{"url":"http://public2.vulnerablecode.io/api/packages/1402?format=json","purl":"pkg:maven/org.apache.tomcat/tomcat@6.0.12","type":"maven","namespace":"org.apache.tomcat","name":"tomcat","version":"6.0.12","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"9.0.117","latest_non_vulnerable_version":"11.0.21","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4634?format=json","vulnerability_id":"VCID-886n-1vzv-syc6","summary":"Multiple cross-site scripting (XSS) vulnerabilities in the Manager application in Apache Tomcat 6.0.12 through 6.0.29 and 7.0.0 through 7.0.4 allow remote attackers to inject arbitrary web script or HTML via the (1) orderBy or (2) sort parameter to sessionsList.jsp, or unspecified input to (3) sessionDetail.jsp or (4) java/org/apache/catalina/manager/JspHelper.java, related to use of untrusted web applications.","references":[{"reference_url":"http://archives.neohapsis.com/archives/fulldisclosure/2010-11/0285.html","reference_id":"","reference_type":"","scores":[],"url":"http://archives.neohapsis.com/archives/fulldisclosure/2010-11/0285.html"},{"reference_url":"http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html"},{"reference_url":"http://marc.info/?l=bugtraq&m=139344343412337&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=139344343412337&w=2"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4172.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4172.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-4172","reference_id":"","reference_type":"","scores":[{"value":"0.11901","scoring_system":"epss","scoring_elements":"0.93782","published_at":"2026-05-05T12:55:00Z"},{"value":"0.11901","scoring_system":"epss","scoring_elements":"0.93703","published_at":"2026-04-01T12:55:00Z"},{"value":"0.11901","scoring_system":"epss","scoring_elements":"0.93712","published_at":"2026-04-02T12:55:00Z"},{"value":"0.11901","scoring_system":"epss","scoring_elements":"0.93722","published_at":"2026-04-04T12:55:00Z"},{"value":"0.11901","scoring_system":"epss","scoring_elements":"0.93725","published_at":"2026-04-07T12:55:00Z"},{"value":"0.11901","scoring_system":"epss","scoring_elements":"0.93734","published_at":"2026-04-08T12:55:00Z"},{"value":"0.11901","scoring_system":"epss","scoring_elements":"0.93736","published_at":"2026-04-09T12:55:00Z"},{"value":"0.11901","scoring_system":"epss","scoring_elements":"0.9374","published_at":"2026-04-12T12:55:00Z"},{"value":"0.11901","scoring_system":"epss","scoring_elements":"0.93741","published_at":"2026-04-13T12:55:00Z"},{"value":"0.11901","scoring_system":"epss","scoring_elements":"0.93763","published_at":"2026-04-16T12:55:00Z"},{"value":"0.11901","scoring_system":"epss","scoring_elements":"0.93769","published_at":"2026-04-18T12:55:00Z"},{"value":"0.11901","scoring_system":"epss","scoring_elements":"0.93772","published_at":"2026-04-29T12:55:00Z"},{"value":"0.11901","scoring_system":"epss","scoring_elements":"0.93776","published_at":"2026-04-24T12:55:00Z"},{"value":"0.11901","scoring_system":"epss","scoring_elements":"0.93773","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-4172"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=656246","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=656246"},{"reference_url":"http://secunia.com/advisories/42337","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/42337"},{"reference_url":"http://secunia.com/advisories/43019","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/43019"},{"reference_url":"http://secunia.com/advisories/45022","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/45022"},{"reference_url":"http://secunia.com/advisories/57126","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/57126"},{"reference_url":"http://securitytracker.com/id?1024764","reference_id":"","reference_type":"","scores":[],"url":"http://securitytracker.com/id?1024764"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/63422","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/63422"},{"reference_url":"https://github.com/apache/tomcat","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/tomcat"},{"reference_url":"https://github.com/apache/tomcat/commit/5971f9392edc6d70808b2599b062b050fcd11d23","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/tomcat/commit/5971f9392edc6d70808b2599b062b050fcd11d23"},{"reference_url":"https://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html"},{"reference_url":"https://marc.info/?l=bugtraq&m=139344343412337&w=2","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://marc.info/?l=bugtraq&m=139344343412337&w=2"},{"reference_url":"https://svn.apache.org/viewvc?view=rev&rev=1037778","reference_id":"","reference_type":"","scores":[],"url":"https://svn.apache.org/viewvc?view=rev&rev=1037778"},{"reference_url":"https://svn.apache.org/viewvc?view=rev&rev=1037779","reference_id":"","reference_type":"","scores":[],"url":"https://svn.apache.org/viewvc?view=rev&rev=1037779"},{"reference_url":"https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.5","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.5"},{"reference_url":"http://support.apple.com/kb/HT5002","reference_id":"","reference_type":"","scores":[],"url":"http://support.apple.com/kb/HT5002"},{"reference_url":"http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5098550.html","reference_id":"","reference_type":"","scores":[],"url":"http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5098550.html"},{"reference_url":"http://svn.apache.org/viewvc?view=revision&revision=1037778","reference_id":"","reference_type":"","scores":[],"url":"http://svn.apache.org/viewvc?view=revision&revision=1037778"},{"reference_url":"http://svn.apache.org/viewvc?view=revision&revision=1037779","reference_id":"","reference_type":"","scores":[],"url":"http://svn.apache.org/viewvc?view=revision&revision=1037779"},{"reference_url":"https://www.redhat.com/support/errata/RHSA-2011-0896.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.redhat.com/support/errata/RHSA-2011-0896.html"},{"reference_url":"https://www.redhat.com/support/errata/RHSA-2011-0897.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.redhat.com/support/errata/RHSA-2011-0897.html"},{"reference_url":"https://www.securityfocus.com/archive/1/514866/100/0/threaded","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.securityfocus.com/archive/1/514866/100/0/threaded"},{"reference_url":"https://www.ubuntu.com/usn/USN-1048-1","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.ubuntu.com/usn/USN-1048-1"},{"reference_url":"https://www.vupen.com/english/advisories/2010/3047","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.vupen.com/english/advisories/2010/3047"},{"reference_url":"https://www.vupen.com/english/advisories/2011/0203","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.vupen.com/english/advisories/2011/0203"},{"reference_url":"http://tomcat.apache.org/security-6.html","reference_id":"","reference_type":"","scores":[],"url":"http://tomcat.apache.org/security-6.html"},{"reference_url":"http://tomcat.apache.org/security-7.html","reference_id":"","reference_type":"","scores":[],"url":"http://tomcat.apache.org/security-7.