Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-h11m-szkg-p7c5

Summary

Aliases

alias	CVE-2025-55754

alias	GHSA-vfww-5hm6-hx2j

Fixed_packages

url pkg:apache/tomcat@9.0.109

purl pkg:apache/tomcat@9.0.109

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-z6g3-j67d-87hc

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@9.0.109

url	pkg:apache/tomcat@10.1.45
purl	pkg:apache/tomcat@10.1.45
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@10.1.45

url pkg:apache/tomcat@11.0.11

purl pkg:apache/tomcat@11.0.11

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-z6g3-j67d-87hc

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@11.0.11

url	pkg:deb/debian/tomcat10@10.1.46-1?distro=trixie
purl	pkg:deb/debian/tomcat10@10.1.46-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat10@10.1.46-1%3Fdistro=trixie

url pkg:deb/debian/tomcat10@10.1.52-1~deb12u1?distro=trixie

purl pkg:deb/debian/tomcat10@10.1.52-1~deb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1mms-9rqw-xqhq

vulnerability	VCID-3e3b-6dse-s3gf

vulnerability	VCID-bqkn-zvm1-4kd6

vulnerability	VCID-ek4k-3m72-qqbf

vulnerability	VCID-jz35-ynpa-sqfq

vulnerability	VCID-keyp-7fnn-cbh8

vulnerability	VCID-rx6f-x5cc-6bef

vulnerability	VCID-thj9-c3nq-f3ax

vulnerability	VCID-up1n-hunu-rkak

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat10@10.1.52-1~deb12u1%3Fdistro=trixie

url pkg:deb/debian/tomcat10@10.1.52-1~deb13u1?distro=trixie

purl pkg:deb/debian/tomcat10@10.1.52-1~deb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1mms-9rqw-xqhq

vulnerability	VCID-3e3b-6dse-s3gf

vulnerability	VCID-bqkn-zvm1-4kd6

vulnerability	VCID-ek4k-3m72-qqbf

vulnerability	VCID-jz35-ynpa-sqfq

vulnerability	VCID-keyp-7fnn-cbh8

vulnerability	VCID-rx6f-x5cc-6bef

vulnerability	VCID-thj9-c3nq-f3ax

vulnerability	VCID-up1n-hunu-rkak

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat10@10.1.52-1~deb13u1%3Fdistro=trixie

url	pkg:deb/debian/tomcat10@10.1.54-1?distro=trixie
purl	pkg:deb/debian/tomcat10@10.1.54-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat10@10.1.54-1%3Fdistro=trixie

url	pkg:deb/debian/tomcat11@11.0.11-1?distro=trixie
purl	pkg:deb/debian/tomcat11@11.0.11-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat11@11.0.11-1%3Fdistro=trixie

url pkg:deb/debian/tomcat11@11.0.15-1~deb13u1?distro=trixie

purl pkg:deb/debian/tomcat11@11.0.15-1~deb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1mms-9rqw-xqhq

vulnerability	VCID-3e3b-6dse-s3gf

vulnerability	VCID-4qzp-up1c-2kfq

vulnerability	VCID-5j78-np3z-rfda

vulnerability	VCID-71uq-hgqp-b3a1

vulnerability	VCID-9ptv-guzs-kyg1

vulnerability	VCID-bqkn-zvm1-4kd6

vulnerability	VCID-c8b5-23zz-cudd

vulnerability	VCID-dk5d-3ebq-yfbn

vulnerability	VCID-ek4k-3m72-qqbf

vulnerability	VCID-jz35-ynpa-sqfq

vulnerability	VCID-keyp-7fnn-cbh8

vulnerability	VCID-kxvn-6xbg-4fep

vulnerability	VCID-pmx1-hkph-4qhd

vulnerability	VCID-rx6f-x5cc-6bef

vulnerability	VCID-thj9-c3nq-f3ax

vulnerability	VCID-up1n-hunu-rkak

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat11@11.0.15-1~deb13u1%3Fdistro=trixie

url pkg:deb/debian/tomcat11@11.0.21-1?distro=trixie

purl pkg:deb/debian/tomcat11@11.0.21-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4qzp-up1c-2kfq

