VulnerableCode Vulnerability Details

Search for vulnerabilities

System	Score	Found at
epss	0.16231	https://api.first.org/data/v1/epss?cve=CVE-2014-0033
epss	0.16231	https://api.first.org/data/v1/epss?cve=CVE-2014-0033
epss	0.16231	https://api.first.org/data/v1/epss?cve=CVE-2014-0033
epss	0.16231	https://api.first.org/data/v1/epss?cve=CVE-2014-0033
epss	0.16231	https://api.first.org/data/v1/epss?cve=CVE-2014-0033
epss	0.16231	https://api.first.org/data/v1/epss?cve=CVE-2014-0033
epss	0.16231	https://api.first.org/data/v1/epss?cve=CVE-2014-0033
epss	0.16231	https://api.first.org/data/v1/epss?cve=CVE-2014-0033
epss	0.16231	https://api.first.org/data/v1/epss?cve=CVE-2014-0033
epss	0.16231	https://api.first.org/data/v1/epss?cve=CVE-2014-0033
epss	0.16231	https://api.first.org/data/v1/epss?cve=CVE-2014-0033
epss	0.16231	https://api.first.org/data/v1/epss?cve=CVE-2014-0033
epss	0.16231	https://api.first.org/data/v1/epss?cve=CVE-2014-0033
epss	0.16231	https://api.first.org/data/v1/epss?cve=CVE-2014-0033
epss	0.16231	https://api.first.org/data/v1/epss?cve=CVE-2014-0033
generic_textual	MODERATE	https://bugzilla.redhat.com/show_bug.cgi?id=1069919
apache_tomcat	Low	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0033
generic_textual	MODERATE	http://seclists.org/fulldisclosure/2014/Dec/23
cvssv3.1_qr	MODERATE	https://github.com/advisories/GHSA-6gjj-c5mj-4cvp
generic_textual	MODERATE	https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E
generic_textual	MODERATE	https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E
generic_textual	MODERATE	https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E
generic_textual	MODERATE	https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E
generic_textual	MODERATE	https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E
generic_textual	MODERATE	https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E
generic_textual	MODERATE	https://nvd.nist.gov/vuln/detail/CVE-2014-0033
generic_textual	MODERATE	http://svn.apache.org/viewvc?view=revision&revision=1558822
generic_textual	MODERATE	http://tomcat.apache.org/security-6.html
generic_textual	MODERATE	http://www-01.ibm.com/support/docview.wss?uid=swg21675886
generic_textual	MODERATE	http://www-01.ibm.com/support/docview.wss?uid=swg21677147
generic_textual	MODERATE	http://www-01.ibm.com/support/docview.wss?uid=swg21678231
generic_textual	MODERATE	http://www.debian.org/security/2016/dsa-3530
generic_textual	MODERATE	http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
generic_textual	MODERATE	http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html
generic_textual	MODERATE	http://www.ubuntu.com/usn/USN-2130-1
generic_textual	MODERATE	http://www.vmware.com/security/advisories/VMSA-2014-0012.html

