Package Instance

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/170e0f792bd18ff031677890ba2fe50eb7a376c1

reference_url

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/170e0f792bd18ff031677890ba2fe50eb7a376c1

reference_url

https://github.com/apache/tomcat/commit/17f177eeb7df5938f67ef9ea580411b120195f13

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/17f177eeb7df5938f67ef9ea580411b120195f13

reference_url

https://github.com/apache/tomcat/commit/4a00b0c0890538b9d3107eef8f2e0afadd119beb

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/4a00b0c0890538b9d3107eef8f2e0afadd119beb

reference_url

https://github.com/apache/tomcat/commit/9651b83a1d04583791525e5f0c4c9089f678d9fc

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/9651b83a1d04583791525e5f0c4c9089f678d9fc

reference_url

https://lists.apache.org/thread/3jjqbsp6j88b198x5rmg99b1qr8ht3g3

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-21T14:59:33Z/

url

https://lists.apache.org/thread/3jjqbsp6j88b198x5rmg99b1qr8ht3g3

reference_url

https://lists.debian.org/debian-lts-announce/2022/10/msg00029.html

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-21T14:59:33Z/

url

https://lists.debian.org/debian-lts-announce/2022/10/msg00029.html

reference_url

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-21T14:59:33Z/

url

http://www.openwall.com/lists/oss-security/2022/09/28/1

reference_url

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-21T14:59:33Z/

url

http://www.openwall.com/lists/oss-security/2022/09/28/1

reference_url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43980

reference_id

CVE-2021-43980

reference_type

scores

value	High
scoring_system	apache_tomcat
scoring_elements

url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43980

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2021-43980

reference_id

CVE-2021-43980

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2021-43980

reference_url

https://github.com/advisories/GHSA-jx7c-7mj5-9438

reference_id

GHSA-jx7c-7mj5-9438

reference_type

scores

value	LOW
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-jx7c-7mj5-9438

fixed_packages

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.78

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.78

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4pgx-mk91-xyba

vulnerability	VCID-9g9v-wsbr-hkde

vulnerability	VCID-wtt7-38dy-gbec

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.78

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.62

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.62

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4pgx-mk91-xyba

vulnerability	VCID-9g9v-wsbr-hkde

vulnerability	VCID-wtt7-38dy-gbec

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.62

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.0.20

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.0.20

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4pgx-mk91-xyba

vulnerability	VCID-5fj8-g5jf-wybu

vulnerability	VCID-9g9v-wsbr-hkde

vulnerability	VCID-wtt7-38dy-gbec

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.0.20

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.1

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-a8x5-hzkb-vuf4

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.1

aliases CVE-2021-43980, GHSA-jx7c-7mj5-9438

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2kta-z43d-2uhm

url VCID-3gvy-wdjq-wkbn

vulnerability_id VCID-3gvy-wdjq-wkbn

summary

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-25762

reference_id

reference_type

scores

value	0.00646
scoring_system	epss
scoring_elements	0.71045
published_at	2026-05-30T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-25762

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

reference_type

scores

value	8.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread/6ckmjfb1k61dyzkto9vm2k5jvt4o7w7c

reference_url	https://github.com/apache/tomcat/commit/01f2cf25b270a84d0daeefc4f215aa2f56e1df99
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/01f2cf25b270a84d0daeefc4f215aa2f56e1df99

reference_url	https://github.com/apache/tomcat/commit/339b40bc07bdba9ded565929b9a3448c5a78f015
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/339b40bc07bdba9ded565929b9a3448c5a78f015

reference_url	https://github.com/apache/tomcat/commit/65fb1ee548111021edde247f3b3c409ec95a5183
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/65fb1ee548111021edde247f3b3c409ec95a5183

reference_url	https://github.com/apache/tomcat/commit/7046644bf361b89afc246b6643e24ce2ae60cacc
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/7046644bf361b89afc246b6643e24ce2ae60cacc

reference_url	https://github.com/apache/tomcat/commit/e2d5a040b962a904db5264b3cb3282c6b05f823c
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/e2d5a040b962a904db5264b3cb3282c6b05f823c

reference_url

reference_id

reference_type

scores

value	8.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread/6ckmjfb1k61dyzkto9vm2k5jvt4o7w7c

reference_url

https://security.netapp.com/advisory/ntap-20220629-0003

reference_id

reference_type

scores

value	8.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20220629-0003

reference_url

https://www.oracle.com/security-alerts/cpujul2022.html

reference_id

reference_type

scores

value	8.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpujul2022.html

reference_url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25762

reference_id

CVE-2022-25762

reference_type

scores

value	Important
scoring_system	apache_tomcat
scoring_elements

url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25762

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2022-25762

reference_id

CVE-2022-25762

reference_type

scores

value	8.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2022-25762

reference_url	https://github.com/advisories/GHSA-h3ch-5pp2-vh6w
reference_id	GHSA-h3ch-5pp2-vh6w
reference_type
scores
url	https://github.com/advisories/GHSA-h3ch-5pp2-vh6w

fixed_packages

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.75

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.75

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2kta-z43d-2uhm

vulnerability	VCID-4pgx-mk91-xyba

vulnerability	VCID-9g9v-wsbr-hkde

vulnerability	VCID-wtt7-38dy-gbec

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.75

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.20

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.20

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2kta-z43d-2uhm

vulnerability	VCID-4pgx-mk91-xyba

vulnerability	VCID-579s-dxd6-f3ek

vulnerability	VCID-7duy-zbjz-pkh2

vulnerability	VCID-8vwz-e3je-nyfn

vulnerability	VCID-cvz2-m9hs-7ker

vulnerability	VCID-f5cj-hyb5-6bd1

vulnerability	VCID-g11a-wp5s-2qdh

vulnerability	VCID-g8re-u2zv-t7ep

vulnerability	VCID-gq7b-ee2j-6kb4

vulnerability	VCID-phdk-vrzg-wkdg

vulnerability	VCID-rcd8-dg2e-3keh

vulnerability	VCID-vayx-r1yd-yfcx

vulnerability	VCID-wj1q-ry9z-33af

vulnerability	VCID-wtt7-38dy-gbec

vulnerability	VCID-zd9x-yf4u-eqgf

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.20

aliases CVE-2022-25762, GHSA-h3ch-5pp2-vh6w

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3gvy-wdjq-wkbn

url VCID-4pgx-mk91-xyba

vulnerability_id VCID-4pgx-mk91-xyba

summary

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-29885

reference_id

reference_type

scores

value	0.55532
scoring_system	epss
scoring_elements	0.98117
published_at	2026-05-30T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-29885

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/0fa7721f11d565a2cd2e44366c388ad6a3e6357d

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/0fa7721f11d565a2cd2e44366c388ad6a3e6357d

reference_url

https://github.com/apache/tomcat/commit/36826ea638457d7e17876a70f89cb435b6db0d91

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/36826ea638457d7e17876a70f89cb435b6db0d91

reference_url

https://github.com/apache/tomcat/commit/b679bc627f5a4ea6510af95adfb7476b07eba890

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/b679bc627f5a4ea6510af95adfb7476b07eba890

reference_url

https://github.com/apache/tomcat/commit/eaafd28296c54d983e28a47953c1f5cb2c334f48

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/eaafd28296c54d983e28a47953c1f5cb2c334f48

reference_url

https://lists.apache.org/thread/2b4qmhbcyqvc7dyfpjyx54c03x65vhcv

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread/2b4qmhbcyqvc7dyfpjyx54c03x65vhcv

reference_url

https://lists.debian.org/debian-lts-announce/2022/10/msg00029.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2022/10/msg00029.html

reference_url

https://security.netapp.com/advisory/ntap-20220629-0002

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20220629-0002

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpujul2022.html

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpujul2022.html

reference_url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29885

reference_id

CVE-2022-29885

reference_type

scores

value	Low
scoring_system	apache_tomcat
scoring_elements

url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29885

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/51262.py
reference_id	CVE-2022-29885
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/51262.py

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2022-29885

reference_id

CVE-2022-29885

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2022-29885

reference_url

https://github.com/advisories/GHSA-r84p-88g2-2vx2

reference_id

GHSA-r84p-88g2-2vx2

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-r84p-88g2-2vx2

reference_url	https://usn.ubuntu.com/6943-1/
reference_id	USN-6943-1
reference_type
scores
url	https://usn.ubuntu.com/6943-1/

fixed_packages

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.79

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.79

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-9g9v-wsbr-hkde

vulnerability	VCID-wtt7-38dy-gbec

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.79

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.63

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.63

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-9g9v-wsbr-hkde

vulnerability	VCID-wtt7-38dy-gbec

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.63

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.0.21

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.0.21

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5fj8-g5jf-wybu

vulnerability	VCID-9g9v-wsbr-hkde

vulnerability	VCID-wtt7-38dy-gbec

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.0.21

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.1

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-a8x5-hzkb-vuf4

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.1

aliases CVE-2022-29885, GHSA-r84p-88g2-2vx2

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4pgx-mk91-xyba

url VCID-579s-dxd6-f3ek

vulnerability_id VCID-579s-dxd6-f3ek

summary

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-30640

reference_id

reference_type

scores

value	0.00123
scoring_system	epss
scoring_elements	0.31039
published_at	2026-05-30T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-30640

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://github.com/apache/tomcat/commit/0a272b00aed57526dbfc8b881ab253c23c61f100
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/0a272b00aed57526dbfc8b881ab253c23c61f100

reference_url	https://github.com/apache/tomcat/commit/17208c645d68d2af1444ee8c64f36a9b8f0ba76f
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/17208c645d68d2af1444ee8c64f36a9b8f0ba76f

reference_url	https://github.com/apache/tomcat/commit/24dfb30076997b640e5123e92c4b8d7f206f609c
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/24dfb30076997b640e5123e92c4b8d7f206f609c

reference_url	https://github.com/apache/tomcat/commit/329932012d3a9b95fde0b18618416e659ecffdc0
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/329932012d3a9b95fde0b18618416e659ecffdc0

reference_url	https://github.com/apache/tomcat/commit/3ce84512ed8783577d9945df28da5a033465b945
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/3ce84512ed8783577d9945df28da5a033465b945

reference_url	https://github.com/apache/tomcat/commit/4e61e1d625a4a64d6b775e3a03c77a0b100d56d7
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/4e61e1d625a4a64d6b775e3a03c77a0b100d56d7

reference_url	https://github.com/apache/tomcat/commit/4e86b4ea0d1a9b00fa93971c31b93ad1bd49c7fe
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/4e86b4ea0d1a9b00fa93971c31b93ad1bd49c7fe

reference_url	https://github.com/apache/tomcat/commit/6a9129ac9bd06555ce04bb564a76fc3987311f38
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/6a9129ac9bd06555ce04bb564a76fc3987311f38

reference_url	https://github.com/apache/tomcat/commit/749f3cc192c68c34f2375509aea087be45fc4434
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/749f3cc192c68c34f2375509aea087be45fc4434

reference_url	https://github.com/apache/tomcat/commit/79580e7f70a07c083be07307376511bb864d5a7b
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/79580e7f70a07c083be07307376511bb864d5a7b

reference_url	https://github.com/apache/tomcat/commit/81f16b0a7186ed02efbfac336589d6cff28d1e89
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/81f16b0a7186ed02efbfac336589d6cff28d1e89

reference_url	https://github.com/apache/tomcat/commit/91ecdc61ce3420054c04114baaaf1c1e0cbd5d56
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/91ecdc61ce3420054c04114baaaf1c1e0cbd5d56

reference_url	https://github.com/apache/tomcat/commit/ad22db641dcd61c2e8078f658fa709897b5da375
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/ad22db641dcd61c2e8078f658fa709897b5da375

reference_url	https://github.com/apache/tomcat/commit/b5585a9e5d4fec020cc5ebadb82f899fae22bc43
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/b5585a9e5d4fec020cc5ebadb82f899fae22bc43

reference_url	https://github.com/apache/tomcat/commit/b930d0b3161d9ec78d5fa57f886ed2de4680518b
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/b930d0b3161d9ec78d5fa57f886ed2de4680518b

reference_url	https://github.com/apache/tomcat/commit/bd4d1fbe9146dff4714130594afd668406a6a5ef
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/bd4d1fbe9146dff4714130594afd668406a6a5ef

reference_url	https://github.com/apache/tomcat/commit/c4df8d44a959a937d507d15e5b1ca35c3dbc41eb
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/c4df8d44a959a937d507d15e5b1ca35c3dbc41eb

reference_url	https://github.com/apache/tomcat/commit/c6b6e1015ae44c936971b6bf8bce70987935b92e
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/c6b6e1015ae44c936971b6bf8bce70987935b92e

reference_url	https://github.com/apache/tomcat/commit/c9f21a2a7908c7c4ecd4f9bb495d3ee36a2bd822
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/c9f21a2a7908c7c4ecd4f9bb495d3ee36a2bd822

reference_url	https://github.com/apache/tomcat/commit/d3407672774e372fae8b5898d55f85d16f22b972
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/d3407672774e372fae8b5898d55f85d16f22b972

reference_url	https://github.com/apache/tomcat/commit/d5303a506c7533803d2b3bc46e6120ce673a6667
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/d5303a506c7533803d2b3bc46e6120ce673a6667

reference_url	https://github.com/apache/tomcat/commit/e21eb4764ccda55e5a35a5a7c19a6fd2b0757fe9
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/e21eb4764ccda55e5a35a5a7c19a6fd2b0757fe9

reference_url	https://github.com/apache/tomcat/commit/e50067486cf86564175ca0cfdcbf7d209c6df862
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/e50067486cf86564175ca0cfdcbf7d209c6df862

reference_url	https://github.com/apache/tomcat/commit/eeb7351219bd8803c0053e1e80444664a7cf5b51
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/eeb7351219bd8803c0053e1e80444664a7cf5b51

reference_url	https://github.com/apache/tomcat/commit/f4d9bdef53ec009b7717620d890465fa273721a6
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/f4d9bdef53ec009b7717620d890465fa273721a6

reference_url

https://lists.apache.org/thread.html/r59f9ef03929d32120f91f4ea7e6e79edd5688d75d0a9b65fd26d1fe8%40%3Cannounce.tomcat.apache.org%3E

