcat6@6.0.32-24_patch_07.ep5?arch=el5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1v6c-f56v-hqh1

vulnerability	VCID-241m-q6vd-kudk

vulnerability	VCID-8ebv-6941-jqdy

vulnerability	VCID-d9ys-kxh6-nkgr

vulnerability	VCID-egye-da2v-4ybh

vulnerability	VCID-hhk9-cr54-8fgc

vulnerability	VCID-hxj6-mupf-abbc

vulnerability	VCID-mctd-9zgv-5qgp

vulnerability	VCID-quwu-ep21-cyew

vulnerability	VCID-zbbr-wded-9ffj

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/tomcat6@6.0.32-24_patch_07.ep5%3Farch=el5

References

reference_url

http://marc.info/?l=bugtraq&m=132215163318824&w=2

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://marc.info/?l=bugtraq&m=132215163318824&w=2

reference_url

http://marc.info/?l=bugtraq&m=133469267822771&w=2

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://marc.info/?l=bugtraq&m=133469267822771&w=2

reference_url

http://marc.info/?l=bugtraq&m=136485229118404&w=2

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://marc.info/?l=bugtraq&m=136485229118404&w=2

reference_url

http://marc.info/?l=bugtraq&m=139344343412337&w=2

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://marc.info/?l=bugtraq&m=139344343412337&w=2

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3190.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3190.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2011-3190

reference_id

reference_type

scores

value	0.00872
scoring_system	epss
scoring_elements	0.75249
published_at	2026-04-16T12:55:00Z

value	0.00872
scoring_system	epss
scoring_elements	0.75167
published_at	2026-04-01T12:55:00Z

value	0.00872
scoring_system	epss
scoring_elements	0.7517
published_at	2026-04-02T12:55:00Z

value	0.00872
scoring_system	epss
scoring_elements	0.75201
published_at	2026-04-04T12:55:00Z

value	0.00872
scoring_system	epss
scoring_elements	0.75177
published_at	2026-04-07T12:55:00Z

value	0.00872
scoring_system	epss
scoring_elements	0.75212
published_at	2026-04-08T12:55:00Z

value	0.00872
scoring_system	epss
scoring_elements	0.75224
published_at	2026-04-09T12:55:00Z

value	0.00872
scoring_system	epss
scoring_elements	0.75245
published_at	2026-04-11T12:55:00Z

value	0.00872
scoring_system	epss
scoring_elements	0.75222
published_at	2026-04-12T12:55:00Z

value	0.00872
scoring_system	epss
scoring_elements	0.75211
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2011-3190

reference_url

http://securityreason.com/securityalert/8362

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://securityreason.com/securityalert/8362

reference_url

https://exchange.xforce.ibmcloud.com/vulnerabilities/69472

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://exchange.xforce.ibmcloud.com/vulnerabilities/69472

reference_url

https://github.com/apache/tomcat

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat

reference_url

https://github.com/apache/tomcat55/commit/be3eb28f82250a5c81a1c42216570ebf892aefac

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat55/commit/be3eb28f82250a5c81a1c42216570ebf892aefac

reference_url	https://github.com/apache/tomcat70/commit/90ec9675fa080e22df5f9e3e7019a19eb2faec14
reference_id
reference_type
scores
url	https://github.com/apache/tomcat70/commit/90ec9675fa080e22df5f9e3e7019a19eb2faec14

reference_url

https://github.com/apache/tomcat/commit/a2538ce78f83b7376c48d12d8247600079d789b1

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/a2538ce78f83b7376c48d12d8247600079d789b1

reference_url

https://issues.apache.org/bugzilla/show_bug.cgi?id=51698

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://issues.apache.org/bugzilla/show_bug.cgi?id=51698

reference_url

https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3Cdev.tomcat.apache.org%3E

reference_url

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14933

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14933

reference_url

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19465

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19465

reference_url	https://svn.apache.org/viewvc?view=rev&rev=1162958
reference_id
reference_type
scores
url	https://svn.apache.org/viewvc?view=rev&rev=1162958

reference_url	https://svn.apache.org/viewvc?view=rev&rev=1162959
reference_id
reference_type
scores
url	https://svn.apache.org/viewvc?view=rev&rev=1162959

reference_url	https://svn.apache.org/viewvc?view=rev&rev=1162960
reference_id
reference_type
scores
url	https://svn.apache.org/viewvc?view=rev&rev=1162960

reference_url

https://web.archive.org/web/20130121232525/http://www.securityfocus.com/archive/1/519466/100/0/threaded

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20130121232525/http://www.securityfocus.com/archive/1/519466/100/0/threaded

reference_url

https://web.archive.org/web/20130314002148/http://www.securityfocus.com/bid/49353

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20130314002148/http://www.securityfocus.com/bid/49353

reference_url

https://web.archive.org/web/20131214094052/http://www.securitytracker.com/id?1025993

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20131214094052/http://www.securitytracker.com/id?1025993

reference_url

http://www.debian.org/security/2012/dsa-2401

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www.debian.org/security/2012/dsa-2401

reference_url

http://www.mandriva.com/security/advisories?name=MDVSA-2011:156

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www.mandriva.com/security/advisories?name=MDVSA-2011:156

reference_url	http://www.securityfocus.com/archive/1/519466/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/519466/100/0/threaded

reference_url	http://www.securityfocus.com/bid/49353
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/49353

reference_url	http://www.securitytracker.com/id?1025993
reference_id
reference_type
scores
url	http://www.securitytracker.com/id?1025993

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=734868
reference_id	734868
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=734868

reference_url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3190

reference_id

CVE-2011-3190

reference_type

scores

value	Important
scoring_system	apache_tomcat
scoring_elements

url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3190

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2011-3190

reference_id

CVE-2011-3190

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2011-3190

reference_url

https://github.com/advisories/GHSA-c38m-v4m2-524v

reference_id

GHSA-c38m-v4m2-524v

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-c38m-v4m2-524v

reference_url	https://security.gentoo.org/glsa/201206-24
reference_id	GLSA-201206-24
reference_type
scores
url	https://security.gentoo.org/glsa/201206-24

reference_url	https://access.redhat.com/errata/RHSA-2011:1780
reference_id	RHSA-2011:1780
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2011:1780

reference_url	https://access.redhat.com/errata/RHSA-2012:0679
reference_id	RHSA-2012:0679
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2012:0679

reference_url	https://access.redhat.com/errata/RHSA-2012:0680
reference_id	RHSA-2012:0680
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2012:0680

reference_url	https://access.redhat.com/errata/RHSA-2012:0681
reference_id	RHSA-2012:0681
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2012:0681

reference_url	https://access.redhat.com/errata/RHSA-2012:0682
reference_id	RHSA-2012:0682
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2012:0682

reference_url	https://usn.ubuntu.com/1252-1/
reference_id	USN-1252-1
reference_type
scores
url	https://usn.ubuntu.com/1252-1/

Weaknesses

cwe_id	1035
name	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.

cwe_id	264
name	Permissions, Privileges, and Access Controls
description	Weaknesses in this category are related to the management of permissions, privileges, and other security features that are used to perform access control.

cwe_id	937
name	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.

cwe_id	287
name	Improper Authentication
description	When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

Exploits

Severity_range_score 7.0 - 8.9

Exploitability 0.5

Weighted_severity 8.0

Risk_score 4.0

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-quwu-ep21-cyew

Vulnerability Instance