Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.27
Typemaven
Namespaceorg.apache.tomcat.embed
Nametomcat-embed-core
Version8.5.27
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version9.0.117
Latest_non_vulnerable_version11.0.21
Affected_by_vulnerabilities
0
url VCID-39e3-jfbg-s3hk
vulnerability_id VCID-39e3-jfbg-s3hk
summary The fix for CVE-2019-0199 was incomplete and did not address HTTP/2 connection window exhaustion on write in Apache Tomcat versions 9.0.0.M1 to 9.0.19 and 8.5.0 to 8.5.40 . By not sending WINDOW_UPDATE messages for the connection window (stream 0) clients were able to cause server-side threads to block eventually leading to thread exhaustion and a DoS.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00013.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00013.html
1
reference_url https://access.redhat.com/errata/RHSA-2019:3929
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:3929
2
reference_url https://access.redhat.com/errata/RHSA-2019:3931
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:3931
3
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10072.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10072.json
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-10072
reference_id
reference_type
scores
0
value 0.713
scoring_system epss
scoring_elements 0.98736
published_at 2026-05-09T12:55:00Z
1
value 0.713
scoring_system epss
scoring_elements 0.98738
published_at 2026-05-16T12:55:00Z
2
value 0.713
scoring_system epss
scoring_elements 0.98741
published_at 2026-05-15T12:55:00Z
3
value 0.713
scoring_system epss
scoring_elements 0.9874
published_at 2026-05-14T12:55:00Z
4
value 0.713
scoring_system epss
scoring_elements 0.98739
published_at 2026-05-12T12:55:00Z
5
value 0.713
scoring_system epss
scoring_elements 0.98737
published_at 2026-05-11T12:55:00Z
6
value 0.713
scoring_system epss
scoring_elements 0.98735
published_at 2026-05-07T12:55:00Z
7
value 0.713
scoring_system epss
scoring_elements 0.98733
published_at 2026-05-05T12:55:00Z
8
value 0.713
scoring_system epss
scoring_elements 0.98728
published_at 2026-04-29T12:55:00Z
9
value 0.713
scoring_system epss
scoring_elements 0.98727
published_at 2026-04-26T12:55:00Z
10
value 0.713
scoring_system epss
scoring_elements 0.98726
published_at 2026-04-24T12:55:00Z
11
value 0.713
scoring_system epss
scoring_elements 0.98723
published_at 2026-04-21T12:55:00Z
12
value 0.713
scoring_system epss
scoring_elements 0.98721
published_at 2026-04-18T12:55:00Z
13
value 0.713
scoring_system epss
scoring_elements 0.9872
published_at 2026-04-16T12:55:00Z
14
value 0.713
scoring_system epss
scoring_elements 0.98717
published_at 2026-04-13T12:55:00Z
15
value 0.713
scoring_system epss
scoring_elements 0.98716
published_at 2026-04-12T12:55:00Z
16
value 0.713
scoring_system epss
scoring_elements 0.98713
published_at 2026-04-09T12:55:00Z
17
value 0.71585
scoring_system epss
scoring_elements 0.9872
published_at 2026-04-02T12:55:00Z
18
value 0.71585
scoring_system epss
scoring_elements 0.98724
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-10072
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
7
reference_url https://github.com/apache/tomcat/commit/0bcd69c9dd8ae0ff424f2cd46de51583510b7f35
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/0bcd69c9dd8ae0ff424f2cd46de51583510b7f35
8
reference_url https://github.com/apache/tomcat/commit/7f748eb6bfaba5207c89dbd7d5adf50fae847145
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/7f748eb6bfaba5207c89dbd7d5adf50fae847145
9
reference_url https://github.com/apache/tomcat/commit/8d14c6f21d29768a39be4b6b9517060dc6606758
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/8d14c6f21d29768a39be4b6b9517060dc6606758
10
reference_url https://github.com/apache/tomcat/commit/ada725a50a60867af3422c8e612aecaeea856a9a
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/ada725a50a60867af3422c8e612aecaeea856a9a
11
reference_url https://lists.apache.org/thread.html/df1a2c1b87c8a6c500ecdbbaf134c7f1491c8d79d98b48c6b9f0fa6a@%3Cannounce.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/df1a2c1b87c8a6c500ecdbbaf134c7f1491c8d79d98b48c6b9f0fa6a@%3Cannounce.tomcat.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/df1a2c1b87c8a6c500ecdbbaf134c7f1491c8d79d98b48c6b9f0fa6a%40%3Cannounce.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/df1a2c1b87c8a6c500ecdbbaf134c7f1491c8d79d98b48c6b9f0fa6a%40%3Cannounce.tomcat.apache.org%3E
13
reference_url https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E
14
reference_url https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d%40%3Cdev.tomcat.apache.org%3E
15
reference_url https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E
16
reference_url https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0%40%3Cdev.tomcat.apache.org%3E
17
reference_url https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9@%3Cdev.tomcat.apache.org%3E
18
reference_url https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9%40%3Cdev.tomcat.apache.org%3E
19
reference_url https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a@%3Cdev.tomcat.apache.org%3E
20
reference_url https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a%40%3Cdev.tomcat.apache.org%3E
21
reference_url https://security.netapp.com/advisory/ntap-20190625-0002
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20190625-0002
22
reference_url https://security.netapp.com/advisory/ntap-20190625-0002/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20190625-0002/
23
reference_url https://support.f5.com/csp/article/K17321505
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://support.f5.com/csp/article/K17321505
24
reference_url https://tomcat.apache.org/security-8.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-8.html
25
reference_url https://tomcat.apache.org/security-9.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-9.html
26
reference_url https://usn.ubuntu.com/4128-1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/4128-1
27
reference_url https://usn.ubuntu.com/4128-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/4128-1/
28
reference_url https://usn.ubuntu.com/4128-2
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/4128-2
29
reference_url https://usn.ubuntu.com/4128-2/
reference_id
reference_type
scores
url https://usn.ubuntu.com/4128-2/
30
reference_url https://web.archive.org/web/20200227033743/http://www.securityfocus.com/bid/108874
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200227033743/http://www.securityfocus.com/bid/108874
31
reference_url https://www.debian.org/security/2020/dsa-4680
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2020/dsa-4680
32
reference_url https://www.oracle.com/security-alerts/cpuapr2020.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuapr2020.html
33
reference_url https://www.oracle.com/security-alerts/cpuApr2021.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuApr2021.html
34
reference_url https://www.oracle.com/security-alerts/cpujan2020.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujan2020.html
35
reference_url https://www.oracle.com/security-alerts/cpuoct2020.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuoct2020.html
36
reference_url https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
37
reference_url https://www.securityfocus.com/bid/108874
reference_id
reference_type
scores
url https://www.securityfocus.com/bid/108874
38
reference_url https://www.synology.com/security/advisory/Synology_SA_19_29
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.synology.com/security/advisory/Synology_SA_19_29
39
reference_url http://www.securityfocus.com/bid/108874
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/108874
40
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1723708
reference_id 1723708
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1723708
41
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=930872
reference_id 930872
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=930872
42
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931131
reference_id 931131
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931131
43
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10072
reference_id CVE-2019-10072
reference_type
scores
0
value Important
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10072
44
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-10072
reference_id CVE-2019-10072
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-10072
45
reference_url https://github.com/advisories/GHSA-q4hg-rmq2-52q9
reference_id GHSA-q4hg-rmq2-52q9
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-q4hg-rmq2-52q9
fixed_packages
0
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.40
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.40
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-46bv-6b7y-3bca
1
vulnerability VCID-4cag-c4pb-dfaz
2
vulnerability VCID-5781-s1ny-q7ey
3
vulnerability VCID-66kh-s6cr-tqf9
4
vulnerability VCID-a8gk-n8bq-87cp
5
vulnerability VCID-ayrd-8ntf-hkh3
6
vulnerability VCID-dy6m-zt6r-9ubd
7
vulnerability VCID-dzan-r49k-kqab
8
vulnerability VCID-dzpn-w4b3-vbcm
9
vulnerability VCID-fpgj-82wf-ykbw
10
vulnerability VCID-gyed-x6s8-ybhr
11
vulnerability VCID-j6cj-ftyd-3ffa
12
vulnerability VCID-j8tk-s915-pbfy
13
vulnerability VCID-k9cg-ehdw-dbh6
14
vulnerability VCID-kwab-3s4q-eka4
15
vulnerability VCID-n3ab-nk7c-hqc9
16
vulnerability VCID-nmq2-8ysj-4fbc
17
vulnerability VCID-qkx6-32cj-jfbp
18
vulnerability VCID-ran8-rnqn-tkbc
19
vulnerability VCID-ruuh-g3fa-m7d8
20
vulnerability VCID-t2ne-75ck-eqcr
21
vulnerability VCID-v7tp-1t4h-zqeg
22
vulnerability VCID-vsdf-4tfj-uybe
23
vulnerability VCID-xqjr-7xfw-mbh2
24
vulnerability VCID-yfx4-4gsc-2kgh
25
vulnerability VCID-zw2q-kna8-mqcm
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.40
1
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.41
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.41
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-46bv-6b7y-3bca
1
vulnerability VCID-4cag-c4pb-dfaz
2
vulnerability VCID-5781-s1ny-q7ey
3
vulnerability VCID-66kh-s6cr-tqf9
4
vulnerability VCID-a8gk-n8bq-87cp
5
vulnerability VCID-ayrd-8ntf-hkh3
6
vulnerability VCID-dy6m-zt6r-9ubd
7
vulnerability VCID-dzan-r49k-kqab
8
vulnerability VCID-dzpn-w4b3-vbcm
9
vulnerability VCID-fpgj-82wf-ykbw
10
vulnerability VCID-gyed-x6s8-ybhr
11
vulnerability VCID-j6cj-ftyd-3ffa
12
vulnerability VCID-j8tk-s915-pbfy
13
vulnerability VCID-k9cg-ehdw-dbh6
14
vulnerability VCID-kwab-3s4q-eka4
15
vulnerability VCID-n3ab-nk7c-hqc9
16
vulnerability VCID-nmq2-8ysj-4fbc
17
vulnerability VCID-qkx6-32cj-jfbp
18
vulnerability VCID-ran8-rnqn-tkbc
19
vulnerability VCID-ruuh-g3fa-m7d8
20
vulnerability VCID-t2ne-75ck-eqcr
21
vulnerability VCID-v7tp-1t4h-zqeg
22
vulnerability VCID-vsdf-4tfj-uybe
23
vulnerability VCID-xqjr-7xfw-mbh2
24
vulnerability VCID-yfx4-4gsc-2kgh
25
vulnerability VCID-zw2q-kna8-mqcm
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.41
2
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.20
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.20
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1e6p-cppr-2bh2
1
vulnerability VCID-46bv-6b7y-3bca
2
vulnerability VCID-4cag-c4pb-dfaz
3
vulnerability VCID-5781-s1ny-q7ey
4
vulnerability VCID-66kh-s6cr-tqf9
5
vulnerability VCID-a8gk-n8bq-87cp
6
vulnerability VCID-d1fm-vbd1-n7au
7
vulnerability VCID-dy6m-zt6r-9ubd
8
vulnerability VCID-dzan-r49k-kqab
9
vulnerability VCID-dzpn-w4b3-vbcm
10
vulnerability VCID-e7kd-kk57-mkd6
11
vulnerability VCID-fpgj-82wf-ykbw
12
vulnerability VCID-gyed-x6s8-ybhr
13
vulnerability VCID-j6cj-ftyd-3ffa
14
vulnerability VCID-j8tk-s915-pbfy
15
vulnerability VCID-kwab-3s4q-eka4
16
vulnerability VCID-n3ab-nk7c-hqc9
17
vulnerability VCID-nmq2-8ysj-4fbc
18
vulnerability VCID-qkx6-32cj-jfbp
19
vulnerability VCID-ran8-rnqn-tkbc
20
vulnerability VCID-ruuh-g3fa-m7d8
21
vulnerability VCID-t2ne-75ck-eqcr
22
vulnerability VCID-v7tp-1t4h-zqeg
23
vulnerability VCID-vsdf-4tfj-uybe
24
vulnerability VCID-xqjr-7xfw-mbh2
25
vulnerability VCID-yfx4-4gsc-2kgh
26
vulnerability VCID-yrzk-1dbk-muhy
27
vulnerability VCID-zw2q-kna8-mqcm
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.20
aliases CVE-2019-10072, GHSA-q4hg-rmq2-52q9
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-39e3-jfbg-s3hk
1
url VCID-46bv-6b7y-3bca
vulnerability_id VCID-46bv-6b7y-3bca
summary A specially crafted sequence of HTTP/2 requests sent to Apache Tomcat 10.0.0-M1 to 10.0.0-M5, 9.0.0.M1 to 9.0.35 and 8.5.0 to 8.5.55 could trigger high CPU usage for several seconds. If a sufficient number of such requests were made on concurrent HTTP/2 connections, the server could become unresponsive.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00064.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00064.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00072.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00072.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11996.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11996.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-11996
reference_id
reference_type
scores
0
value 0.45121
scoring_system epss
scoring_elements 0.97629
published_at 2026-05-12T12:55:00Z
1
value 0.45121
scoring_system epss
scoring_elements 0.97623
published_at 2026-05-11T12:55:00Z
2
value 0.45121
scoring_system epss
scoring_elements 0.97622
published_at 2026-05-07T12:55:00Z
3
value 0.45121
scoring_system epss
scoring_elements 0.97618
published_at 2026-05-05T12:55:00Z
4
value 0.45121
scoring_system epss
scoring_elements 0.9761
published_at 2026-04-29T12:55:00Z
5
value 0.45121
scoring_system epss
scoring_elements 0.97607
published_at 2026-04-21T12:55:00Z
6
value 0.45121
scoring_system epss
scoring_elements 0.97606
published_at 2026-04-26T12:55:00Z
7
value 0.45121
scoring_system epss
scoring_elements 0.97598
published_at 2026-04-13T12:55:00Z
8
value 0.45121
scoring_system epss
scoring_elements 0.97597
published_at 2026-04-12T12:55:00Z
9
value 0.45121
scoring_system epss
scoring_elements 0.97595
published_at 2026-04-11T12:55:00Z
10
value 0.45121
scoring_system epss
scoring_elements 0.97593
published_at 2026-04-09T12:55:00Z
11
value 0.45121
scoring_system epss
scoring_elements 0.9759
published_at 2026-04-08T12:55:00Z
12
value 0.45121
scoring_system epss
scoring_elements 0.97584
published_at 2026-04-07T12:55:00Z
13
value 0.45121
scoring_system epss
scoring_elements 0.97581
published_at 2026-04-02T12:55:00Z
14
value 0.45121
scoring_system epss
scoring_elements 0.9764
published_at 2026-05-15T12:55:00Z
15
value 0.45121
scoring_system epss
scoring_elements 0.97575
published_at 2026-04-01T12:55:00Z
16
value 0.45121
scoring_system epss
scoring_elements 0.97639
published_at 2026-05-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-11996
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
6
reference_url https://github.com/apache/tomcat/commit/9434a44d3449d620b1be70206819f8275b4a7509
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/9434a44d3449d620b1be70206819f8275b4a7509
7
reference_url https://github.com/apache/tomcat/commit/9a0231683a77e2957cea0fdee88b193b30b0c976
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/9a0231683a77e2957cea0fdee88b193b30b0c976
8
reference_url https://github.com/apache/tomcat/commit/c8acd2ab7371e39aeca7c306f3b5380f00afe552
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/c8acd2ab7371e39aeca7c306f3b5380f00afe552
9
reference_url https://lists.apache.org/thread.html/r2529016c311ce9485e6f173446d469600fdfbb94dccadfcd9dfdac79@%3Cusers.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r2529016c311ce9485e6f173446d469600fdfbb94dccadfcd9dfdac79@%3Cusers.tomcat.apache.org%3E
10
reference_url https://lists.apache.org/thread.html/r3ea96d8f36dd404acce83df8aeb22a9e807d6c13ca9c5dec72f872cd@%3Cnotifications.ofbiz.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r3ea96d8f36dd404acce83df8aeb22a9e807d6c13ca9c5dec72f872cd@%3Cnotifications.ofbiz.apache.org%3E
11
reference_url https://lists.apache.org/thread.html/r5541ef6b6b68b49f76fc4c45695940116da2bcbe0312ef204a00a2e0%40%3Cannounce.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r5541ef6b6b68b49f76fc4c45695940116da2bcbe0312ef204a00a2e0%40%3Cannounce.tomcat.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/r5a4f80a6acc6607d61dae424b643b594c6188dd4e1eff04705c10db2@%3Cnotifications.ofbiz.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r5a4f80a6acc6607d61dae424b643b594c6188dd4e1eff04705c10db2@%3Cnotifications.ofbiz.apache.org%3E
13
reference_url https://lists.apache.org/thread.html/r6c29801370a36c1a5159679269777ad0c73276d3015b8bbefea66e5c@%3Cnotifications.ofbiz.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r6c29801370a36c1a5159679269777ad0c73276d3015b8bbefea66e5c@%3Cnotifications.ofbiz.apache.org%3E
14
reference_url https://lists.apache.org/thread.html/r74f5a8204efe574cbfcd95b2a16236fe95beb45c4d9fee3dc789dca9@%3Ccommits.ofbiz.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r74f5a8204efe574cbfcd95b2a16236fe95beb45c4d9fee3dc789dca9@%3Ccommits.ofbiz.apache.org%3E
15
reference_url https://lists.apache.org/thread.html/r8f3d416c193bc9384a8a7dd368623d441f5fcaff1057115008100561@%3Ccommits.ofbiz.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r8f3d416c193bc9384a8a7dd368623d441f5fcaff1057115008100561@%3Ccommits.ofbiz.apache.org%3E
16
reference_url https://lists.apache.org/thread.html/r8f7484589454638af527182ae55ef5b628ba00c05c5b11887c922fb1@%3Cnotifications.ofbiz.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r8f7484589454638af527182ae55ef5b628ba00c05c5b11887c922fb1@%3Cnotifications.ofbiz.apache.org%3E
17
reference_url https://lists.apache.org/thread.html/r93ca628ef3a4530dfe5ac49fddc795f0920a4b2a408b57a30926a42b@%3Ccommits.ofbiz.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r93ca628ef3a4530dfe5ac49fddc795f0920a4b2a408b57a30926a42b@%3Ccommits.ofbiz.apache.org%3E
18
reference_url https://lists.apache.org/thread.html/r9ad911fe49450ed9405827af0e7a74104041081ff91864b1f2546bbd@%3Cnotifications.ofbiz.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r9ad911fe49450ed9405827af0e7a74104041081ff91864b1f2546bbd@%3Cnotifications.ofbiz.apache.org%3E
19
reference_url https://lists.apache.org/thread.html/ra7092f7492569b39b04ec0decf52628ba86c51f15efb38f5853e2760@%3Cnotifications.ofbiz.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/ra7092f7492569b39b04ec0decf52628ba86c51f15efb38f5853e2760@%3Cnotifications.ofbiz.apache.org%3E
20
reference_url https://lists.apache.org/thread.html/rb4ee49ecc4c59620ffd5e66e84a17e526c2c3cfa95d0cd682d90d338@%3Cnotifications.ofbiz.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb4ee49ecc4c59620ffd5e66e84a17e526c2c3cfa95d0cd682d90d338@%3Cnotifications.ofbiz.apache.org%3E
21
reference_url https://lists.apache.org/thread.html/rb820f1a2a02bf07414be12c653c2ab5321fd87b9bf6c5e635c53ff4b@%3Cnotifications.ofbiz.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb820f1a2a02bf07414be12c653c2ab5321fd87b9bf6c5e635c53ff4b@%3Cnotifications.ofbiz.apache.org%3E
22
reference_url https://lists.apache.org/thread.html/rc80b96b4b96618b2b7461cb90664a428cfd6605eea9f74e51b792542@%3Cnotifications.ofbiz.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rc80b96b4b96618b2b7461cb90664a428cfd6605eea9f74e51b792542@%3Cnotifications.ofbiz.apache.org%3E
23
reference_url https://lists.apache.org/thread.html/rea65d6ef2e45dd1c45faae83922042732866c7b88fa109b76c83db52@%3Cnotifications.ofbiz.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rea65d6ef2e45dd1c45faae83922042732866c7b88fa109b76c83db52@%3Cnotifications.ofbiz.apache.org%3E
24
reference_url https://lists.apache.org/thread.html/ref0339792ac6dac1dba83c071a727ad72380899bde60f6aaad4031b9@%3Cnotifications.ofbiz.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/ref0339792ac6dac1dba83c071a727ad72380899bde60f6aaad4031b9@%3Cnotifications.ofbiz.apache.org%3E
25
reference_url https://lists.debian.org/debian-lts-announce/2020/07/msg00010.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2020/07/msg00010.html
26
reference_url https://security.netapp.com/advisory/ntap-20200709-0002
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20200709-0002
27
reference_url https://security.netapp.com/advisory/ntap-20200709-0002/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20200709-0002/
28
reference_url https://tomcat.apache.org/security-10.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-10.html
29
reference_url https://tomcat.apache.org/security-8.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-8.html
30
reference_url https://tomcat.apache.org/security-9.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-9.html
31
reference_url https://usn.ubuntu.com/4596-1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/4596-1
32
reference_url https://usn.ubuntu.com/4596-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/4596-1/
33
reference_url https://www.debian.org/security/2020/dsa-4727
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2020/dsa-4727
34
reference_url https://www.oracle.com/security-alerts/cpujan2021.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujan2021.html
35
reference_url https://www.oracle.com/security-alerts/cpuoct2020.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuoct2020.html
36
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1851420
reference_id 1851420
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1851420
37
reference_url https://security.archlinux.org/AVG-1196
reference_id AVG-1196
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1196
38
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11996
reference_id CVE-2020-11996
reference_type
scores
0
value Important
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11996
39
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-11996
reference_id CVE-2020-11996
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-11996
40
reference_url https://github.com/advisories/GHSA-53hp-jpwq-2jgq
reference_id GHSA-53hp-jpwq-2jgq
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-53hp-jpwq-2jgq
41
reference_url https://access.redhat.com/errata/RHSA-2020:5170
reference_id RHSA-2020:5170
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:5170
42
reference_url https://access.redhat.com/errata/RHSA-2020:5173
reference_id RHSA-2020:5173
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:5173
43
reference_url https://access.redhat.com/errata/RHSA-2020:5388
reference_id RHSA-2020:5388
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:5388
44
reference_url https://access.redhat.com/errata/RHSA-2021:0292
reference_id RHSA-2021:0292
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0292
fixed_packages
0
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.56
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.56
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4cag-c4pb-dfaz
1
vulnerability VCID-5781-s1ny-q7ey
2
vulnerability VCID-a8gk-n8bq-87cp
3
vulnerability VCID-ayrd-8ntf-hkh3
4
vulnerability VCID-dy6m-zt6r-9ubd
5
vulnerability VCID-dzan-r49k-kqab
6
vulnerability VCID-fpgj-82wf-ykbw
7
vulnerability VCID-gyed-x6s8-ybhr
8
vulnerability VCID-j6cj-ftyd-3ffa
9
vulnerability VCID-j8tk-s915-pbfy
10
vulnerability VCID-k9cg-ehdw-dbh6
11
vulnerability VCID-kwab-3s4q-eka4
12
vulnerability VCID-n3ab-nk7c-hqc9
13
vulnerability VCID-nmq2-8ysj-4fbc
14
vulnerability VCID-p8q2-pt96-5ye8
15
vulnerability VCID-qkx6-32cj-jfbp
16
vulnerability VCID-ran8-rnqn-tkbc
17
vulnerability VCID-t2ne-75ck-eqcr
18
vulnerability VCID-v7tp-1t4h-zqeg
19
vulnerability VCID-vsdf-4tfj-uybe
20
vulnerability VCID-xqjr-7xfw-mbh2
21
vulnerability VCID-zw2q-kna8-mqcm
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.56
1
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.36
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.36
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1e6p-cppr-2bh2
1
vulnerability VCID-4cag-c4pb-dfaz
2
vulnerability VCID-5781-s1ny-q7ey
3
vulnerability VCID-a8gk-n8bq-87cp
4
vulnerability VCID-d1fm-vbd1-n7au
5
vulnerability VCID-dy6m-zt6r-9ubd
6
vulnerability VCID-dzan-r49k-kqab
7
vulnerability VCID-fpgj-82wf-ykbw
8
vulnerability VCID-gyed-x6s8-ybhr
9
vulnerability VCID-j6cj-ftyd-3ffa
10
vulnerability VCID-j8tk-s915-pbfy
11
vulnerability VCID-kwab-3s4q-eka4
12
vulnerability VCID-n3ab-nk7c-hqc9
13
vulnerability VCID-nmq2-8ysj-4fbc
14
vulnerability VCID-p8q2-pt96-5ye8
15
vulnerability VCID-qkx6-32cj-jfbp
16
vulnerability VCID-ran8-rnqn-tkbc
17
vulnerability VCID-t2ne-75ck-eqcr
18
vulnerability VCID-v7tp-1t4h-zqeg
19
vulnerability VCID-vsdf-4tfj-uybe
20
vulnerability VCID-xqjr-7xfw-mbh2
21
vulnerability VCID-yrzk-1dbk-muhy
22
vulnerability VCID-zw2q-kna8-mqcm
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.36
aliases CVE-2020-11996, GHSA-53hp-jpwq-2jgq
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-46bv-6b7y-3bca
2
url VCID-4cag-c4pb-dfaz
vulnerability_id VCID-4cag-c4pb-dfaz
summary 
Improper Resource Shutdown or Release vulnerability in Apache Tomcat.

If an error occurred (including exceeding limits) during the processing of a multipart upload, temporary copies of the uploaded parts written to disc were not cleaned up immediately but left for the garbage collection process to delete. Depending on JVM settings, application memory usage and application load, it was possible that space for the temporary copies of uploaded parts would be filled faster than GC cleared it, leading to a DoS.



This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.11, from 10.1.0-M1 through 10.1.46, from 9.0.0.M1 through 9.0.109.

The following versions were EOL at the time the CVE was created but are 
known to be affected: 8.5.0 though 8.5.100. Other, older, EOL versions may also be affected.
Users are recommended to upgrade to version 11.0.12 or later, 10.1.47 or later or 9.0.110 or later which fixes the issue.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61795.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61795.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-61795
reference_id
reference_type
scores
0
value 0.00089
scoring_system epss
scoring_elements 0.2555
published_at 2026-04-04T12:55:00Z
1
value 0.00089
scoring_system epss
scoring_elements 0.25512
published_at 2026-04-02T12:55:00Z
2
value 0.0012
scoring_system epss
scoring_elements 0.30581
published_at 2026-05-15T12:55:00Z
3
value 0.0012
scoring_system epss
scoring_elements 0.30567
published_at 2026-05-14T12:55:00Z
4
value 0.00127
scoring_system epss
scoring_elements 0.31557
published_at 2026-05-12T12:55:00Z
5
value 0.00127
scoring_system epss
scoring_elements 0.32123
published_at 2026-04-08T12:55:00Z
6
value 0.00127
scoring_system epss
scoring_elements 0.3215
published_at 2026-04-09T12:55:00Z
7
value 0.00127
scoring_system epss
scoring_elements 0.32154
published_at 2026-04-11T12:55:00Z
8
value 0.00127
scoring_system epss
scoring_elements 0.32116
published_at 2026-04-12T12:55:00Z
9
value 0.00127
scoring_system epss
scoring_elements 0.32084
published_at 2026-04-13T12:55:00Z
10
value 0.00127
scoring_system epss
scoring_elements 0.32118
published_at 2026-04-16T12:55:00Z
11
value 0.00127
scoring_system epss
scoring_elements 0.32096
published_at 2026-04-18T12:55:00Z
12
value 0.00127
scoring_system epss
scoring_elements 0.32068
published_at 2026-04-21T12:55:00Z
13
value 0.00127
scoring_system epss
scoring_elements 0.31903
published_at 2026-04-24T12:55:00Z
14
value 0.00127
scoring_system epss
scoring_elements 0.31776
published_at 2026-04-26T12:55:00Z
15
value 0.00127
scoring_system epss
scoring_elements 0.31695
published_at 2026-04-29T12:55:00Z
16
value 0.00127
scoring_system epss
scoring_elements 0.31548
published_at 2026-05-05T12:55:00Z
17
value 0.00127
scoring_system epss
scoring_elements 0.31619
published_at 2026-05-07T12:55:00Z
18
value 0.00127
scoring_system epss
scoring_elements 0.31628
published_at 2026-05-09T12:55:00Z
19
value 0.00127
scoring_system epss
scoring_elements 0.31534
published_at 2026-05-11T12:55:00Z
20
value 0.00138
scoring_system epss
scoring_elements 0.33823
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-61795
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
4
reference_url https://github.com/apache/tomcat/commit/1cdf5f730ede75a0759492f179ac21ca4ff68e06
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/1cdf5f730ede75a0759492f179ac21ca4ff68e06
5
reference_url https://github.com/apache/tomcat/commit/af6e9181620304c0d818121c29c074e1330610d0
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/af6e9181620304c0d818121c29c074e1330610d0
6
reference_url https://github.com/apache/tomcat/commit/afa422bd7ca1eef0f507259c682fd876494d9c3b
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/afa422bd7ca1eef0f507259c682fd876494d9c3b
7
reference_url https://lists.apache.org/thread/wm9mx8brmx9g4zpywm06ryrtvd3160pp
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value LOW
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-27T18:48:52Z/
url https://lists.apache.org/thread/wm9mx8brmx9g4zpywm06ryrtvd3160pp
8
reference_url https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.47
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value LOW
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.47
9
reference_url https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.12
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value LOW
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.12
10
reference_url https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.110
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value LOW
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.110
11
reference_url http://www.openwall.com/lists/oss-security/2025/10/27/6
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value LOW
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2025/10/27/6
12
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1119293
reference_id 1119293
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1119293
13
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1119294
reference_id 1119294
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1119294
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2406588
reference_id 2406588
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2406588
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61795
reference_id CVE-2025-61795
reference_type
scores
0
value Low
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61795
16
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-61795
reference_id CVE-2025-61795
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-61795
17
reference_url https://github.com/advisories/GHSA-hgrr-935x-pq79
reference_id GHSA-hgrr-935x-pq79
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-hgrr-935x-pq79
18
reference_url https://access.redhat.com/errata/RHSA-2025:19809
reference_id RHSA-2025:19809
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:19809
19
reference_url https://access.redhat.com/errata/RHSA-2025:19810
reference_id RHSA-2025:19810
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:19810
20
reference_url https://access.redhat.com/errata/RHSA-2025:23050
reference_id RHSA-2025:23050
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23050
21
reference_url https://access.redhat.com/errata/RHSA-2025:23051
reference_id RHSA-2025:23051
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23051
22
reference_url https://access.redhat.com/errata/RHSA-2026:6569
reference_id RHSA-2026:6569
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6569
23
reference_url https://access.redhat.com/errata/RHSA-2026:8334
reference_id RHSA-2026:8334
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8334
fixed_packages
0
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.110
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.110
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2rmy-13ym-3bgm
1
vulnerability VCID-74tx-sx8a-guhs
2
vulnerability VCID-8e1c-rbkg-v7c2
3
vulnerability VCID-d1fm-vbd1-n7au
4
vulnerability VCID-gyed-x6s8-ybhr
5
vulnerability VCID-yrzk-1dbk-muhy
6
vulnerability VCID-zw2q-kna8-mqcm
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.110
1
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.47
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.47
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2rmy-13ym-3bgm
1
vulnerability VCID-74tx-sx8a-guhs
2
vulnerability VCID-8e1c-rbkg-v7c2
3
vulnerability VCID-d1fm-vbd1-n7au
4
vulnerability VCID-gyed-x6s8-ybhr
5
vulnerability VCID-zw2q-kna8-mqcm
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.47
2
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@11.0.12
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@11.0.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2rmy-13ym-3bgm
1
vulnerability VCID-74tx-sx8a-guhs
2
vulnerability VCID-8e1c-rbkg-v7c2
3
vulnerability VCID-d1fm-vbd1-n7au
4
vulnerability VCID-gyed-x6s8-ybhr
5
vulnerability VCID-yrzk-1dbk-muhy
6
vulnerability VCID-zw2q-kna8-mqcm
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@11.0.12
aliases CVE-2025-61795, GHSA-hgrr-935x-pq79
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4cag-c4pb-dfaz
3
url VCID-5781-s1ny-q7ey
vulnerability_id VCID-5781-s1ny-q7ey
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-44487.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-44487.json
1
reference_url https://akka.io/security/akka-http-cve-2023-44487.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://akka.io/security/akka-http-cve-2023-44487.html
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-44487
reference_id
reference_type
scores
0
value 0.94385
scoring_system epss
scoring_elements 0.9997
published_at 2026-04-04T12:55:00Z
1
value 0.94385
scoring_system epss
scoring_elements 0.99971
published_at 2026-04-13T12:55:00Z
2
value 0.94394
scoring_system epss
scoring_elements 0.99974
published_at 2026-05-15T12:55:00Z
3
value 0.94395
scoring_system epss
scoring_elements 0.99974
published_at 2026-04-18T12:55:00Z
4
value 0.94399
scoring_system epss
scoring_elements 0.99976
published_at 2026-05-16T12:55:00Z
5
value 0.944
scoring_system epss
scoring_elements 0.99976
published_at 2026-05-14T12:55:00Z
6
value 0.94445
scoring_system epss
scoring_elements 0.99991
published_at 2026-05-11T12:55:00Z
7
value 0.94446
scoring_system epss
scoring_elements 0.99992
published_at 2026-05-07T12:55:00Z
8
value 0.9446
scoring_system epss
scoring_elements 0.99993
published_at 2026-04-21T12:55:00Z
9
value 0.9446
scoring_system epss
scoring_elements 0.99994
published_at 2026-05-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-44487
3
reference_url https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size
4
reference_url https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/
5
reference_url https://aws.amazon.com/security/security-bulletins/AWS-2023-011
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://aws.amazon.com/security/security-bulletins/AWS-2023-011
6
reference_url https://aws.amazon.com/security/security-bulletins/AWS-2023-011/
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://aws.amazon.com/security/security-bulletins/AWS-2023-011/
7
reference_url https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack
8
reference_url https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/
9
reference_url https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack
10
reference_url https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/
11
reference_url https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty
12
reference_url https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/
13
reference_url https://bugzilla.proxmox.com/show_bug.cgi?id=4988
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://bugzilla.proxmox.com/show_bug.cgi?id=4988
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2242803
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2242803
15
reference_url https://bugzilla.suse.com/show_bug.cgi?id=1216123
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://bugzilla.suse.com/show_bug.cgi?id=1216123
16
reference_url https://cert-portal.siemens.com/productcert/html/ssa-082556.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://cert-portal.siemens.com/productcert/html/ssa-082556.html
17
reference_url https://cert-portal.siemens.com/productcert/html/ssa-341067.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://cert-portal.siemens.com/productcert/html/ssa-341067.html
18
reference_url https://cert-portal.siemens.com/productcert/html/ssa-832273.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://cert-portal.siemens.com/productcert/html/ssa-832273.html
19
reference_url https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9
20
reference_url https://chaos.social/@icing/111210915918780532
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://chaos.social/@icing/111210915918780532
21
reference_url https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps
22
reference_url https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/
23
reference_url https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack
24
reference_url https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125
25
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-47185
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-47185
26
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33934
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33934
27
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34462
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34462
28
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36478
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36478
29
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41752
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41752
30
reference_url https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715
31
reference_url https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve
32
reference_url https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764
33
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
34
reference_url https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088
35
reference_url https://github.com/akka/akka-http/issues/4323
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/akka/akka-http/issues/4323
36
reference_url https://github.com/akka/akka-http/pull/4324
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/akka/akka-http/pull/4324
37
reference_url https://github.com/akka/akka-http/pull/4325
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/akka/akka-http/pull/4325
38
reference_url https://github.com/alibaba/tengine/issues/1872
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/alibaba/tengine/issues/1872
39
reference_url https://github.com/apache/apisix/issues/10320
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/apache/apisix/issues/10320
40
reference_url https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113
41
reference_url https://github.com/apache/httpd-site/pull/10
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/apache/httpd-site/pull/10
42
reference_url https://github.com/apache/tomcat/commit/6d1a9fd6642387969e4410b9989c85856b74917a
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/6d1a9fd6642387969e4410b9989c85856b74917a
43
reference_url https://github.com/apache/tomcat/commit/76bb4bfbfeae827dce896f650655bbf6e251ed49
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/76bb4bfbfeae827dce896f650655bbf6e251ed49
44
reference_url https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628
45
reference_url https://github.com/apache/tomcat/commit/9cdfe25bad707f34b3e5da2994f3f1952a163c3e
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/9cdfe25bad707f34b3e5da2994f3f1952a163c3e
46
reference_url https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2
47
reference_url https://github.com/apache/trafficserver/pull/10564
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/apache/trafficserver/pull/10564
48
reference_url https://github.com/apple/swift-nio-http2
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apple/swift-nio-http2
49
reference_url https://github.com/Azure/AKS/issues/3947
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/Azure/AKS/issues/3947
50
reference_url https://github.com/caddyserver/caddy/issues/5877
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/caddyserver/caddy/issues/5877
51
reference_url https://github.com/caddyserver/caddy/releases/tag/v2.7.5
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/caddyserver/caddy/releases/tag/v2.7.5
52
reference_url https://github.com/dotnet/announcements/issues/277
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/dotnet/announcements/issues/277
53
reference_url https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73
54
reference_url https://github.com/eclipse/jetty.project/issues/10679
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/eclipse/jetty.project/issues/10679
55
reference_url https://github.com/envoyproxy/envoy/pull/30055
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/envoyproxy/envoy/pull/30055
56
reference_url https://github.com/etcd-io/etcd/issues/16740
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/etcd-io/etcd/issues/16740
57
reference_url https://github.com/facebook/proxygen/pull/466
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/facebook/proxygen/pull/466
58
reference_url https://github.com/golang/go/issues/63417
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/golang/go/issues/63417
59
reference_url https://github.com/grpc/grpc-go/pull/6703
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/grpc/grpc-go/pull/6703
60