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r59f9ef03929d32120f91f4ea7e6e79edd5688d75d0a9b65fd26d1fe8%40%3Cannounce.tomcat.apache.org%3E

reference_url

https://lists.debian.org/debian-lts-announce/2021/08/msg00009.html

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2021/08/msg00009.html

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20210827-0007

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20210827-0007

reference_url	https://security.netapp.com/advisory/ntap-20210827-0007/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20210827-0007/

reference_url

https://www.debian.org/security/2021/dsa-4952

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://www.debian.org/security/2021/dsa-4952

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpujan2022.html

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpujan2022.html

reference_url

https://www.oracle.com//security-alerts/cpujul2021.html

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com//security-alerts/cpujul2021.html

reference_url

https://www.oracle.com/security-alerts/cpuoct2021.html

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuoct2021.html

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991046
reference_id	991046
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991046

reference_url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30640

reference_id

CVE-2021-30640

reference_type

scores

value	Low
scoring_system	apache_tomcat
scoring_elements

url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30640

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2021-30640

reference_id

CVE-2021-30640

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2021-30640

reference_url

https://github.com/advisories/GHSA-36qh-35cm-5w2w

reference_id

GHSA-36qh-35cm-5w2w

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-36qh-35cm-5w2w

reference_url	https://usn.ubuntu.com/5360-1/
reference_id	USN-5360-1
reference_type
scores
url	https://usn.ubuntu.com/5360-1/

fixed_packages

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.66

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.66

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2kta-z43d-2uhm

vulnerability	VCID-3gvy-wdjq-wkbn

vulnerability	VCID-4pgx-mk91-xyba

vulnerability	VCID-5fj8-g5jf-wybu

vulnerability	VCID-9g9v-wsbr-hkde

vulnerability	VCID-wtt7-38dy-gbec

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.66

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.46

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.46

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2kta-z43d-2uhm

vulnerability	VCID-4pgx-mk91-xyba

vulnerability	VCID-5fj8-g5jf-wybu

vulnerability	VCID-9g9v-wsbr-hkde

vulnerability	VCID-wtt7-38dy-gbec

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.46

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.0.6

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.0.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2kta-z43d-2uhm

vulnerability	VCID-4pgx-mk91-xyba

vulnerability	VCID-5fj8-g5jf-wybu

vulnerability	VCID-9g9v-wsbr-hkde

vulnerability	VCID-wtt7-38dy-gbec

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.0.6

aliases CVE-2021-30640, GHSA-36qh-35cm-5w2w

risk_score 1.4

exploitability 0.5

weighted_severity 2.7

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-579s-dxd6-f3ek

url VCID-7duy-zbjz-pkh2

vulnerability_id VCID-7duy-zbjz-pkh2

summary

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-25329

reference_id

reference_type

scores

value	0.00802
scoring_system	epss
scoring_elements	0.74392
published_at	2026-05-30T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-25329

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/6d66e99ef85da93e4d2c2a536ca51aa3418bfaf4

reference_url	https://github.com/apache/tomcat/commit/4785433a226a20df6acbea49296e1ce7e23de453
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/4785433a226a20df6acbea49296e1ce7e23de453

reference_url

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/6d66e99ef85da93e4d2c2a536ca51aa3418bfaf4

reference_url	https://github.com/apache/tomcat/commit/74b105657ffbd1d1de80455f03446c3bbf30d1f5
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/74b105657ffbd1d1de80455f03446c3bbf30d1f5

reference_url	https://github.com/apache/tomcat/commit/93f0cc403a9210d469afc2bd9cf03ab3251c6f35
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/93f0cc403a9210d469afc2bd9cf03ab3251c6f35

reference_url

https://lists.apache.org/thread.html/r11ce01e8a4c7269b88f88212f21830edf73558997ac7744f37769b77@%3Cusers.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r11ce01e8a4c7269b88f88212f21830edf73558997ac7744f37769b77@%3Cusers.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r732b2ca289dc02df2de820e8775559abd6c207f159e39f559547a085@%3Cusers.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r732b2ca289dc02df2de820e8775559abd6c207f159e39f559547a085@%3Cusers.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r8a2ac0e476dbfc1e6440b09dcc782d444ad635d6da26f0284725a5dc@%3Cusers.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r8a2ac0e476dbfc1e6440b09dcc782d444ad635d6da26f0284725a5dc@%3Cusers.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rb51ccd58b2152fc75125b2406fc93e04ca9d34e737263faa6ff0f41f@%3Cusers.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rb51ccd58b2152fc75125b2406fc93e04ca9d34e737263faa6ff0f41f@%3Cusers.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rf6d5d57b114678d8898005faef31e9fd6d7c981fcc4ccfc3bc272fc9@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rf6d5d57b114678d8898005faef31e9fd6d7c981fcc4ccfc3bc272fc9@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rfe62fbf9d4c314f166fe8c668e50e5d9dd882a99447f26f0367474bf@%3Cannounce.apache.org%3E

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rfe62fbf9d4c314f166fe8c668e50e5d9dd882a99447f26f0367474bf@%3Cannounce.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rfe62fbf9d4c314f166fe8c668e50e5d9dd882a99447f26f0367474bf@%3Cannounce.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rfe62fbf9d4c314f166fe8c668e50e5d9dd882a99447f26f0367474bf@%3Cannounce.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rfe62fbf9d4c314f166fe8c668e50e5d9dd882a99447f26f0367474bf@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rfe62fbf9d4c314f166fe8c668e50e5d9dd882a99447f26f0367474bf@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rfe62fbf9d4c314f166fe8c668e50e5d9dd882a99447f26f0367474bf@%3Cusers.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rfe62fbf9d4c314f166fe8c668e50e5d9dd882a99447f26f0367474bf@%3Cusers.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rfe62fbf9d4c314f166fe8c668e50e5d9dd882a99447f26f0367474bf%40%3Cannounce.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rfe62fbf9d4c314f166fe8c668e50e5d9dd882a99447f26f0367474bf%40%3Cannounce.tomcat.apache.org%3E

reference_url

https://lists.debian.org/debian-lts-announce/2021/03/msg00018.html

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2021/03/msg00018.html

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2021-25329

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2021-25329

reference_url

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20210409-0002

reference_url

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20210409-0002

reference_url	https://security.netapp.com/advisory/ntap-20210409-0002/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20210409-0002/

reference_url

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpujan2022.html

reference_url

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpujan2022.html

reference_url

https://www.oracle.com//security-alerts/cpujul2021.html

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com//security-alerts/cpujul2021.html

reference_url

https://www.oracle.com/security-alerts/cpuoct2021.html

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuoct2021.html

reference_url

http://www.openwall.com/lists/oss-security/2021/03/01/2

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2021/03/01/2

reference_url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25329

reference_id

CVE-2021-25329

reference_type

scores

value	Low
scoring_system	apache_tomcat
scoring_elements

url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25329

reference_url

https://github.com/advisories/GHSA-jgwr-3qm3-26f3

reference_id

GHSA-jgwr-3qm3-26f3

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-jgwr-3qm3-26f3

reference_url	https://usn.ubuntu.com/5360-1/
reference_id	USN-5360-1
reference_type
scores
url	https://usn.ubuntu.com/5360-1/

reference_url	https://usn.ubuntu.com/6908-1/
reference_id	USN-6908-1
reference_type
scores
url	https://usn.ubuntu.com/6908-1/

fixed_packages

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.61

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.61

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2kta-z43d-2uhm

vulnerability	VCID-3gvy-wdjq-wkbn

vulnerability	VCID-4pgx-mk91-xyba

vulnerability	VCID-579s-dxd6-f3ek

vulnerability	VCID-5fj8-g5jf-wybu

vulnerability	VCID-9g9v-wsbr-hkde

vulnerability	VCID-rcd8-dg2e-3keh

vulnerability	VCID-wj1q-ry9z-33af

vulnerability	VCID-wtt7-38dy-gbec

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.61

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.41

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.41

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2kta-z43d-2uhm

vulnerability	VCID-4pgx-mk91-xyba

vulnerability	VCID-579s-dxd6-f3ek

vulnerability	VCID-5fj8-g5jf-wybu

vulnerability	VCID-9g9v-wsbr-hkde

vulnerability	VCID-rcd8-dg2e-3keh

vulnerability	VCID-wj1q-ry9z-33af

vulnerability	VCID-wtt7-38dy-gbec

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.41

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.0.2

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.0.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2kta-z43d-2uhm

vulnerability	VCID-4pgx-mk91-xyba

vulnerability	VCID-579s-dxd6-f3ek

vulnerability	VCID-5fj8-g5jf-wybu

vulnerability	VCID-9g9v-wsbr-hkde

vulnerability	VCID-wj1q-ry9z-33af

vulnerability	VCID-wtt7-38dy-gbec

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.0.2

aliases CVE-2021-25329, GHSA-jgwr-3qm3-26f3

risk_score 1.4

exploitability 0.5

weighted_severity 2.7

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7duy-zbjz-pkh2

url VCID-8vwz-e3je-nyfn

vulnerability_id VCID-8vwz-e3je-nyfn

summary denial of service

references

reference_url

http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00084.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00084.html

reference_url

http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00088.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00088.html

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-13934

reference_id

reference_type

scores

value	0.2338
scoring_system	epss
scoring_elements	0.96052
published_at	2026-05-30T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-13934

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r61f411cf82488d6ec213063fc15feeeb88e31b0ca9c29652ee4f962e%40%3Cannounce.tomcat.apache.org%3E

reference_url	https://github.com/apache/tomcat/commit/172977f04a5215128f1e278a688983dcd230f399
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/172977f04a5215128f1e278a688983dcd230f399

reference_url	https://github.com/apache/tomcat/commit/923d834500802a61779318911d7898bd85fc950e
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/923d834500802a61779318911d7898bd85fc950e

reference_url	https://github.com/apache/tomcat/commit/c9167ae30f3b03b112f3d81772e3450b7d0e6a25
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/c9167ae30f3b03b112f3d81772e3450b7d0e6a25