vulnerability	VCID-5j78-np3z-rfda

vulnerability	VCID-9ptv-guzs-kyg1

vulnerability	VCID-c8b5-23zz-cudd

vulnerability	VCID-dk5d-3ebq-yfbn

vulnerability	VCID-kxvn-6xbg-4fep

vulnerability	VCID-pmx1-hkph-4qhd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat11@11.0.21-1%3Fdistro=trixie

url	pkg:deb/debian/tomcat11@11.0.22-2?distro=trixie
purl	pkg:deb/debian/tomcat11@11.0.22-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat11@11.0.22-2%3Fdistro=trixie

url	pkg:deb/debian/tomcat9@9.0.43-2~deb11u10?distro=trixie
purl	pkg:deb/debian/tomcat9@9.0.43-2~deb11u10?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat9@9.0.43-2~deb11u10%3Fdistro=trixie

url	pkg:deb/debian/tomcat9@9.0.70-2?distro=trixie
purl	pkg:deb/debian/tomcat9@9.0.70-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat9@9.0.70-2%3Fdistro=trixie

url	pkg:deb/debian/tomcat9@9.0.95-1?distro=trixie
purl	pkg:deb/debian/tomcat9@9.0.95-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat9@9.0.95-1%3Fdistro=trixie

url	pkg:deb/debian/tomcat9@9.0.107-0%2Bdeb11u2?distro=trixie
purl	pkg:deb/debian/tomcat9@9.0.107-0%2Bdeb11u2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat9@9.0.107-0%252Bdeb11u2%3Fdistro=trixie

url	pkg:deb/debian/tomcat9@9.0.115-1?distro=trixie
purl	pkg:deb/debian/tomcat9@9.0.115-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat9@9.0.115-1%3Fdistro=trixie

url	pkg:deb/debian/tomcat9@9.0.118-1?distro=trixie
purl	pkg:deb/debian/tomcat9@9.0.118-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat9@9.0.118-1%3Fdistro=trixie

url pkg:maven/org.apache.tomcat/tomcat@9.0.109

purl pkg:maven/org.apache.tomcat/tomcat@9.0.109

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-z6g3-j67d-87hc

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.109

url	pkg:maven/org.apache.tomcat/tomcat@10.1.45
purl	pkg:maven/org.apache.tomcat/tomcat@10.1.45
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.45

url pkg:maven/org.apache.tomcat/tomcat@11.0.11

purl pkg:maven/org.apache.tomcat/tomcat@11.0.11

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-z6g3-j67d-87hc

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@11.0.11

url	pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.109
purl	pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.109
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.109

url	pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.45
purl	pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.45
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.45

url	pkg:maven/org.apache.tomcat/tomcat-catalina@11.0.11
purl	pkg:maven/org.apache.tomcat/tomcat-catalina@11.0.11
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-catalina@11.0.11

url	pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.109
purl	pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.109
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.109

url	pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.45
purl	pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.45
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.45

url	pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@11.0.11
purl	pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@11.0.11
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@11.0.11

Affected_packages

url pkg:apache/tomcat@9.0.40

purl pkg:apache/tomcat@9.0.40

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1mms-9rqw-xqhq

vulnerability	VCID-5fj8-g5jf-wybu

vulnerability	VCID-a8x5-hzkb-vuf4

vulnerability	VCID-h11m-szkg-p7c5

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@9.0.40

url pkg:apache/tomcat@9.0.108

purl pkg:apache/tomcat@9.0.108

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6t1m-v4ym-4uhs

vulnerability	VCID-h11m-szkg-p7c5

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@9.0.108

url pkg:apache/tomcat@10.1.0-M1

purl pkg:apache/tomcat@10.1.0-M1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1maq-ar71-p3ha