reference_url https://github.com/grpc/grpc-go/releases
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/grpc/grpc-go/releases
61
reference_url https://github.com/grpc/grpc/releases/tag/v1.59.2
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/grpc/grpc/releases/tag/v1.59.2
62
reference_url https://github.com/h2o/h2o/pull/3291
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/h2o/h2o/pull/3291
63
reference_url https://github.com/haproxy/haproxy/issues/2312
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/haproxy/haproxy/issues/2312
64
reference_url https://github.com/hyperium/hyper/issues/3337
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/hyperium/hyper/issues/3337
65
reference_url https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244
66
reference_url https://github.com/junkurihara/rust-rpxy/issues/97
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/junkurihara/rust-rpxy/issues/97
67
reference_url https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1
68
reference_url https://github.com/kazu-yamamoto/http2/issues/93
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/kazu-yamamoto/http2/issues/93
69
reference_url https://github.com/Kong/kong/discussions/11741
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/Kong/kong/discussions/11741
70
reference_url https://github.com/kubernetes/kubernetes/pull/121120
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/kubernetes/kubernetes/pull/121120
71
reference_url https://github.com/line/armeria/pull/5232
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/line/armeria/pull/5232
72
reference_url https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632
73
reference_url https://github.com/micrictor/http2-rst-stream
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/micrictor/http2-rst-stream
74
reference_url https://github.com/microsoft/CBL-Mariner/pull/6381
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/microsoft/CBL-Mariner/pull/6381
75
reference_url https://github.com/netty/netty
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/netty/netty
76
reference_url https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value MODERATE
scoring_system generic_textual
scoring_elements
5
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61
77
reference_url https://github.com/nghttp2/nghttp2
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/nghttp2/nghttp2
78
reference_url https://github.com/nghttp2/nghttp2/commit/72b4af6143681f528f1d237b21a9a7aee1738832
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/nghttp2/nghttp2/commit/72b4af6143681f528f1d237b21a9a7aee1738832
79
reference_url https://github.com/nghttp2/nghttp2/pull/1961
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/nghttp2/nghttp2/pull/1961
80
reference_url https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value MODERATE
scoring_system generic_textual
scoring_elements
5
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0
81
reference_url https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg
82
reference_url https://github.com/ninenines/cowboy/issues/1615
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/ninenines/cowboy/issues/1615
83
reference_url https://github.com/nodejs/node/pull/50121
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/nodejs/node/pull/50121
84
reference_url https://github.com/openresty/openresty/issues/930
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/openresty/openresty/issues/930
85
reference_url https://github.com/opensearch-project/data-prepper/issues/3474
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/opensearch-project/data-prepper/issues/3474
86
reference_url https://github.com/oqtane/oqtane.framework/discussions/3367
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/oqtane/oqtane.framework/discussions/3367
87
reference_url https://github.com/projectcontour/contour/pull/5826
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/projectcontour/contour/pull/5826
88
reference_url https://github.com/tempesta-tech/tempesta/issues/1986
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/tempesta-tech/tempesta/issues/1986
89
reference_url https://github.com/varnishcache/varnish-cache/issues/3996
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/varnishcache/varnish-cache/issues/3996
90
reference_url https://go.dev/cl/534215
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://go.dev/cl/534215
91
reference_url https://go.dev/cl/534235
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://go.dev/cl/534235
92
reference_url https://go.dev/issue/63417
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://go.dev/issue/63417
93
reference_url https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo
94
reference_url https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ
95
reference_url https://istio.io/latest/news/security/istio-security-2023-004
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://istio.io/latest/news/security/istio-security-2023-004
96
reference_url https://istio.io/latest/news/security/istio-security-2023-004/
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://istio.io/latest/news/security/istio-security-2023-004/
97
reference_url https://linkerd.io/2023/10/12/linkerd-cve-2023-44487
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://linkerd.io/2023/10/12/linkerd-cve-2023-44487
98
reference_url https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/
99
reference_url https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q
100
reference_url https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html
101
reference_url https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html
102
reference_url https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html
103
reference_url https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html
104
reference_url https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html
105
reference_url https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html
106
reference_url https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html
107
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI
108
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/
109
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A
110
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/
111
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ
112
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/
113
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2
114
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/
115
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5
116
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/
117
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU
118
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/
119
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ
120
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/
121
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ
122
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/
123
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY
124
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/
125
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE
126
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/
127
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG
128
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/
129
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL
130
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/
131
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU
132
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/
133
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK
134
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/
135
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX
136
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/
137
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH
138
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/
139
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y
140
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/
141
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2
142
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/
143
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT
144
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/
145
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3
146
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/
147
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4
148
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/
149
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI
150
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A
151
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ
152
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2
153
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5
154
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU
155
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ
156
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ
157
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/
158
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY
159
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/
160
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE
161
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG
162
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL
163
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU
164
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK
165
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX
166
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH
167
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y
168
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2
169
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT
170
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3
171
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/
172
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4
173
reference_url https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html
174
reference_url https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html
175
reference_url https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html
176
reference_url https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2
177
reference_url https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/
178
reference_url https://my.f5.com/manage/s/article/K000137106
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://my.f5.com/manage/s/article/K000137106
179
reference_url https://netty.io/news/2023/10/10/4-1-100-Final.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://netty.io/news/2023/10/10/4-1-100-Final.html
180
reference_url https://news.ycombinator.com/item?id=37830987
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://news.ycombinator.com/item?id=37830987
181
reference_url https://news.ycombinator.com/item?id=37830998
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://news.ycombinator.com/item?id=37830998
182
reference_url https://news.ycombinator.com/item?id=37831062
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://news.ycombinator.com/item?id=37831062
183
reference_url https://news.ycombinator.com/item?id=37837043
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://news.ycombinator.com/item?id=37837043
184
reference_url https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response
185
reference_url https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/
186
reference_url https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected
187
reference_url https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-http2-reset-d8Kf32vZ
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-http2-reset-d8Kf32vZ
188
reference_url https://security.gentoo.org/glsa/202311-09
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://security.gentoo.org/glsa/202311-09
189
reference_url https://security.netapp.com/advisory/ntap-20231016-0001
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20231016-0001
190
reference_url https://security.netapp.com/advisory/ntap-20231016-0001/
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://security.netapp.com/advisory/ntap-20231016-0001/
191
reference_url https://security.netapp.com/advisory/ntap-20240426-0007
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20240426-0007
192
reference_url https://security.netapp.com/advisory/ntap-20240621-0006
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20240621-0006
193
reference_url https://security.netapp.com/advisory/ntap-20240621-0007
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20240621-0007
194
reference_url https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14
195
reference_url https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12
196
reference_url https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94
197
reference_url https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81
198
reference_url https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records
199
reference_url https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/
200
reference_url https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-44487
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-44487
201
reference_url https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487
202
reference_url https://www.cve.org/CVERecord?id=CVE-2023-44487
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.cve.org/CVERecord?id=CVE-2023-44487
203
reference_url https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event
204
reference_url https://www.debian.org/security/2023/dsa-5521
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://www.debian.org/security/2023/dsa-5521
205
reference_url https://www.debian.org/security/2023/dsa-5522
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://www.debian.org/security/2023/dsa-5522
206
reference_url https://www.debian.org/security/2023/dsa-5540
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://www.debian.org/security/2023/dsa-5540
207
reference_url https://www.debian.org/security/2023/dsa-5549
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://www.debian.org/security/2023/dsa-5549
208
reference_url https://www.debian.org/security/2023/dsa-5558
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://www.debian.org/security/2023/dsa-5558
209
reference_url https://www.debian.org/security/2023/dsa-5570
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://www.debian.org/security/2023/dsa-5570
210
reference_url https://www.eclipse.org/lists/jetty-announce/msg00181.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.eclipse.org/lists/jetty-announce/msg00181.html
211
reference_url https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487
212
reference_url https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487
213
reference_url https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/
214
reference_url https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products
215
reference_url https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/
216
reference_url https://www.openwall.com/lists/oss-security/2023/10/10/6
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://www.openwall.com/lists/oss-security/2023/10/10/6
217
reference_url https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack
218
reference_url https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday
219
reference_url https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/
220
reference_url https://www.vicarius.io/vsociety/posts/rapid-reset-cve-2023-44487-dos-in-http2-understanding-the-root-cause
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.vicarius.io/vsociety/posts/rapid-reset-cve-2023-44487-dos-in-http2-understanding-the-root-cause
221
reference_url http://www.openwall.com/lists/oss-security/2023/10/10/6
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url http://www.openwall.com/lists/oss-security/2023/10/10/6
222
reference_url http://www.openwall.com/lists/oss-security/2023/10/10/7
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url http://www.openwall.com/lists/oss-security/2023/10/10/7
223
reference_url http://www.openwall.com/lists/oss-security/2023/10/13/4
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url http://www.openwall.com/lists/oss-security/2023/10/13/4
224
reference_url http://www.openwall.com/lists/oss-security/2023/10/13/9
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url http://www.openwall.com/lists/oss-security/2023/10/13/9
225
reference_url http://www.openwall.com/lists/oss-security/2023/10/18/4
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url http://www.openwall.com/lists/oss-security/2023/10/18/4
226
reference_url http://www.openwall.com/lists/oss-security/2023/10/18/8
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url http://www.openwall.com/lists/oss-security/2023/10/18/8
227
reference_url http://www.openwall.com/lists/oss-security/2023/10/19/6
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url http://www.openwall.com/lists/oss-security/2023/10/19/6
228
reference_url http://www.openwall.com/lists/oss-security/2023/10/20/8
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url http://www.openwall.com/lists/oss-security/2023/10/20/8
229
reference_url http://www.openwall.com/lists/oss-security/2025/08/13/6
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2025/08/13/6
230
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053769
reference_id 1053769
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053769
231
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053770
reference_id 1053770
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053770
232
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053801
reference_id 1053801
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053801
233
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054232
reference_id 1054232
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054232
234
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054234
reference_id 1054234
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054234
235
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1056156
reference_id 1056156
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1056156
236
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1074421
reference_id 1074421
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1074421
237
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/
reference_id 2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/
238
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/
reference_id 3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/
239
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/
reference_id BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/
240
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/
reference_id CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/
241
reference_url https://access.redhat.com/security/cve/cve-2023-44487
reference_id CVE-2023-44487
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://access.redhat.com/security/cve/cve-2023-44487
242
reference_url https://blog.vespa.ai/cve-2023-44487
reference_id CVE-2023-44487
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://blog.vespa.ai/cve-2023-44487
243
reference_url https://blog.vespa.ai/cve-2023-44487/
reference_id CVE-2023-44487
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://blog.vespa.ai/cve-2023-44487/
244
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487
reference_id CVE-2023-44487
reference_type
scores
0
value Important
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487
245
reference_url https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487
reference_id CVE-2023-44487
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487
246
reference_url https://github.com/bcdannyboy/CVE-2023-44487
reference_id CVE-2023-44487
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/bcdannyboy/CVE-2023-44487
247
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/52426.py
reference_id CVE-2023-44487
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/52426.py
248
reference_url https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487
reference_id CVE-2023-44487
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487
249
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-44487
reference_id CVE-2023-44487
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-44487
250
reference_url https://security.paloaltonetworks.com/CVE-2023-44487
reference_id CVE-2023-44487
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://security.paloaltonetworks.com/CVE-2023-44487
251
reference_url https://ubuntu.com/security/CVE-2023-44487
reference_id CVE-2023-44487
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://ubuntu.com/security/CVE-2023-44487
252
reference_url https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack
reference_id CVE-2023-44487-HTTP-2-RAPID-RESET-ATTACK
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack
253
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/
reference_id E72T67UPDRXHIDLO3OROR25YAMN4GGW5
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/
254
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/
reference_id FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/
255
reference_url https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf
reference_id GHSA-2m7v-gc89-fjqf
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf
256
reference_url https://github.com/advisories/GHSA-qppj-fm5r-hxr3
reference_id GHSA-qppj-fm5r-hxr3
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
3
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
4
value MODERATE
scoring_system generic_textual
scoring_elements
5
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/advisories/GHSA-qppj-fm5r-hxr3
257
reference_url https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3
reference_id GHSA-qppj-fm5r-hxr3
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
3
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
4
value HIGH
scoring_system generic_textual
scoring_elements
5
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3
258
reference_url https://github.com/advisories/GHSA-vx74-f528-fxqg
reference_id GHSA-vx74-f528-fxqg
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/advisories/GHSA-vx74-f528-fxqg
259
reference_url https://github.com/advisories/GHSA-xpw8-rcwv-8f8p
reference_id GHSA-xpw8-rcwv-8f8p
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
3
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
4
value MODERATE
scoring_system generic_textual
scoring_elements
5
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/advisories/GHSA-xpw8-rcwv-8f8p
260
reference_url https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p
reference_id GHSA-xpw8-rcwv-8f8p
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p
261
reference_url https://security.gentoo.org/glsa/202408-10
reference_id GLSA-202408-10
reference_type
scores
url https://security.gentoo.org/glsa/202408-10
262
reference_url https://security.gentoo.org/glsa/202412-14
reference_id GLSA-202412-14
reference_type
scores
url https://security.gentoo.org/glsa/202412-14
263
reference_url https://security.gentoo.org/glsa/202505-11
reference_id GLSA-202505-11
reference_type
scores
url https://security.gentoo.org/glsa/202505-11
264
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/
reference_id HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/
265
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/
reference_id KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/
266
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/
reference_id LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/
267
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/
reference_id LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/
268
reference_url https://security.netapp.com/advisory/ntap-20240426-0007/
reference_id ntap-20240426-0007
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://security.netapp.com/advisory/ntap-20240426-0007/
269
reference_url https://security.netapp.com/advisory/ntap-20240621-0007/
reference_id ntap-20240621-0007
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://security.netapp.com/advisory/ntap-20240621-0007/
270
reference_url https://access.redhat.com/errata/RHSA-2023:5006
reference_id RHSA-2023:5006
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5006
271
reference_url https://access.redhat.com/errata/RHSA-2023:5009
reference_id RHSA-2023:5009
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5009
272
reference_url https://access.redhat.com/errata/RHSA-2023:5530
reference_id RHSA-2023:5530
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5530
273
reference_url https://access.redhat.com/errata/RHSA-2023:5541
reference_id RHSA-2023:5541
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5541
274
reference_url https://access.redhat.com/errata/RHSA-2023:5542
reference_id RHSA-2023:5542
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5542
275
reference_url https://access.redhat.com/errata/RHSA-2023:5679
reference_id RHSA-2023:5679
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5679
276
reference_url https://access.redhat.com/errata/RHSA-2023:5705
reference_id RHSA-2023:5705
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5705
277
reference_url https://access.redhat.com/errata/RHSA-2023:5706
reference_id RHSA-2023:5706
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5706
278
reference_url https://access.redhat.com/errata/RHSA-2023:5707
reference_id RHSA-2023:5707
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5707
279
reference_url https://access.redhat.com/errata/RHSA-2023:5708
reference_id RHSA-2023:5708
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5708
280
reference_url https://access.redhat.com/errata/RHSA-2023:5709
reference_id RHSA-2023:5709
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5709
281
reference_url https://access.redhat.com/errata/RHSA-2023:5710
reference_id RHSA-2023:5710
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5710
282
reference_url https://access.redhat.com/errata/RHSA-2023:5711
reference_id RHSA-2023:5711
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5711
283
reference_url https://access.redhat.com/errata/RHSA-2023:5712
reference_id RHSA-2023:5712
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5712
284
reference_url https://access.redhat.com/errata/RHSA-2023:5713
reference_id RHSA-2023:5713
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5713
285
reference_url https://access.redhat.com/errata/RHSA-2023:5714
reference_id RHSA-2023:5714
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5714
286
reference_url https://access.redhat.com/errata/RHSA-2023:5715
reference_id RHSA-2023:5715
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5715
287
reference_url https://access.redhat.com/errata/RHSA-2023:5716
reference_id RHSA-2023:5716
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5716
288
reference_url https://access.redhat.com/errata/RHSA-2023:5717
reference_id RHSA-2023:5717
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5717
289
reference_url https://access.redhat.com/errata/RHSA-2023:5719
reference_id RHSA-2023:5719
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5719
290
reference_url https://access.redhat.com/errata/RHSA-2023:5720
reference_id RHSA-2023:5720
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5720
291
reference_url https://access.redhat.com/errata/RHSA-2023:5721
reference_id RHSA-2023:5721
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5721
292
reference_url https://access.redhat.com/errata/RHSA-2023:5724
reference_id RHSA-2023:5724
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5724
293
reference_url https://access.redhat.com/errata/RHSA-2023:5738
reference_id RHSA-2023:5738
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5738
294
reference_url https://access.redhat.com/errata/RHSA-2023:5749
reference_id RHSA-2023:5749
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5749
295
reference_url https://access.redhat.com/errata/RHSA-2023:5764
reference_id RHSA-2023:5764
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5764
296
reference_url https://access.redhat.com/errata/RHSA-2023:5765
reference_id RHSA-2023:5765
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5765
297
reference_url https://access.redhat.com/errata/RHSA-2023:5766
reference_id RHSA-2023:5766
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5766
298
reference_url https://access.redhat.com/errata/RHSA-2023:5767
reference_id RHSA-2023:5767
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5767
299
reference_url https://access.redhat.com/errata/RHSA-2023:5768
reference_id RHSA-2023:5768
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5768
300
reference_url https://access.redhat.com/errata/RHSA-2023:5769
reference_id RHSA-2023:5769
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5769
301
reference_url https://access.redhat.com/errata/RHSA-2023:5770
reference_id RHSA-2023:5770
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5770
302
reference_url https://access.redhat.com/errata/RHSA-2023:5780
reference_id RHSA-2023:5780
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5780
303
reference_url https://access.redhat.com/errata/RHSA-2023:5783
reference_id RHSA-2023:5783
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5783
304
reference_url https://access.redhat.com/errata/RHSA-2023:5784
reference_id RHSA-2023:5784
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5784
305
reference_url https://access.redhat.com/errata/RHSA-2023:5801
reference_id RHSA-2023:5801
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5801
306
reference_url https://access.redhat.com/errata/RHSA-2023:5802
reference_id RHSA-2023:5802
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5802
307
reference_url https://access.redhat.com/errata/RHSA-2023:5803
reference_id RHSA-2023:5803
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5803
308
reference_url https://access.redhat.com/errata/RHSA-2023:5805
reference_id RHSA-2023:5805
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5805
309
reference_url https://access.redhat.com/errata/RHSA-2023:5835
reference_id RHSA-2023:5835
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5835
310
reference_url https://access.redhat.com/errata/RHSA-2023:5837
reference_id RHSA-2023:5837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5837
311
reference_url https://access.redhat.com/errata/RHSA-2023:5838
reference_id RHSA-2023:5838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5838
312
reference_url https://access.redhat.com/errata/RHSA-2023:5840
reference_id RHSA-2023:5840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5840
313
reference_url https://access.redhat.com/errata/RHSA-2023:5841
reference_id RHSA-2023:5841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5841
314
reference_url https://access.redhat.com/errata/RHSA-2023:5849
reference_id RHSA-2023:5849
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5849
315
reference_url https://access.redhat.com/errata/RHSA-2023:5850
reference_id RHSA-2023:5850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5850
316
reference_url https://access.redhat.com/errata/RHSA-2023:5851
reference_id RHSA-2023:5851
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5851
317
reference_url https://access.redhat.com/errata/RHSA-2023:5863
reference_id RHSA-2023:5863
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5863
318
reference_url https://access.redhat.com/errata/RHSA-2023:5864
reference_id RHSA-2023:5864
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5864
319
reference_url https://access.redhat.com/errata/RHSA-2023:5865
reference_id RHSA-2023:5865
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5865
320
reference_url https://access.redhat.com/errata/RHSA-2023:5866
reference_id RHSA-2023:5866
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5866
321
reference_url https://access.redhat.com/errata/RHSA-2023:5867
reference_id RHSA-2023:5867
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5867
322
reference_url https://access.redhat.com/errata/RHSA-2023:5869
reference_id RHSA-2023:5869
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5869
323
reference_url https://access.redhat.com/errata/RHSA-2023:5896
reference_id RHSA-2023:5896
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5896
324
reference_url https://access.redhat.com/errata/RHSA-2023:5902
reference_id RHSA-2023:5902
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5902
325
reference_url https://access.redhat.com/errata/RHSA-2023:5920
reference_id RHSA-2023:5920
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5920
326
reference_url https://access.redhat.com/errata/RHSA-2023:5922
reference_id RHSA-2023:5922
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5922
327
reference_url https://access.redhat.com/errata/RHSA-2023:5924
reference_id RHSA-2023:5924
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5924
328
reference_url https://access.redhat.com/errata/RHSA-2023:5928
reference_id RHSA-2023:5928
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5928
329
reference_url https://access.redhat.com/errata/RHSA-2023:5929
reference_id RHSA-2023:5929
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5929
330
reference_url https://access.redhat.com/errata/RHSA-2023:5930
reference_id RHSA-2023:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5930
331
reference_url https://access.redhat.com/errata/RHSA-2023:5931
reference_id RHSA-2023:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5931
332
reference_url https://access.redhat.com/errata/RHSA-2023:5933
reference_id RHSA-2023:5933
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5933
333
reference_url https://access.redhat.com/errata/RHSA-2023:5935
reference_id RHSA-2023:5935
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5935
334
reference_url https://access.redhat.com/errata/RHSA-2023:5945
reference_id RHSA-2023:5945
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5945
335
reference_url https://access.redhat.com/errata/RHSA-2023:5946
reference_id RHSA-2023:5946
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5946
336
reference_url https://access.redhat.com/errata/RHSA-2023:5947
reference_id RHSA-2023:5947
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5947
337
reference_url https://access.redhat.com/errata/RHSA-2023:5956
reference_id RHSA-2023:5956
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5956
338
reference_url https://access.redhat.com/errata/RHSA-2023:5964
reference_id RHSA-2023:5964
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5964
339
reference_url https://access.redhat.com/errata/RHSA-2023:5965
reference_id RHSA-2023:5965
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5965
340
reference_url https://access.redhat.com/errata/RHSA-2023:5967
reference_id RHSA-2023:5967
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5967
341
reference_url https://access.redhat.com/errata/RHSA-2023:5969
reference_id RHSA-2023:5969
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5969
342
reference_url https://access.redhat.com/errata/RHSA-2023:5970
reference_id RHSA-2023:5970
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5970
343
reference_url https://access.redhat.com/errata/RHSA-2023:5971
reference_id RHSA-2023:5971
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5971
344
reference_url https://access.redhat.com/errata/RHSA-2023:5973
reference_id RHSA-2023:5973
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5973
345
reference_url https://access.redhat.com/errata/RHSA-2023:5974
reference_id RHSA-2023:5974
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5974
346
reference_url https://access.redhat.com/errata/RHSA-2023:5976
reference_id RHSA-2023:5976
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5976
347
reference_url https://access.redhat.com/errata/RHSA-2023:5978
reference_id RHSA-2023:5978
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5978
348
reference_url https://access.redhat.com/errata/RHSA-2023:5979
reference_id RHSA-2023:5979
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5979
349
reference_url https://access.redhat.com/errata/RHSA-2023:5980
reference_id RHSA-2023:5980
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5980
350
reference_url https://access.redhat.com/errata/RHSA-2023:5982
reference_id RHSA-2023:5982
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5982
351
reference_url https://access.redhat.com/errata/RHSA-2023:5989
reference_id RHSA-2023:5989
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5989
352
reference_url https://access.redhat.com/errata/RHSA-2023:6020
reference_id RHSA-2023:6020
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6020
353
reference_url https://access.redhat.com/errata/RHSA-2023:6021
reference_id RHSA-2023:6021
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6021
354
reference_url https://access.redhat.com/errata/RHSA-2023:6022
reference_id RHSA-2023:6022
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6022
355
reference_url https://access.redhat.com/errata/RHSA-2023:6023
reference_id RHSA-2023:6023
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6023
356
reference_url https://access.redhat.com/errata/RHSA-2023:6030
reference_id RHSA-2023:6030
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6030
357
reference_url https://access.redhat.com/errata/RHSA-2023:6031
reference_id RHSA-2023:6031
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6031
358
reference_url https://access.redhat.com/errata/RHSA-2023:6039
reference_id RHSA-2023:6039
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6039
359
reference_url https://access.redhat.com/errata/RHSA-2023:6040
reference_id RHSA-2023:6040
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6040
360
reference_url https://access.redhat.com/errata/RHSA-2023:6041
reference_id RHSA-2023:6041
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6041
361
reference_url https://access.redhat.com/errata/RHSA-2023:6042
reference_id RHSA-2023:6042
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6042
362
reference_url https://access.redhat.com/errata/RHSA-2023:6048
reference_id RHSA-2023:6048
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6048
363
reference_url https://access.redhat.com/errata/RHSA-2023:6057
reference_id RHSA-2023:6057
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6057
364
reference_url https://access.redhat.com/errata/RHSA-2023:6059
reference_id RHSA-2023:6059
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6059
365
reference_url https://access.redhat.com/errata/RHSA-2023:6061
reference_id RHSA-2023:6061
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6061
366
reference_url https://access.redhat.com/errata/RHSA-2023:6077
reference_id RHSA-2023:6077
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6077
367
reference_url https://access.redhat.com/errata/RHSA-2023:6079
reference_id RHSA-2023:6079
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6079
368
reference_url https://access.redhat.com/errata/RHSA-2023:6080
reference_id RHSA-2023:6080
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6080
369
reference_url https://access.redhat.com/errata/RHSA-2023:6084
reference_id RHSA-2023:6084
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6084
370
reference_url https://access.redhat.com/errata/RHSA-2023:6105
reference_id RHSA-2023:6105
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6105
371
reference_url https://access.redhat.com/errata/RHSA-2023:6106
reference_id RHSA-2023:6106
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6106
372
reference_url https://access.redhat.com/errata/RHSA-2023:6114
reference_id RHSA-2023:6114
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6114
373
reference_url https://access.redhat.com/errata/RHSA-2023:6115
reference_id RHSA-2023:6115
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6115
374
reference_url https://access.redhat.com/errata/RHSA-2023:6117
reference_id RHSA-2023:6117
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6117
375
reference_url https://access.redhat.com/errata/RHSA-2023:6118
reference_id RHSA-2023:6118
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6118
376
reference_url https://access.redhat.com/errata/RHSA-2023:6120
reference_id RHSA-2023:6120
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6120
377
reference_url https://access.redhat.com/errata/RHSA-2023:6129
reference_id RHSA-2023:6129
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6129
378
reference_url https://access.redhat.com/errata/RHSA-2023:6137
reference_id RHSA-2023:6137
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6137
379
reference_url https://access.redhat.com/errata/RHSA-2023:6144
reference_id RHSA-2023:6144
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6144
380
reference_url https://access.redhat.com/errata/RHSA-2023:6154
reference_id RHSA-2023:6154
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6154
381
reference_url https://access.redhat.com/errata/RHSA-2023:6161
reference_id RHSA-2023:6161
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6161
382
reference_url https://access.redhat.com/errata/RHSA-2023:6165
reference_id RHSA-2023:6165
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6165
383
reference_url https://access.redhat.com/errata/RHSA-2023:6179
reference_id RHSA-2023:6179
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6179
384