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r61f411cf82488d6ec213063fc15feeeb88e31b0ca9c29652ee4f962e%40%3Cannounce.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/ra072b1f786e7d139e86f1d1145572e0ff71cef38a96d9c6f5362aac8@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/ra072b1f786e7d139e86f1d1145572e0ff71cef38a96d9c6f5362aac8@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.debian.org/debian-lts-announce/2020/07/msg00017.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2020/07/msg00017.html

reference_url

https://security.netapp.com/advisory/ntap-20200724-0003

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20200724-0003

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuApr2021.html

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuApr2021.html

reference_url

https://www.oracle.com/security-alerts/cpujan2021.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpujan2021.html

reference_url

https://www.oracle.com/security-alerts/cpujan2022.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpujan2022.html

reference_url

https://www.oracle.com//security-alerts/cpujul2021.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com//security-alerts/cpujul2021.html

reference_url

https://www.oracle.com/security-alerts/cpuoct2020.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuoct2020.html

reference_url

https://security.archlinux.org/AVG-1205

reference_id

AVG-1205

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1205

reference_url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13934

reference_id

CVE-2020-13934

reference_type

scores

value	Moderate
scoring_system	apache_tomcat
scoring_elements

url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13934

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-13934

reference_id

CVE-2020-13934

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2020-13934

reference_url

https://github.com/advisories/GHSA-vf77-8h7g-gghp

reference_id

GHSA-vf77-8h7g-gghp

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-vf77-8h7g-gghp

fixed_packages

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.57

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.57

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2kta-z43d-2uhm

vulnerability	VCID-3gvy-wdjq-wkbn

vulnerability	VCID-4pgx-mk91-xyba

vulnerability	VCID-579s-dxd6-f3ek

vulnerability	VCID-7duy-zbjz-pkh2

vulnerability	VCID-9g9v-wsbr-hkde

vulnerability	VCID-g8re-u2zv-t7ep

vulnerability	VCID-rcd8-dg2e-3keh

vulnerability	VCID-vayx-r1yd-yfcx

vulnerability	VCID-wj1q-ry9z-33af

vulnerability	VCID-wtt7-38dy-gbec

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.57

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.37

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.37

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2kta-z43d-2uhm

vulnerability	VCID-4pgx-mk91-xyba

vulnerability	VCID-579s-dxd6-f3ek

vulnerability	VCID-7duy-zbjz-pkh2

vulnerability	VCID-9g9v-wsbr-hkde

vulnerability	VCID-g8re-u2zv-t7ep

vulnerability	VCID-rcd8-dg2e-3keh

vulnerability	VCID-vayx-r1yd-yfcx

vulnerability	VCID-wj1q-ry9z-33af

vulnerability	VCID-wtt7-38dy-gbec

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.37

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.0.2

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.0.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2kta-z43d-2uhm

vulnerability	VCID-4pgx-mk91-xyba

vulnerability	VCID-579s-dxd6-f3ek

vulnerability	VCID-5fj8-g5jf-wybu

vulnerability	VCID-9g9v-wsbr-hkde

vulnerability	VCID-wj1q-ry9z-33af

vulnerability	VCID-wtt7-38dy-gbec

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.0.2

aliases CVE-2020-13934, GHSA-vf77-8h7g-gghp

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8vwz-e3je-nyfn

url VCID-cvz2-m9hs-7ker

vulnerability_id VCID-cvz2-m9hs-7ker

summary

references

reference_url

http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00013.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00013.html

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-17563

reference_id

reference_type

scores

value	0.04359
scoring_system	epss
scoring_elements	0.89121
published_at	2026-05-30T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-17563

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/8b4c1db8300117b28a0f3f743c0b9e3f964687a690cdf9662a884bbd%40%3Cannounce.tomcat.apache.org%3E

reference_url	https://github.com/apache/tomcat/commit/1ecba14e690cf5f3f143eef6ae7037a6d3c16652
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/1ecba14e690cf5f3f143eef6ae7037a6d3c16652

reference_url	https://github.com/apache/tomcat/commit/e19a202ee43b6e2a538be5515ae0ab32d8ef112c
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/e19a202ee43b6e2a538be5515ae0ab32d8ef112c

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/8b4c1db8300117b28a0f3f743c0b9e3f964687a690cdf9662a884bbd%40%3Cannounce.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/reb9a66f176df29b9a832caa95ebd9ffa3284e8f4922ec4fa3ad8eb2e@%3Cissues.cxf.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/reb9a66f176df29b9a832caa95ebd9ffa3284e8f4922ec4fa3ad8eb2e@%3Cissues.cxf.apache.org%3E

reference_url

https://lists.debian.org/debian-lts-announce/2020/01/msg00024.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2020/01/msg00024.html

reference_url

https://lists.debian.org/debian-lts-announce/2020/05/msg00026.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2020/05/msg00026.html

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20200107-0001

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20200107-0001

reference_url	https://security.netapp.com/advisory/ntap-20200107-0001/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20200107-0001/

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url	https://usn.ubuntu.com/4251-1/
reference_id
reference_type
scores
url	https://usn.ubuntu.com/4251-1/

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuapr2020.html

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuapr2020.html

reference_url

https://www.oracle.com/security-alerts/cpujan2021.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpujan2021.html

reference_url

https://www.oracle.com/security-alerts/cpujul2020.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpujul2020.html

reference_url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17563

reference_id

CVE-2019-17563

reference_type

scores

value	Low
scoring_system	apache_tomcat
scoring_elements

url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17563

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-17563

reference_id

CVE-2019-17563

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2019-17563

reference_url

https://github.com/advisories/GHSA-9xcj-c8cr-8c3c

reference_id

GHSA-9xcj-c8cr-8c3c

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-9xcj-c8cr-8c3c

fixed_packages

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.50

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.50

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2kta-z43d-2uhm

vulnerability	VCID-3gvy-wdjq-wkbn

vulnerability	VCID-4pgx-mk91-xyba

vulnerability	VCID-579s-dxd6-f3ek

vulnerability	VCID-7duy-zbjz-pkh2

vulnerability	VCID-8vwz-e3je-nyfn

vulnerability	VCID-9g9v-wsbr-hkde

vulnerability	VCID-f5cj-hyb5-6bd1

vulnerability	VCID-g8re-u2zv-t7ep

vulnerability	VCID-gq7b-ee2j-6kb4

vulnerability	VCID-jsuj-n9ym-bfdf

vulnerability	VCID-rcd8-dg2e-3keh

vulnerability	VCID-vayx-r1yd-yfcx

vulnerability	VCID-wj1q-ry9z-33af

vulnerability	VCID-wtt7-38dy-gbec

vulnerability	VCID-zd9x-yf4u-eqgf

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.50

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.30

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.30

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2kta-z43d-2uhm

vulnerability	VCID-4pgx-mk91-xyba

vulnerability	VCID-579s-dxd6-f3ek

vulnerability	VCID-7duy-zbjz-pkh2

vulnerability	VCID-8vwz-e3je-nyfn

vulnerability	VCID-9g9v-wsbr-hkde

vulnerability	VCID-f5cj-hyb5-6bd1

vulnerability	VCID-g8re-u2zv-t7ep

vulnerability	VCID-gq7b-ee2j-6kb4

vulnerability	VCID-jsuj-n9ym-bfdf

vulnerability	VCID-phdk-vrzg-wkdg

vulnerability	VCID-rcd8-dg2e-3keh

vulnerability	VCID-vayx-r1yd-yfcx

vulnerability	VCID-wj1q-ry9z-33af

vulnerability	VCID-wtt7-38dy-gbec

vulnerability	VCID-zd9x-yf4u-eqgf

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.30

aliases CVE-2019-17563, GHSA-9xcj-c8cr-8c3c

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cvz2-m9hs-7ker

url VCID-f5cj-hyb5-6bd1

vulnerability_id VCID-f5cj-hyb5-6bd1

summary arbitrary code execution

references

reference_url

http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00057.html

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00057.html

reference_url

http://packetstormsecurity.com/files/157924/Apache-Tomcat-CVE-2020-9484-Proof-Of-Concept.html

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://packetstormsecurity.com/files/157924/Apache-Tomcat-CVE-2020-9484-Proof-Of-Concept.html

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-9484

reference_id

reference_type

scores

value	0.93464
scoring_system	epss
scoring_elements	0.99829
published_at	2026-05-30T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-9484

reference_url

https://bugzilla.suse.com/show_bug.cgi?id=1171928

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.suse.com/show_bug.cgi?id=1171928

reference_url

http://seclists.org/fulldisclosure/2020/Jun/6

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://seclists.org/fulldisclosure/2020/Jun/6

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/3aa8f28db7efb311cdd1b6fe15a9cd3b167a2222.patch

reference_url	https://github.com/apache/tomcat/commit/3aa8f28db7efb311cdd1b6fe15a9cd3b167a2222
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/3aa8f28db7efb311cdd1b6fe15a9cd3b167a2222

reference_url

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/3aa8f28db7efb311cdd1b6fe15a9cd3b167a2222.patch

reference_url

https://github.com/apache/tomcat/commit/4785433a226a20df6acbea49296e1ce7e23de453

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/4785433a226a20df6acbea49296e1ce7e23de453

reference_url	https://github.com/apache/tomcat/commit/53e30390943c18fca0c9e57dbcc14f1c623cfd06
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/53e30390943c18fca0c9e57dbcc14f1c623cfd06

reference_url

https://github.com/apache/tomcat/commit/6d66e99ef85da93e4d2c2a536ca51aa3418bfaf4

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/6d66e99ef85da93e4d2c2a536ca51aa3418bfaf4

reference_url

https://github.com/apache/tomcat/commit/74b105657ffbd1d1de80455f03446c3bbf30d1f5

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/74b105657ffbd1d1de80455f03446c3bbf30d1f5

reference_url

https://github.com/apache/tomcat/commit/93f0cc403a9210d469afc2bd9cf03ab3251c6f35

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/93f0cc403a9210d469afc2bd9cf03ab3251c6f35

reference_url

https://github.com/apache/tomcat/commit/bb33048e3f9b4f2b70e4da2e6c4e34ca89023b1b

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/bb33048e3f9b4f2b70e4da2e6c4e34ca89023b1b

reference_url	https://github.com/apache/tomcat/commit/ec08af18d0f9ddca3f2d800ef66fe7fd20afef2f
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/ec08af18d0f9ddca3f2d800ef66fe7fd20afef2f

reference_url

https://kc.mcafee.com/corporate/index?page=content&id=SB10332

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://kc.mcafee.com/corporate/index?page=content&id=SB10332

reference_url

https://lists.apache.org/thread.html/r11ce01e8a4c7269b88f88212f21830edf73558997ac7744f37769b77@%3Cusers.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r11ce01e8a4c7269b88f88212f21830edf73558997ac7744f37769b77@%3Cusers.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r123b3ebe389f46f9d337923f393cdae4d3e9b78d982d706712f0898c@%3Ccommits.tomee.apache.org%3E

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r123b3ebe389f46f9d337923f393cdae4d3e9b78d982d706712f0898c@%3Ccommits.tomee.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r26950738f4b4ca2d256597cf391d52d3450fa665c297ea5ca38f5469@%3Cusers.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r26950738f4b4ca2d256597cf391d52d3450fa665c297ea5ca38f5469@%3Cusers.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r77eae567ed829da9012cadb29af17f2df8fa23bf66faf88229857bb1%40%3Cannounce.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r77eae567ed829da9012cadb29af17f2df8fa23bf66faf88229857bb1%40%3Cannounce.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r7bc247fffcb1d58415215c861d2354bd653c86266230d78a93c71ae2@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r7bc247fffcb1d58415215c861d2354bd653c86266230d78a93c71ae2@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r8a2ac0e476dbfc1e6440b09dcc782d444ad635d6da26f0284725a5dc@%3Cusers.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r8a2ac0e476dbfc1e6440b09dcc782d444ad635d6da26f0284725a5dc@%3Cusers.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r8dd19c514face6dd85fd4eab0271854883f40c7307926c1f7cd5400c@%3Ccommits.tomee.apache.org%3E

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r8dd19c514face6dd85fd4eab0271854883f40c7307926c1f7cd5400c@%3Ccommits.tomee.apache.org%3E

reference_url

https://lists.apache.org/thread.html/raa4123e472175bb052fbba165d37187cea923f755e8f3f30d124cb3f@%3Ccommits.tomee.apache.org%3E

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/raa4123e472175bb052fbba165d37187cea923f755e8f3f30d124cb3f@%3Ccommits.tomee.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rb1c0fb105ce2b93b7ec6fc1b77dd208022621a91c12d1f580813cfed@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rb1c0fb105ce2b93b7ec6fc1b77dd208022621a91c12d1f580813cfed@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rb51ccd58b2152fc75125b2406fc93e04ca9d34e737263faa6ff0f41f@%3Cusers.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rb51ccd58b2152fc75125b2406fc93e04ca9d34e737263faa6ff0f41f@%3Cusers.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rc1778b38e74b5b6142414d57623bd55b023a72361f422836782fca3c@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rc1778b38e74b5b6142414d57623bd55b023a72361f422836782fca3c@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rc8473b08abdf3c16494ed817bec1717a0ee0c8080315bc27db5f21c3@%3Ccommits.tomee.apache.org%3E