vulnerability	VCID-1mms-9rqw-xqhq

vulnerability	VCID-2kta-z43d-2uhm

vulnerability	VCID-35fm-apgj-jqd3

vulnerability	VCID-4pgx-mk91-xyba

vulnerability	VCID-4qzp-up1c-2kfq

vulnerability	VCID-5fj8-g5jf-wybu

vulnerability	VCID-5j78-np3z-rfda

vulnerability	VCID-61p6-f9vu-7fca

vulnerability	VCID-61xw-8vnm-vkcx

vulnerability	VCID-64r1-zcg6-qfb8

vulnerability	VCID-67rb-z7qk-zke9

vulnerability	VCID-6t1m-v4ym-4uhs

vulnerability	VCID-8btx-vpre-pugb

vulnerability	VCID-9248-b5q8-2bc7

vulnerability	VCID-9g9v-wsbr-hkde

vulnerability	VCID-9ptv-guzs-kyg1

vulnerability	VCID-9w58-wv96-dfhb

vulnerability	VCID-a8x5-hzkb-vuf4

vulnerability	VCID-b9hb-uzqm-wbcp

vulnerability	VCID-bqkn-zvm1-4kd6

vulnerability	VCID-c8b5-23zz-cudd

vulnerability	VCID-dk5d-3ebq-yfbn

vulnerability	VCID-eehy-pgzv-vudx

vulnerability	VCID-ffqg-mkqf-xqgh

vulnerability	VCID-g9rk-me3p-1fey

vulnerability	VCID-h11m-szkg-p7c5

vulnerability	VCID-hdnj-g415-2bbw

vulnerability	VCID-j4ut-s3e4-qqh7

vulnerability	VCID-jz35-ynpa-sqfq

vulnerability	VCID-kdhy-vpg2-nqgh

vulnerability	VCID-kq3c-qp43-dqgg

vulnerability	VCID-kxvn-6xbg-4fep

vulnerability	VCID-mvgq-kb92-dqf8

vulnerability	VCID-nafh-ss66-efc1

vulnerability	VCID-p7x2-ejss-ffd1

vulnerability	VCID-pmx1-hkph-4qhd

vulnerability	VCID-rx6f-x5cc-6bef

vulnerability	VCID-ryjx-b2fp-5bbc

vulnerability	VCID-s6p4-xq69-6fb4

vulnerability	VCID-twp1-3h1f-r3de

vulnerability	VCID-wpew-vv5h-r7c5

vulnerability	VCID-wtt7-38dy-gbec

vulnerability	VCID-xdgh-k9su-4bes

vulnerability	VCID-xym1-6dp5-t7d7

vulnerability	VCID-y5je-ud4g-ufdc

vulnerability	VCID-z1yq-nwk7-1kba

vulnerability	VCID-z6g3-j67d-87hc

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@10.1.0-M1

url pkg:apache/tomcat@10.1.44

purl pkg:apache/tomcat@10.1.44

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6t1m-v4ym-4uhs

vulnerability	VCID-h11m-szkg-p7c5

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@10.1.44

url pkg:apache/tomcat@11.0.0-M1

purl pkg:apache/tomcat@11.0.0-M1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1maq-ar71-p3ha