reference_url https://access.redhat.com/errata/RHSA-2023:6217
reference_id RHSA-2023:6217
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6217
385
reference_url https://access.redhat.com/errata/RHSA-2023:6233
reference_id RHSA-2023:6233
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6233
386
reference_url https://access.redhat.com/errata/RHSA-2023:6235
reference_id RHSA-2023:6235
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6235
387
reference_url https://access.redhat.com/errata/RHSA-2023:6239
reference_id RHSA-2023:6239
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6239
388
reference_url https://access.redhat.com/errata/RHSA-2023:6248
reference_id RHSA-2023:6248
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6248
389
reference_url https://access.redhat.com/errata/RHSA-2023:6251
reference_id RHSA-2023:6251
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6251
390
reference_url https://access.redhat.com/errata/RHSA-2023:6269
reference_id RHSA-2023:6269
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6269
391
reference_url https://access.redhat.com/errata/RHSA-2023:6272
reference_id RHSA-2023:6272
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6272
392
reference_url https://access.redhat.com/errata/RHSA-2023:6280
reference_id RHSA-2023:6280
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6280
393
reference_url https://access.redhat.com/errata/RHSA-2023:6286
reference_id RHSA-2023:6286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6286
394
reference_url https://access.redhat.com/errata/RHSA-2023:6296
reference_id RHSA-2023:6296
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6296
395
reference_url https://access.redhat.com/errata/RHSA-2023:6298
reference_id RHSA-2023:6298
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6298
396
reference_url https://access.redhat.com/errata/RHSA-2023:6305
reference_id RHSA-2023:6305
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6305
397
reference_url https://access.redhat.com/errata/RHSA-2023:6746
reference_id RHSA-2023:6746
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6746
398
reference_url https://access.redhat.com/errata/RHSA-2023:6779
reference_id RHSA-2023:6779
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6779
399
reference_url https://access.redhat.com/errata/RHSA-2023:6781
reference_id RHSA-2023:6781
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6781
400
reference_url https://access.redhat.com/errata/RHSA-2023:6782
reference_id RHSA-2023:6782
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6782
401
reference_url https://access.redhat.com/errata/RHSA-2023:6783
reference_id RHSA-2023:6783
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6783
402
reference_url https://access.redhat.com/errata/RHSA-2023:6784
reference_id RHSA-2023:6784
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6784
403
reference_url https://access.redhat.com/errata/RHSA-2023:6785
reference_id RHSA-2023:6785
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6785
404
reference_url https://access.redhat.com/errata/RHSA-2023:6786
reference_id RHSA-2023:6786
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6786
405
reference_url https://access.redhat.com/errata/RHSA-2023:6787
reference_id RHSA-2023:6787
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6787
406
reference_url https://access.redhat.com/errata/RHSA-2023:6788
reference_id RHSA-2023:6788
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6788
407
reference_url https://access.redhat.com/errata/RHSA-2023:6817
reference_id RHSA-2023:6817
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6817
408
reference_url https://access.redhat.com/errata/RHSA-2023:6818
reference_id RHSA-2023:6818
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6818
409
reference_url https://access.redhat.com/errata/RHSA-2023:6832
reference_id RHSA-2023:6832
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6832
410
reference_url https://access.redhat.com/errata/RHSA-2023:6836
reference_id RHSA-2023:6836
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6836
411
reference_url https://access.redhat.com/errata/RHSA-2023:6837
reference_id RHSA-2023:6837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6837
412
reference_url https://access.redhat.com/errata/RHSA-2023:6839
reference_id RHSA-2023:6839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6839
413
reference_url https://access.redhat.com/errata/RHSA-2023:6840
reference_id RHSA-2023:6840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6840
414
reference_url https://access.redhat.com/errata/RHSA-2023:7198
reference_id RHSA-2023:7198
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7198
415
reference_url https://access.redhat.com/errata/RHSA-2023:7205
reference_id RHSA-2023:7205
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7205
416
reference_url https://access.redhat.com/errata/RHSA-2023:7215
reference_id RHSA-2023:7215
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7215
417
reference_url https://access.redhat.com/errata/RHSA-2023:7218
reference_id RHSA-2023:7218
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7218
418
reference_url https://access.redhat.com/errata/RHSA-2023:7288
reference_id RHSA-2023:7288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7288
419
reference_url https://access.redhat.com/errata/RHSA-2023:7315
reference_id RHSA-2023:7315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7315
420
reference_url https://access.redhat.com/errata/RHSA-2023:7325
reference_id RHSA-2023:7325
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7325
421
reference_url https://access.redhat.com/errata/RHSA-2023:7334
reference_id RHSA-2023:7334
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7334
422
reference_url https://access.redhat.com/errata/RHSA-2023:7335
reference_id RHSA-2023:7335
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7335
423
reference_url https://access.redhat.com/errata/RHSA-2023:7344
reference_id RHSA-2023:7344
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7344
424
reference_url https://access.redhat.com/errata/RHSA-2023:7345
reference_id RHSA-2023:7345
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7345
425
reference_url https://access.redhat.com/errata/RHSA-2023:7481
reference_id RHSA-2023:7481
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7481
426
reference_url https://access.redhat.com/errata/RHSA-2023:7482
reference_id RHSA-2023:7482
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7482
427
reference_url https://access.redhat.com/errata/RHSA-2023:7483
reference_id RHSA-2023:7483
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7483
428
reference_url https://access.redhat.com/errata/RHSA-2023:7484
reference_id RHSA-2023:7484
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7484
429
reference_url https://access.redhat.com/errata/RHSA-2023:7486
reference_id RHSA-2023:7486
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7486
430
reference_url https://access.redhat.com/errata/RHSA-2023:7488
reference_id RHSA-2023:7488
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7488
431
reference_url https://access.redhat.com/errata/RHSA-2023:7521
reference_id RHSA-2023:7521
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7521
432
reference_url https://access.redhat.com/errata/RHSA-2023:7522
reference_id RHSA-2023:7522
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7522
433
reference_url https://access.redhat.com/errata/RHSA-2023:7555
reference_id RHSA-2023:7555
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7555
434
reference_url https://access.redhat.com/errata/RHSA-2023:7587
reference_id RHSA-2023:7587
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7587
435
reference_url https://access.redhat.com/errata/RHSA-2023:7610
reference_id RHSA-2023:7610
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7610
436
reference_url https://access.redhat.com/errata/RHSA-2023:7682
reference_id RHSA-2023:7682
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7682
437
reference_url https://access.redhat.com/errata/RHSA-2023:7687
reference_id RHSA-2023:7687
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7687
438
reference_url https://access.redhat.com/errata/RHSA-2023:7699
reference_id RHSA-2023:7699
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7699
439
reference_url https://access.redhat.com/errata/RHSA-2023:7703
reference_id RHSA-2023:7703
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7703
440
reference_url https://access.redhat.com/errata/RHSA-2023:7704
reference_id RHSA-2023:7704
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7704
441
reference_url https://access.redhat.com/errata/RHSA-2023:7741
reference_id RHSA-2023:7741
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7741
442
reference_url https://access.redhat.com/errata/RHSA-2024:0269
reference_id RHSA-2024:0269
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0269
443
reference_url https://access.redhat.com/errata/RHSA-2024:0302
reference_id RHSA-2024:0302
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0302
444
reference_url https://access.redhat.com/errata/RHSA-2024:0777
reference_id RHSA-2024:0777
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0777
445
reference_url https://access.redhat.com/errata/RHSA-2024:1444
reference_id RHSA-2024:1444
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1444
446
reference_url https://access.redhat.com/errata/RHSA-2024:1770
reference_id RHSA-2024:1770
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1770
447
reference_url https://access.redhat.com/errata/RHSA-2024:2633
reference_id RHSA-2024:2633
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2633
448
reference_url https://access.redhat.com/errata/RHSA-2024:4631
reference_id RHSA-2024:4631
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4631
449
reference_url https://access.redhat.com/errata/RHSA-2025:16668
reference_id RHSA-2025:16668
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:16668
450
reference_url https://usn.ubuntu.com/6427-1/
reference_id USN-6427-1
reference_type
scores
url https://usn.ubuntu.com/6427-1/
451
reference_url https://usn.ubuntu.com/6427-2/
reference_id USN-6427-2
reference_type
scores
url https://usn.ubuntu.com/6427-2/
452
reference_url https://usn.ubuntu.com/6438-1/
reference_id USN-6438-1
reference_type
scores
url https://usn.ubuntu.com/6438-1/
453
reference_url https://usn.ubuntu.com/6505-1/
reference_id USN-6505-1
reference_type
scores
url https://usn.ubuntu.com/6505-1/
454
reference_url https://usn.ubuntu.com/6574-1/
reference_id USN-6574-1
reference_type
scores
url https://usn.ubuntu.com/6574-1/
455
reference_url https://usn.ubuntu.com/6754-1/
reference_id USN-6754-1
reference_type
scores
url https://usn.ubuntu.com/6754-1/
456
reference_url https://usn.ubuntu.com/6994-1/
reference_id USN-6994-1
reference_type
scores
url https://usn.ubuntu.com/6994-1/
457
reference_url https://usn.ubuntu.com/7067-1/
reference_id USN-7067-1
reference_type
scores
url https://usn.ubuntu.com/7067-1/
458
reference_url https://usn.ubuntu.com/7410-1/
reference_id USN-7410-1
reference_type
scores
url https://usn.ubuntu.com/7410-1/
459
reference_url https://usn.ubuntu.com/7469-1/
reference_id USN-7469-1
reference_type
scores
url https://usn.ubuntu.com/7469-1/
460
reference_url https://usn.ubuntu.com/7469-2/
reference_id USN-7469-2
reference_type
scores
url https://usn.ubuntu.com/7469-2/
461
reference_url https://usn.ubuntu.com/7469-3/
reference_id USN-7469-3
reference_type
scores
url https://usn.ubuntu.com/7469-3/
462
reference_url https://usn.ubuntu.com/7469-4/
reference_id USN-7469-4
reference_type
scores
url https://usn.ubuntu.com/7469-4/
463
reference_url https://usn.ubuntu.com/7892-1/
reference_id USN-7892-1
reference_type
scores
url https://usn.ubuntu.com/7892-1/
464
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/
reference_id VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/
465
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/
reference_id VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/
466
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/
reference_id WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/
467
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/
reference_id WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/
468
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/
reference_id X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/
469
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/
reference_id XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/
470
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/
reference_id ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/
471
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/
reference_id ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/
fixed_packages
0
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.94
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.94
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4cag-c4pb-dfaz
1
vulnerability VCID-cfhw-vmcp-y3bc
2
vulnerability VCID-fpgj-82wf-ykbw
3
vulnerability VCID-gyed-x6s8-ybhr
4
vulnerability VCID-vsdf-4tfj-uybe
5
vulnerability VCID-xqjr-7xfw-mbh2
6
vulnerability VCID-zw2q-kna8-mqcm
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.94
1
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.81
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.81
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1e6p-cppr-2bh2
1
vulnerability VCID-2rmy-13ym-3bgm
2
vulnerability VCID-4cag-c4pb-dfaz
3
vulnerability VCID-cfhw-vmcp-y3bc
4
vulnerability VCID-d1fm-vbd1-n7au
5
vulnerability VCID-fpgj-82wf-ykbw
6
vulnerability VCID-gyed-x6s8-ybhr
7
vulnerability VCID-vsdf-4tfj-uybe
8
vulnerability VCID-xqjr-7xfw-mbh2
9
vulnerability VCID-yrzk-1dbk-muhy
10
vulnerability VCID-zw2q-kna8-mqcm
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.81
2
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.14
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.14
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1e6p-cppr-2bh2
1
vulnerability VCID-2rmy-13ym-3bgm
2
vulnerability VCID-4cag-c4pb-dfaz
3
vulnerability VCID-74tx-sx8a-guhs
4
vulnerability VCID-cfhw-vmcp-y3bc
5
vulnerability VCID-d1fm-vbd1-n7au
6
vulnerability VCID-fpgj-82wf-ykbw
7
vulnerability VCID-gyed-x6s8-ybhr
8
vulnerability VCID-vsdf-4tfj-uybe
9
vulnerability VCID-xqjr-7xfw-mbh2
10
vulnerability VCID-zw2q-kna8-mqcm
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.14
3
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@11.0.0-M12
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@11.0.0-M12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1e6p-cppr-2bh2
1
vulnerability VCID-2rmy-13ym-3bgm
2
vulnerability VCID-4cag-c4pb-dfaz
3
vulnerability VCID-74tx-sx8a-guhs
4
vulnerability VCID-cfhw-vmcp-y3bc
5
vulnerability VCID-d1fm-vbd1-n7au
6
vulnerability VCID-fpgj-82wf-ykbw
7
vulnerability VCID-gyed-x6s8-ybhr
8
vulnerability VCID-v7tp-1t4h-zqeg
9
vulnerability VCID-vsdf-4tfj-uybe
10
vulnerability VCID-xqjr-7xfw-mbh2
11
vulnerability VCID-yrzk-1dbk-muhy
12
vulnerability VCID-zw2q-kna8-mqcm
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@11.0.0-M12
aliases CVE-2023-44487, GHSA-2m7v-gc89-fjqf, GHSA-qppj-fm5r-hxr3, GHSA-vx74-f528-fxqg, GHSA-xpw8-rcwv-8f8p, GMS-2023-3377, VSV00013
risk_score 10.0
exploitability 2.0
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5781-s1ny-q7ey
4
url VCID-5etb-njwf-rfdu
vulnerability_id VCID-5etb-njwf-rfdu
summary 
Moderate severity vulnerability that affects org.apache.tomcat.embed:tomcat-embed-core
**Withdrawn:** Duplicate of GHSA-qcxh-w3j9-58qr
references
0
reference_url https://github.com/advisories/GHSA-r53m-pfr5-7v87
reference_id
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-r53m-pfr5-7v87
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-0199
reference_id CVE-2019-0199
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-0199
fixed_packages
0
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.38
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.38
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-39e3-jfbg-s3hk
1
vulnerability VCID-46bv-6b7y-3bca
2
vulnerability VCID-4cag-c4pb-dfaz
3
vulnerability VCID-5781-s1ny-q7ey
4
vulnerability VCID-66kh-s6cr-tqf9
5
vulnerability VCID-a8gk-n8bq-87cp
6
vulnerability VCID-ayrd-8ntf-hkh3
7
vulnerability VCID-dy6m-zt6r-9ubd
8
vulnerability VCID-dzan-r49k-kqab
9
vulnerability VCID-dzpn-w4b3-vbcm
10
vulnerability VCID-fpgj-82wf-ykbw
11
vulnerability VCID-gyed-x6s8-ybhr
12
vulnerability VCID-j6cj-ftyd-3ffa
13
vulnerability VCID-j8tk-s915-pbfy
14
vulnerability VCID-k9cg-ehdw-dbh6
15
vulnerability VCID-kwab-3s4q-eka4
16
vulnerability VCID-n3ab-nk7c-hqc9
17
vulnerability VCID-nmq2-8ysj-4fbc
18
vulnerability VCID-qkx6-32cj-jfbp
19
vulnerability VCID-ran8-rnqn-tkbc
20
vulnerability VCID-ruuh-g3fa-m7d8
21
vulnerability VCID-t2ne-75ck-eqcr
22
vulnerability VCID-v7tp-1t4h-zqeg
23
vulnerability VCID-vsdf-4tfj-uybe
24
vulnerability VCID-xqjr-7xfw-mbh2
25
vulnerability VCID-yfx4-4gsc-2kgh
26
vulnerability VCID-zw2q-kna8-mqcm
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.38
1
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.16
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.16
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1e6p-cppr-2bh2
1
vulnerability VCID-39e3-jfbg-s3hk
2
vulnerability VCID-46bv-6b7y-3bca
3
vulnerability VCID-4cag-c4pb-dfaz
4
vulnerability VCID-5781-s1ny-q7ey
5
vulnerability VCID-66kh-s6cr-tqf9
6
vulnerability VCID-a8gk-n8bq-87cp
7
vulnerability VCID-ayrd-8ntf-hkh3
8
vulnerability VCID-d1fm-vbd1-n7au
9
vulnerability VCID-dy6m-zt6r-9ubd
10
vulnerability VCID-dzan-r49k-kqab
11
vulnerability VCID-dzpn-w4b3-vbcm
12
vulnerability VCID-e7kd-kk57-mkd6
13
vulnerability VCID-fpgj-82wf-ykbw
14
vulnerability VCID-gyed-x6s8-ybhr
15
vulnerability VCID-j6cj-ftyd-3ffa
16
vulnerability VCID-j8tk-s915-pbfy
17
vulnerability VCID-kwab-3s4q-eka4
18
vulnerability VCID-n3ab-nk7c-hqc9
19
vulnerability VCID-nmq2-8ysj-4fbc
20
vulnerability VCID-qkx6-32cj-jfbp
21
vulnerability VCID-ran8-rnqn-tkbc
22
vulnerability VCID-ruuh-g3fa-m7d8
23
vulnerability VCID-t2ne-75ck-eqcr
24
vulnerability VCID-v7tp-1t4h-zqeg
25
vulnerability VCID-vsdf-4tfj-uybe
26
vulnerability VCID-xqjr-7xfw-mbh2
27
vulnerability VCID-yfx4-4gsc-2kgh
28
vulnerability VCID-yrzk-1dbk-muhy
29
vulnerability VCID-zw2q-kna8-mqcm
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.16
aliases GHSA-r53m-pfr5-7v87
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5etb-njwf-rfdu
5
url VCID-66kh-s6cr-tqf9
vulnerability_id VCID-66kh-s6cr-tqf9
summary When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8.5.0 to 8.5.54 and 7.0.0 to 7.0.103 if a) an attacker is able to control the contents and name of a file on the server; and b) the server is configured to use the PersistenceManager with a FileStore; and c) the PersistenceManager is configured with sessionAttributeValueClassNameFilter="null" (the default unless a SecurityManager is used) or a sufficiently lax filter to allow the attacker provided object to be deserialized; and d) the attacker knows the relative file path from the storage location used by FileStore to the file the attacker has control over; then, using a specifically crafted request, the attacker will be able to trigger remote code execution via deserialization of the file under their control. Note that all of conditions a) to d) must be true for the attack to succeed.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00057.html
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00057.html
1
reference_url http://packetstormsecurity.com/files/157924/Apache-Tomcat-CVE-2020-9484-Proof-Of-Concept.html
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://packetstormsecurity.com/files/157924/Apache-Tomcat-CVE-2020-9484-Proof-Of-Concept.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-9484.json
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-9484.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-9484
reference_id
reference_type
scores
0
value 0.93325
scoring_system epss
scoring_elements 0.99809
published_at 2026-04-13T12:55:00Z
1
value 0.93325
scoring_system epss
scoring_elements 0.99808
published_at 2026-04-09T12:55:00Z
2
value 0.93325
scoring_system epss
scoring_elements 0.99806
published_at 2026-04-02T12:55:00Z
3
value 0.93325
scoring_system epss
scoring_elements 0.99807
published_at 2026-04-04T12:55:00Z
4
value 0.93325
scoring_system epss
scoring_elements 0.99811
published_at 2026-04-18T12:55:00Z
5
value 0.93464
scoring_system epss
scoring_elements 0.99828
published_at 2026-05-16T12:55:00Z
6
value 0.93464
scoring_system epss
scoring_elements 0.99827
published_at 2026-05-14T12:55:00Z
7
value 0.93464
scoring_system epss
scoring_elements 0.99826
published_at 2026-05-11T12:55:00Z
8
value 0.93464
scoring_system epss
scoring_elements 0.99825
published_at 2026-04-24T12:55:00Z
9
value 0.93464
scoring_system epss
scoring_elements 0.99824
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-9484
4
reference_url https://bugzilla.suse.com/show_bug.cgi?id=1171928
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.suse.com/show_bug.cgi?id=1171928
5
reference_url http://seclists.org/fulldisclosure/2020/Jun/6
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://seclists.org/fulldisclosure/2020/Jun/6
6
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
7
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
8
reference_url https://github.com/apache/tomcat/commit/3aa8f28db7efb311cdd1b6fe15a9cd3b167a2222
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/3aa8f28db7efb311cdd1b6fe15a9cd3b167a2222
9
reference_url https://github.com/apache/tomcat/commit/3aa8f28db7efb311cdd1b6fe15a9cd3b167a2222.patch
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/3aa8f28db7efb311cdd1b6fe15a9cd3b167a2222.patch
10
reference_url https://github.com/apache/tomcat/commit/4785433a226a20df6acbea49296e1ce7e23de453
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/4785433a226a20df6acbea49296e1ce7e23de453
11
reference_url https://github.com/apache/tomcat/commit/53e30390943c18fca0c9e57dbcc14f1c623cfd06
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/53e30390943c18fca0c9e57dbcc14f1c623cfd06
12
reference_url https://github.com/apache/tomcat/commit/6d66e99ef85da93e4d2c2a536ca51aa3418bfaf4
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/6d66e99ef85da93e4d2c2a536ca51aa3418bfaf4
13
reference_url https://github.com/apache/tomcat/commit/74b105657ffbd1d1de80455f03446c3bbf30d1f5
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/74b105657ffbd1d1de80455f03446c3bbf30d1f5
14
reference_url https://github.com/apache/tomcat/commit/93f0cc403a9210d469afc2bd9cf03ab3251c6f35
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/93f0cc403a9210d469afc2bd9cf03ab3251c6f35
15
reference_url https://github.com/apache/tomcat/commit/bb33048e3f9b4f2b70e4da2e6c4e34ca89023b1b
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/bb33048e3f9b4f2b70e4da2e6c4e34ca89023b1b
16
reference_url https://github.com/apache/tomcat/commit/ec08af18d0f9ddca3f2d800ef66fe7fd20afef2f
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/ec08af18d0f9ddca3f2d800ef66fe7fd20afef2f
17
reference_url https://kc.mcafee.com/corporate/index?page=content&id=SB10332
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://kc.mcafee.com/corporate/index?page=content&id=SB10332
18
reference_url https://lists.apache.org/thread.html/r11ce01e8a4c7269b88f88212f21830edf73558997ac7744f37769b77@%3Cusers.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r11ce01e8a4c7269b88f88212f21830edf73558997ac7744f37769b77@%3Cusers.tomcat.apache.org%3E
19
reference_url https://lists.apache.org/thread.html/r123b3ebe389f46f9d337923f393cdae4d3e9b78d982d706712f0898c@%3Ccommits.tomee.apache.org%3E
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r123b3ebe389f46f9d337923f393cdae4d3e9b78d982d706712f0898c@%3Ccommits.tomee.apache.org%3E
20
reference_url https://lists.apache.org/thread.html/r26950738f4b4ca2d256597cf391d52d3450fa665c297ea5ca38f5469@%3Cusers.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r26950738f4b4ca2d256597cf391d52d3450fa665c297ea5ca38f5469@%3Cusers.tomcat.apache.org%3E
21
reference_url https://lists.apache.org/thread.html/r77eae567ed829da9012cadb29af17f2df8fa23bf66faf88229857bb1%40%3Cannounce.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r77eae567ed829da9012cadb29af17f2df8fa23bf66faf88229857bb1%40%3Cannounce.tomcat.apache.org%3E
22
reference_url https://lists.apache.org/thread.html/r7bc247fffcb1d58415215c861d2354bd653c86266230d78a93c71ae2@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r7bc247fffcb1d58415215c861d2354bd653c86266230d78a93c71ae2@%3Cdev.tomcat.apache.org%3E
23
reference_url https://lists.apache.org/thread.html/r8a2ac0e476dbfc1e6440b09dcc782d444ad635d6da26f0284725a5dc@%3Cusers.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r8a2ac0e476dbfc1e6440b09dcc782d444ad635d6da26f0284725a5dc@%3Cusers.tomcat.apache.org%3E
24
reference_url https://lists.apache.org/thread.html/r8dd19c514face6dd85fd4eab0271854883f40c7307926c1f7cd5400c@%3Ccommits.tomee.apache.org%3E
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r8dd19c514face6dd85fd4eab0271854883f40c7307926c1f7cd5400c@%3Ccommits.tomee.apache.org%3E
25
reference_url https://lists.apache.org/thread.html/raa4123e472175bb052fbba165d37187cea923f755e8f3f30d124cb3f@%3Ccommits.tomee.apache.org%3E
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/raa4123e472175bb052fbba165d37187cea923f755e8f3f30d124cb3f@%3Ccommits.tomee.apache.org%3E
26
reference_url https://lists.apache.org/thread.html/rb1c0fb105ce2b93b7ec6fc1b77dd208022621a91c12d1f580813cfed@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb1c0fb105ce2b93b7ec6fc1b77dd208022621a91c12d1f580813cfed@%3Cdev.tomcat.apache.org%3E
27
reference_url https://lists.apache.org/thread.html/rb51ccd58b2152fc75125b2406fc93e04ca9d34e737263faa6ff0f41f@%3Cusers.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb51ccd58b2152fc75125b2406fc93e04ca9d34e737263faa6ff0f41f@%3Cusers.tomcat.apache.org%3E
28
reference_url https://lists.apache.org/thread.html/rc1778b38e74b5b6142414d57623bd55b023a72361f422836782fca3c@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rc1778b38e74b5b6142414d57623bd55b023a72361f422836782fca3c@%3Cdev.tomcat.apache.org%3E
29
reference_url https://lists.apache.org/thread.html/rc8473b08abdf3c16494ed817bec1717a0ee0c8080315bc27db5f21c3@%3Ccommits.tomee.apache.org%3E
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rc8473b08abdf3c16494ed817bec1717a0ee0c8080315bc27db5f21c3@%3Ccommits.tomee.apache.org%3E
30
reference_url https://lists.apache.org/thread.html/rf59c72572b9fee674a5d5cc6afeca4ffc3918a02c354a81cc50b7119@%3Ccommits.tomee.apache.org%3E
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rf59c72572b9fee674a5d5cc6afeca4ffc3918a02c354a81cc50b7119@%3Ccommits.tomee.apache.org%3E
31
reference_url https://lists.apache.org/thread.html/rf6d5d57b114678d8898005faef31e9fd6d7c981fcc4ccfc3bc272fc9@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rf6d5d57b114678d8898005faef31e9fd6d7c981fcc4ccfc3bc272fc9@%3Cdev.tomcat.apache.org%3E
32
reference_url https://lists.apache.org/thread.html/rf70f53af27e04869bdac18b1fc14a3ee529e59eb12292c8791a77926@%3Cusers.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rf70f53af27e04869bdac18b1fc14a3ee529e59eb12292c8791a77926@%3Cusers.tomcat.apache.org%3E
33
reference_url https://lists.apache.org/thread.html/rfe62fbf9d4c314f166fe8c668e50e5d9dd882a99447f26f0367474bf@%3Cannounce.apache.org%3E
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rfe62fbf9d4c314f166fe8c668e50e5d9dd882a99447f26f0367474bf@%3Cannounce.apache.org%3E
34
reference_url https://lists.apache.org/thread.html/rfe62fbf9d4c314f166fe8c668e50e5d9dd882a99447f26f0367474bf@%3Cannounce.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rfe62fbf9d4c314f166fe8c668e50e5d9dd882a99447f26f0367474bf@%3Cannounce.tomcat.apache.org%3E
35
reference_url https://lists.apache.org/thread.html/rfe62fbf9d4c314f166fe8c668e50e5d9dd882a99447f26f0367474bf@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rfe62fbf9d4c314f166fe8c668e50e5d9dd882a99447f26f0367474bf@%3Cdev.tomcat.apache.org%3E
36
reference_url https://lists.apache.org/thread.html/rfe62fbf9d4c314f166fe8c668e50e5d9dd882a99447f26f0367474bf@%3Cusers.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rfe62fbf9d4c314f166fe8c668e50e5d9dd882a99447f26f0367474bf@%3Cusers.tomcat.apache.org%3E
37
reference_url https://lists.debian.org/debian-lts-announce/2020/05/msg00020.html
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2020/05/msg00020.html
38
reference_url https://lists.debian.org/debian-lts-announce/2020/05/msg00026.html
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2020/05/msg00026.html
39
reference_url https://lists.debian.org/debian-lts-announce/2020/07/msg00010.html
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2020/07/msg00010.html
40
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GIQHXENTLYUNOES4LXVNJ2NCUQQRF5VJ
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GIQHXENTLYUNOES4LXVNJ2NCUQQRF5VJ
41
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WJ7XHKWJWDNWXUJH6UB7CLIW4TWOZ26N
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WJ7XHKWJWDNWXUJH6UB7CLIW4TWOZ26N
42
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-9484
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-9484
43
reference_url https://security.gentoo.org/glsa/202006-21
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202006-21
44
reference_url https://security.netapp.com/advisory/ntap-20200528-0005
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20200528-0005
45
reference_url https://tomcat.apache.org/security-10.html
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-10.html
46
reference_url https://tomcat.apache.org/security-7.html
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-7.html
47
reference_url https://tomcat.apache.org/security-8.html
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-8.html
48
reference_url https://tomcat.apache.org/security-9.html
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-9.html
49
reference_url https://usn.ubuntu.com/4448-1
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/4448-1
50
reference_url https://usn.ubuntu.com/4596-1
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/4596-1
51
reference_url https://www.debian.org/security/2020/dsa-4727
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2020/dsa-4727
52
reference_url https://www.oracle.com/security-alerts/cpuApr2021.html
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuApr2021.html
53
reference_url https://www.oracle.com/security-alerts/cpujan2021.html
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujan2021.html
54
reference_url https://www.oracle.com/security-alerts/cpujan2022.html
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujan2022.html
55
reference_url https://www.oracle.com/security-alerts/cpujul2020.html
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujul2020.html
56
reference_url https://www.oracle.com//security-alerts/cpujul2021.html
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com//security-alerts/cpujul2021.html
57
reference_url https://www.oracle.com/security-alerts/cpujul2022.html
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujul2022.html
58
reference_url https://www.oracle.com/security-alerts/cpuoct2020.html
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuoct2020.html
59
reference_url https://www.oracle.com/security-alerts/cpuoct2021.html
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuoct2021.html
60
reference_url http://www.openwall.com/lists/oss-security/2021/03/01/2
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2021/03/01/2
61
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1838332
reference_id 1838332
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1838332
62
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961209
reference_id 961209
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961209
63
reference_url https://security.archlinux.org/ASA-202006-7
reference_id ASA-202006-7
reference_type
scores
url https://security.archlinux.org/ASA-202006-7
64
reference_url https://security.archlinux.org/AVG-1171
reference_id AVG-1171
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1171
65
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9484
reference_id CVE-2020-9484
reference_type
scores
0
value High
scoring_system apache_tomcat
scoring_elements
1
value Important
scoring_system apache_tomcat
scoring_elements
2
value Low
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9484
66
reference_url https://github.com/advisories/GHSA-344f-f5vg-2jfj
reference_id GHSA-344f-f5vg-2jfj
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-344f-f5vg-2jfj
67
reference_url https://access.redhat.com/errata/RHSA-2020:2483
reference_id RHSA-2020:2483
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2483
68
reference_url https://access.redhat.com/errata/RHSA-2020:2487
reference_id RHSA-2020:2487
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2487
69
reference_url https://access.redhat.com/errata/RHSA-2020:2506
reference_id RHSA-2020:2506
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2506
70
reference_url https://access.redhat.com/errata/RHSA-2020:2509
reference_id RHSA-2020:2509
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2509
71
reference_url https://access.redhat.com/errata/RHSA-2020:2529
reference_id RHSA-2020:2529
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2529
72
reference_url https://access.redhat.com/errata/RHSA-2020:2530
reference_id RHSA-2020:2530
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2530
73
reference_url https://access.redhat.com/errata/RHSA-2020:3017
reference_id RHSA-2020:3017
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3017
74
reference_url https://access.redhat.com/errata/RHSA-2022:5532
reference_id RHSA-2022:5532
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5532
75
reference_url https://usn.ubuntu.com/5360-1/
reference_id USN-5360-1
reference_type
scores
url https://usn.ubuntu.com/5360-1/
76
reference_url https://usn.ubuntu.com/6908-1/
reference_id USN-6908-1
reference_type
scores
url https://usn.ubuntu.com/6908-1/
77
reference_url https://usn.ubuntu.com/6943-1/
reference_id USN-6943-1
reference_type
scores
url https://usn.ubuntu.com/6943-1/
fixed_packages
0
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.55
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.55
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-46bv-6b7y-3bca
1
vulnerability VCID-4cag-c4pb-dfaz
2
vulnerability VCID-5781-s1ny-q7ey
3
vulnerability VCID-a8gk-n8bq-87cp
4
vulnerability VCID-ayrd-8ntf-hkh3
5
vulnerability VCID-dy6m-zt6r-9ubd
6
vulnerability VCID-dzan-r49k-kqab
7
vulnerability VCID-fpgj-82wf-ykbw
8
vulnerability VCID-gyed-x6s8-ybhr
9
vulnerability VCID-j6cj-ftyd-3ffa
10
vulnerability VCID-j8tk-s915-pbfy
11
vulnerability VCID-k9cg-ehdw-dbh6
12
vulnerability VCID-kwab-3s4q-eka4
13
vulnerability VCID-n3ab-nk7c-hqc9
14
vulnerability VCID-nmq2-8ysj-4fbc
15
vulnerability VCID-p8q2-pt96-5ye8
16
vulnerability VCID-qkx6-32cj-jfbp
17
vulnerability VCID-ran8-rnqn-tkbc
18
vulnerability VCID-t2ne-75ck-eqcr
19
vulnerability VCID-v7tp-1t4h-zqeg
20
vulnerability VCID-vsdf-4tfj-uybe
21
vulnerability VCID-xqjr-7xfw-mbh2
22
vulnerability VCID-zw2q-kna8-mqcm
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.55
1
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.35
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.35
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1e6p-cppr-2bh2
1
vulnerability VCID-46bv-6b7y-3bca
2
vulnerability VCID-4cag-c4pb-dfaz
3
vulnerability VCID-5781-s1ny-q7ey
4
vulnerability VCID-a8gk-n8bq-87cp
5
vulnerability VCID-d1fm-vbd1-n7au
6
vulnerability VCID-dy6m-zt6r-9ubd
7
vulnerability VCID-dzan-r49k-kqab
8
vulnerability VCID-fpgj-82wf-ykbw
9
vulnerability VCID-gyed-x6s8-ybhr
10
vulnerability VCID-j6cj-ftyd-3ffa
11
vulnerability VCID-j8tk-s915-pbfy
12
vulnerability VCID-kwab-3s4q-eka4
13
vulnerability VCID-n3ab-nk7c-hqc9
14
vulnerability VCID-nmq2-8ysj-4fbc
15
vulnerability VCID-p8q2-pt96-5ye8
16
vulnerability VCID-qkx6-32cj-jfbp
17
vulnerability VCID-ran8-rnqn-tkbc
18
vulnerability VCID-t2ne-75ck-eqcr
19
vulnerability VCID-v7tp-1t4h-zqeg
20
vulnerability VCID-vsdf-4tfj-uybe
21
vulnerability VCID-xqjr-7xfw-mbh2
22
vulnerability VCID-yrzk-1dbk-muhy
23
vulnerability VCID-zw2q-kna8-mqcm
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.35
2
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.0.0-M5
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.0.0-M5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-a8gk-n8bq-87cp
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.0.0-M5
aliases CVE-2020-9484, GHSA-344f-f5vg-2jfj
risk_score 10.0
exploitability 2.0
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-66kh-s6cr-tqf9
6
url VCID-a8gk-n8bq-87cp
vulnerability_id VCID-a8gk-n8bq-87cp
summary When serving resources from a network location using the NTFS file system, Apache Tomcat versions 10.0.0-M1 to 10.0.0-M9, 9.0.0.M1 to 9.0.39, 8.5.0 to 8.5.59 and 7.0.0 to 7.0.106 were susceptible to JSP source code disclosure in some configurations. The root cause was the unexpected behaviour of the JRE API File.getCanonicalPath() which in turn was caused by the inconsistent behaviour of the Windows API (FindFirstFileW) in some circumstances.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-24122.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-24122.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-24122
reference_id
reference_type
scores
0
value 0.52591
scoring_system epss
scoring_elements 0.97947
published_at 2026-04-21T12:55:00Z
1
value 0.52591
scoring_system epss
scoring_elements 0.9794
published_at 2026-04-12T12:55:00Z
2
value 0.52591
scoring_system epss
scoring_elements 0.97938
published_at 2026-04-11T12:55:00Z
3
value 0.52591
scoring_system epss
scoring_elements 0.97935
published_at 2026-04-09T12:55:00Z
4
value 0.52591
scoring_system epss
scoring_elements 0.97932
published_at 2026-04-08T12:55:00Z
5
value 0.52591
scoring_system epss
scoring_elements 0.97927
published_at 2026-04-07T12:55:00Z
6
value 0.52591
scoring_system epss
scoring_elements 0.97924
published_at 2026-04-04T12:55:00Z
7
value 0.52591
scoring_system epss
scoring_elements 0.97922
published_at 2026-04-02T12:55:00Z
8
value 0.52591
scoring_system epss
scoring_elements 0.97919
published_at 2026-04-01T12:55:00Z
9
value 0.52591
scoring_system epss
scoring_elements 0.9796
published_at 2026-05-09T12:55:00Z
10
value 0.52591
scoring_system epss
scoring_elements 0.97956
published_at 2026-05-07T12:55:00Z
11
value 0.52591
scoring_system epss
scoring_elements 0.97959
published_at 2026-05-05T12:55:00Z
12
value 0.52591
scoring_system epss
scoring_elements 0.97953
published_at 2026-04-29T12:55:00Z
13
value 0.52591
scoring_system epss
scoring_elements 0.97948
published_at 2026-04-26T12:55:00Z
14
value 0.52591
scoring_system epss
scoring_elements 0.97946
published_at 2026-04-24T12:55:00Z
15
value 0.52591
scoring_system epss
scoring_elements 0.97949
published_at 2026-04-18T12:55:00Z
16
value 0.52591
scoring_system epss
scoring_elements 0.97941
published_at 2026-04-13T12:55:00Z
17
value 0.5976
scoring_system epss
scoring_elements 0.98281
published_at 2026-05-16T12:55:00Z
18
value 0.5976
scoring_system epss
scoring_elements 0.98278
published_at 2026-05-11T12:55:00Z
19
value 0.5976
scoring_system epss
scoring_elements 0.98283
published_at 2026-05-15T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-24122
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
4
reference_url https://github.com/apache/tomcat/commit/7f004ac4531c45f9a2a2d1470561fe135cf27bc2
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/7f004ac4531c45f9a2a2d1470561fe135cf27bc2
5
reference_url https://github.com/apache/tomcat/commit/800b03140e640f8892f27021e681645e8e320177
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/800b03140e640f8892f27021e681645e8e320177
6
reference_url https://github.com/apache/tomcat/commit/920dddbdb981f92e8d5872a4bb126a10af5ca8a9
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/920dddbdb981f92e8d5872a4bb126a10af5ca8a9
7
reference_url https://github.com/apache/tomcat/commit/935fc5582dc25ae10bab6f9d5629ff8d996cb533
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/935fc5582dc25ae10bab6f9d5629ff8d996cb533
8
reference_url https://lists.apache.org/thread.html/r1595889b083e05986f42b944dc43060d6b083022260b6ea64d2cec52@%3Cannounce.apache.org%3E
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r1595889b083e05986f42b944dc43060d6b083022260b6ea64d2cec52@%3Cannounce.apache.org%3E
9
reference_url https://lists.apache.org/thread.html/r1595889b083e05986f42b944dc43060d6b083022260b6ea64d2cec52@%3Cannounce.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r1595889b083e05986f42b944dc43060d6b083022260b6ea64d2cec52@%3Cannounce.tomcat.apache.org%3E
10
reference_url https://lists.apache.org/thread.html/r1595889b083e05986f42b944dc43060d6b083022260b6ea64d2cec52%40%3Cannounce.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r1595889b083e05986f42b944dc43060d6b083022260b6ea64d2cec52%40%3Cannounce.tomcat.apache.org%3E
11
reference_url https://lists.apache.org/thread.html/r7382e1e35b9bc7c8f320b90ad77e74c13172d08034e20c18000fe710@%3Cdev.tomee.apache.org%3E
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r7382e1e35b9bc7c8f320b90ad77e74c13172d08034e20c18000fe710@%3Cdev.tomee.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/r776c64337495bf28b7d5597268114a888e3fad6045c40a0da0c66d4d@%3Cdev.tomee.apache.org%3E