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rc8473b08abdf3c16494ed817bec1717a0ee0c8080315bc27db5f21c3@%3Ccommits.tomee.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rf59c72572b9fee674a5d5cc6afeca4ffc3918a02c354a81cc50b7119@%3Ccommits.tomee.apache.org%3E

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rf59c72572b9fee674a5d5cc6afeca4ffc3918a02c354a81cc50b7119@%3Ccommits.tomee.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rf6d5d57b114678d8898005faef31e9fd6d7c981fcc4ccfc3bc272fc9@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rf6d5d57b114678d8898005faef31e9fd6d7c981fcc4ccfc3bc272fc9@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rf70f53af27e04869bdac18b1fc14a3ee529e59eb12292c8791a77926@%3Cusers.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rf70f53af27e04869bdac18b1fc14a3ee529e59eb12292c8791a77926@%3Cusers.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rfe62fbf9d4c314f166fe8c668e50e5d9dd882a99447f26f0367474bf@%3Cannounce.apache.org%3E

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rfe62fbf9d4c314f166fe8c668e50e5d9dd882a99447f26f0367474bf@%3Cannounce.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rfe62fbf9d4c314f166fe8c668e50e5d9dd882a99447f26f0367474bf@%3Cannounce.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rfe62fbf9d4c314f166fe8c668e50e5d9dd882a99447f26f0367474bf@%3Cannounce.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rfe62fbf9d4c314f166fe8c668e50e5d9dd882a99447f26f0367474bf@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rfe62fbf9d4c314f166fe8c668e50e5d9dd882a99447f26f0367474bf@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rfe62fbf9d4c314f166fe8c668e50e5d9dd882a99447f26f0367474bf@%3Cusers.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rfe62fbf9d4c314f166fe8c668e50e5d9dd882a99447f26f0367474bf@%3Cusers.tomcat.apache.org%3E

reference_url

https://lists.debian.org/debian-lts-announce/2020/05/msg00020.html

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2020/05/msg00020.html

reference_url

https://lists.debian.org/debian-lts-announce/2020/05/msg00026.html

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2020/05/msg00026.html

reference_url

https://lists.debian.org/debian-lts-announce/2020/07/msg00010.html

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2020/07/msg00010.html

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GIQHXENTLYUNOES4LXVNJ2NCUQQRF5VJ

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GIQHXENTLYUNOES4LXVNJ2NCUQQRF5VJ

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WJ7XHKWJWDNWXUJH6UB7CLIW4TWOZ26N

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WJ7XHKWJWDNWXUJH6UB7CLIW4TWOZ26N

reference_url

https://security.gentoo.org/glsa/202006-21

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.gentoo.org/glsa/202006-21

reference_url

https://security.netapp.com/advisory/ntap-20200528-0005

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20200528-0005

reference_url

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuApr2021.html

reference_url

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuApr2021.html

reference_url

https://www.oracle.com/security-alerts/cpujan2021.html

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpujan2021.html

reference_url

https://www.oracle.com/security-alerts/cpujan2022.html

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpujan2022.html

reference_url

https://www.oracle.com/security-alerts/cpujul2020.html

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpujul2020.html

reference_url

https://www.oracle.com//security-alerts/cpujul2021.html

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com//security-alerts/cpujul2021.html

reference_url

https://www.oracle.com/security-alerts/cpujul2022.html

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpujul2022.html

reference_url

https://www.oracle.com/security-alerts/cpuoct2020.html

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuoct2020.html

reference_url

https://www.oracle.com/security-alerts/cpuoct2021.html

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuoct2021.html

reference_url

http://www.openwall.com/lists/oss-security/2021/03/01/2

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2021/03/01/2

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961209
reference_id	961209
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961209

reference_url	https://security.archlinux.org/ASA-202006-7
reference_id	ASA-202006-7
reference_type
scores
url	https://security.archlinux.org/ASA-202006-7

reference_url

https://security.archlinux.org/AVG-1171

reference_id

AVG-1171

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1171

reference_url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9484

reference_id

CVE-2020-9484

reference_type

scores

value	High
scoring_system	apache_tomcat
scoring_elements

value	Important
scoring_system	apache_tomcat
scoring_elements

value	Low
scoring_system	apache_tomcat
scoring_elements

url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9484

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-9484

reference_id

CVE-2020-9484

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2020-9484

reference_url

https://github.com/advisories/GHSA-344f-f5vg-2jfj

reference_id

GHSA-344f-f5vg-2jfj

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-344f-f5vg-2jfj

reference_url	https://usn.ubuntu.com/5360-1/
reference_id	USN-5360-1
reference_type
scores
url	https://usn.ubuntu.com/5360-1/

reference_url	https://usn.ubuntu.com/6908-1/
reference_id	USN-6908-1
reference_type
scores
url	https://usn.ubuntu.com/6908-1/

reference_url	https://usn.ubuntu.com/6943-1/
reference_id	USN-6943-1
reference_type
scores
url	https://usn.ubuntu.com/6943-1/

fixed_packages

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.55

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.55

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2kta-z43d-2uhm

vulnerability	VCID-3gvy-wdjq-wkbn

vulnerability	VCID-4pgx-mk91-xyba

vulnerability	VCID-579s-dxd6-f3ek

vulnerability	VCID-7duy-zbjz-pkh2

vulnerability	VCID-8vwz-e3je-nyfn

vulnerability	VCID-9g9v-wsbr-hkde

vulnerability	VCID-g8re-u2zv-t7ep

vulnerability	VCID-gq7b-ee2j-6kb4

vulnerability	VCID-rcd8-dg2e-3keh

vulnerability	VCID-vayx-r1yd-yfcx

vulnerability	VCID-wj1q-ry9z-33af

vulnerability	VCID-wtt7-38dy-gbec

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.55

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.35

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.35

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2kta-z43d-2uhm

vulnerability	VCID-4pgx-mk91-xyba

vulnerability	VCID-579s-dxd6-f3ek

vulnerability	VCID-7duy-zbjz-pkh2

vulnerability	VCID-8vwz-e3je-nyfn

vulnerability	VCID-9g9v-wsbr-hkde

vulnerability	VCID-g8re-u2zv-t7ep

vulnerability	VCID-gq7b-ee2j-6kb4

vulnerability	VCID-rcd8-dg2e-3keh

vulnerability	VCID-vayx-r1yd-yfcx

vulnerability	VCID-wj1q-ry9z-33af

vulnerability	VCID-wtt7-38dy-gbec

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.35

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.0.0-M5

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.0.0-M5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-g8re-u2zv-t7ep

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.0.0-M5

aliases CVE-2020-9484, GHSA-344f-f5vg-2jfj

risk_score 10.0

exploitability 2.0

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-f5cj-hyb5-6bd1

url VCID-g11a-wp5s-2qdh

vulnerability_id VCID-g11a-wp5s-2qdh

summary

references

reference_url

http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00013.html

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00013.html

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-12418

reference_id

reference_type

scores

value	0.00481
scoring_system	epss
scoring_elements	0.65437
published_at	2026-05-30T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-12418

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://github.com/apache/tomcat/commit/1fc9f589dbdd8295cf313b2667ab041c425f99c3
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/1fc9f589dbdd8295cf313b2667ab041c425f99c3

reference_url	https://github.com/apache/tomcat/commit/a91d7db4047d372b2f12999d3cf2bc3254c20d00
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/a91d7db4047d372b2f12999d3cf2bc3254c20d00

reference_url	https://github.com/apache/tomcat/commit/bef3f40400243348d12f4abfe9b413f43897c02b
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/bef3f40400243348d12f4abfe9b413f43897c02b

reference_url

https://lists.apache.org/thread.html/43530b91506e2e0c11cfbe691173f5df8c48f51b98262426d7493b67%40%3Cannounce.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/43530b91506e2e0c11cfbe691173f5df8c48f51b98262426d7493b67%40%3Cannounce.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.debian.org/debian-lts-announce/2020/01/msg00024.html

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2020/01/msg00024.html

reference_url

https://lists.debian.org/debian-lts-announce/2020/03/msg00029.html

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2020/03/msg00029.html

reference_url

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20200107-0001

reference_url

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20200107-0001

reference_url	https://security.netapp.com/advisory/ntap-20200107-0001/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20200107-0001/

reference_url

https://support.f5.com/csp/article/K10107360?utm_source=f5support&utm_medium=RSS

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://support.f5.com/csp/article/K10107360?utm_source=f5support&utm_medium=RSS

reference_url

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url	https://usn.ubuntu.com/4251-1/
reference_id
reference_type
scores
url	https://usn.ubuntu.com/4251-1/

reference_url

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuapr2020.html

reference_url

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuapr2020.html

reference_url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12418

reference_id

CVE-2019-12418

reference_type

scores

value	Moderate
scoring_system	apache_tomcat
scoring_elements

url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12418

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-12418

reference_id

CVE-2019-12418

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2019-12418

reference_url

https://github.com/advisories/GHSA-hh3j-x4mc-g48r

reference_id

GHSA-hh3j-x4mc-g48r

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-hh3j-x4mc-g48r

fixed_packages

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.49

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.49

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2kta-z43d-2uhm

vulnerability	VCID-3gvy-wdjq-wkbn

vulnerability	VCID-4pgx-mk91-xyba

vulnerability	VCID-579s-dxd6-f3ek

vulnerability	VCID-7duy-zbjz-pkh2

vulnerability	VCID-8vwz-e3je-nyfn

vulnerability	VCID-cvz2-m9hs-7ker

vulnerability	VCID-f5cj-hyb5-6bd1

vulnerability	VCID-g8re-u2zv-t7ep

vulnerability	VCID-gq7b-ee2j-6kb4

vulnerability	VCID-jsuj-n9ym-bfdf

vulnerability	VCID-rcd8-dg2e-3keh

vulnerability	VCID-vayx-r1yd-yfcx

vulnerability	VCID-wj1q-ry9z-33af

vulnerability	VCID-wtt7-38dy-gbec

vulnerability	VCID-zd9x-yf4u-eqgf

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.49

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.29

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.29

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2kta-z43d-2uhm

vulnerability	VCID-4pgx-mk91-xyba

vulnerability	VCID-579s-dxd6-f3ek

vulnerability	VCID-7duy-zbjz-pkh2

vulnerability	VCID-8vwz-e3je-nyfn

vulnerability	VCID-cvz2-m9hs-7ker

vulnerability	VCID-f5cj-hyb5-6bd1

vulnerability	VCID-g8re-u2zv-t7ep

vulnerability	VCID-gq7b-ee2j-6kb4

vulnerability	VCID-jsuj-n9ym-bfdf

vulnerability	VCID-phdk-vrzg-wkdg

vulnerability	VCID-rcd8-dg2e-3keh

vulnerability	VCID-vayx-r1yd-yfcx

vulnerability	VCID-wj1q-ry9z-33af

vulnerability	VCID-wtt7-38dy-gbec

vulnerability	VCID-zd9x-yf4u-eqgf

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.29

aliases CVE-2019-12418, GHSA-hh3j-x4mc-g48r

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-g11a-wp5s-2qdh

url VCID-g8re-u2zv-t7ep

vulnerability_id VCID-g8re-u2zv-t7ep

summary information disclosure

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-24122

reference_id

reference_type

scores

value	0.61383
scoring_system	epss
scoring_elements	0.98346
published_at	2026-05-30T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-24122

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/7f004ac4531c45f9a2a2d1470561fe135cf27bc2

reference_url

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/7f004ac4531c45f9a2a2d1470561fe135cf27bc2

reference_url

https://github.com/apache/tomcat/commit/800b03140e640f8892f27021e681645e8e320177

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/800b03140e640f8892f27021e681645e8e320177

reference_url

https://github.com/apache/tomcat/commit/920dddbdb981f92e8d5872a4bb126a10af5ca8a9

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/920dddbdb981f92e8d5872a4bb126a10af5ca8a9

reference_url

https://github.com/apache/tomcat/commit/935fc5582dc25ae10bab6f9d5629ff8d996cb533

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/935fc5582dc25ae10bab6f9d5629ff8d996cb533

reference_url

https://lists.apache.org/thread.html/r1595889b083e05986f42b944dc43060d6b083022260b6ea64d2cec52@%3Cannounce.apache.org%3E