vulnerability	VCID-1mms-9rqw-xqhq

vulnerability	VCID-35fm-apgj-jqd3

vulnerability	VCID-3e3b-6dse-s3gf

vulnerability	VCID-4qzp-up1c-2kfq

vulnerability	VCID-5j78-np3z-rfda

vulnerability	VCID-61p6-f9vu-7fca

vulnerability	VCID-61xw-8vnm-vkcx

vulnerability	VCID-64r1-zcg6-qfb8

vulnerability	VCID-67rb-z7qk-zke9

vulnerability	VCID-6t1m-v4ym-4uhs

vulnerability	VCID-71uq-hgqp-b3a1

vulnerability	VCID-8btx-vpre-pugb

vulnerability	VCID-9248-b5q8-2bc7

vulnerability	VCID-9ptv-guzs-kyg1

vulnerability	VCID-9w58-wv96-dfhb

vulnerability	VCID-b4g7-nvey-5bh3

vulnerability	VCID-b9hb-uzqm-wbcp

vulnerability	VCID-bqkn-zvm1-4kd6

vulnerability	VCID-c8b5-23zz-cudd

vulnerability	VCID-dk5d-3ebq-yfbn

vulnerability	VCID-eehy-pgzv-vudx

vulnerability	VCID-ek4k-3m72-qqbf

vulnerability	VCID-ffqg-mkqf-xqgh

vulnerability	VCID-g9rk-me3p-1fey

vulnerability	VCID-h11m-szkg-p7c5

vulnerability	VCID-hdnj-g415-2bbw

vulnerability	VCID-jz35-ynpa-sqfq

vulnerability	VCID-kdhy-vpg2-nqgh

vulnerability	VCID-kq3c-qp43-dqgg

vulnerability	VCID-kxvn-6xbg-4fep

vulnerability	VCID-mvgq-kb92-dqf8

vulnerability	VCID-nafh-ss66-efc1

vulnerability	VCID-p7x2-ejss-ffd1

vulnerability	VCID-pmx1-hkph-4qhd

vulnerability	VCID-rx6f-x5cc-6bef

vulnerability	VCID-ryjx-b2fp-5bbc

vulnerability	VCID-s6p4-xq69-6fb4

vulnerability	VCID-twp1-3h1f-r3de

vulnerability	VCID-wpew-vv5h-r7c5

vulnerability	VCID-xdgh-k9su-4bes

vulnerability	VCID-y5je-ud4g-ufdc

vulnerability	VCID-z1yq-nwk7-1kba

vulnerability	VCID-z6g3-j67d-87hc

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@11.0.0-M1

url pkg:apache/tomcat@11.0.10

purl pkg:apache/tomcat@11.0.10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6t1m-v4ym-4uhs

vulnerability	VCID-h11m-szkg-p7c5

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@11.0.10

url pkg:maven/org.apache.tomcat/tomcat@8.5.60

purl pkg:maven/org.apache.tomcat/tomcat@8.5.60

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5fj8-g5jf-wybu

vulnerability	VCID-h11m-szkg-p7c5

vulnerability	VCID-zpvv-4hjw-g3bt

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@8.5.60

url pkg:maven/org.apache.tomcat/tomcat@8.5.100

purl pkg:maven/org.apache.tomcat/tomcat@8.5.100

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6t1m-v4ym-4uhs

vulnerability	VCID-h11m-szkg-p7c5

vulnerability	VCID-z6g3-j67d-87hc

vulnerability	VCID-zpvv-4hjw-g3bt

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@8.5.100

url pkg:maven/org.apache.tomcat/tomcat@9.0.40

purl pkg:maven/org.apache.tomcat/tomcat@9.0.40

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1mms-9rqw-xqhq

vulnerability	VCID-5fj8-g5jf-wybu

vulnerability	VCID-a8x5-hzkb-vuf4

vulnerability	VCID-h11m-szkg-p7c5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.40

url pkg:maven/org.apache.tomcat/tomcat@9.0.108

purl pkg:maven/org.apache.tomcat/tomcat@9.0.108

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6t1m-v4ym-4uhs

vulnerability	VCID-h11m-szkg-p7c5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.108

url pkg:maven/org.apache.tomcat/tomcat@10.1.0-M1

purl pkg:maven/org.apache.tomcat/tomcat@10.1.0-M1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1maq-ar71-p3ha