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r776c64337495bf28b7d5597268114a888e3fad6045c40a0da0c66d4d@%3Cdev.tomee.apache.org%3E
13
reference_url https://lists.apache.org/thread.html/r7e0bb9ea415724550e2b325e143b23e269579e54d66fcd7754bd0c20@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r7e0bb9ea415724550e2b325e143b23e269579e54d66fcd7754bd0c20@%3Cdev.tomcat.apache.org%3E
14
reference_url https://lists.apache.org/thread.html/rb32a73b7cb919d4f44a2596b6b951274c0004fc8b0e393d6829a45f9@%3Cusers.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb32a73b7cb919d4f44a2596b6b951274c0004fc8b0e393d6829a45f9@%3Cusers.tomcat.apache.org%3E
15
reference_url https://lists.apache.org/thread.html/rca833c6d42b7b9ce1563488c0929f29fcc95947d86e5e740258c8937@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rca833c6d42b7b9ce1563488c0929f29fcc95947d86e5e740258c8937@%3Cdev.tomcat.apache.org%3E
16
reference_url https://lists.debian.org/debian-lts-announce/2021/03/msg00018.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2021/03/msg00018.html
17
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-24122
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-24122
18
reference_url https://security.netapp.com/advisory/ntap-20210212-0008
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20210212-0008
19
reference_url https://tomcat.apache.org/security-10.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-10.html
20
reference_url https://tomcat.apache.org/security-7.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-7.html
21
reference_url https://tomcat.apache.org/security-8.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-8.html
22
reference_url https://tomcat.apache.org/security-9.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-9.html
23
reference_url https://www.oracle.com//security-alerts/cpujul2021.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com//security-alerts/cpujul2021.html
24
reference_url http://www.openwall.com/lists/oss-security/2021/01/14/1
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2021/01/14/1
25
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1917209
reference_id 1917209
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1917209
26
reference_url https://security.archlinux.org/AVG-1452
reference_id AVG-1452
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1452
27
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24122
reference_id CVE-2021-24122
reference_type
scores
0
value Important
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24122
28
reference_url https://github.com/advisories/GHSA-2rvv-w9r2-rg7m
reference_id GHSA-2rvv-w9r2-rg7m
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-2rvv-w9r2-rg7m
29
reference_url https://access.redhat.com/errata/RHSA-2021:0494
reference_id RHSA-2021:0494
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0494
30
reference_url https://access.redhat.com/errata/RHSA-2021:0495
reference_id RHSA-2021:0495
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0495
31
reference_url https://access.redhat.com/errata/RHSA-2021:3425
reference_id RHSA-2021:3425
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3425
32
reference_url https://access.redhat.com/errata/RHSA-2022:5532
reference_id RHSA-2022:5532
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5532
fixed_packages
0
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.60
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.60
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4cag-c4pb-dfaz
1
vulnerability VCID-5781-s1ny-q7ey
2
vulnerability VCID-ayrd-8ntf-hkh3
3
vulnerability VCID-cfhw-vmcp-y3bc
4
vulnerability VCID-dy6m-zt6r-9ubd
5
vulnerability VCID-fpgj-82wf-ykbw
6
vulnerability VCID-gyed-x6s8-ybhr
7
vulnerability VCID-j6cj-ftyd-3ffa
8
vulnerability VCID-j8tk-s915-pbfy
9
vulnerability VCID-k9cg-ehdw-dbh6
10
vulnerability VCID-kwab-3s4q-eka4
11
vulnerability VCID-n3ab-nk7c-hqc9
12
vulnerability VCID-nmq2-8ysj-4fbc
13
vulnerability VCID-p8q2-pt96-5ye8
14
vulnerability VCID-qkx6-32cj-jfbp
15
vulnerability VCID-t2ne-75ck-eqcr
16
vulnerability VCID-v7tp-1t4h-zqeg
17
vulnerability VCID-vsdf-4tfj-uybe
18
vulnerability VCID-wptr-hkjx-s7c3
19
vulnerability VCID-xqjr-7xfw-mbh2
20
vulnerability VCID-zw2q-kna8-mqcm
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.60
1
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.40
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.40
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1e6p-cppr-2bh2
1
vulnerability VCID-2rmy-13ym-3bgm
2
vulnerability VCID-4cag-c4pb-dfaz
3
vulnerability VCID-5781-s1ny-q7ey
4
vulnerability VCID-cfhw-vmcp-y3bc
5
vulnerability VCID-d1fm-vbd1-n7au
6
vulnerability VCID-dy6m-zt6r-9ubd
7
vulnerability VCID-fpgj-82wf-ykbw
8
vulnerability VCID-gyed-x6s8-ybhr
9
vulnerability VCID-j6cj-ftyd-3ffa
10
vulnerability VCID-j8tk-s915-pbfy
11
vulnerability VCID-kwab-3s4q-eka4
12
vulnerability VCID-n3ab-nk7c-hqc9
13
vulnerability VCID-nmq2-8ysj-4fbc
14
vulnerability VCID-p8q2-pt96-5ye8
15
vulnerability VCID-qkx6-32cj-jfbp
16
vulnerability VCID-stds-vw5z-auhp
17
vulnerability VCID-t2ne-75ck-eqcr
18
vulnerability VCID-v7tp-1t4h-zqeg
19
vulnerability VCID-vsdf-4tfj-uybe
20
vulnerability VCID-wptr-hkjx-s7c3
21
vulnerability VCID-xqjr-7xfw-mbh2
22
vulnerability VCID-yrzk-1dbk-muhy
23
vulnerability VCID-zw2q-kna8-mqcm
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.40
2
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.0.0-M10
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.0.0-M10
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.0.0-M10
aliases CVE-2021-24122, GHSA-2rvv-w9r2-rg7m
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a8gk-n8bq-87cp
7
url VCID-ayrd-8ntf-hkh3
vulnerability_id VCID-ayrd-8ntf-hkh3
summary If a web application sends a WebSocket message concurrently with the WebSocket connection closing when running on Apache Tomcat 8.5.0 to 8.5.75 or Apache Tomcat 9.0.0.M1 to 9.0.20, it is possible that the application will continue to use the socket after it has been closed. The error handling triggered in this case could cause the a pooled object to be placed in the pool twice. This could result in subsequent connections using the same object concurrently which could result in data being returned to the wrong use and/or other errors.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-25762.json
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-25762.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-25762
reference_id
reference_type
scores
0
value 0.00646
scoring_system epss
scoring_elements 0.70921
published_at 2026-05-16T12:55:00Z
1
value 0.00646
scoring_system epss
scoring_elements 0.70696
published_at 2026-04-13T12:55:00Z
2
value 0.00646
scoring_system epss
scoring_elements 0.70742
published_at 2026-04-16T12:55:00Z
3
value 0.00646
scoring_system epss
scoring_elements 0.70749
published_at 2026-04-18T12:55:00Z
4
value 0.00646
scoring_system epss
scoring_elements 0.70727
published_at 2026-04-21T12:55:00Z
5
value 0.00646
scoring_system epss
scoring_elements 0.7078
published_at 2026-04-24T12:55:00Z
6
value 0.00646
scoring_system epss
scoring_elements 0.7079
published_at 2026-04-29T12:55:00Z
7
value 0.00646
scoring_system epss
scoring_elements 0.70773
published_at 2026-05-05T12:55:00Z
8
value 0.00646
scoring_system epss
scoring_elements 0.70814
published_at 2026-05-07T12:55:00Z
9
value 0.00646
scoring_system epss
scoring_elements 0.7085
published_at 2026-05-09T12:55:00Z
10
value 0.00646
scoring_system epss
scoring_elements 0.70815
published_at 2026-05-11T12:55:00Z
11
value 0.00646
scoring_system epss
scoring_elements 0.70843
published_at 2026-05-12T12:55:00Z
12
value 0.00646
scoring_system epss
scoring_elements 0.70897
published_at 2026-05-14T12:55:00Z
13
value 0.00646
scoring_system epss
scoring_elements 0.70908
published_at 2026-05-15T12:55:00Z
14
value 0.00646
scoring_system epss
scoring_elements 0.70648
published_at 2026-04-02T12:55:00Z
15
value 0.00646
scoring_system epss
scoring_elements 0.70667
published_at 2026-04-04T12:55:00Z
16
value 0.00646
scoring_system epss
scoring_elements 0.70644
published_at 2026-04-07T12:55:00Z
17
value 0.00646
scoring_system epss
scoring_elements 0.70689
published_at 2026-04-08T12:55:00Z
18
value 0.00646
scoring_system epss
scoring_elements 0.70705
published_at 2026-04-09T12:55:00Z
19
value 0.00646
scoring_system epss
scoring_elements 0.70728
published_at 2026-04-11T12:55:00Z
20
value 0.00646
scoring_system epss
scoring_elements 0.70711
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-25762
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
4
reference_url https://github.com/apache/tomcat/commit/01f2cf25b270a84d0daeefc4f215aa2f56e1df99
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/01f2cf25b270a84d0daeefc4f215aa2f56e1df99
5
reference_url https://github.com/apache/tomcat/commit/339b40bc07bdba9ded565929b9a3448c5a78f015
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/339b40bc07bdba9ded565929b9a3448c5a78f015
6
reference_url https://github.com/apache/tomcat/commit/65fb1ee548111021edde247f3b3c409ec95a5183
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/65fb1ee548111021edde247f3b3c409ec95a5183
7
reference_url https://github.com/apache/tomcat/commit/7046644bf361b89afc246b6643e24ce2ae60cacc
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/7046644bf361b89afc246b6643e24ce2ae60cacc
8
reference_url https://github.com/apache/tomcat/commit/e2d5a040b962a904db5264b3cb3282c6b05f823c
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/e2d5a040b962a904db5264b3cb3282c6b05f823c
9
reference_url https://lists.apache.org/thread/6ckmjfb1k61dyzkto9vm2k5jvt4o7w7c
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread/6ckmjfb1k61dyzkto9vm2k5jvt4o7w7c
10
reference_url https://security.netapp.com/advisory/ntap-20220629-0003
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20220629-0003
11
reference_url https://security.netapp.com/advisory/ntap-20220629-0003/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20220629-0003/
12
reference_url https://www.oracle.com/security-alerts/cpujul2022.html
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujul2022.html
13
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2085304
reference_id 2085304
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2085304
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25762
reference_id CVE-2022-25762
reference_type
scores
0
value Important
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25762
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-25762
reference_id CVE-2022-25762
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-25762
16
reference_url https://github.com/advisories/GHSA-h3ch-5pp2-vh6w
reference_id GHSA-h3ch-5pp2-vh6w
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-h3ch-5pp2-vh6w
17
reference_url https://access.redhat.com/errata/RHSA-2020:4847
reference_id RHSA-2020:4847
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4847
fixed_packages
0
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.75
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.75
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4cag-c4pb-dfaz
1
vulnerability VCID-5781-s1ny-q7ey
2
vulnerability VCID-cfhw-vmcp-y3bc
3
vulnerability VCID-fpgj-82wf-ykbw
4
vulnerability VCID-gyed-x6s8-ybhr
5
vulnerability VCID-j6cj-ftyd-3ffa
6
vulnerability VCID-j8tk-s915-pbfy
7
vulnerability VCID-nmq2-8ysj-4fbc
8
vulnerability VCID-p8q2-pt96-5ye8
9
vulnerability VCID-qkx6-32cj-jfbp
10
vulnerability VCID-v7tp-1t4h-zqeg
11
vulnerability VCID-vsdf-4tfj-uybe
12
vulnerability VCID-xqjr-7xfw-mbh2
13
vulnerability VCID-zw2q-kna8-mqcm
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.75
1
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.20
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.20
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1e6p-cppr-2bh2
1
vulnerability VCID-46bv-6b7y-3bca
2
vulnerability VCID-4cag-c4pb-dfaz
3
vulnerability VCID-5781-s1ny-q7ey
4
vulnerability VCID-66kh-s6cr-tqf9
5
vulnerability VCID-a8gk-n8bq-87cp
6
vulnerability VCID-d1fm-vbd1-n7au
7
vulnerability VCID-dy6m-zt6r-9ubd
8
vulnerability VCID-dzan-r49k-kqab
9
vulnerability VCID-dzpn-w4b3-vbcm
10
vulnerability VCID-e7kd-kk57-mkd6
11
vulnerability VCID-fpgj-82wf-ykbw
12
vulnerability VCID-gyed-x6s8-ybhr
13
vulnerability VCID-j6cj-ftyd-3ffa
14
vulnerability VCID-j8tk-s915-pbfy
15
vulnerability VCID-kwab-3s4q-eka4
16
vulnerability VCID-n3ab-nk7c-hqc9
17
vulnerability VCID-nmq2-8ysj-4fbc
18
vulnerability VCID-qkx6-32cj-jfbp
19
vulnerability VCID-ran8-rnqn-tkbc
20
vulnerability VCID-ruuh-g3fa-m7d8
21
vulnerability VCID-t2ne-75ck-eqcr
22
vulnerability VCID-v7tp-1t4h-zqeg
23
vulnerability VCID-vsdf-4tfj-uybe
24
vulnerability VCID-xqjr-7xfw-mbh2
25
vulnerability VCID-yfx4-4gsc-2kgh
26
vulnerability VCID-yrzk-1dbk-muhy
27
vulnerability VCID-zw2q-kna8-mqcm
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.20
aliases CVE-2022-25762, GHSA-h3ch-5pp2-vh6w
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ayrd-8ntf-hkh3
8
url VCID-dy6m-zt6r-9ubd
vulnerability_id VCID-dy6m-zt6r-9ubd
summary Apache Tomcat 8.5.0 to 8.5.63, 9.0.0-M1 to 9.0.43 and 10.0.0-M1 to 10.0.2 did not properly validate incoming TLS packets. When Tomcat was configured to use NIO+OpenSSL or NIO2+OpenSSL for TLS, a specially crafted packet could be used to trigger an infinite loop resulting in a denial of service.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-41079.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-41079.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-41079
reference_id
reference_type
scores
0
value 0.00103
scoring_system epss
scoring_elements 0.27751
published_at 2026-05-16T12:55:00Z
1
value 0.00103
scoring_system epss
scoring_elements 0.27772
published_at 2026-05-15T12:55:00Z
2
value 0.00103
scoring_system epss
scoring_elements 0.27753
published_at 2026-05-14T12:55:00Z
3
value 0.00103
scoring_system epss
scoring_elements 0.27675
published_at 2026-05-12T12:55:00Z
4
value 0.00103
scoring_system epss
scoring_elements 0.27659
published_at 2026-05-11T12:55:00Z
5
value 0.00103
scoring_system epss
scoring_elements 0.2774
published_at 2026-05-09T12:55:00Z
6
value 0.00103
scoring_system epss
scoring_elements 0.27718
published_at 2026-05-07T12:55:00Z
7
value 0.00103
scoring_system epss
scoring_elements 0.27655
published_at 2026-05-05T12:55:00Z
8
value 0.00103
scoring_system epss
scoring_elements 0.28133
published_at 2026-04-07T12:55:00Z
9
value 0.00103
scoring_system epss
scoring_elements 0.28242
published_at 2026-04-09T12:55:00Z
10
value 0.00103
scoring_system epss
scoring_elements 0.28227
published_at 2026-04-01T12:55:00Z
11
value 0.00103
scoring_system epss
scoring_elements 0.28298
published_at 2026-04-02T12:55:00Z
12
value 0.00103
scoring_system epss
scoring_elements 0.28342
published_at 2026-04-04T12:55:00Z
13
value 0.00103
scoring_system epss
scoring_elements 0.28199
published_at 2026-04-08T12:55:00Z
14
value 0.00103
scoring_system epss
scoring_elements 0.28098
published_at 2026-04-21T12:55:00Z
15
value 0.00103
scoring_system epss
scoring_elements 0.28141
published_at 2026-04-18T12:55:00Z
16
value 0.00103
scoring_system epss
scoring_elements 0.2816
published_at 2026-04-16T12:55:00Z
17
value 0.00103
scoring_system epss
scoring_elements 0.28148
published_at 2026-04-13T12:55:00Z
18
value 0.00103
scoring_system epss
scoring_elements 0.28206
published_at 2026-04-12T12:55:00Z
19
value 0.00103
scoring_system epss
scoring_elements 0.28249
published_at 2026-04-11T12:55:00Z
20
value 0.00112
scoring_system epss
scoring_elements 0.29419
published_at 2026-04-26T12:55:00Z
21
value 0.00112
scoring_system epss
scoring_elements 0.29532
published_at 2026-04-24T12:55:00Z
22
value 0.00112
scoring_system epss
scoring_elements 0.29355
published_at 2026-04-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-41079
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
4
reference_url https://github.com/apache/tomcat/commit/34115fb3c83f6cd97772232316a492a4cc5729e0
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/34115fb3c83f6cd97772232316a492a4cc5729e0
5
reference_url https://github.com/apache/tomcat/commit/b90d4fc1ff44f30e4b3aba622ba6677e3f003822
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/b90d4fc1ff44f30e4b3aba622ba6677e3f003822
6
reference_url https://github.com/apache/tomcat/commit/d4b340fa8feaf55831f9a59350578f7b6ca048b8
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/d4b340fa8feaf55831f9a59350578f7b6ca048b8
7
reference_url https://lists.apache.org/thread.html/r6b6b674e3f168dd010e67dbe6848b866e2acf26371452fdae313b98a@%3Cusers.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r6b6b674e3f168dd010e67dbe6848b866e2acf26371452fdae313b98a@%3Cusers.tomcat.apache.org%3E
8
reference_url https://lists.apache.org/thread.html/rb4de81ac647043541a32881099aa6eb5a23f1b7fd116f713f8ab9dbe@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb4de81ac647043541a32881099aa6eb5a23f1b7fd116f713f8ab9dbe@%3Cdev.tomcat.apache.org%3E
9
reference_url https://lists.apache.org/thread.html/rccdef0349fdf4fb73a4e4403095446d7fe6264e0a58e2df5c6799434%40%3Cannounce.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rccdef0349fdf4fb73a4e4403095446d7fe6264e0a58e2df5c6799434%40%3Cannounce.tomcat.apache.org%3E
10
reference_url https://lists.debian.org/debian-lts-announce/2021/09/msg00012.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2021/09/msg00012.html
11
reference_url https://security.netapp.com/advisory/ntap-20211008-0005
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20211008-0005
12
reference_url https://security.netapp.com/advisory/ntap-20211008-0005/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20211008-0005/
13
reference_url https://www.debian.org/security/2021/dsa-4986
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2021/dsa-4986
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2004820
reference_id 2004820
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2004820
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41079
reference_id CVE-2021-41079
reference_type
scores
0
value Important
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41079
16
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-41079
reference_id CVE-2021-41079
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-41079
17
reference_url https://github.com/advisories/GHSA-59g9-7gfx-c72p
reference_id GHSA-59g9-7gfx-c72p
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-59g9-7gfx-c72p
18
reference_url https://access.redhat.com/errata/RHSA-2021:3741
reference_id RHSA-2021:3741
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3741
19
reference_url https://access.redhat.com/errata/RHSA-2021:3743
reference_id RHSA-2021:3743
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3743
20
reference_url https://access.redhat.com/errata/RHSA-2022:1179
reference_id RHSA-2022:1179
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1179
21
reference_url https://access.redhat.com/errata/RHSA-2022:5532
reference_id RHSA-2022:5532
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5532
22
reference_url https://usn.ubuntu.com/5360-1/
reference_id USN-5360-1
reference_type
scores
url https://usn.ubuntu.com/5360-1/
23
reference_url https://usn.ubuntu.com/6943-1/
reference_id USN-6943-1
reference_type
scores
url https://usn.ubuntu.com/6943-1/
fixed_packages
0
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.64
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.64
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4cag-c4pb-dfaz
1
vulnerability VCID-5781-s1ny-q7ey
2
vulnerability VCID-ayrd-8ntf-hkh3
3
vulnerability VCID-cfhw-vmcp-y3bc
4
vulnerability VCID-fpgj-82wf-ykbw
5
vulnerability VCID-gyed-x6s8-ybhr
6
vulnerability VCID-j6cj-ftyd-3ffa
7
vulnerability VCID-j8tk-s915-pbfy
8
vulnerability VCID-kwab-3s4q-eka4
9
vulnerability VCID-nmq2-8ysj-4fbc
10
vulnerability VCID-p8q2-pt96-5ye8
11
vulnerability VCID-qkx6-32cj-jfbp
12
vulnerability VCID-v7tp-1t4h-zqeg
13
vulnerability VCID-vsdf-4tfj-uybe
14
vulnerability VCID-wptr-hkjx-s7c3
15
vulnerability VCID-xqjr-7xfw-mbh2
16
vulnerability VCID-zw2q-kna8-mqcm
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.64
1
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.44
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.44
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1e6p-cppr-2bh2
1
vulnerability VCID-2rmy-13ym-3bgm
2
vulnerability VCID-4cag-c4pb-dfaz
3
vulnerability VCID-5781-s1ny-q7ey
4
vulnerability VCID-cfhw-vmcp-y3bc
5
vulnerability VCID-d1fm-vbd1-n7au
6
vulnerability VCID-fpgj-82wf-ykbw
7
vulnerability VCID-gyed-x6s8-ybhr
8
vulnerability VCID-j6cj-ftyd-3ffa
9
vulnerability VCID-j8tk-s915-pbfy
10
vulnerability VCID-kwab-3s4q-eka4
11
vulnerability VCID-nmq2-8ysj-4fbc
12
vulnerability VCID-p8q2-pt96-5ye8
13
vulnerability VCID-qkx6-32cj-jfbp
14
vulnerability VCID-stds-vw5z-auhp
15
vulnerability VCID-v7tp-1t4h-zqeg
16
vulnerability VCID-vsdf-4tfj-uybe
17
vulnerability VCID-wptr-hkjx-s7c3
18
vulnerability VCID-xqjr-7xfw-mbh2
19
vulnerability VCID-yrzk-1dbk-muhy
20
vulnerability VCID-zw2q-kna8-mqcm
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.44
2
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.0.4
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.0.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5781-s1ny-q7ey
1
vulnerability VCID-j8tk-s915-pbfy
2
vulnerability VCID-kwab-3s4q-eka4
3
vulnerability VCID-nmq2-8ysj-4fbc
4
vulnerability VCID-p8q2-pt96-5ye8
5
vulnerability VCID-qkx6-32cj-jfbp
6
vulnerability VCID-wptr-hkjx-s7c3
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.0.4
aliases CVE-2021-41079, GHSA-59g9-7gfx-c72p
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dy6m-zt6r-9ubd
9
url VCID-dzan-r49k-kqab
vulnerability_id VCID-dzan-r49k-kqab
summary An h2c direct connection to Apache Tomcat 10.0.0-M1 to 10.0.0-M6, 9.0.0.M5 to 9.0.36 and 8.5.1 to 8.5.56 did not release the HTTP/1.1 processor after the upgrade to HTTP/2. If a sufficient number of such requests were made, an OutOfMemoryException could occur leading to a denial of service.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00084.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00084.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00088.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00088.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13934.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13934.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-13934
reference_id
reference_type
scores
0
value 0.2338
scoring_system epss
scoring_elements 0.96
published_at 2026-05-11T12:55:00Z
1
value 0.2338
scoring_system epss
scoring_elements 0.95996
published_at 2026-05-09T12:55:00Z
2
value 0.2338
scoring_system epss
scoring_elements 0.95993
published_at 2026-05-07T12:55:00Z
3
value 0.2338
scoring_system epss
scoring_elements 0.95988
published_at 2026-05-05T12:55:00Z
4
value 0.2338
scoring_system epss
scoring_elements 0.95978
published_at 2026-04-29T12:55:00Z
5
value 0.2338
scoring_system epss
scoring_elements 0.95979
published_at 2026-04-24T12:55:00Z
6
value 0.2338
scoring_system epss
scoring_elements 0.95977
published_at 2026-04-18T12:55:00Z
7
value 0.2338
scoring_system epss
scoring_elements 0.95972
published_at 2026-04-16T12:55:00Z
8
value 0.2338
scoring_system epss
scoring_elements 0.95961
published_at 2026-04-13T12:55:00Z
9
value 0.2338
scoring_system epss
scoring_elements 0.95956
published_at 2026-04-09T12:55:00Z
10
value 0.2338
scoring_system epss
scoring_elements 0.95953
published_at 2026-04-08T12:55:00Z
11
value 0.2338
scoring_system epss
scoring_elements 0.95944
published_at 2026-04-07T12:55:00Z
12
value 0.2338
scoring_system epss
scoring_elements 0.9594
published_at 2026-04-04T12:55:00Z
13
value 0.2338
scoring_system epss
scoring_elements 0.95932
published_at 2026-04-02T12:55:00Z
14
value 0.2338
scoring_system epss
scoring_elements 0.95959
published_at 2026-04-12T12:55:00Z
15
value 0.2338
scoring_system epss
scoring_elements 0.9602
published_at 2026-05-16T12:55:00Z
16
value 0.2338
scoring_system epss
scoring_elements 0.96018
published_at 2026-05-15T12:55:00Z
17
value 0.2338
scoring_system epss
scoring_elements 0.96017
published_at 2026-05-14T12:55:00Z
18
value 0.2338
scoring_system epss
scoring_elements 0.96004
published_at 2026-05-12T12:55:00Z
19
value 0.2338
scoring_system epss
scoring_elements 0.95925
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-13934
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://github.com/apache/tomcat/commit/172977f04a5215128f1e278a688983dcd230f399
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/172977f04a5215128f1e278a688983dcd230f399
6
reference_url https://github.com/apache/tomcat/commit/923d834500802a61779318911d7898bd85fc950e
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/923d834500802a61779318911d7898bd85fc950e
7
reference_url https://github.com/apache/tomcat/commit/c9167ae30f3b03b112f3d81772e3450b7d0e6a25
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/c9167ae30f3b03b112f3d81772e3450b7d0e6a25
8
reference_url https://lists.apache.org/thread.html/r61f411cf82488d6ec213063fc15feeeb88e31b0ca9c29652ee4f962e%40%3Cannounce.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r61f411cf82488d6ec213063fc15feeeb88e31b0ca9c29652ee4f962e%40%3Cannounce.tomcat.apache.org%3E
9
reference_url https://lists.apache.org/thread.html/ra072b1f786e7d139e86f1d1145572e0ff71cef38a96d9c6f5362aac8@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/ra072b1f786e7d139e86f1d1145572e0ff71cef38a96d9c6f5362aac8@%3Cdev.tomcat.apache.org%3E
10
reference_url https://lists.debian.org/debian-lts-announce/2020/07/msg00017.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2020/07/msg00017.html
11
reference_url https://security.netapp.com/advisory/ntap-20200724-0003
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20200724-0003
12
reference_url https://security.netapp.com/advisory/ntap-20200724-0003/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20200724-0003/
13
reference_url https://usn.ubuntu.com/4596-1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/4596-1
14
reference_url https://usn.ubuntu.com/4596-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/4596-1/
15
reference_url https://www.debian.org/security/2020/dsa-4727
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2020/dsa-4727
16
reference_url https://www.oracle.com/security-alerts/cpuApr2021.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuApr2021.html
17
reference_url https://www.oracle.com/security-alerts/cpujan2021.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujan2021.html
18
reference_url https://www.oracle.com/security-alerts/cpujan2022.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujan2022.html
19
reference_url https://www.oracle.com//security-alerts/cpujul2021.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com//security-alerts/cpujul2021.html
20
reference_url https://www.oracle.com/security-alerts/cpuoct2020.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuoct2020.html
21
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1857040
reference_id 1857040
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1857040
22
reference_url https://security.archlinux.org/AVG-1205
reference_id AVG-1205
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1205
23
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13934
reference_id CVE-2020-13934
reference_type
scores
0
value Moderate
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13934
24
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-13934
reference_id CVE-2020-13934
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-13934
25
reference_url https://github.com/advisories/GHSA-vf77-8h7g-gghp
reference_id GHSA-vf77-8h7g-gghp
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-vf77-8h7g-gghp
26
reference_url https://access.redhat.com/errata/RHSA-2020:3306
reference_id RHSA-2020:3306
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3306
27
reference_url https://access.redhat.com/errata/RHSA-2020:3308
reference_id RHSA-2020:3308
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3308
28
reference_url https://access.redhat.com/errata/RHSA-2020:3806
reference_id RHSA-2020:3806
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3806
fixed_packages
0
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.57
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.57
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4cag-c4pb-dfaz
1
vulnerability VCID-5781-s1ny-q7ey
2
vulnerability VCID-a8gk-n8bq-87cp
3
vulnerability VCID-ayrd-8ntf-hkh3
4
vulnerability VCID-dy6m-zt6r-9ubd
5
vulnerability VCID-fpgj-82wf-ykbw
6
vulnerability VCID-gyed-x6s8-ybhr
7
vulnerability VCID-j6cj-ftyd-3ffa
8
vulnerability VCID-j8tk-s915-pbfy
9
vulnerability VCID-k9cg-ehdw-dbh6
10
vulnerability VCID-kwab-3s4q-eka4
11
vulnerability VCID-n3ab-nk7c-hqc9
12
vulnerability VCID-nmq2-8ysj-4fbc
13
vulnerability VCID-p8q2-pt96-5ye8
14
vulnerability VCID-qkx6-32cj-jfbp
15
vulnerability VCID-ran8-rnqn-tkbc
16
vulnerability VCID-t2ne-75ck-eqcr
17
vulnerability VCID-v7tp-1t4h-zqeg
18
vulnerability VCID-vsdf-4tfj-uybe
19
vulnerability VCID-xqjr-7xfw-mbh2
20
vulnerability VCID-zw2q-kna8-mqcm
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.57
1
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.37
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.37
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1e6p-cppr-2bh2
1
vulnerability VCID-4cag-c4pb-dfaz
2
vulnerability VCID-5781-s1ny-q7ey
3
vulnerability VCID-a8gk-n8bq-87cp
4
vulnerability VCID-d1fm-vbd1-n7au
5
vulnerability VCID-dy6m-zt6r-9ubd
6
vulnerability VCID-fpgj-82wf-ykbw
7
vulnerability VCID-gyed-x6s8-ybhr
8
vulnerability VCID-j6cj-ftyd-3ffa
9
vulnerability VCID-j8tk-s915-pbfy
10
vulnerability VCID-kwab-3s4q-eka4
11
vulnerability VCID-n3ab-nk7c-hqc9
12
vulnerability VCID-nmq2-8ysj-4fbc
13
vulnerability VCID-p8q2-pt96-5ye8
14
vulnerability VCID-qkx6-32cj-jfbp
15
vulnerability VCID-ran8-rnqn-tkbc
16
vulnerability VCID-t2ne-75ck-eqcr
17
vulnerability VCID-v7tp-1t4h-zqeg
18
vulnerability VCID-vsdf-4tfj-uybe
19
vulnerability VCID-xqjr-7xfw-mbh2
20
vulnerability VCID-yrzk-1dbk-muhy
21
vulnerability VCID-zw2q-kna8-mqcm
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.37
2
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.0.2
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.0.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5781-s1ny-q7ey
1
vulnerability VCID-dy6m-zt6r-9ubd
2
vulnerability VCID-j8tk-s915-pbfy
3
vulnerability VCID-kwab-3s4q-eka4
4
vulnerability VCID-nmq2-8ysj-4fbc
5
vulnerability VCID-p8q2-pt96-5ye8
6
vulnerability VCID-qkx6-32cj-jfbp
7
vulnerability VCID-wptr-hkjx-s7c3
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.0.2
aliases CVE-2020-13934, GHSA-vf77-8h7g-gghp
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dzan-r49k-kqab
10
url VCID-dzpn-w4b3-vbcm
vulnerability_id VCID-dzpn-w4b3-vbcm
summary When using FORM authentication with Apache Tomcat 9.0.0.M1 to 9.0.29, 8.5.0 to 8.5.49 and 7.0.0 to 7.0.98 there was a narrow window where an attacker could perform a session fixation attack. The window was considered too narrow for an exploit to be practical but, erring on the side of caution, this issue has been treated as a security vulnerability.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00013.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00013.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17563.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17563.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-17563
reference_id
reference_type
scores
0
value 0.0326
scoring_system epss
scoring_elements 0.87154
published_at 2026-04-21T12:55:00Z
1
value 0.0326
scoring_system epss
scoring_elements 0.87142
published_at 2026-04-12T12:55:00Z
2
value 0.0326
scoring_system epss
scoring_elements 0.87148
published_at 2026-04-11T12:55:00Z
3
value 0.0326
scoring_system epss
scoring_elements 0.87135
published_at 2026-04-09T12:55:00Z
4
value 0.0326
scoring_system epss
scoring_elements 0.87127
published_at 2026-04-08T12:55:00Z
5
value 0.0326
scoring_system epss
scoring_elements 0.87107
published_at 2026-04-07T12:55:00Z
6
value 0.0326
scoring_system epss
scoring_elements 0.87114
published_at 2026-04-04T12:55:00Z
7
value 0.0326
scoring_system epss
scoring_elements 0.87097
published_at 2026-04-02T12:55:00Z
8
value 0.0326
scoring_system epss
scoring_elements 0.87086
published_at 2026-04-01T12:55:00Z
9
value 0.0326
scoring_system epss
scoring_elements 0.87245
published_at 2026-05-12T12:55:00Z
10
value 0.0326
scoring_system epss
scoring_elements 0.87231
published_at 2026-05-11T12:55:00Z
11
value 0.0326
scoring_system epss
scoring_elements 0.87236
published_at 2026-05-09T12:55:00Z
12
value 0.0326
scoring_system epss
scoring_elements 0.87217
published_at 2026-05-07T12:55:00Z
13
value 0.0326
scoring_system epss
scoring_elements 0.872
published_at 2026-05-05T12:55:00Z
14
value 0.0326
scoring_system epss
scoring_elements 0.8718
published_at 2026-04-29T12:55:00Z
15
value 0.0326
scoring_system epss
scoring_elements 0.87179
published_at 2026-04-26T12:55:00Z
16
value 0.0326
scoring_system epss
scoring_elements 0.87173
published_at 2026-04-24T12:55:00Z
17
value 0.0326
scoring_system epss
scoring_elements 0.87159
published_at 2026-04-18T12:55:00Z
18
value 0.0326
scoring_system epss
scoring_elements 0.87138
published_at 2026-04-13T12:55:00Z
19
value 0.04359
scoring_system epss
scoring_elements 0.89041
published_at 2026-05-14T12:55:00Z
20
value 0.04359
scoring_system epss
scoring_elements 0.89049
published_at 2026-05-16T12:55:00Z
21
value 0.04359
scoring_system epss
scoring_elements 0.89051
published_at 2026-05-15T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-17563
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
5
reference_url https://github.com/apache/tomcat/commit/1ecba14e690cf5f3f143eef6ae7037a6d3c16652
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/1ecba14e690cf5f3f143eef6ae7037a6d3c16652
6
reference_url https://github.com/apache/tomcat/commit/e19a202ee43b6e2a538be5515ae0ab32d8ef112c
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/e19a202ee43b6e2a538be5515ae0ab32d8ef112c
7
reference_url https://lists.apache.org/thread.html/8b4c1db8300117b28a0f3f743c0b9e3f964687a690cdf9662a884bbd%40%3Cannounce.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/8b4c1db8300117b28a0f3f743c0b9e3f964687a690cdf9662a884bbd%40%3Cannounce.tomcat.apache.org%3E
8
reference_url https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E
9
reference_url https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E
10
reference_url https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9@%3Cdev.tomcat.apache.org%3E
11
reference_url https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a@%3Cdev.tomcat.apache.org%3E
13
reference_url https://lists.apache.org/thread.html/reb9a66f176df29b9a832caa95ebd9ffa3284e8f4922ec4fa3ad8eb2e@%3Cissues.cxf.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/reb9a66f176df29b9a832caa95ebd9ffa3284e8f4922ec4fa3ad8eb2e@%3Cissues.cxf.apache.org%3E
14
reference_url https://lists.debian.org/debian-lts-announce/2020/01/msg00024.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2020/01/msg00024.html
15
reference_url https://lists.debian.org/debian-lts-announce/2020/05/msg00026.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2020/05/msg00026.html
16
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-17563
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-17563
17
reference_url https://seclists.org/bugtraq/2019/Dec/43
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://seclists.org/bugtraq/2019/Dec/43
18
reference_url https://security.gentoo.org/glsa/202003-43
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202003-43
19
reference_url https://security.netapp.com/advisory/ntap-20200107-0001
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20200107-0001
20
reference_url https://security.netapp.com/advisory/ntap-20200107-0001/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20200107-0001/
21
reference_url https://usn.ubuntu.com/4251-1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/4251-1
22
reference_url https://usn.ubuntu.com/4251-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/4251-1/
23
reference_url https://www.debian.org/security/2019/dsa-4596
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2019/dsa-4596
24
reference_url https://www.debian.org/security/2020/dsa-4680
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2020/dsa-4680
25
reference_url https://www.oracle.com/security-alerts/cpuapr2020.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuapr2020.html
26
reference_url https://www.oracle.com/security-alerts/cpujan2021.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujan2021.html
27
reference_url https://www.oracle.com/security-alerts/cpujul2020.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujul2020.html
28
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1785711
reference_id 1785711
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1785711
29
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17563
reference_id CVE-2019-17563
reference_type
scores
0
value Low
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17563
30
reference_url https://github.com/advisories/GHSA-9xcj-c8cr-8c3c
reference_id GHSA-9xcj-c8cr-8c3c
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-9xcj-c8cr-8c3c
31
reference_url https://access.redhat.com/errata/RHSA-2020:0860
reference_id RHSA-2020:0860
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0860
32
reference_url https://access.redhat.com/errata/RHSA-2020:0861
reference_id RHSA-2020:0861
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0861
33
reference_url https://access.redhat.com/errata/RHSA-2020:1520
reference_id RHSA-2020:1520
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1520
34
reference_url https://access.redhat.com/errata/RHSA-2020:1521
reference_id RHSA-2020:1521
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1521
35
reference_url https://access.redhat.com/errata/RHSA-2020:4004
reference_id RHSA-2020:4004
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4004
36
reference_url https://access.redhat.com/errata/RHSA-2021:0882
reference_id RHSA-2021:0882
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0882
37
reference_url https://access.redhat.com/errata/RHSA-2021:1030
reference_id RHSA-2021:1030
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:1030
fixed_packages
0
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.50
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.50
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-46bv-6b7y-3bca
1
vulnerability VCID-4cag-c4pb-dfaz
2
vulnerability VCID-5781-s1ny-q7ey
3
vulnerability VCID-66kh-s6cr-tqf9
4
vulnerability VCID-a8gk-n8bq-87cp
5
vulnerability VCID-ayrd-8ntf-hkh3
6
vulnerability VCID-dy6m-zt6r-9ubd
7
vulnerability VCID-dzan-r49k-kqab
8
vulnerability VCID-fpgj-82wf-ykbw
9
vulnerability VCID-gyed-x6s8-ybhr
10
vulnerability VCID-j6cj-ftyd-3ffa
11
vulnerability VCID-j8tk-s915-pbfy
12
vulnerability VCID-k9cg-ehdw-dbh6
13
vulnerability VCID-kwab-3s4q-eka4
14
vulnerability VCID-n3ab-nk7c-hqc9
15
vulnerability VCID-nmq2-8ysj-4fbc
16
vulnerability VCID-p8q2-pt96-5ye8
17
vulnerability VCID-qkx6-32cj-jfbp
18
vulnerability VCID-ran8-rnqn-tkbc
19
vulnerability VCID-rq42-qvsy-hue6
20
vulnerability VCID-t2ne-75ck-eqcr
21
vulnerability VCID-v7tp-1t4h-zqeg
22
vulnerability VCID-vsdf-4tfj-uybe
23
vulnerability VCID-xqjr-7xfw-mbh2
24
vulnerability VCID-yfx4-4gsc-2kgh
25
vulnerability VCID-zw2q-kna8-mqcm
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.50
1
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.30
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.30
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1e6p-cppr-2bh2
1
vulnerability VCID-46bv-6b7y-3bca
2
vulnerability VCID-4cag-c4pb-dfaz
3
vulnerability VCID-5781-s1ny-q7ey
4
vulnerability VCID-66kh-s6cr-tqf9
5
vulnerability VCID-a8gk-n8bq-87cp
6
vulnerability VCID-d1fm-vbd1-n7au
7
vulnerability VCID-dy6m-zt6r-9ubd
8
vulnerability VCID-dzan-r49k-kqab
9
vulnerability VCID-e7kd-kk57-mkd6
10
vulnerability VCID-fpgj-82wf-ykbw
11
vulnerability VCID-gyed-x6s8-ybhr
12
vulnerability VCID-j6cj-ftyd-3ffa
13
vulnerability VCID-j8tk-s915-pbfy
14
vulnerability VCID-kwab-3s4q-eka4
15
vulnerability VCID-n3ab-nk7c-hqc9
16
vulnerability VCID-nmq2-8ysj-4fbc
17
vulnerability VCID-p8q2-pt96-5ye8
18
vulnerability VCID-qkx6-32cj-jfbp
19
vulnerability VCID-ran8-rnqn-tkbc
20
vulnerability VCID-rq42-qvsy-hue6
21
vulnerability VCID-t2ne-75ck-eqcr
22
vulnerability VCID-v7tp-1t4h-zqeg
23
vulnerability VCID-vsdf-4tfj-uybe
24
vulnerability VCID-xqjr-7xfw-mbh2
25
vulnerability VCID-yfx4-4gsc-2kgh
26
vulnerability VCID-yrzk-1dbk-muhy
27
vulnerability VCID-zw2q-kna8-mqcm
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.30
aliases CVE-2019-17563, GHSA-9xcj-c8cr-8c3c
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dzpn-w4b3-vbcm
11
url VCID-fpgj-82wf-ykbw
vulnerability_id VCID-fpgj-82wf-ykbw
summary 
Uncontrolled Resource Consumption vulnerability in Apache Tomcat if an HTTP/2 client did not acknowledge the initial settings frame that reduces the maximum permitted concurrent streams.

This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.8, from 10.1.0-M1 through 10.1.42, from 9.0.0.M1 through 9.0.106.
The following versions were EOL at the time the CVE was created but are 
known to be affected: 8.5.0 through 8.5.100. Other EOL versions may also be affected.