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r1595889b083e05986f42b944dc43060d6b083022260b6ea64d2cec52@%3Cannounce.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r1595889b083e05986f42b944dc43060d6b083022260b6ea64d2cec52@%3Cannounce.tomcat.apache.org%3E

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r1595889b083e05986f42b944dc43060d6b083022260b6ea64d2cec52@%3Cannounce.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r1595889b083e05986f42b944dc43060d6b083022260b6ea64d2cec52%40%3Cannounce.tomcat.apache.org%3E

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r1595889b083e05986f42b944dc43060d6b083022260b6ea64d2cec52%40%3Cannounce.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r7382e1e35b9bc7c8f320b90ad77e74c13172d08034e20c18000fe710@%3Cdev.tomee.apache.org%3E

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r7382e1e35b9bc7c8f320b90ad77e74c13172d08034e20c18000fe710@%3Cdev.tomee.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r776c64337495bf28b7d5597268114a888e3fad6045c40a0da0c66d4d@%3Cdev.tomee.apache.org%3E

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r776c64337495bf28b7d5597268114a888e3fad6045c40a0da0c66d4d@%3Cdev.tomee.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r7e0bb9ea415724550e2b325e143b23e269579e54d66fcd7754bd0c20@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r7e0bb9ea415724550e2b325e143b23e269579e54d66fcd7754bd0c20@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rb32a73b7cb919d4f44a2596b6b951274c0004fc8b0e393d6829a45f9@%3Cusers.tomcat.apache.org%3E

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rb32a73b7cb919d4f44a2596b6b951274c0004fc8b0e393d6829a45f9@%3Cusers.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rca833c6d42b7b9ce1563488c0929f29fcc95947d86e5e740258c8937@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rca833c6d42b7b9ce1563488c0929f29fcc95947d86e5e740258c8937@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.debian.org/debian-lts-announce/2021/03/msg00018.html

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2021/03/msg00018.html

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2021-24122

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2021-24122

reference_url

https://security.netapp.com/advisory/ntap-20210212-0008

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20210212-0008

reference_url

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com//security-alerts/cpujul2021.html

reference_url

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com//security-alerts/cpujul2021.html

reference_url

http://www.openwall.com/lists/oss-security/2021/01/14/1

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2021/01/14/1

reference_url

https://security.archlinux.org/AVG-1452

reference_id

AVG-1452

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1452

reference_url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24122

reference_id

CVE-2021-24122

reference_type

scores

value	Important
scoring_system	apache_tomcat
scoring_elements

url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24122

reference_url

https://github.com/advisories/GHSA-2rvv-w9r2-rg7m

reference_id

GHSA-2rvv-w9r2-rg7m

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-2rvv-w9r2-rg7m

fixed_packages

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.60

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.60

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2kta-z43d-2uhm

vulnerability	VCID-3gvy-wdjq-wkbn

vulnerability	VCID-4pgx-mk91-xyba

vulnerability	VCID-579s-dxd6-f3ek

vulnerability	VCID-5fj8-g5jf-wybu

vulnerability	VCID-7duy-zbjz-pkh2

vulnerability	VCID-9g9v-wsbr-hkde

vulnerability	VCID-h11m-szkg-p7c5

vulnerability	VCID-rcd8-dg2e-3keh

vulnerability	VCID-wj1q-ry9z-33af

vulnerability	VCID-wtt7-38dy-gbec

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.60

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.40

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.40

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1mms-9rqw-xqhq

vulnerability	VCID-2kta-z43d-2uhm

vulnerability	VCID-4pgx-mk91-xyba

vulnerability	VCID-579s-dxd6-f3ek

vulnerability	VCID-5fj8-g5jf-wybu

vulnerability	VCID-7duy-zbjz-pkh2

vulnerability	VCID-9g9v-wsbr-hkde

vulnerability	VCID-a8x5-hzkb-vuf4

vulnerability	VCID-h11m-szkg-p7c5

vulnerability	VCID-rcd8-dg2e-3keh

vulnerability	VCID-wj1q-ry9z-33af

vulnerability	VCID-wtt7-38dy-gbec

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.40

url	pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.0.0-M10
purl	pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.0.0-M10
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.0.0-M10

aliases CVE-2021-24122, GHSA-2rvv-w9r2-rg7m

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-g8re-u2zv-t7ep

url VCID-gq7b-ee2j-6kb4

vulnerability_id VCID-gq7b-ee2j-6kb4

summary denial of service

references

reference_url

http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00064.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00064.html

reference_url

http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00072.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00072.html

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-11996

reference_id

reference_type

scores

value	0.45121
scoring_system	epss
scoring_elements	0.97655
published_at	2026-05-30T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-11996

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/9434a44d3449d620b1be70206819f8275b4a7509

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/9434a44d3449d620b1be70206819f8275b4a7509

reference_url

https://github.com/apache/tomcat/commit/9a0231683a77e2957cea0fdee88b193b30b0c976

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/9a0231683a77e2957cea0fdee88b193b30b0c976

reference_url

https://github.com/apache/tomcat/commit/c8acd2ab7371e39aeca7c306f3b5380f00afe552

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/c8acd2ab7371e39aeca7c306f3b5380f00afe552

reference_url

https://lists.apache.org/thread.html/r2529016c311ce9485e6f173446d469600fdfbb94dccadfcd9dfdac79@%3Cusers.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r2529016c311ce9485e6f173446d469600fdfbb94dccadfcd9dfdac79@%3Cusers.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r3ea96d8f36dd404acce83df8aeb22a9e807d6c13ca9c5dec72f872cd@%3Cnotifications.ofbiz.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r3ea96d8f36dd404acce83df8aeb22a9e807d6c13ca9c5dec72f872cd@%3Cnotifications.ofbiz.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r5541ef6b6b68b49f76fc4c45695940116da2bcbe0312ef204a00a2e0%40%3Cannounce.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r5541ef6b6b68b49f76fc4c45695940116da2bcbe0312ef204a00a2e0%40%3Cannounce.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r5a4f80a6acc6607d61dae424b643b594c6188dd4e1eff04705c10db2@%3Cnotifications.ofbiz.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r5a4f80a6acc6607d61dae424b643b594c6188dd4e1eff04705c10db2@%3Cnotifications.ofbiz.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r6c29801370a36c1a5159679269777ad0c73276d3015b8bbefea66e5c@%3Cnotifications.ofbiz.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r6c29801370a36c1a5159679269777ad0c73276d3015b8bbefea66e5c@%3Cnotifications.ofbiz.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r74f5a8204efe574cbfcd95b2a16236fe95beb45c4d9fee3dc789dca9@%3Ccommits.ofbiz.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r74f5a8204efe574cbfcd95b2a16236fe95beb45c4d9fee3dc789dca9@%3Ccommits.ofbiz.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r8f3d416c193bc9384a8a7dd368623d441f5fcaff1057115008100561@%3Ccommits.ofbiz.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r8f3d416c193bc9384a8a7dd368623d441f5fcaff1057115008100561@%3Ccommits.ofbiz.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r8f7484589454638af527182ae55ef5b628ba00c05c5b11887c922fb1@%3Cnotifications.ofbiz.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r8f7484589454638af527182ae55ef5b628ba00c05c5b11887c922fb1@%3Cnotifications.ofbiz.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r93ca628ef3a4530dfe5ac49fddc795f0920a4b2a408b57a30926a42b@%3Ccommits.ofbiz.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r93ca628ef3a4530dfe5ac49fddc795f0920a4b2a408b57a30926a42b@%3Ccommits.ofbiz.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r9ad911fe49450ed9405827af0e7a74104041081ff91864b1f2546bbd@%3Cnotifications.ofbiz.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r9ad911fe49450ed9405827af0e7a74104041081ff91864b1f2546bbd@%3Cnotifications.ofbiz.apache.org%3E

reference_url

https://lists.apache.org/thread.html/ra7092f7492569b39b04ec0decf52628ba86c51f15efb38f5853e2760@%3Cnotifications.ofbiz.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/ra7092f7492569b39b04ec0decf52628ba86c51f15efb38f5853e2760@%3Cnotifications.ofbiz.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rb4ee49ecc4c59620ffd5e66e84a17e526c2c3cfa95d0cd682d90d338@%3Cnotifications.ofbiz.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rb4ee49ecc4c59620ffd5e66e84a17e526c2c3cfa95d0cd682d90d338@%3Cnotifications.ofbiz.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rb820f1a2a02bf07414be12c653c2ab5321fd87b9bf6c5e635c53ff4b@%3Cnotifications.ofbiz.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rb820f1a2a02bf07414be12c653c2ab5321fd87b9bf6c5e635c53ff4b@%3Cnotifications.ofbiz.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rc80b96b4b96618b2b7461cb90664a428cfd6605eea9f74e51b792542@%3Cnotifications.ofbiz.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rc80b96b4b96618b2b7461cb90664a428cfd6605eea9f74e51b792542@%3Cnotifications.ofbiz.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rea65d6ef2e45dd1c45faae83922042732866c7b88fa109b76c83db52@%3Cnotifications.ofbiz.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rea65d6ef2e45dd1c45faae83922042732866c7b88fa109b76c83db52@%3Cnotifications.ofbiz.apache.org%3E

reference_url

https://lists.apache.org/thread.html/ref0339792ac6dac1dba83c071a727ad72380899bde60f6aaad4031b9@%3Cnotifications.ofbiz.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/ref0339792ac6dac1dba83c071a727ad72380899bde60f6aaad4031b9@%3Cnotifications.ofbiz.apache.org%3E

reference_url

https://lists.debian.org/debian-lts-announce/2020/07/msg00010.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2020/07/msg00010.html

reference_url

https://security.netapp.com/advisory/ntap-20200709-0002

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20200709-0002

reference_url	https://security.netapp.com/advisory/ntap-20200709-0002/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20200709-0002/

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url	https://usn.ubuntu.com/4596-1/
reference_id
reference_type
scores
url	https://usn.ubuntu.com/4596-1/

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpujan2021.html

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpujan2021.html

reference_url

https://www.oracle.com/security-alerts/cpuoct2020.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuoct2020.html

reference_url

https://security.archlinux.org/AVG-1196

reference_id

AVG-1196

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1196

reference_url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11996

reference_id

CVE-2020-11996

reference_type

scores

value	Important
scoring_system	apache_tomcat
scoring_elements

url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11996

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-11996

reference_id

CVE-2020-11996

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2020-11996

reference_url

https://github.com/advisories/GHSA-53hp-jpwq-2jgq

reference_id

GHSA-53hp-jpwq-2jgq

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-53hp-jpwq-2jgq

fixed_packages

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.56

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.56

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2kta-z43d-2uhm

vulnerability	VCID-3gvy-wdjq-wkbn

vulnerability	VCID-4pgx-mk91-xyba

vulnerability	VCID-579s-dxd6-f3ek

vulnerability	VCID-7duy-zbjz-pkh2

vulnerability	VCID-8vwz-e3je-nyfn

vulnerability	VCID-9g9v-wsbr-hkde

vulnerability	VCID-g8re-u2zv-t7ep

vulnerability	VCID-rcd8-dg2e-3keh

vulnerability	VCID-vayx-r1yd-yfcx

vulnerability	VCID-wj1q-ry9z-33af

vulnerability	VCID-wtt7-38dy-gbec

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.56

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.36

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.36

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2kta-z43d-2uhm

vulnerability	VCID-4pgx-mk91-xyba

vulnerability	VCID-579s-dxd6-f3ek

vulnerability	VCID-7duy-zbjz-pkh2

vulnerability	VCID-8vwz-e3je-nyfn

vulnerability	VCID-9g9v-wsbr-hkde

vulnerability	VCID-g8re-u2zv-t7ep

vulnerability	VCID-rcd8-dg2e-3keh

vulnerability	VCID-vayx-r1yd-yfcx

vulnerability	VCID-wj1q-ry9z-33af

vulnerability	VCID-wtt7-38dy-gbec

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.36

aliases CVE-2020-11996, GHSA-53hp-jpwq-2jgq

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gq7b-ee2j-6kb4

url VCID-rcd8-dg2e-3keh

vulnerability_id VCID-rcd8-dg2e-3keh

summary

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-25122

reference_id

reference_type

scores

value	0.02775
scoring_system	epss
scoring_elements	0.86305
published_at	2026-05-30T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-25122