System

Score

Found at

epss

0.16231

https://api.first.org/data/v1/epss?cve=CVE-2014-0033

epss

0.16231

https://api.first.org/data/v1/epss?cve=CVE-2014-0033

epss

0.16231

https://api.first.org/data/v1/epss?cve=CVE-2014-0033

epss

0.16231

https://api.first.org/data/v1/epss?cve=CVE-2014-0033

epss

0.16231

https://api.first.org/data/v1/epss?cve=CVE-2014-0033

epss

0.16231

https://api.first.org/data/v1/epss?cve=CVE-2014-0033

epss

0.16231

https://api.first.org/data/v1/epss?cve=CVE-2014-0033

epss

0.16231

https://api.first.org/data/v1/epss?cve=CVE-2014-0033

epss

0.16231

https://api.first.org/data/v1/epss?cve=CVE-2014-0033

epss

0.16231

https://api.first.org/data/v1/epss?cve=CVE-2014-0033

epss

0.16231

https://api.first.org/data/v1/epss?cve=CVE-2014-0033

epss

0.16231

https://api.first.org/data/v1/epss?cve=CVE-2014-0033

epss

0.16231

https://api.first.org/data/v1/epss?cve=CVE-2014-0033

epss

0.16231

https://api.first.org/data/v1/epss?cve=CVE-2014-0033

epss

0.16231

https://api.first.org/data/v1/epss?cve=CVE-2014-0033

generic_textual

MODERATE

https://bugzilla.redhat.com/show_bug.cgi?id=1069919

apache_tomcat

Low

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0033

generic_textual

MODERATE

http://seclists.org/fulldisclosure/2014/Dec/23

cvssv3.1_qr

MODERATE

https://github.com/advisories/GHSA-6gjj-c5mj-4cvp

generic_textual

MODERATE

https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E

generic_textual

MODERATE

https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E

generic_textual

MODERATE

https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E

generic_textual

MODERATE

https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E

generic_textual

MODERATE

https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E

generic_textual

MODERATE

https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E

generic_textual

MODERATE

https://nvd.nist.gov/vuln/detail/CVE-2014-0033

generic_textual

MODERATE

http://svn.apache.org/viewvc?view=revision&revision=1558822

generic_textual

MODERATE

http://tomcat.apache.org/security-6.html

generic_textual

MODERATE

http://www-01.ibm.com/support/docview.wss?uid=swg21675886

generic_textual

MODERATE

http://www-01.ibm.com/support/docview.wss?uid=swg21677147

generic_textual

MODERATE

http://www-01.ibm.com/support/docview.wss?uid=swg21678231

generic_textual

MODERATE

http://www.debian.org/security/2016/dsa-3530

generic_textual

MODERATE

http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html

generic_textual

MODERATE

http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html

generic_textual

MODERATE

http://www.ubuntu.com/usn/USN-2130-1

generic_textual

MODERATE

http://www.vmware.com/security/advisories/VMSA-2014-0012.html

Reference id

Reference type

URL

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0033.json

https://api.first.org/data/v1/epss?cve=CVE-2014-0033

https://bugzilla.redhat.com/show_bug.cgi?id=1069919

http://seclists.org/fulldisclosure/2014/Dec/23

https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E

https://svn.apache.org/viewvc?view=rev&rev=1558822

http://svn.apache.org/viewvc?view=revision&revision=1558822

http://tomcat.apache.org/security-6.html

http://www-01.ibm.com/support/docview.wss?uid=swg21675886

http://www-01.ibm.com/support/docview.wss?uid=swg21677147

http://www-01.ibm.com/support/docview.wss?uid=swg21678231

http://www.debian.org/security/2016/dsa-3530

http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html

http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html

http://www.ubuntu.com/usn/USN-2130-1

http://www.vmware.com/security/advisories/VMSA-2014-0012.html

CVE-2014-0033

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0033

CVE-2014-0033

https://nvd.nist.gov/vuln/detail/CVE-2014-0033

GHSA-6gjj-c5mj-4cvp

https://github.com/advisories/GHSA-6gjj-c5mj-4cvp

GLSA-201412-29

https://security.gentoo.org/glsa/201412-29

RHSA-2014:0525

https://access.redhat.com/errata/RHSA-2014:0525

RHSA-2014:0528

https://access.redhat.com/errata/RHSA-2014:0528

USN-2130-1

https://usn.ubuntu.com/2130-1/

Date	Actor	Action	Source	VulnerableCode Version
2026-04-01T12:38:16.688767+00:00	Apache Tomcat Importer	Import	https://tomcat.apache.org/security-6.html	38.0.0

2026-04-01T12:38:16.688767+00:00

Apache Tomcat Importer

Import

https://tomcat.apache.org/security-6.html

38.0.0

Vulnerability ID	VCID-a9bd-d31y-k7g6
Aliases	CVE-2014-0033 GHSA-6gjj-c5mj-4cvp
Summary	org/apache/catalina/connector/CoyoteAdapter.java in Apache Tomcat 6.0.33 through 6.0.37 does not consider the disableURLRewriting setting when handling a session ID in a URL, which allows remote attackers to conduct session fixation attacks via a crafted URL.
Status	Published
Exploitability	0.5
Weighted Severity	6.2
Risk	3.1
Affected and Fixed Packages	Package Details

CWE-1035	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-20	Improper Input Validation
CWE-937	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
CWE-384	Session Fixation

Percentile	0.94782
EPSS Score	0.16231
Published At	April 1, 2026, 12:55 p.m.