vulnerability	VCID-1mms-9rqw-xqhq

vulnerability	VCID-2kta-z43d-2uhm

vulnerability	VCID-35fm-apgj-jqd3

vulnerability	VCID-4pgx-mk91-xyba

vulnerability	VCID-4qzp-up1c-2kfq

vulnerability	VCID-5fj8-g5jf-wybu

vulnerability	VCID-5j78-np3z-rfda

vulnerability	VCID-61p6-f9vu-7fca

vulnerability	VCID-61xw-8vnm-vkcx

vulnerability	VCID-64r1-zcg6-qfb8

vulnerability	VCID-67rb-z7qk-zke9

vulnerability	VCID-6t1m-v4ym-4uhs

vulnerability	VCID-8btx-vpre-pugb

vulnerability	VCID-9248-b5q8-2bc7

vulnerability	VCID-9g9v-wsbr-hkde

vulnerability	VCID-9ptv-guzs-kyg1

vulnerability	VCID-9w58-wv96-dfhb

vulnerability	VCID-a8x5-hzkb-vuf4

vulnerability	VCID-b9hb-uzqm-wbcp

vulnerability	VCID-bqkn-zvm1-4kd6

vulnerability	VCID-c8b5-23zz-cudd

vulnerability	VCID-dk5d-3ebq-yfbn

vulnerability	VCID-eehy-pgzv-vudx

vulnerability	VCID-ffqg-mkqf-xqgh

vulnerability	VCID-g9rk-me3p-1fey

vulnerability	VCID-h11m-szkg-p7c5

vulnerability	VCID-hdnj-g415-2bbw

vulnerability	VCID-j4ut-s3e4-qqh7

vulnerability	VCID-jz35-ynpa-sqfq

vulnerability	VCID-kdhy-vpg2-nqgh

vulnerability	VCID-kq3c-qp43-dqgg

vulnerability	VCID-kxvn-6xbg-4fep

vulnerability	VCID-mvgq-kb92-dqf8

vulnerability	VCID-nafh-ss66-efc1

vulnerability	VCID-p7x2-ejss-ffd1

vulnerability	VCID-pmx1-hkph-4qhd

vulnerability	VCID-rx6f-x5cc-6bef

vulnerability	VCID-ryjx-b2fp-5bbc

vulnerability	VCID-s6p4-xq69-6fb4

vulnerability	VCID-twp1-3h1f-r3de

vulnerability	VCID-wpew-vv5h-r7c5

vulnerability	VCID-wtt7-38dy-gbec

vulnerability	VCID-xdgh-k9su-4bes

vulnerability	VCID-xym1-6dp5-t7d7

vulnerability	VCID-y5je-ud4g-ufdc

vulnerability	VCID-z1yq-nwk7-1kba

vulnerability	VCID-z6g3-j67d-87hc

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.0-M1

url pkg:maven/org.apache.tomcat/tomcat@10.1.44

purl pkg:maven/org.apache.tomcat/tomcat@10.1.44

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6t1m-v4ym-4uhs

vulnerability	VCID-h11m-szkg-p7c5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.44

url pkg:maven/org.apache.tomcat/tomcat@11.0.0-M1

purl pkg:maven/org.apache.tomcat/tomcat@11.0.0-M1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1maq-ar71-p3ha