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://github.com/apache/tomcat/commit/bb0e7c1e0d737a0de7d794572517bce0e91d30fa
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/bb0e7c1e0d737a0de7d794572517bce0e91d30fa

reference_url	https://github.com/apache/tomcat/commit/d47c20a776e8919eaca8da9390a32bc8bf8210b1
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/d47c20a776e8919eaca8da9390a32bc8bf8210b1

reference_url	https://github.com/apache/tomcat/commit/dd757c0a893e2e35f8bc1385d6967221ae8b9b9b
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/dd757c0a893e2e35f8bc1385d6967221ae8b9b9b

reference_url

https://lists.apache.org/thread.html/r7b95bc248603360501f18c8eb03bb6001ec0ee3296205b34b07105b7@%3Cannounce.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r7b95bc248603360501f18c8eb03bb6001ec0ee3296205b34b07105b7@%3Cannounce.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r7b95bc248603360501f18c8eb03bb6001ec0ee3296205b34b07105b7@%3Cannounce.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r7b95bc248603360501f18c8eb03bb6001ec0ee3296205b34b07105b7@%3Cannounce.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r7b95bc248603360501f18c8eb03bb6001ec0ee3296205b34b07105b7@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r7b95bc248603360501f18c8eb03bb6001ec0ee3296205b34b07105b7@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r7b95bc248603360501f18c8eb03bb6001ec0ee3296205b34b07105b7@%3Cusers.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r7b95bc248603360501f18c8eb03bb6001ec0ee3296205b34b07105b7@%3Cusers.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r7b95bc248603360501f18c8eb03bb6001ec0ee3296205b34b07105b7%40%3Cannounce.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r7b95bc248603360501f18c8eb03bb6001ec0ee3296205b34b07105b7%40%3Cannounce.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rcd90bf36b1877e1310b87ecd14ed7bbb15da52b297efd9f0e7253a3b@%3Cusers.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rcd90bf36b1877e1310b87ecd14ed7bbb15da52b297efd9f0e7253a3b@%3Cusers.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rd0463f9a5cbc02a485404c4b990f0da452e5ac5c237808edba11c947@%3Cusers.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rd0463f9a5cbc02a485404c4b990f0da452e5ac5c237808edba11c947@%3Cusers.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rf6d5d57b114678d8898005faef31e9fd6d7c981fcc4ccfc3bc272fc9@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rf6d5d57b114678d8898005faef31e9fd6d7c981fcc4ccfc3bc272fc9@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.debian.org/debian-lts-announce/2021/03/msg00018.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2021/03/msg00018.html

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2021-25122

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2021-25122

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20210409-0002

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20210409-0002

reference_url	https://security.netapp.com/advisory/ntap-20210409-0002/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20210409-0002/

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpujan2022.html

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpujan2022.html

reference_url

https://www.oracle.com//security-alerts/cpujul2021.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com//security-alerts/cpujul2021.html

reference_url

https://www.oracle.com/security-alerts/cpuoct2021.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuoct2021.html

reference_url

http://www.openwall.com/lists/oss-security/2021/03/01/1

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2021/03/01/1

reference_url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25122

reference_id

CVE-2021-25122

reference_type

scores

value	Important
scoring_system	apache_tomcat
scoring_elements

url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25122

reference_url

https://github.com/advisories/GHSA-j39c-c8hj-x4j3

reference_id

GHSA-j39c-c8hj-x4j3

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-j39c-c8hj-x4j3

reference_url	https://usn.ubuntu.com/5360-1/
reference_id	USN-5360-1
reference_type
scores
url	https://usn.ubuntu.com/5360-1/

reference_url	https://usn.ubuntu.com/6943-1/
reference_id	USN-6943-1
reference_type
scores
url	https://usn.ubuntu.com/6943-1/

fixed_packages

url	pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.62
purl	pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.62
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.62

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.63

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.63

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2kta-z43d-2uhm

vulnerability	VCID-3gvy-wdjq-wkbn

vulnerability	VCID-4pgx-mk91-xyba

vulnerability	VCID-579s-dxd6-f3ek

vulnerability	VCID-5fj8-g5jf-wybu

vulnerability	VCID-9g9v-wsbr-hkde

vulnerability	VCID-wj1q-ry9z-33af

vulnerability	VCID-wtt7-38dy-gbec

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.63

url	pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.42
purl	pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.42
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.42

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.43

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.43

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2kta-z43d-2uhm

vulnerability	VCID-4pgx-mk91-xyba

vulnerability	VCID-579s-dxd6-f3ek

vulnerability	VCID-5fj8-g5jf-wybu

vulnerability	VCID-9g9v-wsbr-hkde

vulnerability	VCID-wj1q-ry9z-33af

vulnerability	VCID-wtt7-38dy-gbec

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.43

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.0.2

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.0.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2kta-z43d-2uhm

vulnerability	VCID-4pgx-mk91-xyba

vulnerability	VCID-579s-dxd6-f3ek

vulnerability	VCID-5fj8-g5jf-wybu

vulnerability	VCID-9g9v-wsbr-hkde

vulnerability	VCID-wj1q-ry9z-33af

vulnerability	VCID-wtt7-38dy-gbec

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.0.2

aliases CVE-2021-25122, GHSA-j39c-c8hj-x4j3

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rcd8-dg2e-3keh

url VCID-vayx-r1yd-yfcx

vulnerability_id VCID-vayx-r1yd-yfcx

summary information disclosure

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-17527

reference_id

reference_type

scores

value	0.10506
scoring_system	epss
scoring_elements	0.93378
published_at	2026-05-30T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-17527

reference_url

https://bz.apache.org/bugzilla/show_bug.cgi?id=64830

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://bz.apache.org/bugzilla/show_bug.cgi?id=64830

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/21e3408671aac7e0d7e264e720cac8b1b189eb29

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/21e3408671aac7e0d7e264e720cac8b1b189eb29

reference_url

https://github.com/apache/tomcat/commit/8d2fe6894d6e258a6d615d7f786acca80e6020cb

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/8d2fe6894d6e258a6d615d7f786acca80e6020cb

reference_url

https://github.com/apache/tomcat/commit/d56293f816d6dc9e2b47107f208fa9e95db58c65

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/d56293f816d6dc9e2b47107f208fa9e95db58c65

reference_url

https://lists.apache.org/thread.html/r26a2a66339087fc37db3caf201e446d3e83b5cce314371e235ff1784@%3Ccommits.tomee.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r26a2a66339087fc37db3caf201e446d3e83b5cce314371e235ff1784@%3Ccommits.tomee.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r2d6e05c5ff96f8068a59dfdb3800e9ee8d4e36ce1971783c6e5f9b20@%3Ccommits.tomee.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r2d6e05c5ff96f8068a59dfdb3800e9ee8d4e36ce1971783c6e5f9b20@%3Ccommits.tomee.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r5a285242737ddef4d338236328aaaf3237183e1465a5efafd16b99ed@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r5a285242737ddef4d338236328aaaf3237183e1465a5efafd16b99ed@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r8a227ac6a755a6406c1cc47dd48800e973d4cf13fe7fe68ac59c679c@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r8a227ac6a755a6406c1cc47dd48800e973d4cf13fe7fe68ac59c679c@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r9fd47f1b03e9b41d16a5cf72659b533887267d3398d963c2fff3abfa@%3Ccommits.tomee.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r9fd47f1b03e9b41d16a5cf72659b533887267d3398d963c2fff3abfa@%3Ccommits.tomee.apache.org%3E

reference_url

https://lists.apache.org/thread.html/ra35c8d617b17d59f400112cebadec43ad379f98198b4a9726190d7ee@%3Cissues.guacamole.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/ra35c8d617b17d59f400112cebadec43ad379f98198b4a9726190d7ee@%3Cissues.guacamole.apache.org%3E

reference_url

https://lists.apache.org/thread.html/ra9fcdb904dd2e2256ef90b3e4ced279cd464cb0ab63a6c64df5c010d@%3Cannounce.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/ra9fcdb904dd2e2256ef90b3e4ced279cd464cb0ab63a6c64df5c010d@%3Cannounce.apache.org%3E

reference_url

https://lists.apache.org/thread.html/ra9fcdb904dd2e2256ef90b3e4ced279cd464cb0ab63a6c64df5c010d@%3Cannounce.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/ra9fcdb904dd2e2256ef90b3e4ced279cd464cb0ab63a6c64df5c010d@%3Cannounce.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/raa0e9ad388c1e6fd1e301b5e080f9439f64cb4178119a86a4801cc53@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/raa0e9ad388c1e6fd1e301b5e080f9439f64cb4178119a86a4801cc53@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rabbe6b3ae6a9795641d7a05c00d2378d5bbbe4240b7e20f09b092cce@%3Cissues.guacamole.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rabbe6b3ae6a9795641d7a05c00d2378d5bbbe4240b7e20f09b092cce@%3Cissues.guacamole.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rbba08c4dcef3603e36276d49adda8eedbe458c5104314b4038f697e1@%3Cusers.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rbba08c4dcef3603e36276d49adda8eedbe458c5104314b4038f697e1@%3Cusers.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rca833c6d42b7b9ce1563488c0929f29fcc95947d86e5e740258c8937@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rca833c6d42b7b9ce1563488c0929f29fcc95947d86e5e740258c8937@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rce5ac9a40173651d540babce59f6f3825f12c6d4e886ba00823b11e5@%3Cannounce.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rce5ac9a40173651d540babce59f6f3825f12c6d4e886ba00823b11e5@%3Cannounce.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rce5ac9a40173651d540babce59f6f3825f12c6d4e886ba00823b11e5@%3Cannounce.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rce5ac9a40173651d540babce59f6f3825f12c6d4e886ba00823b11e5@%3Cannounce.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rce5ac9a40173651d540babce59f6f3825f12c6d4e886ba00823b11e5%40%3Cannounce.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rce5ac9a40173651d540babce59f6f3825f12c6d4e886ba00823b11e5%40%3Cannounce.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rd5babd13d7a350b369b2f647b4dd32ce678af42f9aba5389df1ae6ca@%3Cusers.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rd5babd13d7a350b369b2f647b4dd32ce678af42f9aba5389df1ae6ca@%3Cusers.tomcat.apache.org%3E

reference_url

https://lists.debian.org/debian-lts-announce/2020/12/msg00022.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2020/12/msg00022.html

reference_url

https://security.gentoo.org/glsa/202012-23

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.gentoo.org/glsa/202012-23

reference_url

https://security.netapp.com/advisory/ntap-20201210-0003

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20201210-0003

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.debian.org/security/2021/dsa-4835

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.debian.org/security/2021/dsa-4835

reference_url

https://www.oracle.com/security-alerts/cpuApr2021.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuApr2021.html

reference_url

https://www.oracle.com/security-alerts/cpuapr2022.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuapr2022.html

reference_url

https://www.oracle.com/security-alerts/cpujan2022.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpujan2022.html

reference_url

https://www.oracle.com//security-alerts/cpujul2021.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com//security-alerts/cpujul2021.html

reference_url

http://www.openwall.com/lists/oss-security/2020/12/03/3

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2020/12/03/3

reference_url	https://security.archlinux.org/ASA-202012-3
reference_id	ASA-202012-3
reference_type
scores
url	https://security.archlinux.org/ASA-202012-3

reference_url

https://security.archlinux.org/AVG-1317

reference_id

AVG-1317

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1317

reference_url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17527

reference_id

CVE-2020-17527

reference_type

scores

value	Moderate
scoring_system	apache_tomcat
scoring_elements

url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17527

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-17527

reference_id

CVE-2020-17527

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2020-17527

reference_url

https://github.com/advisories/GHSA-vvw4-rfwf-p6hx

reference_id

GHSA-vvw4-rfwf-p6hx

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-vvw4-rfwf-p6hx

reference_url	https://usn.ubuntu.com/5360-1/
reference_id	USN-5360-1
reference_type
scores
url	https://usn.ubuntu.com/5360-1/

fixed_packages

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.60

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.60

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2kta-z43d-2uhm

vulnerability	VCID-3gvy-wdjq-wkbn

vulnerability	VCID-4pgx-mk91-xyba

vulnerability	VCID-579s-dxd6-f3ek

vulnerability	VCID-5fj8-g5jf-wybu

vulnerability	VCID-7duy-zbjz-pkh2

vulnerability	VCID-9g9v-wsbr-hkde

vulnerability	VCID-h11m-szkg-p7c5

vulnerability	VCID-rcd8-dg2e-3keh

vulnerability	VCID-wj1q-ry9z-33af

vulnerability	VCID-wtt7-38dy-gbec

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.60

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.40

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.40

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1mms-9rqw-xqhq

vulnerability	VCID-2kta-z43d-2uhm

vulnerability	VCID-4pgx-mk91-xyba

vulnerability	VCID-579s-dxd6-f3ek

vulnerability	VCID-5fj8-g5jf-wybu

vulnerability	VCID-7duy-zbjz-pkh2

vulnerability	VCID-9g9v-wsbr-hkde

vulnerability	VCID-a8x5-hzkb-vuf4

vulnerability	VCID-h11m-szkg-p7c5

vulnerability	VCID-rcd8-dg2e-3keh

vulnerability	VCID-wj1q-ry9z-33af

vulnerability	VCID-wtt7-38dy-gbec

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.40

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.0.2

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.0.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2kta-z43d-2uhm

vulnerability	VCID-4pgx-mk91-xyba

vulnerability	VCID-579s-dxd6-f3ek

vulnerability	VCID-5fj8-g5jf-wybu

vulnerability	VCID-9g9v-wsbr-hkde

vulnerability	VCID-wj1q-ry9z-33af

vulnerability	VCID-wtt7-38dy-gbec

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.0.2

aliases CVE-2020-17527, GHSA-vvw4-rfwf-p6hx

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vayx-r1yd-yfcx

url VCID-wj1q-ry9z-33af

vulnerability_id VCID-wj1q-ry9z-33af

summary

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-41079

reference_id

reference_type

scores

value	0.00103
scoring_system	epss
scoring_elements	0.27843
published_at	2026-05-30T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-41079