Users are recommended to upgrade to version 11.0.9, 10.1.43 or 9.0.107, which fix the issue.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-53506.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-53506.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-53506
reference_id
reference_type
scores
0
value 0.00324
scoring_system epss
scoring_elements 0.55445
published_at 2026-04-04T12:55:00Z
1
value 0.00324
scoring_system epss
scoring_elements 0.5542
published_at 2026-04-02T12:55:00Z
2
value 0.00429
scoring_system epss
scoring_elements 0.6252
published_at 2026-04-24T12:55:00Z
3
value 0.00429
scoring_system epss
scoring_elements 0.6251
published_at 2026-04-21T12:55:00Z
4
value 0.00429
scoring_system epss
scoring_elements 0.62527
published_at 2026-04-18T12:55:00Z
5
value 0.00429
scoring_system epss
scoring_elements 0.62425
published_at 2026-04-07T12:55:00Z
6
value 0.00429
scoring_system epss
scoring_elements 0.62476
published_at 2026-04-08T12:55:00Z
7
value 0.00429
scoring_system epss
scoring_elements 0.62492
published_at 2026-04-09T12:55:00Z
8
value 0.00429
scoring_system epss
scoring_elements 0.62511
published_at 2026-04-11T12:55:00Z
9
value 0.00429
scoring_system epss
scoring_elements 0.625
published_at 2026-04-12T12:55:00Z
10
value 0.00429
scoring_system epss
scoring_elements 0.62478
published_at 2026-04-13T12:55:00Z
11
value 0.00446
scoring_system epss
scoring_elements 0.63498
published_at 2026-04-26T12:55:00Z
12
value 0.00446
scoring_system epss
scoring_elements 0.63467
published_at 2026-05-05T12:55:00Z
13
value 0.00446
scoring_system epss
scoring_elements 0.63494
published_at 2026-04-29T12:55:00Z
14
value 0.01247
scoring_system epss
scoring_elements 0.7941
published_at 2026-05-07T12:55:00Z
15
value 0.01247
scoring_system epss
scoring_elements 0.79495
published_at 2026-05-15T12:55:00Z
16
value 0.01247
scoring_system epss
scoring_elements 0.79487
published_at 2026-05-14T12:55:00Z
17
value 0.01247
scoring_system epss
scoring_elements 0.79447
published_at 2026-05-12T12:55:00Z
18
value 0.01247
scoring_system epss
scoring_elements 0.79429
published_at 2026-05-11T12:55:00Z
19
value 0.01247
scoring_system epss
scoring_elements 0.79428
published_at 2026-05-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-53506
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
4
reference_url https://github.com/apache/tomcat/commit/2aa6261276ebe50b99276953591e3a2be7898bdb
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/2aa6261276ebe50b99276953591e3a2be7898bdb
5
reference_url https://github.com/apache/tomcat/commit/434772930f362145516dd60681134e7f0cf8115b
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/434772930f362145516dd60681134e7f0cf8115b
6
reference_url https://github.com/apache/tomcat/commit/be8f330f83ceddaf3baeed57522e571572b6b99b
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/be8f330f83ceddaf3baeed57522e571572b6b99b
7
reference_url https://lists.apache.org/thread/p09775q0rd185m6zz98krg0fp45j8kr0
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-11T13:46:01Z/
url https://lists.apache.org/thread/p09775q0rd185m6zz98krg0fp45j8kr0
8
reference_url https://lists.debian.org/debian-lts-announce/2025/07/msg00009.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2025/07/msg00009.html
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-53506
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-53506
10
reference_url http://www.openwall.com/lists/oss-security/2025/07/10/13
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2025/07/10/13
11
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1109113
reference_id 1109113
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1109113
12
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1109114
reference_id 1109114
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1109114
13
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2379386
reference_id 2379386
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2379386
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-53506
reference_id CVE-2025-53506
reference_type
scores
0
value Important
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-53506
15
reference_url https://github.com/advisories/GHSA-25xr-qj8w-c4vf
reference_id GHSA-25xr-qj8w-c4vf
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-25xr-qj8w-c4vf
16
reference_url https://access.redhat.com/errata/RHSA-2025:11695
reference_id RHSA-2025:11695
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:11695
17
reference_url https://access.redhat.com/errata/RHSA-2025:11696
reference_id RHSA-2025:11696
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:11696
18
reference_url https://access.redhat.com/errata/RHSA-2025:11741
reference_id RHSA-2025:11741
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:11741
19
reference_url https://access.redhat.com/errata/RHSA-2025:11742
reference_id RHSA-2025:11742
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:11742
20
reference_url https://access.redhat.com/errata/RHSA-2025:14177
reference_id RHSA-2025:14177
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:14177
21
reference_url https://access.redhat.com/errata/RHSA-2025:14178
reference_id RHSA-2025:14178
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:14178
22
reference_url https://access.redhat.com/errata/RHSA-2025:14179
reference_id RHSA-2025:14179
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:14179
23
reference_url https://access.redhat.com/errata/RHSA-2025:14180
reference_id RHSA-2025:14180
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:14180
24
reference_url https://access.redhat.com/errata/RHSA-2025:14181
reference_id RHSA-2025:14181
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:14181
25
reference_url https://access.redhat.com/errata/RHSA-2025:14182
reference_id RHSA-2025:14182
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:14182
26
reference_url https://access.redhat.com/errata/RHSA-2025:14183
reference_id RHSA-2025:14183
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:14183
fixed_packages
0
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.107
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.107
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1e6p-cppr-2bh2
1
vulnerability VCID-2rmy-13ym-3bgm
2
vulnerability VCID-4cag-c4pb-dfaz
3
vulnerability VCID-74tx-sx8a-guhs
4
vulnerability VCID-8e1c-rbkg-v7c2
5
vulnerability VCID-cfhw-vmcp-y3bc
6
vulnerability VCID-d1fm-vbd1-n7au
7
vulnerability VCID-gyed-x6s8-ybhr
8
vulnerability VCID-xqjr-7xfw-mbh2
9
vulnerability VCID-yrzk-1dbk-muhy
10
vulnerability VCID-zw2q-kna8-mqcm
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.107
1
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.43
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.43
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1e6p-cppr-2bh2
1
vulnerability VCID-2rmy-13ym-3bgm
2
vulnerability VCID-4cag-c4pb-dfaz
3
vulnerability VCID-74tx-sx8a-guhs
4
vulnerability VCID-8e1c-rbkg-v7c2
5
vulnerability VCID-cfhw-vmcp-y3bc
6
vulnerability VCID-d1fm-vbd1-n7au
7
vulnerability VCID-gyed-x6s8-ybhr
8
vulnerability VCID-xqjr-7xfw-mbh2
9
vulnerability VCID-zw2q-kna8-mqcm
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.43
2
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@11.0.9
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@11.0.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1e6p-cppr-2bh2
1
vulnerability VCID-2rmy-13ym-3bgm
2
vulnerability VCID-4cag-c4pb-dfaz
3
vulnerability VCID-74tx-sx8a-guhs
4
vulnerability VCID-8e1c-rbkg-v7c2
5
vulnerability VCID-cfhw-vmcp-y3bc
6
vulnerability VCID-d1fm-vbd1-n7au
7
vulnerability VCID-gyed-x6s8-ybhr
8
vulnerability VCID-xqjr-7xfw-mbh2
9
vulnerability VCID-yrzk-1dbk-muhy
10
vulnerability VCID-zw2q-kna8-mqcm
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@11.0.9
aliases CVE-2025-53506, GHSA-25xr-qj8w-c4vf
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fpgj-82wf-ykbw
12
url VCID-g7bk-891a-uufy
vulnerability_id VCID-g7bk-891a-uufy
summary Security constraints defined by annotations of Servlets in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 were only applied once a Servlet had been loaded. Because security constraints defined in this way apply to the URL pattern and any URLs below that point, it was possible - depending on the order Servlets were loaded - for some security constraints not to be applied. This could have exposed resources to users who were not authorised to access them.
references
0
reference_url https://access.redhat.com/errata/RHSA-2018:0465
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:0465
1
reference_url https://access.redhat.com/errata/RHSA-2018:0466
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:0466
2
reference_url https://access.redhat.com/errata/RHSA-2018:1320
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:1320
3
reference_url https://access.redhat.com/errata/RHSA-2018:2939
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:2939
4
reference_url https://access.redhat.com/errata/RHSA-2019:2205
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:2205
5
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1305.json
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1305.json
6
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-1305
reference_id
reference_type
scores
0
value 0.21578
scoring_system epss
scoring_elements 0.95732
published_at 2026-04-16T12:55:00Z
1
value 0.21578
scoring_system epss
scoring_elements 0.95723
published_at 2026-04-13T12:55:00Z
2
value 0.21578
scoring_system epss
scoring_elements 0.95722
published_at 2026-04-12T12:55:00Z
3
value 0.21578
scoring_system epss
scoring_elements 0.95719
published_at 2026-04-09T12:55:00Z
4
value 0.21578
scoring_system epss
scoring_elements 0.95715
published_at 2026-04-08T12:55:00Z
5
value 0.21578
scoring_system epss
scoring_elements 0.95706
published_at 2026-04-07T12:55:00Z
6
value 0.21578
scoring_system epss
scoring_elements 0.95703
published_at 2026-04-04T12:55:00Z
7
value 0.21578
scoring_system epss
scoring_elements 0.95698
published_at 2026-04-02T12:55:00Z
8
value 0.21578
scoring_system epss
scoring_elements 0.95688
published_at 2026-04-01T12:55:00Z
9
value 0.21578
scoring_system epss
scoring_elements 0.95736
published_at 2026-04-18T12:55:00Z
10
value 0.21578
scoring_system epss
scoring_elements 0.95787
published_at 2026-05-16T12:55:00Z
11
value 0.21578
scoring_system epss
scoring_elements 0.95786
published_at 2026-05-15T12:55:00Z
12
value 0.21578
scoring_system epss
scoring_elements 0.95784
published_at 2026-05-14T12:55:00Z
13
value 0.21578
scoring_system epss
scoring_elements 0.95771
published_at 2026-05-12T12:55:00Z
14
value 0.21578
scoring_system epss
scoring_elements 0.95766
published_at 2026-05-11T12:55:00Z
15
value 0.21578
scoring_system epss
scoring_elements 0.95761
published_at 2026-05-09T12:55:00Z
16
value 0.21578
scoring_system epss
scoring_elements 0.95755
published_at 2026-05-07T12:55:00Z
17
value 0.21578
scoring_system epss
scoring_elements 0.95752
published_at 2026-05-05T12:55:00Z
18
value 0.21578
scoring_system epss
scoring_elements 0.95739
published_at 2026-04-26T12:55:00Z
19
value 0.21578
scoring_system epss
scoring_elements 0.95737
published_at 2026-04-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-1305
7
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
8
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
9
reference_url https://github.com/apache/tomcat/commit/2349801827f09fb6582a8afdeca704294106ad9a
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/2349801827f09fb6582a8afdeca704294106ad9a
10
reference_url https://github.com/apache/tomcat/commit/2aac69f694d42d9219eb27018b3da0ae1bdd73ab
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/2aac69f694d42d9219eb27018b3da0ae1bdd73ab
11
reference_url https://github.com/apache/tomcat/commit/3e54b2a6314eda11617ff7a7b899c251e222b1a1
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/3e54b2a6314eda11617ff7a7b899c251e222b1a1
12
reference_url https://github.com/apache/tomcat/commit/4d637bc3986e5d09b9363e2144b8ba74fa6eac3a
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/4d637bc3986e5d09b9363e2144b8ba74fa6eac3a
13
reference_url https://github.com/apache/tomcat/commit/c63b96d72cd39287e17b2ba698f4eee0ba508073
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/c63b96d72cd39287e17b2ba698f4eee0ba508073
14
reference_url https://github.com/apache/tomcat/commit/de6b4fd58b64828f374503b9ec76a12017b92895
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/de6b4fd58b64828f374503b9ec76a12017b92895
15
reference_url https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba@%3Cdev.tomcat.apache.org%3E
16
reference_url https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba%40%3Cdev.tomcat.apache.org%3E
17
reference_url https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E
18
reference_url https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E
19
reference_url https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E
20
reference_url https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E
21
reference_url https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E
22
reference_url https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E
23
reference_url https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb@%3Cdev.tomcat.apache.org%3E
24
reference_url https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb%40%3Cdev.tomcat.apache.org%3E
25
reference_url https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E
26
reference_url https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3E
27
reference_url https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424@%3Cdev.tomcat.apache.org%3E
28
reference_url https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E
29
reference_url https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E
30
reference_url https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a%40%3Cdev.tomcat.apache.org%3E
31
reference_url https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E
32
reference_url https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E
33
reference_url https://lists.apache.org/thread.html/d3354bb0a4eda4acc0a66f3eb24a213fdb75d12c7d16060b23e65781@%3Cannounce.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/d3354bb0a4eda4acc0a66f3eb24a213fdb75d12c7d16060b23e65781@%3Cannounce.tomcat.apache.org%3E
34
reference_url https://lists.apache.org/thread.html/d3354bb0a4eda4acc0a66f3eb24a213fdb75d12c7d16060b23e65781%40%3Cannounce.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/d3354bb0a4eda4acc0a66f3eb24a213fdb75d12c7d16060b23e65781%40%3Cannounce.tomcat.apache.org%3E
35
reference_url https://lists.apache.org/thread.html/e85e83e9954f169bbb77b44baae5a33d8de878df557bb32b7f793661@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/e85e83e9954f169bbb77b44baae5a33d8de878df557bb32b7f793661@%3Cdev.tomcat.apache.org%3E
36
reference_url https://lists.apache.org/thread.html/e85e83e9954f169bbb77b44baae5a33d8de878df557bb32b7f793661%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/e85e83e9954f169bbb77b44baae5a33d8de878df557bb32b7f793661%40%3Cdev.tomcat.apache.org%3E
37
reference_url https://lists.apache.org/thread.html/eb6efa8d59c45a7a9eff94c4b925467d3b3fec8ba7697f3daa314b04@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/eb6efa8d59c45a7a9eff94c4b925467d3b3fec8ba7697f3daa314b04@%3Cdev.tomcat.apache.org%3E
38
reference_url https://lists.apache.org/thread.html/eb6efa8d59c45a7a9eff94c4b925467d3b3fec8ba7697f3daa314b04%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/eb6efa8d59c45a7a9eff94c4b925467d3b3fec8ba7697f3daa314b04%40%3Cdev.tomcat.apache.org%3E
39
reference_url https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E
40
reference_url https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d%40%3Cdev.tomcat.apache.org%3E
41
reference_url https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E
42
reference_url https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0%40%3Cdev.tomcat.apache.org%3E
43
reference_url https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9@%3Cdev.tomcat.apache.org%3E
44
reference_url https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9%40%3Cdev.tomcat.apache.org%3E
45
reference_url https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E
46
reference_url https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E
47
reference_url https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a@%3Cdev.tomcat.apache.org%3E
48
reference_url https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a%40%3Cdev.tomcat.apache.org%3E
49
reference_url https://lists.debian.org/debian-lts-announce/2018/03/msg00004.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2018/03/msg00004.html
50
reference_url https://lists.debian.org/debian-lts-announce/2018/06/msg00008.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2018/06/msg00008.html
51
reference_url https://lists.debian.org/debian-lts-announce/2018/07/msg00044.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2018/07/msg00044.html
52
reference_url https://security.netapp.com/advisory/ntap-20180706-0001
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20180706-0001
53
reference_url https://security.netapp.com/advisory/ntap-20180706-0001/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20180706-0001/
54
reference_url https://svn.apache.org/viewvc?view=rev&rev=1823310
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1823310
55
reference_url https://svn.apache.org/viewvc?view=rev&rev=1823314
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1823314
56
reference_url https://svn.apache.org/viewvc?view=rev&rev=1823319
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1823319
57
reference_url https://svn.apache.org/viewvc?view=rev&rev=1823322
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1823322
58
reference_url https://svn.apache.org/viewvc?view=rev&rev=1824323
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1824323
59
reference_url https://svn.apache.org/viewvc?view=rev&rev=1824358
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1824358
60
reference_url https://svn.apache.org/viewvc?view=rev&rev=1824359
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1824359
61
reference_url https://svn.apache.org/viewvc?view=rev&rev=1824360
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1824360
62
reference_url https://usn.ubuntu.com/3665-1
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/3665-1
63
reference_url https://usn.ubuntu.com/3665-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/3665-1/
64
reference_url https://web.archive.org/web/20200227030042/http://www.securityfocus.com/bid/103144
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200227030042/http://www.securityfocus.com/bid/103144
65
reference_url https://web.archive.org/web/20200516094320/http://www.securitytracker.com/id/1040428
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200516094320/http://www.securitytracker.com/id/1040428
66
reference_url https://www.debian.org/security/2018/dsa-4281
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2018/dsa-4281
67
reference_url https://www.oracle.com/security-alerts/cpuapr2020.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuapr2020.html
68
reference_url https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
69
reference_url https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
70
reference_url http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
71
reference_url http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
72
reference_url http://www.securityfocus.com/bid/103144
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/103144
73
reference_url http://www.securitytracker.com/id/1040428
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1040428
74
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1548282
reference_id 1548282
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1548282
75
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1305
reference_id CVE-2018-1305
reference_type
scores
0
value Important
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1305
76
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-1305
reference_id CVE-2018-1305
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-1305
77
reference_url https://github.com/advisories/GHSA-jx6h-3fjx-cgv5
reference_id GHSA-jx6h-3fjx-cgv5
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-jx6h-3fjx-cgv5
fixed_packages
0
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.28
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.28
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-39e3-jfbg-s3hk
1
vulnerability VCID-46bv-6b7y-3bca
2
vulnerability VCID-4cag-c4pb-dfaz
3
vulnerability VCID-5781-s1ny-q7ey
4
vulnerability VCID-5etb-njwf-rfdu
5
vulnerability VCID-66kh-s6cr-tqf9
6
vulnerability VCID-a8gk-n8bq-87cp
7
vulnerability VCID-ayrd-8ntf-hkh3
8
vulnerability VCID-dy6m-zt6r-9ubd
9
vulnerability VCID-dzan-r49k-kqab
10
vulnerability VCID-dzpn-w4b3-vbcm
11
vulnerability VCID-fpgj-82wf-ykbw
12
vulnerability VCID-gyed-x6s8-ybhr
13
vulnerability VCID-j6cj-ftyd-3ffa
14
vulnerability VCID-j8tk-s915-pbfy
15
vulnerability VCID-k9cg-ehdw-dbh6
16
vulnerability VCID-kwab-3s4q-eka4
17
vulnerability VCID-n3ab-nk7c-hqc9
18
vulnerability VCID-nmq2-8ysj-4fbc
19
vulnerability VCID-ran8-rnqn-tkbc
20
vulnerability VCID-ruuh-g3fa-m7d8
21
vulnerability VCID-t2ne-75ck-eqcr
22
vulnerability VCID-v7tp-1t4h-zqeg
23
vulnerability VCID-vsdf-4tfj-uybe
24
vulnerability VCID-xqjr-7xfw-mbh2
25
vulnerability VCID-yfx4-4gsc-2kgh
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.28
1
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.5
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1e6p-cppr-2bh2
1
vulnerability VCID-39e3-jfbg-s3hk
2
vulnerability VCID-46bv-6b7y-3bca
3
vulnerability VCID-4cag-c4pb-dfaz
4
vulnerability VCID-5781-s1ny-q7ey
5
vulnerability VCID-5etb-njwf-rfdu
6
vulnerability VCID-66kh-s6cr-tqf9
7
vulnerability VCID-a8gk-n8bq-87cp
8
vulnerability VCID-ayrd-8ntf-hkh3
9
vulnerability VCID-dy6m-zt6r-9ubd
10
vulnerability VCID-dzan-r49k-kqab
11
vulnerability VCID-dzpn-w4b3-vbcm
12
vulnerability VCID-e7kd-kk57-mkd6
13
vulnerability VCID-fpgj-82wf-ykbw
14
vulnerability VCID-gyed-x6s8-ybhr
15
vulnerability VCID-j6cj-ftyd-3ffa
16
vulnerability VCID-j8tk-s915-pbfy
17
vulnerability VCID-kwab-3s4q-eka4
18
vulnerability VCID-n3ab-nk7c-hqc9
19
vulnerability VCID-nmq2-8ysj-4fbc
20
vulnerability VCID-ran8-rnqn-tkbc
21
vulnerability VCID-ruuh-g3fa-m7d8
22
vulnerability VCID-t2ne-75ck-eqcr
23
vulnerability VCID-v7tp-1t4h-zqeg
24
vulnerability VCID-vsdf-4tfj-uybe
25
vulnerability VCID-xqjr-7xfw-mbh2
26
vulnerability VCID-yfx4-4gsc-2kgh
27
vulnerability VCID-zw2q-kna8-mqcm
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.5
aliases CVE-2018-1305, GHSA-jx6h-3fjx-cgv5
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-g7bk-891a-uufy
13
url VCID-gyed-x6s8-ybhr
vulnerability_id VCID-gyed-x6s8-ybhr
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-24880.json
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-24880.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-24880
reference_id
reference_type
scores
0
value 0.00029
scoring_system epss
scoring_elements 0.08199
published_at 2026-04-13T12:55:00Z
1
value 0.00029
scoring_system epss
scoring_elements 0.08216
published_at 2026-04-12T12:55:00Z
2
value 0.00029
scoring_system epss
scoring_elements 0.08236
published_at 2026-04-11T12:55:00Z
3
value 0.00215
scoring_system epss
scoring_elements 0.43957
published_at 2026-04-21T12:55:00Z
4
value 0.00215
scoring_system epss
scoring_elements 0.438
published_at 2026-05-09T12:55:00Z
5
value 0.00215
scoring_system epss
scoring_elements 0.43782
published_at 2026-05-07T12:55:00Z
6
value 0.00215
scoring_system epss
scoring_elements 0.43706
published_at 2026-05-05T12:55:00Z
7
value 0.00215
scoring_system epss
scoring_elements 0.44031
published_at 2026-04-16T12:55:00Z
8
value 0.00215
scoring_system epss
scoring_elements 0.43827
published_at 2026-04-29T12:55:00Z
9
value 0.00215
scoring_system epss
scoring_elements 0.43912
published_at 2026-04-26T12:55:00Z
10
value 0.00215
scoring_system epss
scoring_elements 0.43909
published_at 2026-04-24T12:55:00Z
11
value 0.00215
scoring_system epss
scoring_elements 0.44021
published_at 2026-04-18T12:55:00Z
12
value 0.0024
scoring_system epss
scoring_elements 0.46983
published_at 2026-05-12T12:55:00Z
13
value 0.0024
scoring_system epss
scoring_elements 0.47069
published_at 2026-05-15T12:55:00Z
14
value 0.0024
scoring_system epss
scoring_elements 0.46951
published_at 2026-05-11T12:55:00Z
15
value 0.0024
scoring_system epss
scoring_elements 0.47052
published_at 2026-05-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-24880
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
4
reference_url https://github.com/apache/tomcat/commit/1b586d6aa8ae65726da5fa8799427b5d4718478a
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/1b586d6aa8ae65726da5fa8799427b5d4718478a
5
reference_url https://github.com/apache/tomcat/commit/1e71441a15972f56e661b0b549fb9e5d838b83bb
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/1e71441a15972f56e661b0b549fb9e5d838b83bb
6
reference_url https://github.com/apache/tomcat/commit/2cb06c34f661ca42f7570bbcc21e99806184bcc5
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/2cb06c34f661ca42f7570bbcc21e99806184bcc5
7
reference_url https://github.com/apache/tomcat/commit/6d478dbe18b7c4bb671c30fedf130309b0dab77c
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/6d478dbe18b7c4bb671c30fedf130309b0dab77c
8
reference_url https://github.com/apache/tomcat/commit/f07df938d00f7419b40fa65aa912966d0efac522
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/f07df938d00f7419b40fa65aa912966d0efac522
9
reference_url https://github.com/apache/tomcat/commit/fde1a8235fb73125217bd41e162aa0a113f33552
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/fde1a8235fb73125217bd41e162aa0a113f33552
10
reference_url https://lists.apache.org/thread/2c682qnlg2tv4o5knlggqbl9yc2gb5sn
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T18:33:19Z/
url https://lists.apache.org/thread/2c682qnlg2tv4o5knlggqbl9yc2gb5sn
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-24880
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-24880
12
reference_url https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.53
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.53
13
reference_url https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.20
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.20
14
reference_url https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.116
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.116
15
reference_url http://www.openwall.com/lists/oss-security/2026/04/09/20
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2026/04/09/20
16
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133356
reference_id 1133356
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133356
17
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133357
reference_id 1133357
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133357
18
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2457040
reference_id 2457040
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2457040
19
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-24880
reference_id CVE-2026-24880
reference_type
scores
0
value Low
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-24880
20
reference_url https://www.herodevs.com/vulnerability-directory/cve-2026-24880
reference_id CVE-2026-24880
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.herodevs.com/vulnerability-directory/cve-2026-24880
21
reference_url https://github.com/advisories/GHSA-563x-q5rq-57qp
reference_id GHSA-563x-q5rq-57qp
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-563x-q5rq-57qp
fixed_packages
0
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.116
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.116
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8e1c-rbkg-v7c2
1
vulnerability VCID-abt4-b2cv-eygv
2
vulnerability VCID-d1fm-vbd1-n7au
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.116
1
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.52
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.52
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2rmy-13ym-3bgm
1
vulnerability VCID-35xg-a746-5qgc
2
vulnerability VCID-74tx-sx8a-guhs
3
vulnerability VCID-8e1c-rbkg-v7c2
4
vulnerability VCID-d1fm-vbd1-n7au
5
vulnerability VCID-rsxs-u5cc-rkgj
6
vulnerability VCID-yrzk-1dbk-muhy
7
vulnerability VCID-zw2q-kna8-mqcm
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.52
2
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@11.0.20
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@11.0.20
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2rmy-13ym-3bgm
1
vulnerability VCID-8e1c-rbkg-v7c2
2
vulnerability VCID-abt4-b2cv-eygv
3
vulnerability VCID-d1fm-vbd1-n7au
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@11.0.20
aliases CVE-2026-24880, GHSA-563x-q5rq-57qp
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gyed-x6s8-ybhr
14
url VCID-j6cj-ftyd-3ffa
vulnerability_id VCID-j6cj-ftyd-3ffa
summary 
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in FORM authentication feature Apache Tomcat.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.0.12, from 9.0.0-M1 through 9.0.79 and from 8.5.0 through 8.5.92.
Older, EOL versions may also be affected.


The vulnerability is limited to the ROOT (default) web application.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-41080.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-41080.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-41080
reference_id
reference_type
scores
0
value 0.11586
scoring_system epss
scoring_elements 0.93726
published_at 2026-05-15T12:55:00Z
1
value 0.11586
scoring_system epss
scoring_elements 0.9372
published_at 2026-05-16T12:55:00Z
2
value 0.11586
scoring_system epss
scoring_elements 0.93707
published_at 2026-05-12T12:55:00Z
3
value 0.11586
scoring_system epss
scoring_elements 0.93702
published_at 2026-05-11T12:55:00Z
4
value 0.11586
scoring_system epss
scoring_elements 0.937
published_at 2026-05-09T12:55:00Z
5
value 0.11586
scoring_system epss
scoring_elements 0.93692
published_at 2026-05-07T12:55:00Z
6
value 0.11586
scoring_system epss
scoring_elements 0.93681
published_at 2026-05-05T12:55:00Z
7
value 0.11586
scoring_system epss
scoring_elements 0.93673
published_at 2026-04-29T12:55:00Z
8
value 0.11586
scoring_system epss
scoring_elements 0.93675
published_at 2026-04-26T12:55:00Z
9
value 0.11586
scoring_system epss
scoring_elements 0.93677
published_at 2026-04-24T12:55:00Z
10
value 0.11586
scoring_system epss
scoring_elements 0.93672
published_at 2026-04-21T12:55:00Z
11
value 0.11586
scoring_system epss
scoring_elements 0.93668
published_at 2026-04-18T12:55:00Z
12
value 0.11586
scoring_system epss
scoring_elements 0.93661
published_at 2026-04-16T12:55:00Z
13
value 0.11586
scoring_system epss
scoring_elements 0.93643
published_at 2026-04-13T12:55:00Z
14
value 0.11586
scoring_system epss
scoring_elements 0.93642
published_at 2026-04-12T12:55:00Z
15
value 0.11586
scoring_system epss
scoring_elements 0.93637
published_at 2026-04-09T12:55:00Z
16
value 0.11586
scoring_system epss
scoring_elements 0.93635
published_at 2026-04-08T12:55:00Z
17
value 0.11586
scoring_system epss
scoring_elements 0.93626
published_at 2026-04-07T12:55:00Z
18
value 0.13662
scoring_system epss
scoring_elements 0.94234
published_at 2026-04-04T12:55:00Z
19
value 0.13662
scoring_system epss
scoring_elements 0.94222
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-41080
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
4
reference_url https://github.com/apache/tomcat/commit/4998ad745b67edeadefe541c94ed029b53933d3b
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/4998ad745b67edeadefe541c94ed029b53933d3b
5
reference_url https://github.com/apache/tomcat/commit/77c0ce2d169efa248b64b992e547aad549ec906b
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/77c0ce2d169efa248b64b992e547aad549ec906b
6
reference_url https://github.com/apache/tomcat/commit/bb4624a9f3e69d495182ebfa68d7983076407a27
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/bb4624a9f3e69d495182ebfa68d7983076407a27
7
reference_url https://github.com/apache/tomcat/commit/e3703c9abb8fe0d5602f6ba8a8f11d4b6940815a
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/e3703c9abb8fe0d5602f6ba8a8f11d4b6940815a
8
reference_url https://lists.apache.org/thread/71wvwprtx2j2m54fovq9zr7gbm2wow2f
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-27T18:42:58Z/
url https://lists.apache.org/thread/71wvwprtx2j2m54fovq9zr7gbm2wow2f
9
reference_url https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html
10
reference_url https://security.netapp.com/advisory/ntap-20230921-0006
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20230921-0006
11
reference_url https://www.debian.org/security/2023/dsa-5521
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2023/dsa-5521
12
reference_url https://www.debian.org/security/2023/dsa-5522
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2023/dsa-5522
13
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2235370
reference_id 2235370
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2235370
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41080
reference_id CVE-2023-41080
reference_type
scores
0
value Moderate
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41080
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-41080
reference_id CVE-2023-41080
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-41080
16
reference_url https://github.com/advisories/GHSA-q3mw-pvr8-9ggc
reference_id GHSA-q3mw-pvr8-9ggc
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-q3mw-pvr8-9ggc
17
reference_url https://access.redhat.com/errata/RHSA-2023:5946
reference_id RHSA-2023:5946
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5946
18
reference_url https://access.redhat.com/errata/RHSA-2023:7622
reference_id RHSA-2023:7622
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7622
19
reference_url https://access.redhat.com/errata/RHSA-2023:7623
reference_id RHSA-2023:7623
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7623
20
reference_url https://access.redhat.com/errata/RHSA-2023:7678
reference_id RHSA-2023:7678
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7678
21
reference_url https://access.redhat.com/errata/RHSA-2024:0125
reference_id RHSA-2024:0125
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0125
22
reference_url https://access.redhat.com/errata/RHSA-2024:0474
reference_id RHSA-2024:0474
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0474
23
reference_url https://access.redhat.com/errata/RHSA-2024:1324
reference_id RHSA-2024:1324
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1324
24
reference_url https://access.redhat.com/errata/RHSA-2024:1325
reference_id RHSA-2024:1325
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1325
25
reference_url https://access.redhat.com/errata/RHSA-2024:4631
reference_id RHSA-2024:4631
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4631
26
reference_url https://usn.ubuntu.com/7106-1/
reference_id USN-7106-1
reference_type
scores
url https://usn.ubuntu.com/7106-1/
fixed_packages
0
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.93
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.93
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4cag-c4pb-dfaz
1
vulnerability VCID-5781-s1ny-q7ey
2
vulnerability VCID-6kcx-vptm-zbds
3
vulnerability VCID-cfhw-vmcp-y3bc
4
vulnerability VCID-fpgj-82wf-ykbw
5
vulnerability VCID-gyed-x6s8-ybhr
6
vulnerability VCID-vsdf-4tfj-uybe
7
vulnerability VCID-xqjr-7xfw-mbh2
8
vulnerability VCID-zw2q-kna8-mqcm
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.93
1
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.80
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.80
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1e6p-cppr-2bh2
1
vulnerability VCID-2rmy-13ym-3bgm
2
vulnerability VCID-4cag-c4pb-dfaz
3
vulnerability VCID-5781-s1ny-q7ey
4
vulnerability VCID-6kcx-vptm-zbds
5
vulnerability VCID-cfhw-vmcp-y3bc
6
vulnerability VCID-d1fm-vbd1-n7au
7
vulnerability VCID-fpgj-82wf-ykbw
8
vulnerability VCID-gyed-x6s8-ybhr
9
vulnerability VCID-vsdf-4tfj-uybe
10
vulnerability VCID-xqjr-7xfw-mbh2
11
vulnerability VCID-yrzk-1dbk-muhy
12
vulnerability VCID-zw2q-kna8-mqcm
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.80
2
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.13
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.13
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1e6p-cppr-2bh2
1
vulnerability VCID-2rmy-13ym-3bgm
2
vulnerability VCID-4cag-c4pb-dfaz
3
vulnerability VCID-5781-s1ny-q7ey
4
vulnerability VCID-74tx-sx8a-guhs
5
vulnerability VCID-cfhw-vmcp-y3bc
6
vulnerability VCID-d1fm-vbd1-n7au
7
vulnerability VCID-fpgj-82wf-ykbw
8
vulnerability VCID-gyed-x6s8-ybhr
9
vulnerability VCID-vsdf-4tfj-uybe
10
vulnerability VCID-xqjr-7xfw-mbh2
11
vulnerability VCID-zw2q-kna8-mqcm
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.13
3
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@11.0.0-M11
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@11.0.0-M11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1e6p-cppr-2bh2
1
vulnerability VCID-2rmy-13ym-3bgm
2
vulnerability VCID-4cag-c4pb-dfaz
3
vulnerability VCID-5781-s1ny-q7ey
4
vulnerability VCID-74tx-sx8a-guhs
5
vulnerability VCID-cfhw-vmcp-y3bc
6
vulnerability VCID-d1fm-vbd1-n7au
7
vulnerability VCID-fpgj-82wf-ykbw
8
vulnerability VCID-gyed-x6s8-ybhr
9
vulnerability VCID-v7tp-1t4h-zqeg
10
vulnerability VCID-vsdf-4tfj-uybe
11
vulnerability VCID-xqjr-7xfw-mbh2
12
vulnerability VCID-yrzk-1dbk-muhy
13
vulnerability VCID-zw2q-kna8-mqcm
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@11.0.0-M11
aliases CVE-2023-41080, GHSA-q3mw-pvr8-9ggc
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-j6cj-ftyd-3ffa
15
url VCID-j8tk-s915-pbfy
vulnerability_id VCID-j8tk-s915-pbfy
summary The simplified implementation of blocking reads and writes introduced in Tomcat 10 and back-ported to Tomcat 9.0.47 onwards exposed a long standing (but extremely hard to trigger) concurrency bug in Apache Tomcat 10.1.0 to 10.1.0-M12, 10.0.0-M1 to 10.0.18, 9.0.0-M1 to 9.0.60 and 8.5.0 to 8.5.77 that could cause client connections to share an Http11Processor instance resulting in responses, or part responses, to be received by the wrong client.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43980.json
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43980.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-43980
reference_id
reference_type
scores
0
value 0.00248
scoring_system epss
scoring_elements 0.48094
published_at 2026-05-16T12:55:00Z
1
value 0.00248
scoring_system epss
scoring_elements 0.48086
published_at 2026-05-15T12:55:00Z
2
value 0.00248
scoring_system epss
scoring_elements 0.48068
published_at 2026-05-14T12:55:00Z
3
value 0.00248
scoring_system epss
scoring_elements 0.47993
published_at 2026-05-12T12:55:00Z
4
value 0.00248
scoring_system epss
scoring_elements 0.47964
published_at 2026-05-11T12:55:00Z
5
value 0.00248
scoring_system epss
scoring_elements 0.48019
published_at 2026-05-09T12:55:00Z
6
value 0.00248
scoring_system epss
scoring_elements 0.47994
published_at 2026-05-07T12:55:00Z
7
value 0.00248
scoring_system epss
scoring_elements 0.47927
published_at 2026-05-05T12:55:00Z
8
value 0.00248
scoring_system epss
scoring_elements 0.48008
published_at 2026-04-29T12:55:00Z
9
value 0.00248
scoring_system epss
scoring_elements 0.4806
published_at 2026-04-26T12:55:00Z
10
value 0.00248
scoring_system epss
scoring_elements 0.48048
published_at 2026-04-24T12:55:00Z
11
value 0.00248
scoring_system epss
scoring_elements 0.48067
published_at 2026-04-21T12:55:00Z
12
value 0.00248
scoring_system epss
scoring_elements 0.48111
published_at 2026-04-18T12:55:00Z
13
value 0.00248
scoring_system epss
scoring_elements 0.48055
published_at 2026-04-04T12:55:00Z
14
value 0.00248
scoring_system epss
scoring_elements 0.48035
published_at 2026-04-02T12:55:00Z
15
value 0.00248
scoring_system epss
scoring_elements 0.47996
published_at 2026-04-01T12:55:00Z
16
value 0.00248
scoring_system epss
scoring_elements 0.48116
published_at 2026-04-16T12:55:00Z
17
value 0.00248
scoring_system epss
scoring_elements 0.48063
published_at 2026-04-13T12:55:00Z
18
value 0.00248
scoring_system epss
scoring_elements 0.48052
published_at 2026-04-12T12:55:00Z
19
value 0.00248
scoring_system epss
scoring_elements 0.48075
published_at 2026-04-11T12:55:00Z
20
value 0.00248
scoring_system epss
scoring_elements 0.48051
published_at 2026-04-09T12:55:00Z
21
value 0.00248
scoring_system epss
scoring_elements 0.48057
published_at 2026-04-08T12:55:00Z
22
value 0.00248
scoring_system epss
scoring_elements 0.48005
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-43980
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
4
reference_url https://github.com/apache/tomcat/commit/170e0f792bd18ff031677890ba2fe50eb7a376c1
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/170e0f792bd18ff031677890ba2fe50eb7a376c1
5
reference_url https://github.com/apache/tomcat/commit/17f177eeb7df5938f67ef9ea580411b120195f13
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/17f177eeb7df5938f67ef9ea580411b120195f13
6
reference_url https://github.com/apache/tomcat/commit/4a00b0c0890538b9d3107eef8f2e0afadd119beb
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/4a00b0c0890538b9d3107eef8f2e0afadd119beb
7
reference_url https://github.com/apache/tomcat/commit/9651b83a1d04583791525e5f0c4c9089f678d9fc
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/9651b83a1d04583791525e5f0c4c9089f678d9fc
8
reference_url https://lists.apache.org/thread/3jjqbsp6j88b198x5rmg99b1qr8ht3g3
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-21T14:59:33Z/
url https://lists.apache.org/thread/3jjqbsp6j88b198x5rmg99b1qr8ht3g3
9
reference_url https://lists.debian.org/debian-lts-announce/2022/10/msg00029.html
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-21T14:59:33Z/
url https://lists.debian.org/debian-lts-announce/2022/10/msg00029.html
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-43980
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-43980
11
reference_url https://tomcat.apache.org/security-10.html
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-10.html
12
reference_url https://tomcat.apache.org/security-8.html
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-8.html
13
reference_url https://tomcat.apache.org/security-9.html
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-9.html
14
reference_url https://www.debian.org/security/2022/dsa-5265
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-21T14:59:33Z/
url https://www.debian.org/security/2022/dsa-5265
15
reference_url http://www.openwall.com/lists/oss-security/2022/09/28/1
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-21T14:59:33Z/
url http://www.openwall.com/lists/oss-security/2022/09/28/1
16
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2130599
reference_id 2130599
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2130599
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43980
reference_id CVE-2021-43980
reference_type
scores
0
value High
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43980
18
reference_url https://github.com/advisories/GHSA-jx7c-7mj5-9438
reference_id GHSA-jx7c-7mj5-9438
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-jx7c-7mj5-9438
19
reference_url https://access.redhat.com/errata/RHSA-2022:7272
reference_id RHSA-2022:7272
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7272
20
reference_url https://access.redhat.com/errata/RHSA-2022:7273
reference_id RHSA-2022:7273
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7273
fixed_packages
0
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.78
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.78
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4cag-c4pb-dfaz
1
vulnerability VCID-5781-s1ny-q7ey
2
vulnerability VCID-cfhw-vmcp-y3bc
3
vulnerability VCID-fpgj-82wf-ykbw
4
vulnerability VCID-gyed-x6s8-ybhr
5
vulnerability VCID-j6cj-ftyd-3ffa
6
vulnerability VCID-nmq2-8ysj-4fbc
7
vulnerability VCID-p8q2-pt96-5ye8
8
vulnerability VCID-qkx6-32cj-jfbp
9
vulnerability VCID-v7tp-1t4h-zqeg
10
vulnerability VCID-vsdf-4tfj-uybe
11
vulnerability VCID-xqjr-7xfw-mbh2
12
vulnerability VCID-zw2q-kna8-mqcm
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.78
1
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.62
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.62
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1e6p-cppr-2bh2
1
vulnerability VCID-2rmy-13ym-3bgm
2
vulnerability VCID-4cag-c4pb-dfaz
3
vulnerability VCID-5781-s1ny-q7ey
4
vulnerability VCID-cfhw-vmcp-y3bc
5
vulnerability VCID-d1fm-vbd1-n7au
6
vulnerability VCID-fpgj-82wf-ykbw
7
vulnerability VCID-gyed-x6s8-ybhr
8
vulnerability VCID-j6cj-ftyd-3ffa
9
vulnerability VCID-nmq2-8ysj-4fbc
10
vulnerability VCID-p8q2-pt96-5ye8
11
vulnerability VCID-qkx6-32cj-jfbp
12
vulnerability VCID-stds-vw5z-auhp
13
vulnerability VCID-v7tp-1t4h-zqeg
14
vulnerability VCID-vsdf-4tfj-uybe
15
vulnerability VCID-xqjr-7xfw-mbh2
16
vulnerability VCID-yrzk-1dbk-muhy
17
vulnerability VCID-zw2q-kna8-mqcm
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.62
2
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.0.20
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.0.20
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5781-s1ny-q7ey
1
vulnerability VCID-nmq2-8ysj-4fbc
2
vulnerability VCID-p8q2-pt96-5ye8
3
vulnerability VCID-qkx6-32cj-jfbp
4
vulnerability VCID-wptr-hkjx-s7c3
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.0.20
3
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.1
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1e6p-cppr-2bh2
1
vulnerability VCID-2rmy-13ym-3bgm
2
vulnerability VCID-4cag-c4pb-dfaz
3
vulnerability VCID-5781-s1ny-q7ey
4
vulnerability VCID-74tx-sx8a-guhs
5
vulnerability VCID-cfhw-vmcp-y3bc
6
vulnerability VCID-d1fm-vbd1-n7au
7
vulnerability VCID-fpgj-82wf-ykbw
8
vulnerability VCID-gyed-x6s8-ybhr
9
vulnerability VCID-j6cj-ftyd-3ffa
10
vulnerability VCID-stds-vw5z-auhp
11
vulnerability VCID-v7tp-1t4h-zqeg
12
vulnerability VCID-vsdf-4tfj-uybe
13
vulnerability VCID-xqjr-7xfw-mbh2
14
vulnerability VCID-zw2q-kna8-mqcm
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.1
aliases CVE-2021-43980, GHSA-jx7c-7mj5-9438
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-j8tk-s915-pbfy
16
url VCID-k9cg-ehdw-dbh6
vulnerability_id VCID-k9cg-ehdw-dbh6
summary 
Generation of Error Message Containing Sensitive Information vulnerability in Apache Tomcat.This issue affects Apache Tomcat: from 8.5.7 through 8.5.63, from 9.0.0-M11 through 9.0.43. Other, EOL versions may also be affected.