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2011-0791.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2011-0791.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2011-0896.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2011-0896.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2011-0897.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2011-0897.html"},{"reference_url":"http://www.securityfocus.com/archive/1/514866/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/514866/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/bid/45015","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/45015"},{"reference_url":"http://www.ubuntu.com/usn/USN-1048-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-1048-1"},{"reference_url":"http://www.vupen.com/english/advisories/2010/3047","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2010/3047"},{"reference_url":"http://www.vupen.com/english/advisories/2011/0203","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2011/0203"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:tomcat:6.0.12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.13:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:tomcat:6.0.13:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.13:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.14:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:tomcat:6.0.14:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.14:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.15:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:tomcat:6.0.15:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.15:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.16:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:tomcat:6.0.16:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.16:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.17:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:tomcat:6.0.17:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.17:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.18:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:tomcat:6.0.18:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.18:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.19:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:tomcat:6.0.19:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.19:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.20:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:tomcat:6.0.20:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.20:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.24:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:tomcat:6.0.24:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.24:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.26:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:tomcat:6.0.26:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.26:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.27:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:tomcat:6.0.27:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.27:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.28:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:tomcat:6.0.28:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.28:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.29:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:tomcat:6.0.29:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.29:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:tomcat:7.0.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.0:beta:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:tomcat:7.0.0:beta:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.0:beta:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:tomcat:7.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:tomcat:7.0.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:tomcat:7.0.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:tomcat:7.0.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.4:*:*:*:*:*:*:*"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4172","reference_id":"CVE-2010-4172","reference_type":"","scores":[{"value":"Low","scoring_system":"apache_tomcat","scoring_elements":""},{"value":"Moderate","scoring_system":"apache_tomcat","scoring_elements":""}],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4172"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2010-4172","reference_id":"CVE-2010-4172","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2010-4172"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/35011.txt","reference_id":"CVE-2010-4172;OSVDB-69456","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/35011.txt"},{"reference_url":"https://www.securityfocus.com/bid/45015/info","reference_id":"CVE-2010-4172;OSVDB-69456","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/45015/info"},{"reference_url":"https://github.com/advisories/GHSA-c78g-qwpw-2jgv","reference_id":"GHSA-c78g-qwpw-2jgv","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-c78g-qwpw-2jgv"},{"reference_url":"https://security.gentoo.org/glsa/201206-24","reference_id":"GLSA-201206-24","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-24"},{"reference_url":"https://usn.ubuntu.com/1048-1/","reference_id":"USN-1048-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1048-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1396?format=json","purl":"pkg:maven/org.apache.tomcat/tomcat@6.0.30","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-618c-ar98-qfcr"},{"vulnerability":"VCID-7ej8-5f77-cybb"},{"vulnerability":"VCID-hxj6-mupf-abbc"},{"vulnerability":"VCID-ta1m-dh8x-nubc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@6.0.30"},{"url":"http://public2.vulnerablecode.io/api/packages/1293?format=json","purl":"pkg:maven/org.apache.tomcat/tomcat@7.0.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-dhun-hj5q-dfch"},{"vulnerability":"VCID-kyb8-rvyw-s7b1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@7.0.5"}],"aliases":["CVE-2010-4172","GHSA-c78g-qwpw-2jgv"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-886n-1vzv-syc6"}],"fixing_vulnerabilities":[],"risk_score":"10.0","resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@6.0.12"}