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/34115fb3c83f6cd97772232316a492a4cc5729e0

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/34115fb3c83f6cd97772232316a492a4cc5729e0

reference_url	https://github.com/apache/tomcat/commit/b90d4fc1ff44f30e4b3aba622ba6677e3f003822
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/b90d4fc1ff44f30e4b3aba622ba6677e3f003822

reference_url	https://github.com/apache/tomcat/commit/d4b340fa8feaf55831f9a59350578f7b6ca048b8
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/d4b340fa8feaf55831f9a59350578f7b6ca048b8

reference_url

https://lists.apache.org/thread.html/r6b6b674e3f168dd010e67dbe6848b866e2acf26371452fdae313b98a@%3Cusers.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r6b6b674e3f168dd010e67dbe6848b866e2acf26371452fdae313b98a@%3Cusers.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rb4de81ac647043541a32881099aa6eb5a23f1b7fd116f713f8ab9dbe@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rb4de81ac647043541a32881099aa6eb5a23f1b7fd116f713f8ab9dbe@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rccdef0349fdf4fb73a4e4403095446d7fe6264e0a58e2df5c6799434%40%3Cannounce.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rccdef0349fdf4fb73a4e4403095446d7fe6264e0a58e2df5c6799434%40%3Cannounce.tomcat.apache.org%3E

reference_url

https://lists.debian.org/debian-lts-announce/2021/09/msg00012.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2021/09/msg00012.html

reference_url

https://security.netapp.com/advisory/ntap-20211008-0005

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20211008-0005

reference_url	https://security.netapp.com/advisory/ntap-20211008-0005/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20211008-0005/

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41079

reference_url

reference_id

CVE-2021-41079

reference_type

scores

value	Important
scoring_system	apache_tomcat
scoring_elements

url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41079

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2021-41079

reference_id

CVE-2021-41079

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2021-41079

reference_url

https://github.com/advisories/GHSA-59g9-7gfx-c72p

reference_id

GHSA-59g9-7gfx-c72p

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-59g9-7gfx-c72p

reference_url	https://usn.ubuntu.com/5360-1/
reference_id	USN-5360-1
reference_type
scores
url	https://usn.ubuntu.com/5360-1/

reference_url	https://usn.ubuntu.com/6943-1/
reference_id	USN-6943-1
reference_type
scores
url	https://usn.ubuntu.com/6943-1/

fixed_packages

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.64

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.64

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2kta-z43d-2uhm

vulnerability	VCID-3gvy-wdjq-wkbn

vulnerability	VCID-4pgx-mk91-xyba

vulnerability	VCID-579s-dxd6-f3ek

vulnerability	VCID-5fj8-g5jf-wybu

vulnerability	VCID-9g9v-wsbr-hkde

vulnerability	VCID-wtt7-38dy-gbec

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.64

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.44

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.44

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2kta-z43d-2uhm

vulnerability	VCID-4pgx-mk91-xyba

vulnerability	VCID-579s-dxd6-f3ek

vulnerability	VCID-5fj8-g5jf-wybu

vulnerability	VCID-9g9v-wsbr-hkde

vulnerability	VCID-wtt7-38dy-gbec

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.44

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.0.4

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.0.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2kta-z43d-2uhm

vulnerability	VCID-4pgx-mk91-xyba

vulnerability	VCID-579s-dxd6-f3ek

vulnerability	VCID-5fj8-g5jf-wybu

vulnerability	VCID-9g9v-wsbr-hkde

vulnerability	VCID-wtt7-38dy-gbec

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.0.4

aliases CVE-2021-41079, GHSA-59g9-7gfx-c72p

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wj1q-ry9z-33af

url VCID-wtt7-38dy-gbec

vulnerability_id VCID-wtt7-38dy-gbec

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-42252.json

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-42252.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-42252

reference_id

reference_type

scores

value	0.0029
scoring_system	epss
scoring_elements	0.52618
published_at	2026-05-30T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-42252

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/0d089a15047faf9cb3c82f80f4d28febd4798920

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/0d089a15047faf9cb3c82f80f4d28febd4798920

reference_url

https://github.com/apache/tomcat/commit/4c7f4fd09d2cc1692112ef70b8ee23a7a037ae77

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/4c7f4fd09d2cc1692112ef70b8ee23a7a037ae77

reference_url

https://github.com/apache/tomcat/commit/a1c07906d8dcaf7957e5cc97f5cdbac7d18a205a

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/a1c07906d8dcaf7957e5cc97f5cdbac7d18a205a

reference_url

https://github.com/apache/tomcat/commit/c9fe754e5d17e262dfbd3eab2a03ca96ff372dc3

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/c9fe754e5d17e262dfbd3eab2a03ca96ff372dc3

reference_url

https://lists.apache.org/thread/zzcxzvqfdqn515zfs3dxb7n8gty589sq

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-06T15:08:43Z/

url

https://lists.apache.org/thread/zzcxzvqfdqn515zfs3dxb7n8gty589sq

reference_url

https://security.gentoo.org/glsa/202305-37

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-06T15:08:43Z/

url

https://security.gentoo.org/glsa/202305-37

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42252

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2141329
reference_id	2141329
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2141329

reference_url

reference_id

CVE-2022-42252

reference_type

scores

value	Low
scoring_system	apache_tomcat
scoring_elements

url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42252

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2022-42252

reference_id

CVE-2022-42252

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2022-42252

reference_url

https://github.com/advisories/GHSA-p22x-g9px-3945

reference_id

GHSA-p22x-g9px-3945

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-p22x-g9px-3945

reference_url	https://access.redhat.com/errata/RHSA-2023:1663
reference_id	RHSA-2023:1663
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:1663

reference_url	https://access.redhat.com/errata/RHSA-2023:1664
reference_id	RHSA-2023:1664
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:1664

reference_url	https://usn.ubuntu.com/6880-1/
reference_id	USN-6880-1
reference_type
scores
url	https://usn.ubuntu.com/6880-1/

fixed_packages

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.83

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.83

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-a8x5-hzkb-vuf4

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.83

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.68

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.68

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-a8x5-hzkb-vuf4

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.68

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.0.27

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.0.27

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5fj8-g5jf-wybu

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.0.27

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.1

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-a8x5-hzkb-vuf4

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.1

aliases CVE-2022-42252, GHSA-p22x-g9px-3945

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wtt7-38dy-gbec

url VCID-zd9x-yf4u-eqgf

vulnerability_id VCID-zd9x-yf4u-eqgf

summary

references

reference_url

http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00025.html

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00025.html

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-1935

reference_id

reference_type

scores

value	0.01382
scoring_system	epss
scoring_elements	0.80613
published_at	2026-05-30T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-1935

reference_url	https://github.com/apache/tomcat/commit/702bf15bea292915684d931526d95d4990b2e73d
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/702bf15bea292915684d931526d95d4990b2e73d

reference_url	https://github.com/apache/tomcat/commit/8bfb0ff7f25fe7555a5eb2f7984f73546c11aa26
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/8bfb0ff7f25fe7555a5eb2f7984f73546c11aa26

reference_url	https://github.com/apache/tomcat/commit/8fbe2e962f0ea138d92361921643fe5abe0c4f56
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/8fbe2e962f0ea138d92361921643fe5abe0c4f56

reference_url

https://lists.apache.org/thread.html/r127f76181aceffea2bd4711b03c595d0f115f63e020348fe925a916c%40%3Cannounce.tomcat.apache.org%3E

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r127f76181aceffea2bd4711b03c595d0f115f63e020348fe925a916c%40%3Cannounce.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r441c1f30a252bf14b07396286f6abd8089ce4240e91323211f1a2d75@%3Cusers.tomcat.apache.org%3E

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r441c1f30a252bf14b07396286f6abd8089ce4240e91323211f1a2d75@%3Cusers.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r660cd379afe346f10d72c0eaa8459ccc95d83aff181671b7e9076919@%3Cusers.tomcat.apache.org%3E

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r660cd379afe346f10d72c0eaa8459ccc95d83aff181671b7e9076919@%3Cusers.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r7bc994c965a34876bd94d5ff15b4e1e30b6220a15eb9b47c81915b78@%3Ccommits.tomee.apache.org%3E

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r7bc994c965a34876bd94d5ff15b4e1e30b6220a15eb9b47c81915b78@%3Ccommits.tomee.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r80e9c8417c77d52c62809168b96912bda70ddf7748f19f8210f745b1@%3Cusers.tomcat.apache.org%3E

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r80e9c8417c77d52c62809168b96912bda70ddf7748f19f8210f745b1@%3Cusers.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r9ce7918faf347e7aac32be930bf26c233b0b140fe37af0bb294158b6@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r9ce7918faf347e7aac32be930bf26c233b0b140fe37af0bb294158b6@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/ra5dee390ad2d60307b8362505c059cd6a726de4d146d63dfce1e05e7@%3Cusers.tomcat.apache.org%3E

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/ra5dee390ad2d60307b8362505c059cd6a726de4d146d63dfce1e05e7@%3Cusers.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rc31cbabb46cdc58bbdd8519a8f64b6236b2635a3922bbeba0f0e3743@%3Ccommits.tomee.apache.org%3E

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rc31cbabb46cdc58bbdd8519a8f64b6236b2635a3922bbeba0f0e3743@%3Ccommits.tomee.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rd547be0c9d821b4b1000a694b8e58ef9f5e2d66db03a31dfe77c4b18@%3Cusers.tomcat.apache.org%3E