vulnerability	VCID-1mms-9rqw-xqhq

vulnerability	VCID-35fm-apgj-jqd3

vulnerability	VCID-3e3b-6dse-s3gf

vulnerability	VCID-4qzp-up1c-2kfq

vulnerability	VCID-5j78-np3z-rfda

vulnerability	VCID-61p6-f9vu-7fca

vulnerability	VCID-61xw-8vnm-vkcx

vulnerability	VCID-64r1-zcg6-qfb8

vulnerability	VCID-67rb-z7qk-zke9

vulnerability	VCID-6t1m-v4ym-4uhs

vulnerability	VCID-71uq-hgqp-b3a1

vulnerability	VCID-8btx-vpre-pugb

vulnerability	VCID-9248-b5q8-2bc7

vulnerability	VCID-9ptv-guzs-kyg1

vulnerability	VCID-9w58-wv96-dfhb

vulnerability	VCID-b4g7-nvey-5bh3

vulnerability	VCID-b9hb-uzqm-wbcp

vulnerability	VCID-bqkn-zvm1-4kd6

vulnerability	VCID-c8b5-23zz-cudd

vulnerability	VCID-dk5d-3ebq-yfbn

vulnerability	VCID-eehy-pgzv-vudx

vulnerability	VCID-ek4k-3m72-qqbf

vulnerability	VCID-ffqg-mkqf-xqgh

vulnerability	VCID-g9rk-me3p-1fey

vulnerability	VCID-h11m-szkg-p7c5

vulnerability	VCID-hdnj-g415-2bbw

vulnerability	VCID-jz35-ynpa-sqfq

vulnerability	VCID-kdhy-vpg2-nqgh

vulnerability	VCID-kq3c-qp43-dqgg

vulnerability	VCID-kxvn-6xbg-4fep

vulnerability	VCID-mvgq-kb92-dqf8

vulnerability	VCID-nafh-ss66-efc1

vulnerability	VCID-p7x2-ejss-ffd1

vulnerability	VCID-pmx1-hkph-4qhd

vulnerability	VCID-rx6f-x5cc-6bef

vulnerability	VCID-ryjx-b2fp-5bbc

vulnerability	VCID-s6p4-xq69-6fb4

vulnerability	VCID-twp1-3h1f-r3de

vulnerability	VCID-wpew-vv5h-r7c5

vulnerability	VCID-xdgh-k9su-4bes

vulnerability	VCID-y5je-ud4g-ufdc

vulnerability	VCID-z1yq-nwk7-1kba

vulnerability	VCID-z6g3-j67d-87hc

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@11.0.0-M1

url pkg:maven/org.apache.tomcat/tomcat@11.0.10

purl pkg:maven/org.apache.tomcat/tomcat@11.0.10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6t1m-v4ym-4uhs

vulnerability	VCID-h11m-szkg-p7c5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@11.0.10

url pkg:maven/org.apache.tomcat/tomcat-catalina@8.5.60

purl pkg:maven/org.apache.tomcat/tomcat-catalina@8.5.60

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-h11m-szkg-p7c5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-catalina@8.5.60

url pkg:maven/org.apache.tomcat/tomcat-catalina@8.5.100

purl pkg:maven/org.apache.tomcat/tomcat-catalina@8.5.100

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6t1m-v4ym-4uhs

vulnerability	VCID-h11m-szkg-p7c5

vulnerability	VCID-z6g3-j67d-87hc

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-catalina@8.5.100

url pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.40

purl pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.40

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-h11m-szkg-p7c5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.40

url pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.0-M1

purl pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.0-M1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-67rb-z7qk-zke9

vulnerability	VCID-6t1m-v4ym-4uhs

vulnerability	VCID-8btx-vpre-pugb

vulnerability	VCID-h11m-szkg-p7c5

vulnerability	VCID-z6g3-j67d-87hc

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.0-M1

url pkg:maven/org.apache.tomcat/tomcat-catalina@11.0.0-M1

purl pkg:maven/org.apache.tomcat/tomcat-catalina@11.0.0-M1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-67rb-z7qk-zke9

vulnerability	VCID-6t1m-v4ym-4uhs

vulnerability	VCID-8btx-vpre-pugb

vulnerability	VCID-h11m-szkg-p7c5

vulnerability	VCID-z6g3-j67d-87hc

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-catalina@11.0.0-M1

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.60

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.60

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5fj8-g5jf-wybu

vulnerability	VCID-h11m-szkg-p7c5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.60

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.100

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.100

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1maq-ar71-p3ha

vulnerability	VCID-6t1m-v4ym-4uhs

vulnerability	VCID-h11m-szkg-p7c5

vulnerability	VCID-z6g3-j67d-87hc

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.100

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.40

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.40

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5fj8-g5jf-wybu

vulnerability	VCID-h11m-szkg-p7c5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.40

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.0-M1

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.0-M1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1maq-ar71-p3ha

vulnerability	VCID-64r1-zcg6-qfb8

vulnerability	VCID-67rb-z7qk-zke9

vulnerability	VCID-6t1m-v4ym-4uhs

vulnerability	VCID-8btx-vpre-pugb

vulnerability	VCID-9248-b5q8-2bc7

vulnerability	VCID-h11m-szkg-p7c5

vulnerability	VCID-wtt7-38dy-gbec

vulnerability	VCID-z1yq-nwk7-1kba

vulnerability	VCID-z6g3-j67d-87hc

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.0-M1

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@11.0.0-M1

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@11.0.0-M1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1maq-ar71-p3ha

