Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-6ss8-442a-3baf
SummaryMultiple cross-site scripting (XSS) vulnerabilities in the (1) examples and (2) ROOT web applications for Jakarta Tomcat 3.x through 3.3.1a allow remote attackers to insert arbitrary web script or HTML.
Aliases
0
alias CVE-2003-0044
1
alias GHSA-5hgm-qm5m-5vmw
Fixed_packages
0
url pkg:apache/tomcat@3.3.2
purl pkg:apache/tomcat@3.3.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6p3e-4u8s-17ep
1
vulnerability VCID-7969-7a8h-zyhh
2
vulnerability VCID-kxaa-62td-r3cs
3
vulnerability VCID-x6zh-jypa-pbcc
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@3.3.2
Affected_packages
0
url pkg:apache/tomcat@3.0.0
purl pkg:apache/tomcat@3.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1vxs-pv2f-ufam
1
vulnerability VCID-6ss8-442a-3baf
2
vulnerability VCID-6yk2-f8d5-cyc3
3
vulnerability VCID-9rpn-zb26-yfdk
4
vulnerability VCID-a2q2-x613-quav
5
vulnerability VCID-shq7-jxup-5fgk
6
vulnerability VCID-x6zh-jypa-pbcc
7
vulnerability VCID-zm3q-xjwh-xqdz
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@3.0.0
1
url pkg:apache/tomcat@3.1.0
purl pkg:apache/tomcat@3.1.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1vxs-pv2f-ufam
1
vulnerability VCID-2fb2-r763-ybg5
2
vulnerability VCID-3n3t-ygrc-wug2
3
vulnerability VCID-6ss8-442a-3baf
4
vulnerability VCID-6yk2-f8d5-cyc3
5
vulnerability VCID-8ezk-dvv2-3qba
6
vulnerability VCID-9rpn-zb26-yfdk
7
vulnerability VCID-a2q2-x613-quav
8
vulnerability VCID-edmc-muvz-5ufu
9
vulnerability VCID-shq7-jxup-5fgk
10
vulnerability VCID-x6zh-jypa-pbcc
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@3.1.0
2
url pkg:apache/tomcat@3.1.1
purl pkg:apache/tomcat@3.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1vxs-pv2f-ufam
1
vulnerability VCID-2fb2-r763-ybg5
2
vulnerability VCID-6ss8-442a-3baf
3
vulnerability VCID-6yk2-f8d5-cyc3
4
vulnerability VCID-9rpn-zb26-yfdk
5
vulnerability VCID-a2q2-x613-quav
6
vulnerability VCID-edmc-muvz-5ufu
7
vulnerability VCID-shq7-jxup-5fgk
8
vulnerability VCID-x6zh-jypa-pbcc
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@3.1.1
3
url pkg:apache/tomcat@3.2.0
purl pkg:apache/tomcat@3.2.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1vxs-pv2f-ufam
1
vulnerability VCID-2fb2-r763-ybg5
2
vulnerability VCID-56a7-wfbu-7be8
3
vulnerability VCID-6ss8-442a-3baf
4
vulnerability VCID-6yk2-f8d5-cyc3
5
vulnerability VCID-9rpn-zb26-yfdk
6
vulnerability VCID-a2q2-x613-quav
7
vulnerability VCID-edmc-muvz-5ufu
8
vulnerability VCID-shq7-jxup-5fgk
9
vulnerability VCID-x6zh-jypa-pbcc
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@3.2.0
4
url pkg:apache/tomcat@3.2.4
purl pkg:apache/tomcat@3.2.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fb2-r763-ybg5
1
vulnerability VCID-6ss8-442a-3baf
2
vulnerability VCID-6yk2-f8d5-cyc3
3
vulnerability VCID-9rpn-zb26-yfdk
4
vulnerability VCID-edmc-muvz-5ufu
5
vulnerability VCID-rybd-nsf5-j7fr
6
vulnerability VCID-shq7-jxup-5fgk
7
vulnerability VCID-x6zh-jypa-pbcc
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@3.2.4
5
url pkg:apache/tomcat@3.3.0-a
purl pkg:apache/tomcat@3.3.0-a
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6ss8-442a-3baf
1
vulnerability VCID-6yk2-f8d5-cyc3
2
vulnerability VCID-9rpn-zb26-yfdk
3
vulnerability VCID-shq7-jxup-5fgk
4
vulnerability VCID-x6zh-jypa-pbcc
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@3.3.0-a
6
url pkg:apache/tomcat@3.3.1-a
purl pkg:apache/tomcat@3.3.1-a
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6ss8-442a-3baf
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@3.3.1-a
7
url pkg:maven/org.apache.tomcat/tomcat@3.0
purl pkg:maven/org.apache.tomcat/tomcat@3.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1vxs-pv2f-ufam
1
vulnerability VCID-2fb2-r763-ybg5
2
vulnerability VCID-6ss8-442a-3baf
3
vulnerability VCID-6yk2-f8d5-cyc3
4
vulnerability VCID-9rpn-zb26-yfdk
5
vulnerability VCID-a2q2-x613-quav
6
vulnerability VCID-shq7-jxup-5fgk
7
vulnerability VCID-x6zh-jypa-pbcc
8
vulnerability VCID-zm3q-xjwh-xqdz
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@3.0
8
url pkg:maven/org.apache.tomcat/tomcat@3.1
purl pkg:maven/org.apache.tomcat/tomcat@3.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1vxs-pv2f-ufam
1
vulnerability VCID-2fb2-r763-ybg5
2
vulnerability VCID-3n3t-ygrc-wug2
3
vulnerability VCID-6ss8-442a-3baf
4
vulnerability VCID-6yk2-f8d5-cyc3
5
vulnerability VCID-8ezk-dvv2-3qba
6
vulnerability VCID-9rpn-zb26-yfdk
7
vulnerability VCID-a2q2-x613-quav
8
vulnerability VCID-edmc-muvz-5ufu
9
vulnerability VCID-shq7-jxup-5fgk
10
vulnerability VCID-x6zh-jypa-pbcc
11
vulnerability VCID-zm3q-xjwh-xqdz
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@3.1
9
url pkg:maven/org.apache.tomcat/tomcat@3.1.1
purl pkg:maven/org.apache.tomcat/tomcat@3.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1vxs-pv2f-ufam
1
vulnerability VCID-2fb2-r763-ybg5
2
vulnerability VCID-6ss8-442a-3baf
3
vulnerability VCID-6yk2-f8d5-cyc3
4
vulnerability VCID-9rpn-zb26-yfdk
5
vulnerability VCID-a2q2-x613-quav
6
vulnerability VCID-edmc-muvz-5ufu
7