Users are recommended to upgrade to version 8.5.64 onwards or 9.0.44 onwards, which contain a fix for the issue.
references
0
reference_url http://packetstormsecurity.com/files/176951/Apache-Tomcat-8.5.63-9.0.43-HTTP-Response-Smuggling.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://packetstormsecurity.com/files/176951/Apache-Tomcat-8.5.63-9.0.43-HTTP-Response-Smuggling.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21733.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21733.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-21733
reference_id
reference_type
scores
0
value 0.73428
scoring_system epss
scoring_elements 0.98827
published_at 2026-05-15T12:55:00Z
1
value 0.73428
scoring_system epss
scoring_elements 0.98789
published_at 2026-04-02T12:55:00Z
2
value 0.73428
scoring_system epss
scoring_elements 0.98792
published_at 2026-04-04T12:55:00Z
3
value 0.73428
scoring_system epss
scoring_elements 0.98795
published_at 2026-04-07T12:55:00Z
4
value 0.73428
scoring_system epss
scoring_elements 0.98796
published_at 2026-04-09T12:55:00Z
5
value 0.73428
scoring_system epss
scoring_elements 0.98798
published_at 2026-04-11T12:55:00Z
6
value 0.73428
scoring_system epss
scoring_elements 0.98799
published_at 2026-04-12T12:55:00Z
7
value 0.73428
scoring_system epss
scoring_elements 0.988
published_at 2026-04-13T12:55:00Z
8
value 0.73428
scoring_system epss
scoring_elements 0.98804
published_at 2026-04-16T12:55:00Z
9
value 0.73428
scoring_system epss
scoring_elements 0.98805
published_at 2026-04-18T12:55:00Z
10
value 0.73428
scoring_system epss
scoring_elements 0.98807
published_at 2026-04-21T12:55:00Z
11
value 0.73428
scoring_system epss
scoring_elements 0.9881
published_at 2026-04-24T12:55:00Z
12
value 0.73428
scoring_system epss
scoring_elements 0.98811
published_at 2026-04-26T12:55:00Z
13
value 0.73428
scoring_system epss
scoring_elements 0.98812
published_at 2026-04-29T12:55:00Z
14
value 0.73428
scoring_system epss
scoring_elements 0.98816
published_at 2026-05-05T12:55:00Z
15
value 0.73428
scoring_system epss
scoring_elements 0.98817
published_at 2026-05-07T12:55:00Z
16
value 0.73428
scoring_system epss
scoring_elements 0.9882
published_at 2026-05-09T12:55:00Z
17
value 0.73428
scoring_system epss
scoring_elements 0.98821
published_at 2026-05-11T12:55:00Z
18
value 0.73428
scoring_system epss
scoring_elements 0.98823
published_at 2026-05-12T12:55:00Z
19
value 0.73428
scoring_system epss
scoring_elements 0.98825
published_at 2026-05-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-21733
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
5
reference_url https://github.com/apache/tomcat/commit/86ccc43940861703c2be96a5f35384407522125a
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/86ccc43940861703c2be96a5f35384407522125a
6
reference_url https://github.com/apache/tomcat/commit/ce4b154e7b48f66bd98858626347747cd2514311
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/ce4b154e7b48f66bd98858626347747cd2514311
7
reference_url https://lists.apache.org/thread/h9bjqdd0odj6lhs2o96qgowcc6hb0cfz
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-13T16:09:11Z/
url https://lists.apache.org/thread/h9bjqdd0odj6lhs2o96qgowcc6hb0cfz
8
reference_url https://lists.debian.org/debian-lts-announce/2025/01/msg00009.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2025/01/msg00009.html
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-21733
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-21733
10
reference_url https://security.netapp.com/advisory/ntap-20240216-0005
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20240216-0005
11
reference_url https://tomcat.apache.org/security-8.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-8.html
12
reference_url https://tomcat.apache.org/security-9.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-9.html
13
reference_url http://www.openwall.com/lists/oss-security/2024/01/19/2
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2024/01/19/2
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2259204
reference_id 2259204
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2259204
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21733
reference_id CVE-2024-21733
reference_type
scores
0
value Important
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21733
16
reference_url https://github.com/advisories/GHSA-f4qf-m5gf-8jm8
reference_id GHSA-f4qf-m5gf-8jm8
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-f4qf-m5gf-8jm8
17
reference_url https://usn.ubuntu.com/7562-1/
reference_id USN-7562-1
reference_type
scores
url https://usn.ubuntu.com/7562-1/
fixed_packages
0
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.64
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.64
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4cag-c4pb-dfaz
1
vulnerability VCID-5781-s1ny-q7ey
2
vulnerability VCID-ayrd-8ntf-hkh3
3
vulnerability VCID-cfhw-vmcp-y3bc
4
vulnerability VCID-fpgj-82wf-ykbw
5
vulnerability VCID-gyed-x6s8-ybhr
6
vulnerability VCID-j6cj-ftyd-3ffa
7
vulnerability VCID-j8tk-s915-pbfy
8
vulnerability VCID-kwab-3s4q-eka4
9
vulnerability VCID-nmq2-8ysj-4fbc
10
vulnerability VCID-p8q2-pt96-5ye8
11
vulnerability VCID-qkx6-32cj-jfbp
12
vulnerability VCID-v7tp-1t4h-zqeg
13
vulnerability VCID-vsdf-4tfj-uybe
14
vulnerability VCID-wptr-hkjx-s7c3
15
vulnerability VCID-xqjr-7xfw-mbh2
16
vulnerability VCID-zw2q-kna8-mqcm
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.64
aliases CVE-2024-21733, GHSA-f4qf-m5gf-8jm8
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k9cg-ehdw-dbh6
17
url VCID-kwab-3s4q-eka4
vulnerability_id VCID-kwab-3s4q-eka4
summary A vulnerability in the JNDI Realm of Apache Tomcat allows an attacker to authenticate using variations of a valid user name and/or to bypass some of the protection provided by the LockOut Realm. This issue affects Apache Tomcat 10.0.0-M1 to 10.0.5; 9.0.0.M1 to 9.0.45; 8.5.0 to 8.5.65.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-30640.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-30640.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-30640
reference_id
reference_type
scores
0
value 0.00115
scoring_system epss
scoring_elements 0.29768
published_at 2026-05-16T12:55:00Z
1
value 0.00115
scoring_system epss
scoring_elements 0.29767
published_at 2026-05-15T12:55:00Z
2
value 0.00115
scoring_system epss
scoring_elements 0.29754
published_at 2026-05-14T12:55:00Z
3
value 0.00115
scoring_system epss
scoring_elements 0.29677
published_at 2026-05-12T12:55:00Z
4
value 0.00115
scoring_system epss
scoring_elements 0.29657
published_at 2026-05-11T12:55:00Z
5
value 0.00115
scoring_system epss
scoring_elements 0.29728
published_at 2026-05-09T12:55:00Z
6
value 0.00115
scoring_system epss
scoring_elements 0.29715
published_at 2026-05-07T12:55:00Z
7
value 0.00115
scoring_system epss
scoring_elements 0.2965
published_at 2026-05-05T12:55:00Z
8
value 0.00115
scoring_system epss
scoring_elements 0.29794
published_at 2026-04-29T12:55:00Z
9
value 0.00115
scoring_system epss
scoring_elements 0.29864
published_at 2026-04-26T12:55:00Z
10
value 0.00115
scoring_system epss
scoring_elements 0.2998
published_at 2026-04-24T12:55:00Z
11
value 0.00115
scoring_system epss
scoring_elements 0.3005
published_at 2026-04-21T12:55:00Z
12
value 0.00115
scoring_system epss
scoring_elements 0.30095
published_at 2026-04-18T12:55:00Z
13
value 0.00115
scoring_system epss
scoring_elements 0.30113
published_at 2026-04-16T12:55:00Z
14
value 0.00115
scoring_system epss
scoring_elements 0.30098
published_at 2026-04-13T12:55:00Z
15
value 0.00115
scoring_system epss
scoring_elements 0.30148
published_at 2026-04-12T12:55:00Z
16
value 0.00115
scoring_system epss
scoring_elements 0.30191
published_at 2026-04-11T12:55:00Z
17
value 0.00115
scoring_system epss
scoring_elements 0.30188
published_at 2026-04-09T12:55:00Z
18
value 0.00115
scoring_system epss
scoring_elements 0.30152
published_at 2026-04-08T12:55:00Z
19
value 0.00115
scoring_system epss
scoring_elements 0.30093
published_at 2026-04-07T12:55:00Z
20
value 0.00115
scoring_system epss
scoring_elements 0.30195
published_at 2026-04-01T12:55:00Z
21
value 0.00115
scoring_system epss
scoring_elements 0.30275
published_at 2026-04-04T12:55:00Z
22
value 0.00115
scoring_system epss
scoring_elements 0.30226
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-30640
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/apache/tomcat/commit/0a272b00aed57526dbfc8b881ab253c23c61f100
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/0a272b00aed57526dbfc8b881ab253c23c61f100
4
reference_url https://github.com/apache/tomcat/commit/17208c645d68d2af1444ee8c64f36a9b8f0ba76f
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/17208c645d68d2af1444ee8c64f36a9b8f0ba76f
5
reference_url https://github.com/apache/tomcat/commit/24dfb30076997b640e5123e92c4b8d7f206f609c
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/24dfb30076997b640e5123e92c4b8d7f206f609c
6
reference_url https://github.com/apache/tomcat/commit/329932012d3a9b95fde0b18618416e659ecffdc0
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/329932012d3a9b95fde0b18618416e659ecffdc0
7
reference_url https://github.com/apache/tomcat/commit/3ce84512ed8783577d9945df28da5a033465b945
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/3ce84512ed8783577d9945df28da5a033465b945
8
reference_url https://github.com/apache/tomcat/commit/4e61e1d625a4a64d6b775e3a03c77a0b100d56d7
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/4e61e1d625a4a64d6b775e3a03c77a0b100d56d7
9
reference_url https://github.com/apache/tomcat/commit/4e86b4ea0d1a9b00fa93971c31b93ad1bd49c7fe
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/4e86b4ea0d1a9b00fa93971c31b93ad1bd49c7fe
10
reference_url https://github.com/apache/tomcat/commit/6a9129ac9bd06555ce04bb564a76fc3987311f38
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/6a9129ac9bd06555ce04bb564a76fc3987311f38
11
reference_url https://github.com/apache/tomcat/commit/749f3cc192c68c34f2375509aea087be45fc4434
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/749f3cc192c68c34f2375509aea087be45fc4434
12
reference_url https://github.com/apache/tomcat/commit/79580e7f70a07c083be07307376511bb864d5a7b
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/79580e7f70a07c083be07307376511bb864d5a7b
13
reference_url https://github.com/apache/tomcat/commit/81f16b0a7186ed02efbfac336589d6cff28d1e89
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/81f16b0a7186ed02efbfac336589d6cff28d1e89
14
reference_url https://github.com/apache/tomcat/commit/91ecdc61ce3420054c04114baaaf1c1e0cbd5d56
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/91ecdc61ce3420054c04114baaaf1c1e0cbd5d56
15
reference_url https://github.com/apache/tomcat/commit/ad22db641dcd61c2e8078f658fa709897b5da375
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/ad22db641dcd61c2e8078f658fa709897b5da375
16
reference_url https://github.com/apache/tomcat/commit/b5585a9e5d4fec020cc5ebadb82f899fae22bc43
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/b5585a9e5d4fec020cc5ebadb82f899fae22bc43
17
reference_url https://github.com/apache/tomcat/commit/b930d0b3161d9ec78d5fa57f886ed2de4680518b
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/b930d0b3161d9ec78d5fa57f886ed2de4680518b
18
reference_url https://github.com/apache/tomcat/commit/bd4d1fbe9146dff4714130594afd668406a6a5ef
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/bd4d1fbe9146dff4714130594afd668406a6a5ef
19
reference_url https://github.com/apache/tomcat/commit/c4df8d44a959a937d507d15e5b1ca35c3dbc41eb
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/c4df8d44a959a937d507d15e5b1ca35c3dbc41eb
20
reference_url https://github.com/apache/tomcat/commit/c6b6e1015ae44c936971b6bf8bce70987935b92e
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/c6b6e1015ae44c936971b6bf8bce70987935b92e
21
reference_url https://github.com/apache/tomcat/commit/c9f21a2a7908c7c4ecd4f9bb495d3ee36a2bd822
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/c9f21a2a7908c7c4ecd4f9bb495d3ee36a2bd822
22
reference_url https://github.com/apache/tomcat/commit/d3407672774e372fae8b5898d55f85d16f22b972
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/d3407672774e372fae8b5898d55f85d16f22b972
23
reference_url https://github.com/apache/tomcat/commit/d5303a506c7533803d2b3bc46e6120ce673a6667
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/d5303a506c7533803d2b3bc46e6120ce673a6667
24
reference_url https://github.com/apache/tomcat/commit/e21eb4764ccda55e5a35a5a7c19a6fd2b0757fe9
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/e21eb4764ccda55e5a35a5a7c19a6fd2b0757fe9
25
reference_url https://github.com/apache/tomcat/commit/e50067486cf86564175ca0cfdcbf7d209c6df862
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/e50067486cf86564175ca0cfdcbf7d209c6df862
26
reference_url https://github.com/apache/tomcat/commit/eeb7351219bd8803c0053e1e80444664a7cf5b51
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/eeb7351219bd8803c0053e1e80444664a7cf5b51
27
reference_url https://github.com/apache/tomcat/commit/f4d9bdef53ec009b7717620d890465fa273721a6
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/f4d9bdef53ec009b7717620d890465fa273721a6
28
reference_url https://lists.apache.org/thread.html/r59f9ef03929d32120f91f4ea7e6e79edd5688d75d0a9b65fd26d1fe8%40%3Cannounce.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r59f9ef03929d32120f91f4ea7e6e79edd5688d75d0a9b65fd26d1fe8%40%3Cannounce.tomcat.apache.org%3E
29
reference_url https://lists.debian.org/debian-lts-announce/2021/08/msg00009.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2021/08/msg00009.html
30
reference_url https://security.gentoo.org/glsa/202208-34
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202208-34
31
reference_url https://security.netapp.com/advisory/ntap-20210827-0007
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20210827-0007
32
reference_url https://security.netapp.com/advisory/ntap-20210827-0007/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20210827-0007/
33
reference_url https://www.debian.org/security/2021/dsa-4952
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2021/dsa-4952
34
reference_url https://www.debian.org/security/2021/dsa-4986
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2021/dsa-4986
35
reference_url https://www.oracle.com/security-alerts/cpujan2022.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujan2022.html
36
reference_url https://www.oracle.com//security-alerts/cpujul2021.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com//security-alerts/cpujul2021.html
37
reference_url https://www.oracle.com/security-alerts/cpuoct2021.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuoct2021.html
38
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1981544
reference_id 1981544
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1981544
39
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991046
reference_id 991046
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991046
40
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30640
reference_id CVE-2021-30640
reference_type
scores
0
value Low
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30640
41
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-30640
reference_id CVE-2021-30640
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-30640
42
reference_url https://github.com/advisories/GHSA-36qh-35cm-5w2w
reference_id GHSA-36qh-35cm-5w2w
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-36qh-35cm-5w2w
43
reference_url https://access.redhat.com/errata/RHSA-2021:4861
reference_id RHSA-2021:4861
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4861
44
reference_url https://access.redhat.com/errata/RHSA-2021:4863
reference_id RHSA-2021:4863
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4863
45
reference_url https://access.redhat.com/errata/RHSA-2022:1179
reference_id RHSA-2022:1179
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1179
46
reference_url https://access.redhat.com/errata/RHSA-2022:5532
reference_id RHSA-2022:5532
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5532
47
reference_url https://usn.ubuntu.com/5360-1/
reference_id USN-5360-1
reference_type
scores
url https://usn.ubuntu.com/5360-1/
fixed_packages
0
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.66
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.66
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4cag-c4pb-dfaz
1
vulnerability VCID-5781-s1ny-q7ey
2
vulnerability VCID-ayrd-8ntf-hkh3
3
vulnerability VCID-cfhw-vmcp-y3bc
4
vulnerability VCID-fpgj-82wf-ykbw
5
vulnerability VCID-gyed-x6s8-ybhr
6
vulnerability VCID-j6cj-ftyd-3ffa
7
vulnerability VCID-j8tk-s915-pbfy
8
vulnerability VCID-nmq2-8ysj-4fbc
9
vulnerability VCID-p8q2-pt96-5ye8
10
vulnerability VCID-qkx6-32cj-jfbp
11
vulnerability VCID-v7tp-1t4h-zqeg
12
vulnerability VCID-vsdf-4tfj-uybe
13
vulnerability VCID-wptr-hkjx-s7c3
14
vulnerability VCID-xqjr-7xfw-mbh2
15
vulnerability VCID-zw2q-kna8-mqcm
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.66
1
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.46
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.46
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1e6p-cppr-2bh2
1
vulnerability VCID-2rmy-13ym-3bgm
2
vulnerability VCID-4cag-c4pb-dfaz
3
vulnerability VCID-5781-s1ny-q7ey
4
vulnerability VCID-cfhw-vmcp-y3bc
5
vulnerability VCID-d1fm-vbd1-n7au
6
vulnerability VCID-fpgj-82wf-ykbw
7
vulnerability VCID-gyed-x6s8-ybhr
8
vulnerability VCID-j6cj-ftyd-3ffa
9
vulnerability VCID-j8tk-s915-pbfy
10
vulnerability VCID-nmq2-8ysj-4fbc
11
vulnerability VCID-p8q2-pt96-5ye8
12
vulnerability VCID-qkx6-32cj-jfbp
13
vulnerability VCID-stds-vw5z-auhp
14
vulnerability VCID-v7tp-1t4h-zqeg
15
vulnerability VCID-vsdf-4tfj-uybe
16
vulnerability VCID-wptr-hkjx-s7c3
17
vulnerability VCID-xqjr-7xfw-mbh2
18
vulnerability VCID-yrzk-1dbk-muhy
19
vulnerability VCID-zw2q-kna8-mqcm
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.46
2
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.0.6
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.0.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5781-s1ny-q7ey
1
vulnerability VCID-j8tk-s915-pbfy
2
vulnerability VCID-nmq2-8ysj-4fbc
3
vulnerability VCID-p8q2-pt96-5ye8
4
vulnerability VCID-qkx6-32cj-jfbp
5
vulnerability VCID-wptr-hkjx-s7c3
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.0.6
aliases CVE-2021-30640, GHSA-36qh-35cm-5w2w
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kwab-3s4q-eka4
18
url VCID-n3ab-nk7c-hqc9
vulnerability_id VCID-n3ab-nk7c-hqc9
summary The fix for CVE-2020-9484 was incomplete. When using Apache Tomcat 10.0.0-M1 to 10.0.0, 9.0.0.M1 to 9.0.41, 8.5.0 to 8.5.61 or 7.0.0. to 7.0.107 with a configuration edge case that was highly unlikely to be used, the Tomcat instance was still vulnerable to CVE-2020-9494. Note that both the previously published prerequisites for CVE-2020-9484 and the previously published mitigations for CVE-2020-9484 also apply to this issue.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-25329.json
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-25329.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-25329
reference_id
reference_type
scores
0
value 0.01001
scoring_system epss
scoring_elements 0.77198
published_at 2026-05-16T12:55:00Z
1
value 0.01001
scoring_system epss
scoring_elements 0.77193
published_at 2026-05-15T12:55:00Z
2
value 0.01001
scoring_system epss
scoring_elements 0.77177
published_at 2026-05-14T12:55:00Z
3
value 0.01001
scoring_system epss
scoring_elements 0.77128
published_at 2026-05-12T12:55:00Z
4
value 0.01001
scoring_system epss
scoring_elements 0.77111
published_at 2026-05-11T12:55:00Z
5
value 0.01001
scoring_system epss
scoring_elements 0.77123
published_at 2026-05-09T12:55:00Z
6
value 0.01001
scoring_system epss
scoring_elements 0.76928
published_at 2026-04-01T12:55:00Z
7
value 0.01001
scoring_system epss
scoring_elements 0.76989
published_at 2026-04-09T12:55:00Z
8
value 0.01001
scoring_system epss
scoring_elements 0.76978
published_at 2026-04-08T12:55:00Z
9
value 0.01001
scoring_system epss
scoring_elements 0.76946
published_at 2026-04-07T12:55:00Z
10
value 0.01001
scoring_system epss
scoring_elements 0.76964
published_at 2026-04-04T12:55:00Z
11
value 0.01001
scoring_system epss
scoring_elements 0.76934
published_at 2026-04-02T12:55:00Z
12
value 0.01001
scoring_system epss
scoring_elements 0.77103
published_at 2026-05-07T12:55:00Z
13
value 0.01001
scoring_system epss
scoring_elements 0.77073
published_at 2026-05-05T12:55:00Z
14
value 0.01001
scoring_system epss
scoring_elements 0.77082
published_at 2026-04-29T12:55:00Z
15
value 0.01001
scoring_system epss
scoring_elements 0.77068
published_at 2026-04-26T12:55:00Z
16
value 0.01001
scoring_system epss
scoring_elements 0.77062
published_at 2026-04-24T12:55:00Z
17
value 0.01001
scoring_system epss
scoring_elements 0.77027
published_at 2026-04-21T12:55:00Z
18
value 0.01001
scoring_system epss
scoring_elements 0.77034
published_at 2026-04-18T12:55:00Z
19
value 0.01001
scoring_system epss
scoring_elements 0.77031
published_at 2026-04-16T12:55:00Z
20
value 0.01001
scoring_system epss
scoring_elements 0.7699
published_at 2026-04-13T12:55:00Z
21
value 0.01001
scoring_system epss
scoring_elements 0.76995
published_at 2026-04-12T12:55:00Z
22
value 0.01001
scoring_system epss
scoring_elements 0.77016
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-25329
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
4
reference_url https://github.com/apache/tomcat/commit/4785433a226a20df6acbea49296e1ce7e23de453
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/4785433a226a20df6acbea49296e1ce7e23de453
5
reference_url https://github.com/apache/tomcat/commit/6d66e99ef85da93e4d2c2a536ca51aa3418bfaf4
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/6d66e99ef85da93e4d2c2a536ca51aa3418bfaf4
6
reference_url https://github.com/apache/tomcat/commit/74b105657ffbd1d1de80455f03446c3bbf30d1f5
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/74b105657ffbd1d1de80455f03446c3bbf30d1f5
7
reference_url https://github.com/apache/tomcat/commit/93f0cc403a9210d469afc2bd9cf03ab3251c6f35
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/93f0cc403a9210d469afc2bd9cf03ab3251c6f35
8
reference_url https://lists.apache.org/thread.html/r11ce01e8a4c7269b88f88212f21830edf73558997ac7744f37769b77@%3Cusers.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r11ce01e8a4c7269b88f88212f21830edf73558997ac7744f37769b77@%3Cusers.tomcat.apache.org%3E
9
reference_url https://lists.apache.org/thread.html/r732b2ca289dc02df2de820e8775559abd6c207f159e39f559547a085@%3Cusers.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r732b2ca289dc02df2de820e8775559abd6c207f159e39f559547a085@%3Cusers.tomcat.apache.org%3E
10
reference_url https://lists.apache.org/thread.html/r8a2ac0e476dbfc1e6440b09dcc782d444ad635d6da26f0284725a5dc@%3Cusers.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r8a2ac0e476dbfc1e6440b09dcc782d444ad635d6da26f0284725a5dc@%3Cusers.tomcat.apache.org%3E
11
reference_url https://lists.apache.org/thread.html/rb51ccd58b2152fc75125b2406fc93e04ca9d34e737263faa6ff0f41f@%3Cusers.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb51ccd58b2152fc75125b2406fc93e04ca9d34e737263faa6ff0f41f@%3Cusers.tomcat.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/rf6d5d57b114678d8898005faef31e9fd6d7c981fcc4ccfc3bc272fc9@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rf6d5d57b114678d8898005faef31e9fd6d7c981fcc4ccfc3bc272fc9@%3Cdev.tomcat.apache.org%3E
13
reference_url https://lists.apache.org/thread.html/rfe62fbf9d4c314f166fe8c668e50e5d9dd882a99447f26f0367474bf@%3Cannounce.apache.org%3E
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rfe62fbf9d4c314f166fe8c668e50e5d9dd882a99447f26f0367474bf@%3Cannounce.apache.org%3E
14
reference_url https://lists.apache.org/thread.html/rfe62fbf9d4c314f166fe8c668e50e5d9dd882a99447f26f0367474bf@%3Cannounce.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rfe62fbf9d4c314f166fe8c668e50e5d9dd882a99447f26f0367474bf@%3Cannounce.tomcat.apache.org%3E
15
reference_url https://lists.apache.org/thread.html/rfe62fbf9d4c314f166fe8c668e50e5d9dd882a99447f26f0367474bf@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rfe62fbf9d4c314f166fe8c668e50e5d9dd882a99447f26f0367474bf@%3Cdev.tomcat.apache.org%3E
16
reference_url https://lists.apache.org/thread.html/rfe62fbf9d4c314f166fe8c668e50e5d9dd882a99447f26f0367474bf@%3Cusers.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rfe62fbf9d4c314f166fe8c668e50e5d9dd882a99447f26f0367474bf@%3Cusers.tomcat.apache.org%3E
17
reference_url https://lists.apache.org/thread.html/rfe62fbf9d4c314f166fe8c668e50e5d9dd882a99447f26f0367474bf%40%3Cannounce.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rfe62fbf9d4c314f166fe8c668e50e5d9dd882a99447f26f0367474bf%40%3Cannounce.tomcat.apache.org%3E
18
reference_url https://lists.debian.org/debian-lts-announce/2021/03/msg00018.html
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2021/03/msg00018.html
19
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-25329
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-25329
20
reference_url https://security.gentoo.org/glsa/202208-34
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202208-34
21
reference_url https://security.netapp.com/advisory/ntap-20210409-0002
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20210409-0002
22
reference_url https://security.netapp.com/advisory/ntap-20210409-0002/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20210409-0002/
23
reference_url https://www.debian.org/security/2021/dsa-4891
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2021/dsa-4891
24
reference_url https://www.oracle.com/security-alerts/cpujan2022.html
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujan2022.html
25
reference_url https://www.oracle.com//security-alerts/cpujul2021.html
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com//security-alerts/cpujul2021.html
26
reference_url https://www.oracle.com/security-alerts/cpuoct2021.html
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuoct2021.html
27
reference_url http://www.openwall.com/lists/oss-security/2021/03/01/2
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2021/03/01/2
28
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1934061
reference_id 1934061
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1934061
29
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25329
reference_id CVE-2021-25329
reference_type
scores
0
value Low
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25329
30
reference_url https://github.com/advisories/GHSA-jgwr-3qm3-26f3
reference_id GHSA-jgwr-3qm3-26f3
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-jgwr-3qm3-26f3
31
reference_url https://access.redhat.com/errata/RHSA-2021:2561
reference_id RHSA-2021:2561
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2561
32
reference_url https://access.redhat.com/errata/RHSA-2021:2562
reference_id RHSA-2021:2562
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2562
33
reference_url https://access.redhat.com/errata/RHSA-2021:3425
reference_id RHSA-2021:3425
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3425
34
reference_url https://access.redhat.com/errata/RHSA-2022:5532
reference_id RHSA-2022:5532
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5532
35
reference_url https://usn.ubuntu.com/5360-1/
reference_id USN-5360-1
reference_type
scores
url https://usn.ubuntu.com/5360-1/
36
reference_url https://usn.ubuntu.com/6908-1/
reference_id USN-6908-1
reference_type
scores
url https://usn.ubuntu.com/6908-1/
fixed_packages
0
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.61
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.61
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4cag-c4pb-dfaz
1
vulnerability VCID-5781-s1ny-q7ey
2
vulnerability VCID-ayrd-8ntf-hkh3
3
vulnerability VCID-cfhw-vmcp-y3bc
4
vulnerability VCID-dy6m-zt6r-9ubd
5
vulnerability VCID-fpgj-82wf-ykbw
6
vulnerability VCID-gyed-x6s8-ybhr
7
vulnerability VCID-j6cj-ftyd-3ffa
8
vulnerability VCID-j8tk-s915-pbfy
9
vulnerability VCID-k9cg-ehdw-dbh6
10
vulnerability VCID-kwab-3s4q-eka4
11
vulnerability VCID-nmq2-8ysj-4fbc
12
vulnerability VCID-p8q2-pt96-5ye8
13
vulnerability VCID-qkx6-32cj-jfbp
14
vulnerability VCID-t2ne-75ck-eqcr
15
vulnerability VCID-v7tp-1t4h-zqeg
16
vulnerability VCID-vsdf-4tfj-uybe
17
vulnerability VCID-wptr-hkjx-s7c3
18
vulnerability VCID-xqjr-7xfw-mbh2
19
vulnerability VCID-zw2q-kna8-mqcm
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.61
1
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.41
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.41
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1e6p-cppr-2bh2
1
vulnerability VCID-2rmy-13ym-3bgm
2
vulnerability VCID-4cag-c4pb-dfaz
3
vulnerability VCID-5781-s1ny-q7ey
4
vulnerability VCID-cfhw-vmcp-y3bc
5
vulnerability VCID-d1fm-vbd1-n7au
6
vulnerability VCID-dy6m-zt6r-9ubd
7
vulnerability VCID-fpgj-82wf-ykbw
8
vulnerability VCID-gyed-x6s8-ybhr
9
vulnerability VCID-j6cj-ftyd-3ffa
10
vulnerability VCID-j8tk-s915-pbfy
11
vulnerability VCID-kwab-3s4q-eka4
12
vulnerability VCID-nmq2-8ysj-4fbc
13
vulnerability VCID-p8q2-pt96-5ye8
14
vulnerability VCID-qkx6-32cj-jfbp
15
vulnerability VCID-stds-vw5z-auhp
16
vulnerability VCID-t2ne-75ck-eqcr
17
vulnerability VCID-v7tp-1t4h-zqeg
18
vulnerability VCID-vsdf-4tfj-uybe
19
vulnerability VCID-wptr-hkjx-s7c3
20
vulnerability VCID-xqjr-7xfw-mbh2
21
vulnerability VCID-yrzk-1dbk-muhy
22
vulnerability VCID-zw2q-kna8-mqcm
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.41
2
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.0.2
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.0.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5781-s1ny-q7ey
1
vulnerability VCID-dy6m-zt6r-9ubd
2
vulnerability VCID-j8tk-s915-pbfy
3
vulnerability VCID-kwab-3s4q-eka4
4
vulnerability VCID-nmq2-8ysj-4fbc
5
vulnerability VCID-p8q2-pt96-5ye8
6
vulnerability VCID-qkx6-32cj-jfbp
7
vulnerability VCID-wptr-hkjx-s7c3
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.0.2
aliases CVE-2021-25329, GHSA-jgwr-3qm3-26f3
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-n3ab-nk7c-hqc9
19
url VCID-nmq2-8ysj-4fbc
vulnerability_id VCID-nmq2-8ysj-4fbc
summary If Apache Tomcat 8.5.0 to 8.5.82, 9.0.0-M1 to 9.0.67, 10.0.0-M1 to 10.0.26 or 10.1.0-M1 to 10.1.0 was configured to ignore invalid HTTP headers via setting rejectIllegalHeader to false (the default for 8.5.x only), Tomcat did not reject a request containing an invalid Content-Length header making a request smuggling attack possible if Tomcat was located behind a reverse proxy that also failed to reject the request with the invalid header.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-42252.json
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-42252.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-42252
reference_id
reference_type
scores
0
value 0.00145
scoring_system epss
scoring_elements 0.34917
published_at 2026-04-02T12:55:00Z
1
value 0.00145
scoring_system epss
scoring_elements 0.34823
published_at 2026-04-07T12:55:00Z
2
value 0.00145
scoring_system epss
scoring_elements 0.34943
published_at 2026-04-04T12:55:00Z
3
value 0.00145
scoring_system epss
scoring_elements 0.34895
published_at 2026-04-09T12:55:00Z
4
value 0.00145
scoring_system epss
scoring_elements 0.34868
published_at 2026-04-08T12:55:00Z
5
value 0.00164
scoring_system epss
scoring_elements 0.37438
published_at 2026-04-11T12:55:00Z
6
value 0.00164
scoring_system epss
scoring_elements 0.37404
published_at 2026-04-12T12:55:00Z
7
value 0.0019
scoring_system epss
scoring_elements 0.40481
published_at 2026-05-05T12:55:00Z
8
value 0.0019
scoring_system epss
scoring_elements 0.40631
published_at 2026-04-29T12:55:00Z
9
value 0.0019
scoring_system epss
scoring_elements 0.40714
published_at 2026-04-26T12:55:00Z
10
value 0.0019
scoring_system epss
scoring_elements 0.40726
published_at 2026-04-24T12:55:00Z
11
value 0.0019
scoring_system epss
scoring_elements 0.40898
published_at 2026-04-18T12:55:00Z
12
value 0.0019
scoring_system epss
scoring_elements 0.40929
published_at 2026-04-16T12:55:00Z
13
value 0.0019
scoring_system epss
scoring_elements 0.40887
published_at 2026-04-13T12:55:00Z
14
value 0.0019
scoring_system epss
scoring_elements 0.40818
published_at 2026-04-21T12:55:00Z
15
value 0.0019
scoring_system epss
scoring_elements 0.4061
published_at 2026-05-16T12:55:00Z
16
value 0.0019
scoring_system epss
scoring_elements 0.40586
published_at 2026-05-15T12:55:00Z
17
value 0.0019
scoring_system epss
scoring_elements 0.40573
published_at 2026-05-14T12:55:00Z
18
value 0.0019
scoring_system epss
scoring_elements 0.40498
published_at 2026-05-12T12:55:00Z
19
value 0.0019
scoring_system epss
scoring_elements 0.40473
published_at 2026-05-11T12:55:00Z
20
value 0.0019
scoring_system epss
scoring_elements 0.40568
published_at 2026-05-09T12:55:00Z
21
value 0.0019
scoring_system epss
scoring_elements 0.40548
published_at 2026-05-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-42252
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
4
reference_url https://github.com/apache/tomcat/commit/0d089a15047faf9cb3c82f80f4d28febd4798920
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/0d089a15047faf9cb3c82f80f4d28febd4798920
5
reference_url https://github.com/apache/tomcat/commit/4c7f4fd09d2cc1692112ef70b8ee23a7a037ae77
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/4c7f4fd09d2cc1692112ef70b8ee23a7a037ae77
6
reference_url https://github.com/apache/tomcat/commit/a1c07906d8dcaf7957e5cc97f5cdbac7d18a205a
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/a1c07906d8dcaf7957e5cc97f5cdbac7d18a205a
7
reference_url https://github.com/apache/tomcat/commit/c9fe754e5d17e262dfbd3eab2a03ca96ff372dc3
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/c9fe754e5d17e262dfbd3eab2a03ca96ff372dc3
8
reference_url https://lists.apache.org/thread/zzcxzvqfdqn515zfs3dxb7n8gty589sq
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-06T15:08:43Z/
url https://lists.apache.org/thread/zzcxzvqfdqn515zfs3dxb7n8gty589sq
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-42252
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-42252
10
reference_url https://security.gentoo.org/glsa/202305-37
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-06T15:08:43Z/
url https://security.gentoo.org/glsa/202305-37
11
reference_url https://tomcat.apache.org/security-10.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-10.html
12
reference_url https://tomcat.apache.org/security-8.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-8.html
13
reference_url https://tomcat.apache.org/security-9.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-9.html
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2141329
reference_id 2141329
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2141329
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42252
reference_id CVE-2022-42252
reference_type
scores
0
value Low
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42252
16
reference_url https://github.com/advisories/GHSA-p22x-g9px-3945
reference_id GHSA-p22x-g9px-3945
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-p22x-g9px-3945
17
reference_url https://access.redhat.com/errata/RHSA-2023:1663
reference_id RHSA-2023:1663
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1663
18
reference_url https://access.redhat.com/errata/RHSA-2023:1664
reference_id RHSA-2023:1664
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1664
19
reference_url https://usn.ubuntu.com/6880-1/
reference_id USN-6880-1
reference_type
scores
url https://usn.ubuntu.com/6880-1/
fixed_packages
0
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.83
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.83
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4cag-c4pb-dfaz
1
vulnerability VCID-5781-s1ny-q7ey
2
vulnerability VCID-cfhw-vmcp-y3bc
3
vulnerability VCID-fpgj-82wf-ykbw
4
vulnerability VCID-gyed-x6s8-ybhr
5
vulnerability VCID-j6cj-ftyd-3ffa
6
vulnerability VCID-stds-vw5z-auhp
7
vulnerability VCID-v7tp-1t4h-zqeg
8
vulnerability VCID-vsdf-4tfj-uybe
9
vulnerability VCID-xqjr-7xfw-mbh2
10
vulnerability VCID-zw2q-kna8-mqcm
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.83
1
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.68
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.68
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1e6p-cppr-2bh2
1
vulnerability VCID-2rmy-13ym-3bgm
2
vulnerability VCID-4cag-c4pb-dfaz
3
vulnerability VCID-5781-s1ny-q7ey
4