vulnerability	VCID-64r1-zcg6-qfb8

vulnerability	VCID-67rb-z7qk-zke9

vulnerability	VCID-6t1m-v4ym-4uhs

vulnerability	VCID-71uq-hgqp-b3a1

vulnerability	VCID-8btx-vpre-pugb

vulnerability	VCID-9248-b5q8-2bc7

vulnerability	VCID-h11m-szkg-p7c5

vulnerability	VCID-hdnj-g415-2bbw

vulnerability	VCID-z1yq-nwk7-1kba

vulnerability	VCID-z6g3-j67d-87hc

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@11.0.0-M1

url pkg:rpm/redhat/jws6-tomcat@10.1.49-7.redhat_00006.1?arch=el10jws

purl pkg:rpm/redhat/jws6-tomcat@10.1.49-7.redhat_00006.1?arch=el10jws

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-9w58-wv96-dfhb

vulnerability	VCID-h11m-szkg-p7c5

vulnerability	VCID-twp1-3h1f-r3de

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jws6-tomcat@10.1.49-7.redhat_00006.1%3Farch=el10jws

url pkg:rpm/redhat/jws6-tomcat@10.1.49-7.redhat_00006.1?arch=el8jws

purl pkg:rpm/redhat/jws6-tomcat@10.1.49-7.redhat_00006.1?arch=el8jws

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-9w58-wv96-dfhb

vulnerability	VCID-h11m-szkg-p7c5

vulnerability	VCID-twp1-3h1f-r3de

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jws6-tomcat@10.1.49-7.redhat_00006.1%3Farch=el8jws

url pkg:rpm/redhat/jws6-tomcat@10.1.49-7.redhat_00006.1?arch=el9jws

purl pkg:rpm/redhat/jws6-tomcat@10.1.49-7.redhat_00006.1?arch=el9jws

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-9w58-wv96-dfhb

vulnerability	VCID-h11m-szkg-p7c5

vulnerability	VCID-twp1-3h1f-r3de

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jws6-tomcat@10.1.49-7.redhat_00006.1%3Farch=el9jws

url pkg:rpm/redhat/tomcat@1:9.0.110-2?arch=el9_8

purl pkg:rpm/redhat/tomcat@1:9.0.110-2?arch=el9_8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-9w58-wv96-dfhb

vulnerability	VCID-h11m-szkg-p7c5

vulnerability	VCID-twp1-3h1f-r3de

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/tomcat@1:9.0.110-2%3Farch=el9_8

url pkg:rpm/redhat/tomcat@1:10.1.49-1?arch=el10

purl pkg:rpm/redhat/tomcat@1:10.1.49-1?arch=el10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-9w58-wv96-dfhb

vulnerability	VCID-h11m-szkg-p7c5

vulnerability	VCID-twp1-3h1f-r3de

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/tomcat@1:10.1.49-1%3Farch=el10

url pkg:rpm/redhat/tomcat10-main@10.1.54-1?arch=hum1

purl pkg:rpm/redhat/tomcat10-main@10.1.54-1?arch=hum1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-67rb-z7qk-zke9

vulnerability	VCID-6t1m-v4ym-4uhs

vulnerability	VCID-71uq-hgqp-b3a1

vulnerability	VCID-8btx-vpre-pugb

vulnerability	VCID-9w58-wv96-dfhb

vulnerability	VCID-h11m-szkg-p7c5

vulnerability	VCID-z6g3-j67d-87hc

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/tomcat10-main@10.1.54-1%3Farch=hum1

url pkg:rpm/redhat/tomcat11-main@11.0.21-0.1?arch=hum1

purl pkg:rpm/redhat/tomcat11-main@11.0.21-0.1?arch=hum1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-67rb-z7qk-zke9

vulnerability	VCID-6t1m-v4ym-4uhs

vulnerability	VCID-71uq-hgqp-b3a1

vulnerability	VCID-8btx-vpre-pugb

vulnerability	VCID-9w58-wv96-dfhb

vulnerability	VCID-h11m-szkg-p7c5

vulnerability	VCID-z6g3-j67d-87hc

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/tomcat11-main@11.0.21-0.1%3Farch=hum1

url pkg:rpm/redhat/tomcat9@1:9.0.110-2?arch=el10_2

purl pkg:rpm/redhat/tomcat9@1:9.0.110-2?arch=el10_2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-9w58-wv96-dfhb

vulnerability	VCID-h11m-szkg-p7c5

vulnerability	VCID-twp1-3h1f-r3de

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/tomcat9@1:9.0.110-2%3Farch=el10_2