vulnerability VCID-shq7-jxup-5fgk
8
vulnerability VCID-x6zh-jypa-pbcc
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@3.1.1
10
url pkg:maven/org.apache.tomcat/tomcat@3.2
purl pkg:maven/org.apache.tomcat/tomcat@3.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1vxs-pv2f-ufam
1
vulnerability VCID-2fb2-r763-ybg5
2
vulnerability VCID-56a7-wfbu-7be8
3
vulnerability VCID-6ss8-442a-3baf
4
vulnerability VCID-6yk2-f8d5-cyc3
5
vulnerability VCID-9rpn-zb26-yfdk
6
vulnerability VCID-a2q2-x613-quav
7
vulnerability VCID-edmc-muvz-5ufu
8
vulnerability VCID-shq7-jxup-5fgk
9
vulnerability VCID-x6zh-jypa-pbcc
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@3.2
11
url pkg:maven/org.apache.tomcat/tomcat@3.2.4
purl pkg:maven/org.apache.tomcat/tomcat@3.2.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fb2-r763-ybg5
1
vulnerability VCID-6ss8-442a-3baf
2
vulnerability VCID-6yk2-f8d5-cyc3
3
vulnerability VCID-9rpn-zb26-yfdk
4
vulnerability VCID-edmc-muvz-5ufu
5
vulnerability VCID-rybd-nsf5-j7fr
6
vulnerability VCID-shq7-jxup-5fgk
7
vulnerability VCID-x6zh-jypa-pbcc
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@3.2.4
12
url pkg:maven/org.apache.tomcat/tomcat@3.3a
purl pkg:maven/org.apache.tomcat/tomcat@3.3a
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6ss8-442a-3baf
1
vulnerability VCID-6yk2-f8d5-cyc3
2
vulnerability VCID-9rpn-zb26-yfdk
3
vulnerability VCID-shq7-jxup-5fgk
4
vulnerability VCID-x6zh-jypa-pbcc
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@3.3a
13
url pkg:maven/org.apache.tomcat/tomcat@3.3.1a
purl pkg:maven/org.apache.tomcat/tomcat@3.3.1a
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6ss8-442a-3baf
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@3.3.1a
References
0
reference_url http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a
1
reference_url http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/
reference_id
reference_type
scores
url http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/
2
reference_url http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/RELEASE-NOTES-3.3.1a.txt
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/RELEASE-NOTES-3.3.1a.txt
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2003-0044
reference_id
reference_type
scores
0
value 0.27285
scoring_system epss
scoring_elements 0.964
published_at 2026-04-13T12:55:00Z
1
value 0.27285
scoring_system epss
scoring_elements 0.96397
published_at 2026-04-12T12:55:00Z
2
value 0.27285
scoring_system epss
scoring_elements 0.96393
published_at 2026-04-09T12:55:00Z
3
value 0.27285
scoring_system epss
scoring_elements 0.9639
published_at 2026-04-08T12:55:00Z
4
value 0.27285
scoring_system epss
scoring_elements 0.96381
published_at 2026-04-07T12:55:00Z
5
value 0.27285
scoring_system epss
scoring_elements 0.96378
published_at 2026-04-04T12:55:00Z
6
value 0.27285
scoring_system epss
scoring_elements 0.96367
published_at 2026-04-01T12:55:00Z
7
value 0.27285
scoring_system epss
scoring_elements 0.96374
published_at 2026-04-02T12:55:00Z
8
value 0.27285
scoring_system epss
scoring_elements 0.96407
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2003-0044
4
reference_url http://secunia.com/advisories/7972
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/7972
5
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/11196
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/11196
6
reference_url http://www.ciac.org/ciac/bulletins/n-060.shtml
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.ciac.org/ciac/bulletins/n-060.shtml
7
reference_url http://www.debian.org/security/2003/dsa-246
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2003/dsa-246
8
reference_url http://www.osvdb.org/9203
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.osvdb.org/9203
9
reference_url http://www.osvdb.org/9204
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.osvdb.org/9204
10
reference_url http://www.securityfocus.com/advisories/5111
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/advisories/5111
11
reference_url http://www.securityfocus.com/bid/6720
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/6720
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0044
reference_id CVE-2003-0044
reference_type
scores
0
value Moderate
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0044
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2003-0044
reference_id CVE-2003-0044
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2003-0044
14
reference_url https://github.com/advisories/GHSA-5hgm-qm5m-5vmw
reference_id GHSA-5hgm-qm5m-5vmw
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-5hgm-qm5m-5vmw
Weaknesses
0
cwe_id 1035
name OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.
1
cwe_id 79
name Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
description The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
2
cwe_id 937
name OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.
Exploits
Severity_range_score4.0 - 6.9
Exploitability0.5
Weighted_severity6.2
Risk_score3.1
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-6ss8-442a-3baf