vulnerability VCID-cfhw-vmcp-y3bc
5
vulnerability VCID-d1fm-vbd1-n7au
6
vulnerability VCID-fpgj-82wf-ykbw
7
vulnerability VCID-gyed-x6s8-ybhr
8
vulnerability VCID-j6cj-ftyd-3ffa
9
vulnerability VCID-stds-vw5z-auhp
10
vulnerability VCID-v7tp-1t4h-zqeg
11
vulnerability VCID-vsdf-4tfj-uybe
12
vulnerability VCID-xqjr-7xfw-mbh2
13
vulnerability VCID-yrzk-1dbk-muhy
14
vulnerability VCID-zw2q-kna8-mqcm
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.68
2
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.0.27
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.0.27
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5781-s1ny-q7ey
1
vulnerability VCID-wptr-hkjx-s7c3
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.0.27
3
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.1
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1e6p-cppr-2bh2
1
vulnerability VCID-2rmy-13ym-3bgm
2
vulnerability VCID-4cag-c4pb-dfaz
3
vulnerability VCID-5781-s1ny-q7ey
4
vulnerability VCID-74tx-sx8a-guhs
5
vulnerability VCID-cfhw-vmcp-y3bc
6
vulnerability VCID-d1fm-vbd1-n7au
7
vulnerability VCID-fpgj-82wf-ykbw
8
vulnerability VCID-gyed-x6s8-ybhr
9
vulnerability VCID-j6cj-ftyd-3ffa
10
vulnerability VCID-stds-vw5z-auhp
11
vulnerability VCID-v7tp-1t4h-zqeg
12
vulnerability VCID-vsdf-4tfj-uybe
13
vulnerability VCID-xqjr-7xfw-mbh2
14
vulnerability VCID-zw2q-kna8-mqcm
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.1
aliases CVE-2022-42252, GHSA-p22x-g9px-3945
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nmq2-8ysj-4fbc
20
url VCID-ran8-rnqn-tkbc
vulnerability_id VCID-ran8-rnqn-tkbc
summary While investigating bug 64830 it was discovered that Apache Tomcat 10.0.0-M1 to 10.0.0-M9, 9.0.0-M1 to 9.0.39 and 8.5.0 to 8.5.59 could re-use an HTTP request header value from the previous stream received on an HTTP/2 connection for the request associated with the subsequent stream. While this would most likely lead to an error and the closure of the HTTP/2 connection, it is possible that information could leak between requests.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-17527.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-17527.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-17527
reference_id
reference_type
scores
0
value 0.10506
scoring_system epss
scoring_elements 0.93342
published_at 2026-05-15T12:55:00Z
1
value 0.10506
scoring_system epss
scoring_elements 0.93335
published_at 2026-05-16T12:55:00Z
2
value 0.10506
scoring_system epss
scoring_elements 0.9332
published_at 2026-05-12T12:55:00Z
3
value 0.10506
scoring_system epss
scoring_elements 0.93226
published_at 2026-04-01T12:55:00Z
4
value 0.10506
scoring_system epss
scoring_elements 0.93313
published_at 2026-05-11T12:55:00Z
5
value 0.10506
scoring_system epss
scoring_elements 0.93312
published_at 2026-05-09T12:55:00Z
6
value 0.10506
scoring_system epss
scoring_elements 0.93303
published_at 2026-05-07T12:55:00Z
7
value 0.10506
scoring_system epss
scoring_elements 0.93289
published_at 2026-05-05T12:55:00Z
8
value 0.10506
scoring_system epss
scoring_elements 0.93282
published_at 2026-04-29T12:55:00Z
9
value 0.10506
scoring_system epss
scoring_elements 0.93287
published_at 2026-04-26T12:55:00Z
10
value 0.10506
scoring_system epss
scoring_elements 0.9329
published_at 2026-04-24T12:55:00Z
11
value 0.10506
scoring_system epss
scoring_elements 0.93284
published_at 2026-04-21T12:55:00Z
12
value 0.10506
scoring_system epss
scoring_elements 0.93277
published_at 2026-04-18T12:55:00Z
13
value 0.10506
scoring_system epss
scoring_elements 0.93272
published_at 2026-04-16T12:55:00Z
14
value 0.10506
scoring_system epss
scoring_elements 0.93254
published_at 2026-04-13T12:55:00Z
15
value 0.10506
scoring_system epss
scoring_elements 0.93253
published_at 2026-04-12T12:55:00Z
16
value 0.10506
scoring_system epss
scoring_elements 0.93255
published_at 2026-04-11T12:55:00Z
17
value 0.10506
scoring_system epss
scoring_elements 0.93235
published_at 2026-04-02T12:55:00Z
18
value 0.10506
scoring_system epss
scoring_elements 0.9324
published_at 2026-04-04T12:55:00Z
19
value 0.10506
scoring_system epss
scoring_elements 0.93238
published_at 2026-04-07T12:55:00Z
20
value 0.10506
scoring_system epss
scoring_elements 0.93251
published_at 2026-04-09T12:55:00Z
21
value 0.10506
scoring_system epss
scoring_elements 0.93247
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-17527
2
reference_url https://bz.apache.org/bugzilla/show_bug.cgi?id=64830
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://bz.apache.org/bugzilla/show_bug.cgi?id=64830
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
5
reference_url https://github.com/apache/tomcat/commit/21e3408671aac7e0d7e264e720cac8b1b189eb29
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/21e3408671aac7e0d7e264e720cac8b1b189eb29
6
reference_url https://github.com/apache/tomcat/commit/8d2fe6894d6e258a6d615d7f786acca80e6020cb
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/8d2fe6894d6e258a6d615d7f786acca80e6020cb
7
reference_url https://github.com/apache/tomcat/commit/d56293f816d6dc9e2b47107f208fa9e95db58c65
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/d56293f816d6dc9e2b47107f208fa9e95db58c65
8
reference_url https://lists.apache.org/thread.html/r26a2a66339087fc37db3caf201e446d3e83b5cce314371e235ff1784@%3Ccommits.tomee.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r26a2a66339087fc37db3caf201e446d3e83b5cce314371e235ff1784@%3Ccommits.tomee.apache.org%3E
9
reference_url https://lists.apache.org/thread.html/r2d6e05c5ff96f8068a59dfdb3800e9ee8d4e36ce1971783c6e5f9b20@%3Ccommits.tomee.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r2d6e05c5ff96f8068a59dfdb3800e9ee8d4e36ce1971783c6e5f9b20@%3Ccommits.tomee.apache.org%3E
10
reference_url https://lists.apache.org/thread.html/r5a285242737ddef4d338236328aaaf3237183e1465a5efafd16b99ed@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r5a285242737ddef4d338236328aaaf3237183e1465a5efafd16b99ed@%3Cdev.tomcat.apache.org%3E
11
reference_url https://lists.apache.org/thread.html/r8a227ac6a755a6406c1cc47dd48800e973d4cf13fe7fe68ac59c679c@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r8a227ac6a755a6406c1cc47dd48800e973d4cf13fe7fe68ac59c679c@%3Cdev.tomcat.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/r9fd47f1b03e9b41d16a5cf72659b533887267d3398d963c2fff3abfa@%3Ccommits.tomee.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r9fd47f1b03e9b41d16a5cf72659b533887267d3398d963c2fff3abfa@%3Ccommits.tomee.apache.org%3E
13
reference_url https://lists.apache.org/thread.html/ra35c8d617b17d59f400112cebadec43ad379f98198b4a9726190d7ee@%3Cissues.guacamole.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/ra35c8d617b17d59f400112cebadec43ad379f98198b4a9726190d7ee@%3Cissues.guacamole.apache.org%3E
14
reference_url https://lists.apache.org/thread.html/ra9fcdb904dd2e2256ef90b3e4ced279cd464cb0ab63a6c64df5c010d@%3Cannounce.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/ra9fcdb904dd2e2256ef90b3e4ced279cd464cb0ab63a6c64df5c010d@%3Cannounce.apache.org%3E
15
reference_url https://lists.apache.org/thread.html/ra9fcdb904dd2e2256ef90b3e4ced279cd464cb0ab63a6c64df5c010d@%3Cannounce.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/ra9fcdb904dd2e2256ef90b3e4ced279cd464cb0ab63a6c64df5c010d@%3Cannounce.tomcat.apache.org%3E
16
reference_url https://lists.apache.org/thread.html/raa0e9ad388c1e6fd1e301b5e080f9439f64cb4178119a86a4801cc53@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/raa0e9ad388c1e6fd1e301b5e080f9439f64cb4178119a86a4801cc53@%3Cdev.tomcat.apache.org%3E
17
reference_url https://lists.apache.org/thread.html/rabbe6b3ae6a9795641d7a05c00d2378d5bbbe4240b7e20f09b092cce@%3Cissues.guacamole.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rabbe6b3ae6a9795641d7a05c00d2378d5bbbe4240b7e20f09b092cce@%3Cissues.guacamole.apache.org%3E
18
reference_url https://lists.apache.org/thread.html/rbba08c4dcef3603e36276d49adda8eedbe458c5104314b4038f697e1@%3Cusers.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rbba08c4dcef3603e36276d49adda8eedbe458c5104314b4038f697e1@%3Cusers.tomcat.apache.org%3E
19
reference_url https://lists.apache.org/thread.html/rca833c6d42b7b9ce1563488c0929f29fcc95947d86e5e740258c8937@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rca833c6d42b7b9ce1563488c0929f29fcc95947d86e5e740258c8937@%3Cdev.tomcat.apache.org%3E
20
reference_url https://lists.apache.org/thread.html/rce5ac9a40173651d540babce59f6f3825f12c6d4e886ba00823b11e5@%3Cannounce.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rce5ac9a40173651d540babce59f6f3825f12c6d4e886ba00823b11e5@%3Cannounce.apache.org%3E
21
reference_url https://lists.apache.org/thread.html/rce5ac9a40173651d540babce59f6f3825f12c6d4e886ba00823b11e5@%3Cannounce.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rce5ac9a40173651d540babce59f6f3825f12c6d4e886ba00823b11e5@%3Cannounce.tomcat.apache.org%3E
22
reference_url https://lists.apache.org/thread.html/rce5ac9a40173651d540babce59f6f3825f12c6d4e886ba00823b11e5%40%3Cannounce.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rce5ac9a40173651d540babce59f6f3825f12c6d4e886ba00823b11e5%40%3Cannounce.tomcat.apache.org%3E
23
reference_url https://lists.apache.org/thread.html/rd5babd13d7a350b369b2f647b4dd32ce678af42f9aba5389df1ae6ca@%3Cusers.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rd5babd13d7a350b369b2f647b4dd32ce678af42f9aba5389df1ae6ca@%3Cusers.tomcat.apache.org%3E
24
reference_url https://lists.debian.org/debian-lts-announce/2020/12/msg00022.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2020/12/msg00022.html
25
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-17527
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-17527
26
reference_url https://security.netapp.com/advisory/ntap-20201210-0003
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20201210-0003
27
reference_url https://tomcat.apache.org/security-10.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-10.html
28
reference_url https://tomcat.apache.org/security-8.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-8.html
29
reference_url https://tomcat.apache.org/security-9.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-9.html
30
reference_url https://www.debian.org/security/2021/dsa-4835
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2021/dsa-4835
31
reference_url https://www.oracle.com/security-alerts/cpuApr2021.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuApr2021.html
32
reference_url https://www.oracle.com/security-alerts/cpuapr2022.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuapr2022.html
33
reference_url https://www.oracle.com/security-alerts/cpujan2022.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujan2022.html
34
reference_url https://www.oracle.com//security-alerts/cpujul2021.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com//security-alerts/cpujul2021.html
35
reference_url http://www.openwall.com/lists/oss-security/2020/12/03/3
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2020/12/03/3
36
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1904221
reference_id 1904221
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1904221
37
reference_url https://security.archlinux.org/ASA-202012-3
reference_id ASA-202012-3
reference_type
scores
url https://security.archlinux.org/ASA-202012-3
38
reference_url https://security.archlinux.org/AVG-1317
reference_id AVG-1317
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1317
39
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17527
reference_id CVE-2020-17527
reference_type
scores
0
value Moderate
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17527
40
reference_url https://github.com/advisories/GHSA-vvw4-rfwf-p6hx
reference_id GHSA-vvw4-rfwf-p6hx
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-vvw4-rfwf-p6hx
41
reference_url https://security.gentoo.org/glsa/202012-23
reference_id GLSA-202012-23
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202012-23
42
reference_url https://access.redhat.com/errata/RHSA-2021:0494
reference_id RHSA-2021:0494
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0494
43
reference_url https://access.redhat.com/errata/RHSA-2021:0495
reference_id RHSA-2021:0495
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0495
44
reference_url https://access.redhat.com/errata/RHSA-2021:4012
reference_id RHSA-2021:4012
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4012
45
reference_url https://access.redhat.com/errata/RHSA-2021:5134
reference_id RHSA-2021:5134
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5134
46
reference_url https://usn.ubuntu.com/5360-1/
reference_id USN-5360-1
reference_type
scores
url https://usn.ubuntu.com/5360-1/
fixed_packages
0
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.60
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.60
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4cag-c4pb-dfaz
1
vulnerability VCID-5781-s1ny-q7ey
2
vulnerability VCID-ayrd-8ntf-hkh3
3
vulnerability VCID-cfhw-vmcp-y3bc
4
vulnerability VCID-dy6m-zt6r-9ubd
5
vulnerability VCID-fpgj-82wf-ykbw
6
vulnerability VCID-gyed-x6s8-ybhr
7
vulnerability VCID-j6cj-ftyd-3ffa
8
vulnerability VCID-j8tk-s915-pbfy
9
vulnerability VCID-k9cg-ehdw-dbh6
10
vulnerability VCID-kwab-3s4q-eka4
11
vulnerability VCID-n3ab-nk7c-hqc9
12
vulnerability VCID-nmq2-8ysj-4fbc
13
vulnerability VCID-p8q2-pt96-5ye8
14
vulnerability VCID-qkx6-32cj-jfbp
15
vulnerability VCID-t2ne-75ck-eqcr
16
vulnerability VCID-v7tp-1t4h-zqeg
17
vulnerability VCID-vsdf-4tfj-uybe
18
vulnerability VCID-wptr-hkjx-s7c3
19
vulnerability VCID-xqjr-7xfw-mbh2
20
vulnerability VCID-zw2q-kna8-mqcm
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.60
1
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.40
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.40
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1e6p-cppr-2bh2
1
vulnerability VCID-2rmy-13ym-3bgm
2
vulnerability VCID-4cag-c4pb-dfaz
3
vulnerability VCID-5781-s1ny-q7ey
4
vulnerability VCID-cfhw-vmcp-y3bc
5
vulnerability VCID-d1fm-vbd1-n7au
6
vulnerability VCID-dy6m-zt6r-9ubd
7
vulnerability VCID-fpgj-82wf-ykbw
8
vulnerability VCID-gyed-x6s8-ybhr
9
vulnerability VCID-j6cj-ftyd-3ffa
10
vulnerability VCID-j8tk-s915-pbfy
11
vulnerability VCID-kwab-3s4q-eka4
12
vulnerability VCID-n3ab-nk7c-hqc9
13
vulnerability VCID-nmq2-8ysj-4fbc
14
vulnerability VCID-p8q2-pt96-5ye8
15
vulnerability VCID-qkx6-32cj-jfbp
16
vulnerability VCID-stds-vw5z-auhp
17
vulnerability VCID-t2ne-75ck-eqcr
18
vulnerability VCID-v7tp-1t4h-zqeg
19
vulnerability VCID-vsdf-4tfj-uybe
20
vulnerability VCID-wptr-hkjx-s7c3
21
vulnerability VCID-xqjr-7xfw-mbh2
22
vulnerability VCID-yrzk-1dbk-muhy
23
vulnerability VCID-zw2q-kna8-mqcm
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.40
2
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.0.2
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.0.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5781-s1ny-q7ey
1
vulnerability VCID-dy6m-zt6r-9ubd
2
vulnerability VCID-j8tk-s915-pbfy
3
vulnerability VCID-kwab-3s4q-eka4
4
vulnerability VCID-nmq2-8ysj-4fbc
5
vulnerability VCID-p8q2-pt96-5ye8
6
vulnerability VCID-qkx6-32cj-jfbp
7
vulnerability VCID-wptr-hkjx-s7c3
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.0.2
aliases CVE-2020-17527, GHSA-vvw4-rfwf-p6hx
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ran8-rnqn-tkbc
21
url VCID-ruuh-g3fa-m7d8
vulnerability_id VCID-ruuh-g3fa-m7d8
summary When Apache Tomcat 9.0.0.M1 to 9.0.28, 8.5.0 to 8.5.47, 7.0.0 and 7.0.97 is configured with the JMX Remote Lifecycle Listener, a local attacker without access to the Tomcat process or configuration files is able to manipulate the RMI registry to perform a man-in-the-middle attack to capture user names and passwords used to access the JMX interface. The attacker can then use these credentials to access the JMX interface and gain complete control over the Tomcat instance.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00013.html
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00013.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12418.json
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12418.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-12418
reference_id
reference_type
scores
0
value 0.00355
scoring_system epss
scoring_elements 0.57778
published_at 2026-04-02T12:55:00Z
1
value 0.00355
scoring_system epss
scoring_elements 0.57694
published_at 2026-04-01T12:55:00Z
2
value 0.00355
scoring_system epss
scoring_elements 0.57774
published_at 2026-05-11T12:55:00Z
3
value 0.00355
scoring_system epss
scoring_elements 0.57765
published_at 2026-05-07T12:55:00Z
4
value 0.00355
scoring_system epss
scoring_elements 0.57721
published_at 2026-05-05T12:55:00Z
5
value 0.00355
scoring_system epss
scoring_elements 0.57762
published_at 2026-04-29T12:55:00Z
6
value 0.00355
scoring_system epss
scoring_elements 0.57784
published_at 2026-04-26T12:55:00Z
7
value 0.00355
scoring_system epss
scoring_elements 0.57764
published_at 2026-04-24T12:55:00Z
8
value 0.00355
scoring_system epss
scoring_elements 0.57806
published_at 2026-04-21T12:55:00Z
9
value 0.00355
scoring_system epss
scoring_elements 0.5783
published_at 2026-04-18T12:55:00Z
10
value 0.00355
scoring_system epss
scoring_elements 0.57832
published_at 2026-04-16T12:55:00Z
11
value 0.00355
scoring_system epss
scoring_elements 0.57802
published_at 2026-05-12T12:55:00Z
12
value 0.00355
scoring_system epss
scoring_elements 0.57803
published_at 2026-04-13T12:55:00Z
13
value 0.00355
scoring_system epss
scoring_elements 0.57824
published_at 2026-04-12T12:55:00Z
14
value 0.00355
scoring_system epss
scoring_elements 0.57846
published_at 2026-04-11T12:55:00Z
15
value 0.00355
scoring_system epss
scoring_elements 0.57829
published_at 2026-04-09T12:55:00Z
16
value 0.00355
scoring_system epss
scoring_elements 0.57827
published_at 2026-05-09T12:55:00Z
17
value 0.00355
scoring_system epss
scoring_elements 0.57772
published_at 2026-04-07T12:55:00Z
18
value 0.00355
scoring_system epss
scoring_elements 0.57798
published_at 2026-04-04T12:55:00Z
19
value 0.00481
scoring_system epss
scoring_elements 0.65333
published_at 2026-05-16T12:55:00Z
20
value 0.00481
scoring_system epss
scoring_elements 0.65321
published_at 2026-05-15T12:55:00Z
21
value 0.00481
scoring_system epss
scoring_elements 0.6531
published_at 2026-05-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-12418
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/apache/tomcat/commit/1fc9f589dbdd8295cf313b2667ab041c425f99c3
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/1fc9f589dbdd8295cf313b2667ab041c425f99c3
5
reference_url https://github.com/apache/tomcat/commit/a91d7db4047d372b2f12999d3cf2bc3254c20d00
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/a91d7db4047d372b2f12999d3cf2bc3254c20d00
6
reference_url https://github.com/apache/tomcat/commit/bef3f40400243348d12f4abfe9b413f43897c02b
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/bef3f40400243348d12f4abfe9b413f43897c02b
7
reference_url https://lists.apache.org/thread.html/43530b91506e2e0c11cfbe691173f5df8c48f51b98262426d7493b67%40%3Cannounce.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/43530b91506e2e0c11cfbe691173f5df8c48f51b98262426d7493b67%40%3Cannounce.tomcat.apache.org%3E
8
reference_url https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E
9
reference_url https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E
10
reference_url https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9@%3Cdev.tomcat.apache.org%3E
11
reference_url https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a@%3Cdev.tomcat.apache.org%3E
13
reference_url https://lists.debian.org/debian-lts-announce/2020/01/msg00024.html
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2020/01/msg00024.html
14
reference_url https://lists.debian.org/debian-lts-announce/2020/03/msg00029.html
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2020/03/msg00029.html
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-12418
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-12418
16
reference_url https://seclists.org/bugtraq/2019/Dec/43
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://seclists.org/bugtraq/2019/Dec/43
17
reference_url https://security.gentoo.org/glsa/202003-43
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202003-43
18
reference_url https://security.netapp.com/advisory/ntap-20200107-0001
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20200107-0001
19
reference_url https://security.netapp.com/advisory/ntap-20200107-0001/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20200107-0001/
20
reference_url https://support.f5.com/csp/article/K10107360?utm_source=f5support&utm_medium=RSS
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://support.f5.com/csp/article/K10107360?utm_source=f5support&utm_medium=RSS
21
reference_url https://usn.ubuntu.com/4251-1
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/4251-1
22
reference_url https://usn.ubuntu.com/4251-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/4251-1/
23
reference_url https://www.debian.org/security/2019/dsa-4596
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2019/dsa-4596
24
reference_url https://www.debian.org/security/2020/dsa-4680
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2020/dsa-4680
25
reference_url https://www.oracle.com/security-alerts/cpuapr2020.html
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuapr2020.html
26
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1785699
reference_id 1785699
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1785699
27
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12418
reference_id CVE-2019-12418
reference_type
scores
0
value Moderate
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12418
28
reference_url https://github.com/advisories/GHSA-hh3j-x4mc-g48r
reference_id GHSA-hh3j-x4mc-g48r
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-hh3j-x4mc-g48r
29
reference_url https://access.redhat.com/errata/RHSA-2020:0860
reference_id RHSA-2020:0860
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0860
30
reference_url https://access.redhat.com/errata/RHSA-2020:0861
reference_id RHSA-2020:0861
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0861
31
reference_url https://access.redhat.com/errata/RHSA-2020:1520
reference_id RHSA-2020:1520
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1520
32
reference_url https://access.redhat.com/errata/RHSA-2020:1521
reference_id RHSA-2020:1521
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1521
fixed_packages
0
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.49
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.49
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-46bv-6b7y-3bca
1
vulnerability VCID-4cag-c4pb-dfaz
2
vulnerability VCID-5781-s1ny-q7ey
3
vulnerability VCID-66kh-s6cr-tqf9
4
vulnerability VCID-a8gk-n8bq-87cp
5
vulnerability VCID-ayrd-8ntf-hkh3
6
vulnerability VCID-dy6m-zt6r-9ubd
7
vulnerability VCID-dzan-r49k-kqab
8
vulnerability VCID-dzpn-w4b3-vbcm
9
vulnerability VCID-fpgj-82wf-ykbw
10
vulnerability VCID-gyed-x6s8-ybhr
11
vulnerability VCID-j6cj-ftyd-3ffa
12
vulnerability VCID-j8tk-s915-pbfy
13
vulnerability VCID-k9cg-ehdw-dbh6
14
vulnerability VCID-kwab-3s4q-eka4
15
vulnerability VCID-n3ab-nk7c-hqc9
16
vulnerability VCID-nmq2-8ysj-4fbc
17
vulnerability VCID-qkx6-32cj-jfbp
18
vulnerability VCID-ran8-rnqn-tkbc
19
vulnerability VCID-rq42-qvsy-hue6
20
vulnerability VCID-t2ne-75ck-eqcr
21
vulnerability VCID-v7tp-1t4h-zqeg
22
vulnerability VCID-vsdf-4tfj-uybe
23
vulnerability VCID-xqjr-7xfw-mbh2
24
vulnerability VCID-yfx4-4gsc-2kgh
25
vulnerability VCID-zw2q-kna8-mqcm
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.49
1
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.29
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.29
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1e6p-cppr-2bh2
1
vulnerability VCID-46bv-6b7y-3bca
2
vulnerability VCID-4cag-c4pb-dfaz
3
vulnerability VCID-5781-s1ny-q7ey
4
vulnerability VCID-66kh-s6cr-tqf9
5
vulnerability VCID-a8gk-n8bq-87cp
6
vulnerability VCID-d1fm-vbd1-n7au
7
vulnerability VCID-dy6m-zt6r-9ubd
8
vulnerability VCID-dzan-r49k-kqab
9
vulnerability VCID-dzpn-w4b3-vbcm
10
vulnerability VCID-e7kd-kk57-mkd6
11
vulnerability VCID-fpgj-82wf-ykbw
12
vulnerability VCID-gyed-x6s8-ybhr
13
vulnerability VCID-j6cj-ftyd-3ffa
14
vulnerability VCID-j8tk-s915-pbfy
15
vulnerability VCID-kwab-3s4q-eka4
16
vulnerability VCID-n3ab-nk7c-hqc9
17
vulnerability VCID-nmq2-8ysj-4fbc
18
vulnerability VCID-qkx6-32cj-jfbp
19
vulnerability VCID-ran8-rnqn-tkbc
20
vulnerability VCID-rq42-qvsy-hue6
21
vulnerability VCID-t2ne-75ck-eqcr
22
vulnerability VCID-v7tp-1t4h-zqeg
23
vulnerability VCID-vsdf-4tfj-uybe
24
vulnerability VCID-xqjr-7xfw-mbh2
25
vulnerability VCID-yfx4-4gsc-2kgh
26
vulnerability VCID-yrzk-1dbk-muhy
27
vulnerability VCID-zw2q-kna8-mqcm
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.29
aliases CVE-2019-12418, GHSA-hh3j-x4mc-g48r
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ruuh-g3fa-m7d8
22
url VCID-t2ne-75ck-eqcr
vulnerability_id VCID-t2ne-75ck-eqcr
summary When responding to new h2c connection requests, Apache Tomcat versions 10.0.0-M1 to 10.0.0, 9.0.0.M1 to 9.0.41 and 8.5.0 to 8.5.61 could duplicate request headers and a limited amount of request body from one request to another meaning user A and user B could both see the results of user A's request.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-25122.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-25122.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-25122
reference_id
reference_type
scores
0
value 0.02562
scoring_system epss
scoring_elements 0.85686
published_at 2026-05-16T12:55:00Z
1
value 0.02562
scoring_system epss
scoring_elements 0.85684
published_at 2026-05-15T12:55:00Z
2
value 0.02562
scoring_system epss
scoring_elements 0.85675
published_at 2026-05-14T12:55:00Z
3
value 0.02562
scoring_system epss
scoring_elements 0.85639
published_at 2026-05-12T12:55:00Z
4
value 0.02562
scoring_system epss
scoring_elements 0.85626
published_at 2026-05-11T12:55:00Z
5
value 0.02562
scoring_system epss
scoring_elements 0.85631
published_at 2026-05-09T12:55:00Z
6
value 0.02562
scoring_system epss
scoring_elements 0.85613
published_at 2026-05-07T12:55:00Z
7
value 0.02562
scoring_system epss
scoring_elements 0.8559
published_at 2026-05-05T12:55:00Z
8
value 0.02562
scoring_system epss
scoring_elements 0.85573
published_at 2026-04-29T12:55:00Z
9
value 0.02562
scoring_system epss
scoring_elements 0.85575
published_at 2026-04-26T12:55:00Z
10
value 0.02562
scoring_system epss
scoring_elements 0.85565
published_at 2026-04-24T12:55:00Z
11
value 0.02562
scoring_system epss
scoring_elements 0.85543
published_at 2026-04-21T12:55:00Z
12
value 0.02562
scoring_system epss
scoring_elements 0.85547
published_at 2026-04-18T12:55:00Z
13
value 0.02562
scoring_system epss
scoring_elements 0.85542
published_at 2026-04-16T12:55:00Z
14
value 0.02562
scoring_system epss
scoring_elements 0.85518
published_at 2026-04-13T12:55:00Z
15
value 0.02562
scoring_system epss
scoring_elements 0.85447
published_at 2026-04-01T12:55:00Z
16
value 0.02562
scoring_system epss
scoring_elements 0.85522
published_at 2026-04-12T12:55:00Z
17
value 0.02562
scoring_system epss
scoring_elements 0.85524
published_at 2026-04-11T12:55:00Z
18
value 0.02562
scoring_system epss
scoring_elements 0.85509
published_at 2026-04-09T12:55:00Z
19
value 0.02562
scoring_system epss
scoring_elements 0.85501
published_at 2026-04-08T12:55:00Z
20
value 0.02562
scoring_system epss
scoring_elements 0.85481
published_at 2026-04-07T12:55:00Z
21
value 0.02562
scoring_system epss
scoring_elements 0.85477
published_at 2026-04-04T12:55:00Z
22
value 0.02562
scoring_system epss
scoring_elements 0.8546
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-25122
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/apache/tomcat/commit/bb0e7c1e0d737a0de7d794572517bce0e91d30fa
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/bb0e7c1e0d737a0de7d794572517bce0e91d30fa
4
reference_url https://github.com/apache/tomcat/commit/d47c20a776e8919eaca8da9390a32bc8bf8210b1
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/d47c20a776e8919eaca8da9390a32bc8bf8210b1
5
reference_url https://github.com/apache/tomcat/commit/dd757c0a893e2e35f8bc1385d6967221ae8b9b9b
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/dd757c0a893e2e35f8bc1385d6967221ae8b9b9b
6
reference_url https://lists.apache.org/thread.html/r7b95bc248603360501f18c8eb03bb6001ec0ee3296205b34b07105b7@%3Cannounce.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r7b95bc248603360501f18c8eb03bb6001ec0ee3296205b34b07105b7@%3Cannounce.apache.org%3E
7
reference_url https://lists.apache.org/thread.html/r7b95bc248603360501f18c8eb03bb6001ec0ee3296205b34b07105b7@%3Cannounce.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r7b95bc248603360501f18c8eb03bb6001ec0ee3296205b34b07105b7@%3Cannounce.tomcat.apache.org%3E
8
reference_url https://lists.apache.org/thread.html/r7b95bc248603360501f18c8eb03bb6001ec0ee3296205b34b07105b7@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r7b95bc248603360501f18c8eb03bb6001ec0ee3296205b34b07105b7@%3Cdev.tomcat.apache.org%3E
9
reference_url https://lists.apache.org/thread.html/r7b95bc248603360501f18c8eb03bb6001ec0ee3296205b34b07105b7@%3Cusers.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r7b95bc248603360501f18c8eb03bb6001ec0ee3296205b34b07105b7@%3Cusers.tomcat.apache.org%3E
10
reference_url https://lists.apache.org/thread.html/r7b95bc248603360501f18c8eb03bb6001ec0ee3296205b34b07105b7%40%3Cannounce.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r7b95bc248603360501f18c8eb03bb6001ec0ee3296205b34b07105b7%40%3Cannounce.tomcat.apache.org%3E
11
reference_url https://lists.apache.org/thread.html/rcd90bf36b1877e1310b87ecd14ed7bbb15da52b297efd9f0e7253a3b@%3Cusers.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rcd90bf36b1877e1310b87ecd14ed7bbb15da52b297efd9f0e7253a3b@%3Cusers.tomcat.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/rd0463f9a5cbc02a485404c4b990f0da452e5ac5c237808edba11c947@%3Cusers.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rd0463f9a5cbc02a485404c4b990f0da452e5ac5c237808edba11c947@%3Cusers.tomcat.apache.org%3E
13
reference_url https://lists.apache.org/thread.html/rf6d5d57b114678d8898005faef31e9fd6d7c981fcc4ccfc3bc272fc9@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rf6d5d57b114678d8898005faef31e9fd6d7c981fcc4ccfc3bc272fc9@%3Cdev.tomcat.apache.org%3E
14
reference_url https://lists.debian.org/debian-lts-announce/2021/03/msg00018.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2021/03/msg00018.html
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-25122
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-25122
16
reference_url https://security.gentoo.org/glsa/202208-34
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202208-34
17
reference_url https://security.netapp.com/advisory/ntap-20210409-0002
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20210409-0002
18
reference_url https://security.netapp.com/advisory/ntap-20210409-0002/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20210409-0002/
19
reference_url https://www.debian.org/security/2021/dsa-4891
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2021/dsa-4891
20
reference_url https://www.oracle.com/security-alerts/cpujan2022.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujan2022.html
21
reference_url https://www.oracle.com//security-alerts/cpujul2021.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com//security-alerts/cpujul2021.html
22
reference_url https://www.oracle.com/security-alerts/cpuoct2021.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuoct2021.html
23
reference_url http://www.openwall.com/lists/oss-security/2021/03/01/1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2021/03/01/1
24
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1934032
reference_id 1934032
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1934032
25
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25122
reference_id CVE-2021-25122
reference_type
scores
0
value Important
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25122
26
reference_url https://github.com/advisories/GHSA-j39c-c8hj-x4j3
reference_id GHSA-j39c-c8hj-x4j3
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-j39c-c8hj-x4j3
27
reference_url https://access.redhat.com/errata/RHSA-2021:2561
reference_id RHSA-2021:2561
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2561
28
reference_url https://access.redhat.com/errata/RHSA-2021:2562
reference_id RHSA-2021:2562
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2562
29
reference_url https://access.redhat.com/errata/RHSA-2021:3425
reference_id RHSA-2021:3425
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3425
30
reference_url https://access.redhat.com/errata/RHSA-2022:5532
reference_id RHSA-2022:5532
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5532
31
reference_url https://usn.ubuntu.com/5360-1/
reference_id USN-5360-1
reference_type
scores
url https://usn.ubuntu.com/5360-1/
32
reference_url https://usn.ubuntu.com/6943-1/
reference_id USN-6943-1
reference_type
scores
url https://usn.ubuntu.com/6943-1/
fixed_packages
0
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.62
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.62
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.62
1
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.63
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.63
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4cag-c4pb-dfaz
1
vulnerability VCID-5781-s1ny-q7ey
2
vulnerability VCID-ayrd-8ntf-hkh3
3
vulnerability VCID-cfhw-vmcp-y3bc
4
vulnerability VCID-dy6m-zt6r-9ubd
5
vulnerability VCID-fpgj-82wf-ykbw
6
vulnerability VCID-gyed-x6s8-ybhr
7
vulnerability VCID-j6cj-ftyd-3ffa
8
vulnerability VCID-j8tk-s915-pbfy
9
vulnerability VCID-k9cg-ehdw-dbh6
10
vulnerability VCID-kwab-3s4q-eka4
11
vulnerability VCID-nmq2-8ysj-4fbc
12
vulnerability VCID-p8q2-pt96-5ye8
13
vulnerability VCID-qkx6-32cj-jfbp
14
vulnerability VCID-v7tp-1t4h-zqeg
15
vulnerability VCID-vsdf-4tfj-uybe
16
vulnerability VCID-wptr-hkjx-s7c3
17
vulnerability VCID-xqjr-7xfw-mbh2
18
vulnerability VCID-zw2q-kna8-mqcm
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.63
2
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.42
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.42
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.42
3
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.43
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.43
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1e6p-cppr-2bh2
1
vulnerability VCID-2rmy-13ym-3bgm
2
vulnerability VCID-4cag-c4pb-dfaz
3
vulnerability VCID-5781-s1ny-q7ey
4
vulnerability VCID-cfhw-vmcp-y3bc
5
vulnerability VCID-d1fm-vbd1-n7au
6
vulnerability VCID-dy6m-zt6r-9ubd
7
vulnerability VCID-fpgj-82wf-ykbw
8
vulnerability VCID-gyed-x6s8-ybhr
9
vulnerability VCID-j6cj-ftyd-3ffa
10
vulnerability VCID-j8tk-s915-pbfy
11
vulnerability VCID-kwab-3s4q-eka4
12
vulnerability VCID-nmq2-8ysj-4fbc
13
vulnerability VCID-p8q2-pt96-5ye8
14
vulnerability VCID-qkx6-32cj-jfbp
15
vulnerability VCID-stds-vw5z-auhp
16
vulnerability VCID-v7tp-1t4h-zqeg
17
vulnerability VCID-vsdf-4tfj-uybe
18
vulnerability VCID-wptr-hkjx-s7c3
19
vulnerability VCID-xqjr-7xfw-mbh2
20
vulnerability VCID-yrzk-1dbk-muhy
21
vulnerability VCID-zw2q-kna8-mqcm
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.43
4
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.0.2
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.0.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5781-s1ny-q7ey
1
vulnerability VCID-dy6m-zt6r-9ubd
2
vulnerability VCID-j8tk-s915-pbfy
3
vulnerability VCID-kwab-3s4q-eka4
4
vulnerability VCID-nmq2-8ysj-4fbc
5
vulnerability VCID-p8q2-pt96-5ye8
6
vulnerability VCID-qkx6-32cj-jfbp
7
vulnerability VCID-wptr-hkjx-s7c3
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.0.2
aliases CVE-2021-25122, GHSA-j39c-c8hj-x4j3
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-t2ne-75ck-eqcr
23
url VCID-v7tp-1t4h-zqeg
vulnerability_id VCID-v7tp-1t4h-zqeg
summary 
When using the RemoteIpFilter with requests received from a    reverse proxy via HTTP that include the X-Forwarded-Proto    header set to https, session cookies created by Apache Tomcat 11.0.0-M1 to 11.0.0.-M2, 10.1.0-M1 to 10.1.5, 9.0.0-M1 to 9.0.71 and 8.5.0 to 8.5.85 did not include the secure attribute. This could result in the user agent transmitting the session cookie over an insecure channel.