References

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-55754.json

reference_id

reference_type

scores

value	3.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-55754.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-55754

reference_id

reference_type

scores

value	0.00135
scoring_system	epss
scoring_elements	0.33121
published_at	2026-05-30T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-55754

reference_url

https://cert-portal.siemens.com/productcert/html/ssa-032379.html

reference_id

reference_type

scores

value	9.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

value	2.1
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://cert-portal.siemens.com/productcert/html/ssa-032379.html

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/apache/tomcat

reference_id

reference_type

scores

value	9.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

value	2.1
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat

reference_url

https://github.com/apache/tomcat/commit/138d7f5cfaae683078948303333c080e6faa75d2

reference_id

reference_type

scores

value	9.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

value	2.1
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/138d7f5cfaae683078948303333c080e6faa75d2

reference_url

https://github.com/apache/tomcat/commit/5a3db092982c0c58d4855304167ee757fe5e79bb

reference_id

reference_type

scores

value	9.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

value	2.1
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/5a3db092982c0c58d4855304167ee757fe5e79bb

reference_url

https://github.com/apache/tomcat/commit/a03cabf3a36a42d27d8d997ed31f034f50ba6cd5

reference_id

reference_type

scores

value	9.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

value	2.1
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/a03cabf3a36a42d27d8d997ed31f034f50ba6cd5

reference_url

https://lists.apache.org/thread/j7w54hqbkfcn0xb9xy0wnx8w5nymcbqd

reference_id

reference_type

scores

value	9.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

value	2.1
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

value	LOW
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-09T04:55:55Z/

url

https://lists.apache.org/thread/j7w54hqbkfcn0xb9xy0wnx8w5nymcbqd

reference_url

https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.45

reference_id

reference_type

scores

value	9.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

value	2.1
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.45

reference_url

https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.11

reference_id

reference_type

scores

value	9.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

value	2.1
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.11

reference_url

https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.109

reference_id

reference_type

scores

value	9.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

value	2.1
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.109

reference_url

http://www.openwall.com/lists/oss-security/2025/10/27/5

reference_id

reference_type

scores

value	9.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

value	2.1
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

value	LOW
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2025/10/27/5

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2406590
reference_id	2406590
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2406590

reference_url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-55754

reference_id

CVE-2025-55754

reference_type

scores

value	Low
scoring_system	apache_tomcat
scoring_elements

url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-55754

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2025-55754

reference_id

CVE-2025-55754

reference_type

scores

value	9.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

value	2.1
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2025-55754

reference_url

https://github.com/advisories/GHSA-vfww-5hm6-hx2j

reference_id

GHSA-vfww-5hm6-hx2j

reference_type

scores

value	LOW
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-vfww-5hm6-hx2j

reference_url	https://access.redhat.com/errata/RHSA-2026:18536
reference_id	RHSA-2026:18536
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:18536

reference_url	https://access.redhat.com/errata/RHSA-2026:18537
reference_id	RHSA-2026:18537
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:18537

reference_url	https://access.redhat.com/errata/RHSA-2026:18916
reference_id	RHSA-2026:18916
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:18916

reference_url	https://access.redhat.com/errata/RHSA-2026:2740
reference_id	RHSA-2026:2740
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2740

reference_url	https://access.redhat.com/errata/RHSA-2026:2741
reference_id	RHSA-2026:2741
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2741

reference_url	https://access.redhat.com/errata/RHSA-2026:6569
reference_id	RHSA-2026:6569
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6569

reference_url	https://access.redhat.com/errata/RHSA-2026:8334
reference_id	RHSA-2026:8334
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8334

Weaknesses

cwe_id	150
name	Improper Neutralization of Escape, Meta, or Control Sequences
description	The product receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as escape, meta, or control character sequences when they are sent to a downstream component.

cwe_id	937
name	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.

cwe_id	1035
name	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.

Exploits

Severity_range_score 0.1 - 9.6

Exploitability 0.5

Weighted_severity 3.1

Risk_score 1.6

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-h11m-szkg-p7c5

Vulnerability Instance