Older, EOL versions may also be affected.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28708.json
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28708.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-28708
reference_id
reference_type
scores
0
value 0.00087
scoring_system epss
scoring_elements 0.24972
published_at 2026-04-08T12:55:00Z
1
value 0.00087
scoring_system epss
scoring_elements 0.2509
published_at 2026-04-02T12:55:00Z
2
value 0.00087
scoring_system epss
scoring_elements 0.25128
published_at 2026-04-04T12:55:00Z
3
value 0.00087
scoring_system epss
scoring_elements 0.24903
published_at 2026-04-07T12:55:00Z
4
value 0.00101
scoring_system epss
scoring_elements 0.27455
published_at 2026-05-14T12:55:00Z
5
value 0.00101
scoring_system epss
scoring_elements 0.27362
published_at 2026-05-11T12:55:00Z
6
value 0.00101
scoring_system epss
scoring_elements 0.27444
published_at 2026-05-09T12:55:00Z
7
value 0.00101
scoring_system epss
scoring_elements 0.27717
published_at 2026-04-24T12:55:00Z
8
value 0.00101
scoring_system epss
scoring_elements 0.27773
published_at 2026-04-21T12:55:00Z
9
value 0.00101
scoring_system epss
scoring_elements 0.27815
published_at 2026-04-18T12:55:00Z
10
value 0.00101
scoring_system epss
scoring_elements 0.27837
published_at 2026-04-16T12:55:00Z
11
value 0.00101
scoring_system epss
scoring_elements 0.27831
published_at 2026-04-13T12:55:00Z
12
value 0.00101
scoring_system epss
scoring_elements 0.2789
published_at 2026-04-12T12:55:00Z
13
value 0.00101
scoring_system epss
scoring_elements 0.27932
published_at 2026-04-11T12:55:00Z
14
value 0.00101
scoring_system epss
scoring_elements 0.27931
published_at 2026-04-09T12:55:00Z
15
value 0.00101
scoring_system epss
scoring_elements 0.27449
published_at 2026-05-16T12:55:00Z
16
value 0.00101
scoring_system epss
scoring_elements 0.27472
published_at 2026-05-15T12:55:00Z
17
value 0.00101
scoring_system epss
scoring_elements 0.27377
published_at 2026-05-12T12:55:00Z
18
value 0.00101
scoring_system epss
scoring_elements 0.27422
published_at 2026-05-07T12:55:00Z
19
value 0.00101
scoring_system epss
scoring_elements 0.27361
published_at 2026-05-05T12:55:00Z
20
value 0.00101
scoring_system epss
scoring_elements 0.27533
published_at 2026-04-29T12:55:00Z
21
value 0.00101
scoring_system epss
scoring_elements 0.27608
published_at 2026-04-26T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-28708
2
reference_url https://bz.apache.org/bugzilla/show_bug.cgi?id=66471
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bz.apache.org/bugzilla/show_bug.cgi?id=66471
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
5
reference_url https://github.com/apache/tomcat/commit/3b51230764da595bb19e8d0962dd8c69ab40dfab
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/3b51230764da595bb19e8d0962dd8c69ab40dfab
6
reference_url https://github.com/apache/tomcat/commit/5b72c94e8b2c4ada63a1d91dc527bf4d8fd1f510
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/5b72c94e8b2c4ada63a1d91dc527bf4d8fd1f510
7
reference_url https://github.com/apache/tomcat/commit/c64d496dda1560b5df113be55fbfaefec349b50f
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/c64d496dda1560b5df113be55fbfaefec349b50f
8
reference_url https://github.com/apache/tomcat/commit/f509bbf31fc00abe3d9f25ebfabca5e05173da5b
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/f509bbf31fc00abe3d9f25ebfabca5e05173da5b
9
reference_url https://lists.apache.org/thread/hdksc59z3s7tm39x0pp33mtwdrt8qr67
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-13T14:33:37Z/
url https://lists.apache.org/thread/hdksc59z3s7tm39x0pp33mtwdrt8qr67
10
reference_url https://security.netapp.com/advisory/ntap-20230331-0012
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20230331-0012
11
reference_url https://tomcat.apache.org/security-10.html
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-10.html
12
reference_url https://tomcat.apache.org/security-11.html
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-11.html
13
reference_url https://tomcat.apache.org/security-8.html
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-8.html
14
reference_url https://tomcat.apache.org/security-9.html
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-9.html
15
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2180856
reference_id 2180856
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2180856
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28708
reference_id CVE-2023-28708
reference_type
scores
0
value Important
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28708
17
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-28708
reference_id CVE-2023-28708
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-28708
18
reference_url https://github.com/advisories/GHSA-2c9m-w27f-53rm
reference_id GHSA-2c9m-w27f-53rm
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-2c9m-w27f-53rm
19
reference_url https://access.redhat.com/errata/RHSA-2023:4909
reference_id RHSA-2023:4909
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:4909
20
reference_url https://access.redhat.com/errata/RHSA-2023:4910
reference_id RHSA-2023:4910
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:4910
21
reference_url https://access.redhat.com/errata/RHSA-2023:6570
reference_id RHSA-2023:6570
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6570
22
reference_url https://access.redhat.com/errata/RHSA-2023:7065
reference_id RHSA-2023:7065
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7065
23
reference_url https://usn.ubuntu.com/7106-1/
reference_id USN-7106-1
reference_type
scores
url https://usn.ubuntu.com/7106-1/
24
reference_url https://usn.ubuntu.com/7562-1/
reference_id USN-7562-1
reference_type
scores
url https://usn.ubuntu.com/7562-1/
fixed_packages
0
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.86
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.86
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4cag-c4pb-dfaz
1
vulnerability VCID-5781-s1ny-q7ey
2
vulnerability VCID-6kcx-vptm-zbds
3
vulnerability VCID-cfhw-vmcp-y3bc
4
vulnerability VCID-fpgj-82wf-ykbw
5
vulnerability VCID-gyed-x6s8-ybhr
6
vulnerability VCID-j6cj-ftyd-3ffa
7
vulnerability VCID-vsdf-4tfj-uybe
8
vulnerability VCID-xgr8-tpv5-q3b2
9
vulnerability VCID-xqjr-7xfw-mbh2
10
vulnerability VCID-zw2q-kna8-mqcm
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.86
1
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.72
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.72
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1e6p-cppr-2bh2
1
vulnerability VCID-2rmy-13ym-3bgm
2
vulnerability VCID-4cag-c4pb-dfaz
3
vulnerability VCID-5781-s1ny-q7ey
4
vulnerability VCID-6kcx-vptm-zbds
5
vulnerability VCID-cfhw-vmcp-y3bc
6
vulnerability VCID-d1fm-vbd1-n7au
7
vulnerability VCID-fpgj-82wf-ykbw
8
vulnerability VCID-gyed-x6s8-ybhr
9
vulnerability VCID-j6cj-ftyd-3ffa
10
vulnerability VCID-vsdf-4tfj-uybe
11
vulnerability VCID-xgr8-tpv5-q3b2
12
vulnerability VCID-xqjr-7xfw-mbh2
13
vulnerability VCID-yrzk-1dbk-muhy
14
vulnerability VCID-zw2q-kna8-mqcm
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.72
2
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.6
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1e6p-cppr-2bh2
1
vulnerability VCID-2rmy-13ym-3bgm
2
vulnerability VCID-4cag-c4pb-dfaz
3
vulnerability VCID-5781-s1ny-q7ey
4
vulnerability VCID-74tx-sx8a-guhs
5
vulnerability VCID-cfhw-vmcp-y3bc
6
vulnerability VCID-d1fm-vbd1-n7au
7
vulnerability VCID-fpgj-82wf-ykbw
8
vulnerability VCID-gyed-x6s8-ybhr
9
vulnerability VCID-j6cj-ftyd-3ffa
10
vulnerability VCID-vsdf-4tfj-uybe
11
vulnerability VCID-xgr8-tpv5-q3b2
12
vulnerability VCID-xqjr-7xfw-mbh2
13
vulnerability VCID-zw2q-kna8-mqcm
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.6
3
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@11.0.0
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@11.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1e6p-cppr-2bh2
1
vulnerability VCID-2rmy-13ym-3bgm
2
vulnerability VCID-4cag-c4pb-dfaz
3
vulnerability VCID-74tx-sx8a-guhs
4
vulnerability VCID-8e1c-rbkg-v7c2
5
vulnerability VCID-cfhw-vmcp-y3bc
6
vulnerability VCID-d1fm-vbd1-n7au
7
vulnerability VCID-fpgj-82wf-ykbw
8
vulnerability VCID-gyed-x6s8-ybhr
9
vulnerability VCID-xgr8-tpv5-q3b2
10
vulnerability VCID-xqjr-7xfw-mbh2
11
vulnerability VCID-yrzk-1dbk-muhy
12
vulnerability VCID-zw2q-kna8-mqcm
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@11.0.0
aliases CVE-2023-28708, GHSA-2c9m-w27f-53rm
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v7tp-1t4h-zqeg
24
url VCID-vsdf-4tfj-uybe
vulnerability_id VCID-vsdf-4tfj-uybe
summary 
Denial of Service due to improper input validation vulnerability for HTTP/2 requests in Apache Tomcat. When processing an HTTP/2 request, if the request exceeded any of the configured limits for headers, the associated HTTP/2 stream was not reset until after all of the headers had been processed.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M16, from 10.1.0-M1 through 10.1.18, from 9.0.0-M1 through 9.0.85, from 8.5.0 through 8.5.98. Other, older, EOL versions may also be affected.

Users are recommended to upgrade to version 11.0.0-M17, 10.1.19, 9.0.86 or 8.5.99 which fix the issue.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-24549.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-24549.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-24549
reference_id
reference_type
scores
0
value 0.6439
scoring_system epss
scoring_elements 0.98441
published_at 2026-04-07T12:55:00Z
1
value 0.6439
scoring_system epss
scoring_elements 0.98446
published_at 2026-04-09T12:55:00Z
2
value 0.6439
scoring_system epss
scoring_elements 0.98445
published_at 2026-04-08T12:55:00Z
3
value 0.6439
scoring_system epss
scoring_elements 0.98439
published_at 2026-04-04T12:55:00Z
4
value 0.6439
scoring_system epss
scoring_elements 0.98469
published_at 2026-05-15T12:55:00Z
5
value 0.6439
scoring_system epss
scoring_elements 0.98465
published_at 2026-05-12T12:55:00Z
6
value 0.6439
scoring_system epss
scoring_elements 0.98466
published_at 2026-05-09T12:55:00Z
7
value 0.6439
scoring_system epss
scoring_elements 0.98463
published_at 2026-05-11T12:55:00Z
8
value 0.6439
scoring_system epss
scoring_elements 0.98459
published_at 2026-04-26T12:55:00Z
9
value 0.6439
scoring_system epss
scoring_elements 0.98458
published_at 2026-04-29T12:55:00Z
10
value 0.6439
scoring_system epss
scoring_elements 0.98453
published_at 2026-04-18T12:55:00Z
11
value 0.6439
scoring_system epss
scoring_elements 0.98436
published_at 2026-04-02T12:55:00Z
12
value 0.6439
scoring_system epss
scoring_elements 0.98454
published_at 2026-04-21T12:55:00Z
13
value 0.6439
scoring_system epss
scoring_elements 0.98449
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-24549
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
4
reference_url https://github.com/apache/tomcat/commit/0cac540a882220231ba7a82330483cbd5f6b1f96
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/0cac540a882220231ba7a82330483cbd5f6b1f96
5
reference_url https://github.com/apache/tomcat/commit/810f49d5ff6d64b704af85d5b8d0aab9ec3c83f5
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/810f49d5ff6d64b704af85d5b8d0aab9ec3c83f5
6
reference_url https://github.com/apache/tomcat/commit/8e03be9f2698f2da9027d40b9e9c0c9429b74dc0
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/8e03be9f2698f2da9027d40b9e9c0c9429b74dc0
7
reference_url https://github.com/apache/tomcat/commit/d07c82194edb69d99b438828fe2cbfadbb207843
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/d07c82194edb69d99b438828fe2cbfadbb207843
8
reference_url https://lists.apache.org/thread/4c50rmomhbbsdgfjsgwlb51xdwfjdcvg
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-15T15:00:56Z/
url https://lists.apache.org/thread/4c50rmomhbbsdgfjsgwlb51xdwfjdcvg
9
reference_url https://lists.debian.org/debian-lts-announce/2024/04/msg00001.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2024/04/msg00001.html
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UWIS5MMGYDZBLJYT674ZI5AWFHDZ46B
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UWIS5MMGYDZBLJYT674ZI5AWFHDZ46B
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/736G4GPZWS2DSQO5WKXO3G6OMZKFEK55
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/736G4GPZWS2DSQO5WKXO3G6OMZKFEK55
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-24549
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-24549
13
reference_url https://security.netapp.com/advisory/ntap-20240402-0002
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20240402-0002
14
reference_url http://www.openwall.com/lists/oss-security/2024/03/13/3
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2024/03/13/3
15
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1066878
reference_id 1066878
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1066878
16
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2269607
reference_id 2269607
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2269607
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24549
reference_id CVE-2024-24549
reference_type
scores
0
value Important
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24549
18
reference_url https://github.com/advisories/GHSA-7w75-32cg-r6g2
reference_id GHSA-7w75-32cg-r6g2
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-7w75-32cg-r6g2
19
reference_url https://access.redhat.com/errata/RHSA-2024:1318
reference_id RHSA-2024:1318
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1318
20
reference_url https://access.redhat.com/errata/RHSA-2024:1319
reference_id RHSA-2024:1319
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1319
21
reference_url https://access.redhat.com/errata/RHSA-2024:1324
reference_id RHSA-2024:1324
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1324
22
reference_url https://access.redhat.com/errata/RHSA-2024:1325
reference_id RHSA-2024:1325
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1325
23
reference_url https://access.redhat.com/errata/RHSA-2024:3307
reference_id RHSA-2024:3307
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:3307
24
reference_url https://access.redhat.com/errata/RHSA-2024:3308
reference_id RHSA-2024:3308
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:3308
25
reference_url https://access.redhat.com/errata/RHSA-2024:3666
reference_id RHSA-2024:3666
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:3666
26
reference_url https://access.redhat.com/errata/RHSA-2024:3814
reference_id RHSA-2024:3814
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:3814
27
reference_url https://usn.ubuntu.com/7562-1/
reference_id USN-7562-1
reference_type
scores
url https://usn.ubuntu.com/7562-1/
fixed_packages
0
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.99
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.99
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4cag-c4pb-dfaz
1
vulnerability VCID-cfhw-vmcp-y3bc
2
vulnerability VCID-fpgj-82wf-ykbw
3
vulnerability VCID-gyed-x6s8-ybhr
4
vulnerability VCID-xqjr-7xfw-mbh2
5
vulnerability VCID-zw2q-kna8-mqcm
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.99
1
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.86
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.86
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1e6p-cppr-2bh2
1
vulnerability VCID-2rmy-13ym-3bgm
2
vulnerability VCID-4cag-c4pb-dfaz
3
vulnerability VCID-74tx-sx8a-guhs
4
vulnerability VCID-cfhw-vmcp-y3bc
5
vulnerability VCID-d1fm-vbd1-n7au
6
vulnerability VCID-fpgj-82wf-ykbw
7
vulnerability VCID-gyed-x6s8-ybhr
8
vulnerability VCID-xqjr-7xfw-mbh2
9
vulnerability VCID-yrzk-1dbk-muhy
10
vulnerability VCID-zw2q-kna8-mqcm
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.86
2
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.19
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.19
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1e6p-cppr-2bh2
1
vulnerability VCID-2rmy-13ym-3bgm
2
vulnerability VCID-4cag-c4pb-dfaz
3
vulnerability VCID-74tx-sx8a-guhs
4
vulnerability VCID-cfhw-vmcp-y3bc
5
vulnerability VCID-d1fm-vbd1-n7au
6
vulnerability VCID-fpgj-82wf-ykbw
7
vulnerability VCID-gyed-x6s8-ybhr
8
vulnerability VCID-xqjr-7xfw-mbh2
9
vulnerability VCID-zw2q-kna8-mqcm
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.19
3
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@11.0.0-M17
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@11.0.0-M17
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1e6p-cppr-2bh2
1
vulnerability VCID-2rmy-13ym-3bgm
2
vulnerability VCID-4cag-c4pb-dfaz
3
vulnerability VCID-74tx-sx8a-guhs
4
vulnerability VCID-8e1c-rbkg-v7c2
5
vulnerability VCID-cfhw-vmcp-y3bc
6
vulnerability VCID-d1fm-vbd1-n7au
7
vulnerability VCID-fpgj-82wf-ykbw
8
vulnerability VCID-gyed-x6s8-ybhr
9
vulnerability VCID-v7tp-1t4h-zqeg
10
vulnerability VCID-xqjr-7xfw-mbh2
11
vulnerability VCID-yrzk-1dbk-muhy
12
vulnerability VCID-zw2q-kna8-mqcm
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@11.0.0-M17
aliases CVE-2024-24549, GHSA-7w75-32cg-r6g2
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vsdf-4tfj-uybe
25
url VCID-xqjr-7xfw-mbh2
vulnerability_id VCID-xqjr-7xfw-mbh2
summary 
Relative Path Traversal vulnerability in Apache Tomcat.

The fix for bug 60013 introduced a regression where the       rewritten URL was normalized before it was decoded. This introduced the       possibility that, for rewrite rules that rewrite query parameters to the       URL, an attacker could manipulate the request URI to bypass security       constraints including the protection for /WEB-INF/ and /META-INF/. If PUT requests were also enabled then malicious files could be uploaded leading to remote code execution. PUT requests are normally limited to trusted users and it is considered unlikely that PUT requests would be enabled in conjunction with a rewrite that manipulated the URI.



This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.10, from 10.1.0-M1 through 10.1.44, from 9.0.0.M11 through 9.0.108.

The following versions were EOL at the time the CVE was created but are 
known to be affected: 8.5.6 though 8.5.100. Other, older, EOL versions may also be affected.
Users are recommended to upgrade to version 11.0.11 or later, 10.1.45 or later or 9.0.109 or later, which fix the issue.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-55752.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-55752.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-55752
reference_id
reference_type
scores
0
value 0.00112
scoring_system epss
scoring_elements 0.29161
published_at 2026-05-07T12:55:00Z
1
value 0.00112
scoring_system epss
scoring_elements 0.29119
published_at 2026-05-12T12:55:00Z
2
value 0.00112
scoring_system epss
scoring_elements 0.29099
published_at 2026-05-11T12:55:00Z
3
value 0.00112
scoring_system epss
scoring_elements 0.29176
published_at 2026-05-09T12:55:00Z
4
value 0.00123
scoring_system epss
scoring_elements 0.31081
published_at 2026-04-29T12:55:00Z
5
value 0.00123
scoring_system epss
scoring_elements 0.30933
published_at 2026-05-05T12:55:00Z
6
value 0.00123
scoring_system epss
scoring_elements 0.31286
published_at 2026-04-24T12:55:00Z
7
value 0.00123
scoring_system epss
scoring_elements 0.31161
published_at 2026-04-26T12:55:00Z
8
value 0.00124
scoring_system epss
scoring_elements 0.31592
published_at 2026-04-21T12:55:00Z
9
value 0.00143
scoring_system epss
scoring_elements 0.3421
published_at 2026-05-14T12:55:00Z
10
value 0.00143
scoring_system epss
scoring_elements 0.34227
published_at 2026-05-15T12:55:00Z
11
value 0.00144
scoring_system epss
scoring_elements 0.34655
published_at 2026-04-13T12:55:00Z
12
value 0.00167
scoring_system epss
scoring_elements 0.37913
published_at 2026-04-18T12:55:00Z
13
value 0.00167
scoring_system epss
scoring_elements 0.37922
published_at 2026-04-08T12:55:00Z
14
value 0.00167
scoring_system epss
scoring_elements 0.37934
published_at 2026-04-16T12:55:00Z
15
value 0.00167
scoring_system epss
scoring_elements 0.3795
published_at 2026-04-11T12:55:00Z
16
value 0.00167
scoring_system epss
scoring_elements 0.37914
published_at 2026-04-12T12:55:00Z
17
value 0.00169
scoring_system epss
scoring_elements 0.38046
published_at 2026-04-07T12:55:00Z
18
value 0.0017
scoring_system epss
scoring_elements 0.38312
published_at 2026-04-02T12:55:00Z
19
value 0.0017
scoring_system epss
scoring_elements 0.38337
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-55752
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
4
reference_url https://github.com/apache/tomcat/commit/130d36d8492ef9e4eb22952c17c92423cb35fd06
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/130d36d8492ef9e4eb22952c17c92423cb35fd06
5
reference_url https://github.com/apache/tomcat/commit/b5042622b8b78340ae65403c55dcb9c7416924df
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/b5042622b8b78340ae65403c55dcb9c7416924df
6
reference_url https://github.com/apache/tomcat/commit/fec06c610ed7466b401e29cc567a58aee5ed826a
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/fec06c610ed7466b401e29cc567a58aee5ed826a
7
reference_url https://lists.apache.org/thread/n05kjcwyj1s45ovs8ll1qrrojhfb1tog
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-28T03:56:06Z/
url https://lists.apache.org/thread/n05kjcwyj1s45ovs8ll1qrrojhfb1tog
8
reference_url https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.45
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.45
9
reference_url https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.11
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.11
10
reference_url https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.109
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.109
11
reference_url http://www.openwall.com/lists/oss-security/2025/10/27/4
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2025/10/27/4
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2406591
reference_id 2406591
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2406591
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-55752
reference_id CVE-2025-55752
reference_type
scores
0
value Important
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-55752
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-55752
reference_id CVE-2025-55752
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-55752
15
reference_url https://www.vicarius.io/vsociety/posts/cve-2025-55752-detect-apache-tomcat-vulnerability
reference_id CVE-2025-55752-DETECT-APACHE-TOMCAT-VULNERABILITY
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.vicarius.io/vsociety/posts/cve-2025-55752-detect-apache-tomcat-vulnerability
16
reference_url https://www.vicarius.io/vsociety/posts/cve-2025-55752-mitigate-apache-tomcat-vulnerability
reference_id CVE-2025-55752-MITIGATE-APACHE-TOMCAT-VULNERABILITY
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.vicarius.io/vsociety/posts/cve-2025-55752-mitigate-apache-tomcat-vulnerability
17
reference_url https://github.com/advisories/GHSA-wmwf-9ccg-fff5
reference_id GHSA-wmwf-9ccg-fff5
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-wmwf-9ccg-fff5
18
reference_url https://access.redhat.com/errata/RHSA-2025:19809
reference_id RHSA-2025:19809
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:19809
19
reference_url https://access.redhat.com/errata/RHSA-2025:19810
reference_id RHSA-2025:19810
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:19810
20
reference_url https://access.redhat.com/errata/RHSA-2025:22924
reference_id RHSA-2025:22924
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:22924
21
reference_url https://access.redhat.com/errata/RHSA-2025:22925
reference_id RHSA-2025:22925
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:22925
22
reference_url https://access.redhat.com/errata/RHSA-2025:23044
reference_id RHSA-2025:23044
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23044
23
reference_url https://access.redhat.com/errata/RHSA-2025:23045
reference_id RHSA-2025:23045
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23045
24
reference_url https://access.redhat.com/errata/RHSA-2025:23046
reference_id RHSA-2025:23046
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23046
25
reference_url https://access.redhat.com/errata/RHSA-2025:23047
reference_id RHSA-2025:23047
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23047
26
reference_url https://access.redhat.com/errata/RHSA-2025:23048
reference_id RHSA-2025:23048
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23048
27
reference_url https://access.redhat.com/errata/RHSA-2025:23049
reference_id RHSA-2025:23049
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23049
28
reference_url https://access.redhat.com/errata/RHSA-2025:23050
reference_id RHSA-2025:23050
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23050
29
reference_url https://access.redhat.com/errata/RHSA-2025:23051
reference_id RHSA-2025:23051
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23051
30
reference_url https://access.redhat.com/errata/RHSA-2025:23052
reference_id RHSA-2025:23052
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23052
31
reference_url https://access.redhat.com/errata/RHSA-2025:23053
reference_id RHSA-2025:23053
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23053
32
reference_url https://access.redhat.com/errata/RHSA-2025:23225
reference_id RHSA-2025:23225
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23225
33
reference_url https://access.redhat.com/errata/RHSA-2026:0292
reference_id RHSA-2026:0292
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0292
34
reference_url https://access.redhat.com/errata/RHSA-2026:0293
reference_id RHSA-2026:0293
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0293
35
reference_url https://access.redhat.com/errata/RHSA-2026:2724
reference_id RHSA-2026:2724
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2724
36
reference_url https://access.redhat.com/errata/RHSA-2026:2725
reference_id RHSA-2026:2725
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2725
37
reference_url https://access.redhat.com/errata/RHSA-2026:2726
reference_id RHSA-2026:2726
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2726
38
reference_url https://access.redhat.com/errata/RHSA-2026:6569
reference_id RHSA-2026:6569
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6569
39
reference_url https://access.redhat.com/errata/RHSA-2026:8334
reference_id RHSA-2026:8334
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8334
fixed_packages
0
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.109
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.109
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2rmy-13ym-3bgm
1
vulnerability VCID-4cag-c4pb-dfaz
2
vulnerability VCID-74tx-sx8a-guhs
3
vulnerability VCID-8e1c-rbkg-v7c2
4
vulnerability VCID-d1fm-vbd1-n7au
5
vulnerability VCID-gyed-x6s8-ybhr
6
vulnerability VCID-yrzk-1dbk-muhy
7
vulnerability VCID-zw2q-kna8-mqcm
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.109
1
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.45
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.45
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2rmy-13ym-3bgm
1
vulnerability VCID-4cag-c4pb-dfaz
2
vulnerability VCID-74tx-sx8a-guhs
3
vulnerability VCID-8e1c-rbkg-v7c2
4
vulnerability VCID-d1fm-vbd1-n7au
5
vulnerability VCID-gyed-x6s8-ybhr
6
vulnerability VCID-zw2q-kna8-mqcm
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.45
2
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@11.0.11
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@11.0.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2rmy-13ym-3bgm
1
vulnerability VCID-4cag-c4pb-dfaz
2
vulnerability VCID-74tx-sx8a-guhs
3
vulnerability VCID-8e1c-rbkg-v7c2
4
vulnerability VCID-d1fm-vbd1-n7au
5
vulnerability VCID-gyed-x6s8-ybhr
6
vulnerability VCID-yrzk-1dbk-muhy
7
vulnerability VCID-zw2q-kna8-mqcm
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@11.0.11
aliases CVE-2025-55752, GHSA-wmwf-9ccg-fff5
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xqjr-7xfw-mbh2
26
url VCID-yfx4-4gsc-2kgh
vulnerability_id VCID-yfx4-4gsc-2kgh
summary In Apache Tomcat 9.0.0.M1 to 9.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0.99 the HTTP header parsing code used an approach to end-of-line parsing that allowed some invalid HTTP headers to be parsed as valid. This led to a possibility of HTTP Request Smuggling if Tomcat was located behind a reverse proxy that incorrectly handled the invalid Transfer-Encoding header in a particular manner. Such a reverse proxy is considered unlikely.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00025.html
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00025.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1935.json
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1935.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-1935
reference_id
reference_type
scores
0
value 0.01366
scoring_system epss
scoring_elements 0.80227
published_at 2026-04-21T12:55:00Z
1
value 0.01366
scoring_system epss
scoring_elements 0.80213
published_at 2026-04-11T12:55:00Z
2
value 0.01366
scoring_system epss
scoring_elements 0.80194
published_at 2026-04-13T12:55:00Z
3
value 0.01366
scoring_system epss
scoring_elements 0.80186
published_at 2026-04-08T12:55:00Z
4
value 0.01366
scoring_system epss
scoring_elements 0.80158
published_at 2026-04-07T12:55:00Z
5
value 0.01366
scoring_system epss
scoring_elements 0.80169
published_at 2026-04-04T12:55:00Z
6
value 0.01366
scoring_system epss
scoring_elements 0.80149
published_at 2026-04-02T12:55:00Z
7
value 0.01366
scoring_system epss
scoring_elements 0.80142
published_at 2026-04-01T12:55:00Z
8
value 0.01366
scoring_system epss
scoring_elements 0.80342
published_at 2026-05-12T12:55:00Z
9
value 0.01366
scoring_system epss
scoring_elements 0.80326
published_at 2026-05-11T12:55:00Z
10
value 0.01366
scoring_system epss
scoring_elements 0.8033
published_at 2026-05-09T12:55:00Z
11
value 0.01366
scoring_system epss
scoring_elements 0.80313
published_at 2026-05-07T12:55:00Z
12
value 0.01366
scoring_system epss
scoring_elements 0.80291
published_at 2026-05-05T12:55:00Z
13
value 0.01366
scoring_system epss
scoring_elements 0.80276
published_at 2026-04-29T12:55:00Z
14
value 0.01366
scoring_system epss
scoring_elements 0.8026
published_at 2026-04-26T12:55:00Z
15
value 0.01366
scoring_system epss
scoring_elements 0.80253
published_at 2026-04-24T12:55:00Z
16
value 0.01366
scoring_system epss
scoring_elements 0.80224
published_at 2026-04-18T12:55:00Z
17
value 0.01366
scoring_system epss
scoring_elements 0.80223
published_at 2026-04-16T12:55:00Z
18
value 0.01366
scoring_system epss
scoring_elements 0.802
published_at 2026-04-12T12:55:00Z
19
value 0.01382
scoring_system epss
scoring_elements 0.80501
published_at 2026-05-16T12:55:00Z
20
value 0.01382
scoring_system epss
scoring_elements 0.80492
published_at 2026-05-14T12:55:00Z
21
value 0.01382
scoring_system epss
scoring_elements 0.80497
published_at 2026-05-15T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-1935
3
reference_url https://github.com/apache/tomcat/commit/702bf15bea292915684d931526d95d4990b2e73d
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/702bf15bea292915684d931526d95d4990b2e73d
4
reference_url https://github.com/apache/tomcat/commit/8bfb0ff7f25fe7555a5eb2f7984f73546c11aa26
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/8bfb0ff7f25fe7555a5eb2f7984f73546c11aa26
5
reference_url https://github.com/apache/tomcat/commit/8fbe2e962f0ea138d92361921643fe5abe0c4f56
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/8fbe2e962f0ea138d92361921643fe5abe0c4f56
6
reference_url https://lists.apache.org/thread.html/r127f76181aceffea2bd4711b03c595d0f115f63e020348fe925a916c%40%3Cannounce.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r127f76181aceffea2bd4711b03c595d0f115f63e020348fe925a916c%40%3Cannounce.tomcat.apache.org%3E
7
reference_url https://lists.apache.org/thread.html/r441c1f30a252bf14b07396286f6abd8089ce4240e91323211f1a2d75@%3Cusers.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r441c1f30a252bf14b07396286f6abd8089ce4240e91323211f1a2d75@%3Cusers.tomcat.apache.org%3E
8
reference_url https://lists.apache.org/thread.html/r660cd379afe346f10d72c0eaa8459ccc95d83aff181671b7e9076919@%3Cusers.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r660cd379afe346f10d72c0eaa8459ccc95d83aff181671b7e9076919@%3Cusers.tomcat.apache.org%3E
9
reference_url https://lists.apache.org/thread.html/r7bc994c965a34876bd94d5ff15b4e1e30b6220a15eb9b47c81915b78@%3Ccommits.tomee.apache.org%3E
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r7bc994c965a34876bd94d5ff15b4e1e30b6220a15eb9b47c81915b78@%3Ccommits.tomee.apache.org%3E
10
reference_url https://lists.apache.org/thread.html/r80e9c8417c77d52c62809168b96912bda70ddf7748f19f8210f745b1@%3Cusers.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r80e9c8417c77d52c62809168b96912bda70ddf7748f19f8210f745b1@%3Cusers.tomcat.apache.org%3E
11
reference_url https://lists.apache.org/thread.html/r9ce7918faf347e7aac32be930bf26c233b0b140fe37af0bb294158b6@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r9ce7918faf347e7aac32be930bf26c233b0b140fe37af0bb294158b6@%3Cdev.tomcat.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/ra5dee390ad2d60307b8362505c059cd6a726de4d146d63dfce1e05e7@%3Cusers.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/ra5dee390ad2d60307b8362505c059cd6a726de4d146d63dfce1e05e7@%3Cusers.tomcat.apache.org%3E
13
reference_url https://lists.apache.org/thread.html/rc31cbabb46cdc58bbdd8519a8f64b6236b2635a3922bbeba0f0e3743@%3Ccommits.tomee.apache.org%3E
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rc31cbabb46cdc58bbdd8519a8f64b6236b2635a3922bbeba0f0e3743@%3Ccommits.tomee.apache.org%3E
14
reference_url https://lists.apache.org/thread.html/rd547be0c9d821b4b1000a694b8e58ef9f5e2d66db03a31dfe77c4b18@%3Cusers.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rd547be0c9d821b4b1000a694b8e58ef9f5e2d66db03a31dfe77c4b18@%3Cusers.tomcat.apache.org%3E
15
reference_url https://lists.debian.org/debian-lts-announce/2020/03/msg00006.html
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2020/03/msg00006.html
16
reference_url https://lists.debian.org/debian-lts-announce/2020/05/msg00026.html
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2020/05/msg00026.html
17
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-1935
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-1935
18
reference_url https://security.netapp.com/advisory/ntap-20200327-0005
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20200327-0005
19
reference_url https://security.netapp.com/advisory/ntap-20200327-0005/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20200327-0005/
20
reference_url https://usn.ubuntu.com/4448-1
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/4448-1
21
reference_url https://usn.ubuntu.com/4448-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/4448-1/
22
reference_url https://www.debian.org/security/2020/dsa-4673
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2020/dsa-4673
23
reference_url https://www.debian.org/security/2020/dsa-4680
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2020/dsa-4680
24
reference_url https://www.oracle.com/security-alerts/cpujan2021.html
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujan2021.html
25
reference_url https://www.oracle.com/security-alerts/cpujul2020.html
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujul2020.html
26
reference_url https://www.oracle.com/security-alerts/cpuoct2020.html
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuoct2020.html
27
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1806835
reference_id 1806835
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1806835
28
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1935
reference_id CVE-2020-1935
reference_type
scores
0
value Low
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1935
29
reference_url https://github.com/advisories/GHSA-qxf4-chvg-4r8r
reference_id GHSA-qxf4-chvg-4r8r
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-qxf4-chvg-4r8r
30
reference_url https://access.redhat.com/errata/RHSA-2020:1520
reference_id RHSA-2020:1520
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1520
31
reference_url https://access.redhat.com/errata/RHSA-2020:1521
reference_id RHSA-2020:1521
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1521
32
reference_url https://access.redhat.com/errata/RHSA-2020:2367
reference_id RHSA-2020:2367
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2367
33
reference_url https://access.redhat.com/errata/RHSA-2020:3303
reference_id RHSA-2020:3303
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3303
34
reference_url https://access.redhat.com/errata/RHSA-2020:3305
reference_id RHSA-2020:3305
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3305
35
reference_url https://access.redhat.com/errata/RHSA-2020:4847
reference_id RHSA-2020:4847
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4847
36
reference_url https://access.redhat.com/errata/RHSA-2020:5020
reference_id RHSA-2020:5020
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:5020
37
reference_url https://access.redhat.com/errata/RHSA-2021:0882
reference_id RHSA-2021:0882
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0882
38
reference_url https://access.redhat.com/errata/RHSA-2021:1030
reference_id RHSA-2021:1030
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:1030
fixed_packages
0
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.51
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.51
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-46bv-6b7y-3bca
1
vulnerability VCID-4cag-c4pb-dfaz
2
vulnerability VCID-5781-s1ny-q7ey
3
vulnerability VCID-66kh-s6cr-tqf9
4
vulnerability VCID-a8gk-n8bq-87cp
5
vulnerability VCID-ayrd-8ntf-hkh3
6
vulnerability VCID-dy6m-zt6r-9ubd
7
vulnerability VCID-dzan-r49k-kqab
8
vulnerability VCID-fpgj-82wf-ykbw
9
vulnerability VCID-gyed-x6s8-ybhr
10
vulnerability VCID-j6cj-ftyd-3ffa
11
vulnerability VCID-j8tk-s915-pbfy
12
vulnerability VCID-k9cg-ehdw-dbh6
13
vulnerability VCID-kwab-3s4q-eka4
14
vulnerability VCID-n3ab-nk7c-hqc9
15
vulnerability VCID-nmq2-8ysj-4fbc
16
vulnerability VCID-p8q2-pt96-5ye8
17
vulnerability VCID-qkx6-32cj-jfbp
18
vulnerability VCID-ran8-rnqn-tkbc
19
vulnerability VCID-t2ne-75ck-eqcr
20
vulnerability VCID-v7tp-1t4h-zqeg
21
vulnerability VCID-vsdf-4tfj-uybe
22
vulnerability VCID-xqjr-7xfw-mbh2
23
vulnerability VCID-zw2q-kna8-mqcm
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.51
1
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.31
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.31
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1e6p-cppr-2bh2
1
vulnerability VCID-46bv-6b7y-3bca
2
vulnerability VCID-4cag-c4pb-dfaz
3
vulnerability VCID-5781-s1ny-q7ey
4
vulnerability VCID-66kh-s6cr-tqf9
5
vulnerability VCID-a8gk-n8bq-87cp
6
vulnerability VCID-d1fm-vbd1-n7au
7
vulnerability VCID-dy6m-zt6r-9ubd
8
vulnerability VCID-dzan-r49k-kqab
9
vulnerability VCID-e7kd-kk57-mkd6
10
vulnerability VCID-fpgj-82wf-ykbw
11
vulnerability VCID-gyed-x6s8-ybhr
12
vulnerability VCID-j6cj-ftyd-3ffa
13
vulnerability VCID-j8tk-s915-pbfy
14
vulnerability VCID-kwab-3s4q-eka4
15
vulnerability VCID-n3ab-nk7c-hqc9
16
vulnerability VCID-nmq2-8ysj-4fbc
17
vulnerability VCID-p8q2-pt96-5ye8
18
vulnerability VCID-qkx6-32cj-jfbp
19
vulnerability VCID-ran8-rnqn-tkbc
20
vulnerability VCID-t2ne-75ck-eqcr
21
vulnerability VCID-v7tp-1t4h-zqeg
22
vulnerability VCID-vsdf-4tfj-uybe
23
vulnerability VCID-xqjr-7xfw-mbh2
24
vulnerability VCID-yrzk-1dbk-muhy
25
vulnerability VCID-zw2q-kna8-mqcm
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.31
aliases CVE-2020-1935, GHSA-qxf4-chvg-4r8r
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yfx4-4gsc-2kgh
Fixing_vulnerabilities
Risk_score10.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.27