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rd547be0c9d821b4b1000a694b8e58ef9f5e2d66db03a31dfe77c4b18@%3Cusers.tomcat.apache.org%3E

reference_url

https://lists.debian.org/debian-lts-announce/2020/03/msg00006.html

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2020/03/msg00006.html

reference_url

https://lists.debian.org/debian-lts-announce/2020/05/msg00026.html

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2020/05/msg00026.html

reference_url

https://security.netapp.com/advisory/ntap-20200327-0005

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20200327-0005

reference_url	https://security.netapp.com/advisory/ntap-20200327-0005/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20200327-0005/

reference_url

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://www.debian.org/security/2020/dsa-4673

reference_url	https://usn.ubuntu.com/4448-1/
reference_id
reference_type
scores
url	https://usn.ubuntu.com/4448-1/

reference_url

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://www.debian.org/security/2020/dsa-4673

reference_url

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpujan2021.html

reference_url

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpujan2021.html

reference_url

https://www.oracle.com/security-alerts/cpujul2020.html

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpujul2020.html

reference_url

https://www.oracle.com/security-alerts/cpuoct2020.html

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuoct2020.html

reference_url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1935

reference_id

CVE-2020-1935

reference_type

scores

value	Low
scoring_system	apache_tomcat
scoring_elements

url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1935

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-1935

reference_id

CVE-2020-1935

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2020-1935

reference_url

https://github.com/advisories/GHSA-qxf4-chvg-4r8r

reference_id

GHSA-qxf4-chvg-4r8r

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-qxf4-chvg-4r8r

fixed_packages

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.51

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.51

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2kta-z43d-2uhm

vulnerability	VCID-3gvy-wdjq-wkbn

vulnerability	VCID-4pgx-mk91-xyba

vulnerability	VCID-579s-dxd6-f3ek

vulnerability	VCID-7duy-zbjz-pkh2

vulnerability	VCID-8vwz-e3je-nyfn

vulnerability	VCID-9g9v-wsbr-hkde

vulnerability	VCID-f5cj-hyb5-6bd1

vulnerability	VCID-g8re-u2zv-t7ep

vulnerability	VCID-gq7b-ee2j-6kb4

vulnerability	VCID-rcd8-dg2e-3keh

vulnerability	VCID-vayx-r1yd-yfcx

vulnerability	VCID-wj1q-ry9z-33af

vulnerability	VCID-wtt7-38dy-gbec

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.51

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.31

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.31

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2kta-z43d-2uhm

vulnerability	VCID-4pgx-mk91-xyba

vulnerability	VCID-579s-dxd6-f3ek

vulnerability	VCID-7duy-zbjz-pkh2

vulnerability	VCID-8vwz-e3je-nyfn

vulnerability	VCID-9g9v-wsbr-hkde

vulnerability	VCID-f5cj-hyb5-6bd1

vulnerability	VCID-g8re-u2zv-t7ep

vulnerability	VCID-gq7b-ee2j-6kb4

vulnerability	VCID-phdk-vrzg-wkdg

vulnerability	VCID-rcd8-dg2e-3keh

vulnerability	VCID-vayx-r1yd-yfcx

vulnerability	VCID-wj1q-ry9z-33af

vulnerability	VCID-wtt7-38dy-gbec

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.31

aliases CVE-2020-1935, GHSA-qxf4-chvg-4r8r

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zd9x-yf4u-eqgf

Fixing_vulnerabilities

url VCID-a156-e8a1-pufm

vulnerability_id VCID-a156-e8a1-pufm

summary

references

reference_url

http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00090.html

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00090.html

reference_url

http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00054.html

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00054.html

reference_url

http://packetstormsecurity.com/files/163457/Apache-Tomcat-9.0.0.M1-Cross-Site-Scripting.html

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://packetstormsecurity.com/files/163457/Apache-Tomcat-9.0.0.M1-Cross-Site-Scripting.html

reference_url

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://api.first.org/data/v1/epss?cve=CVE-2019-0221

reference_url

reference_id

reference_type

scores

value	0.14481
scoring_system	epss
scoring_elements	0.94555
published_at	2026-05-30T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-0221

reference_url

http://seclists.org/fulldisclosure/2019/May/50

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://seclists.org/fulldisclosure/2019/May/50

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/15fcd166ea2c1bb79e8541b8e1a43da9c452ceea

reference_url

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/15fcd166ea2c1bb79e8541b8e1a43da9c452ceea

reference_url

https://github.com/apache/tomcat/commit/44ec74c44dcd05cd7e90967c04d40b51440ecd7e

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/44ec74c44dcd05cd7e90967c04d40b51440ecd7e

reference_url

https://github.com/apache/tomcat/commit/4fcdf706f3ecf35912a600242f89637f5acb32da

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/4fcdf706f3ecf35912a600242f89637f5acb32da

reference_url

https://lists.apache.org/thread.html/6e6e9eacf7b28fd63d249711e9d3ccd4e0a83f556e324aee37be5a8c@%3Cannounce.tomcat.apache.org%3E

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/6e6e9eacf7b28fd63d249711e9d3ccd4e0a83f556e324aee37be5a8c@%3Cannounce.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/6e6e9eacf7b28fd63d249711e9d3ccd4e0a83f556e324aee37be5a8c%40%3Cannounce.tomcat.apache.org%3E

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/6e6e9eacf7b28fd63d249711e9d3ccd4e0a83f556e324aee37be5a8c%40%3Cannounce.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d%40%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d%40%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0%40%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0%40%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9%40%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9%40%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c@%3Cannounce.apache.org%3E

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c@%3Cannounce.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c%40%3Cannounce.apache.org%3E

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c%40%3Cannounce.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a%40%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a%40%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.debian.org/debian-lts-announce/2019/05/msg00044.html

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2019/05/msg00044.html

reference_url

https://lists.debian.org/debian-lts-announce/2019/08/msg00015.html

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2019/08/msg00015.html

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NPHQEL5AQ6LZSZD2Y6TYZ4RC3WI7NXJ3

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NPHQEL5AQ6LZSZD2Y6TYZ4RC3WI7NXJ3

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQTZ5BJ5F4KV6N53SGNKSW3UY5DBIQ46

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQTZ5BJ5F4KV6N53SGNKSW3UY5DBIQ46

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NPHQEL5AQ6LZSZD2Y6TYZ4RC3WI7NXJ3

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NPHQEL5AQ6LZSZD2Y6TYZ4RC3WI7NXJ3

reference_url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NPHQEL5AQ6LZSZD2Y6TYZ4RC3WI7NXJ3/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NPHQEL5AQ6LZSZD2Y6TYZ4RC3WI7NXJ3/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQTZ5BJ5F4KV6N53SGNKSW3UY5DBIQ46

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQTZ5BJ5F4KV6N53SGNKSW3UY5DBIQ46

reference_url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQTZ5BJ5F4KV6N53SGNKSW3UY5DBIQ46/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQTZ5BJ5F4KV6N53SGNKSW3UY5DBIQ46/

reference_url

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20190606-0001

reference_url

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20190606-0001

reference_url	https://security.netapp.com/advisory/ntap-20190606-0001/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20190606-0001/

reference_url

https://support.f5.com/csp/article/K13184144?utm_source=f5support&amp%3Butm_medium=RSS

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://support.f5.com/csp/article/K13184144?utm_source=f5support&amp%3Butm_medium=RSS

reference_url

https://support.f5.com/csp/article/K13184144?utm_source=f5support&utm_medium=RSS

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://support.f5.com/csp/article/K13184144?utm_source=f5support&utm_medium=RSS

reference_url

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

reference_url	https://usn.ubuntu.com/4128-1/
reference_id
reference_type
scores
url	https://usn.ubuntu.com/4128-1/

reference_url

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20200227055048/http://www.securityfocus.com/bid/108545

reference_url	https://usn.ubuntu.com/4128-2/
reference_id
reference_type
scores
url	https://usn.ubuntu.com/4128-2/

reference_url

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20200227055048/http://www.securityfocus.com/bid/108545

reference_url

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuapr2020.html

reference_url

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuapr2020.html

reference_url

https://www.oracle.com/security-alerts/cpuApr2021.html

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuApr2021.html

reference_url

https://www.oracle.com/security-alerts/cpujan2020.html

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpujan2020.html

reference_url

https://wwws.nightwatchcybersecurity.com/2019/05/27/xss-in-ssi-printenv-command-apache-tomcat-cve-2019-0221

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://wwws.nightwatchcybersecurity.com/2019/05/27/xss-in-ssi-printenv-command-apache-tomcat-cve-2019-0221

reference_url	https://wwws.nightwatchcybersecurity.com/2019/05/27/xss-in-ssi-printenv-command-apache-tomcat-cve-2019-0221/
reference_id
reference_type
scores
url	https://wwws.nightwatchcybersecurity.com/2019/05/27/xss-in-ssi-printenv-command-apache-tomcat-cve-2019-0221/

reference_url	http://www.securityfocus.com/bid/108545
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/108545

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929895
reference_id	929895
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929895

reference_url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0221

reference_id

CVE-2019-0221

reference_type

scores

value	Low
scoring_system	apache_tomcat
scoring_elements

url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0221

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/50119.txt
reference_id	CVE-2019-0221
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/50119.txt

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-0221

reference_id

CVE-2019-0221

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2019-0221

reference_url

https://github.com/advisories/GHSA-jjpq-gp5q-8q6w

reference_id

GHSA-jjpq-gp5q-8q6w

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-jjpq-gp5q-8q6w

reference_url	https://usn.ubuntu.com/6908-1/
reference_id	USN-6908-1
reference_type
scores
url	https://usn.ubuntu.com/6908-1/

fixed_packages

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@7.0.94

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@7.0.94

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-579s-dxd6-f3ek

vulnerability	VCID-7duy-zbjz-pkh2

vulnerability	VCID-cvz2-m9hs-7ker

vulnerability	VCID-f5cj-hyb5-6bd1

vulnerability	VCID-g11a-wp5s-2qdh

vulnerability	VCID-g8re-u2zv-t7ep

vulnerability	VCID-phdk-vrzg-wkdg

vulnerability	VCID-zd9x-yf4u-eqgf

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@7.0.94

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.40

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.40

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2kta-z43d-2uhm

vulnerability	VCID-3gvy-wdjq-wkbn

vulnerability	VCID-4pgx-mk91-xyba

vulnerability	VCID-579s-dxd6-f3ek

vulnerability	VCID-7duy-zbjz-pkh2

vulnerability	VCID-8vwz-e3je-nyfn

vulnerability	VCID-cvz2-m9hs-7ker

vulnerability	VCID-f5cj-hyb5-6bd1

vulnerability	VCID-g11a-wp5s-2qdh

vulnerability	VCID-g8re-u2zv-t7ep

vulnerability	VCID-gq7b-ee2j-6kb4

vulnerability	VCID-rcd8-dg2e-3keh

vulnerability	VCID-vayx-r1yd-yfcx

vulnerability	VCID-wj1q-ry9z-33af

vulnerability	VCID-wtt7-38dy-gbec

vulnerability	VCID-zd9x-yf4u-eqgf

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.40

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.17

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.17

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2kta-z43d-2uhm

vulnerability	VCID-3gvy-wdjq-wkbn

vulnerability	VCID-4pgx-mk91-xyba

vulnerability	VCID-579s-dxd6-f3ek

vulnerability	VCID-7duy-zbjz-pkh2

vulnerability	VCID-8vwz-e3je-nyfn

vulnerability	VCID-bxhh-7y6z-vya3

vulnerability	VCID-cvz2-m9hs-7ker

vulnerability	VCID-f5cj-hyb5-6bd1

vulnerability	VCID-g11a-wp5s-2qdh

vulnerability	VCID-g8re-u2zv-t7ep

vulnerability	VCID-gq7b-ee2j-6kb4

vulnerability	VCID-phdk-vrzg-wkdg

vulnerability	VCID-rcd8-dg2e-3keh

vulnerability	VCID-vayx-r1yd-yfcx

vulnerability	VCID-wj1q-ry9z-33af

vulnerability	VCID-wtt7-38dy-gbec

vulnerability	VCID-zd9x-yf4u-eqgf

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.17

aliases CVE-2019-0221, GHSA-jjpq-gp5q-8q6w

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a156-e8a1-pufm

url VCID-bxhh-7y6z-vya3

vulnerability_id VCID-bxhh-7y6z-vya3

summary

references

reference_url

http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00013.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00013.html

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://api.first.org/data/v1/epss?cve=CVE-2019-10072

reference_url

reference_id

reference_type

scores

value	0.713
scoring_system	epss
scoring_elements	0.98741
published_at	2026-05-30T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-10072

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/0bcd69c9dd8ae0ff424f2cd46de51583510b7f35

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/0bcd69c9dd8ae0ff424f2cd46de51583510b7f35

reference_url

https://github.com/apache/tomcat/commit/7f748eb6bfaba5207c89dbd7d5adf50fae847145

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/7f748eb6bfaba5207c89dbd7d5adf50fae847145

reference_url

https://github.com/apache/tomcat/commit/8d14c6f21d29768a39be4b6b9517060dc6606758

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/8d14c6f21d29768a39be4b6b9517060dc6606758

reference_url

https://github.com/apache/tomcat/commit/ada725a50a60867af3422c8e612aecaeea856a9a

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/ada725a50a60867af3422c8e612aecaeea856a9a

reference_url

https://lists.apache.org/thread.html/df1a2c1b87c8a6c500ecdbbaf134c7f1491c8d79d98b48c6b9f0fa6a@%3Cannounce.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/df1a2c1b87c8a6c500ecdbbaf134c7f1491c8d79d98b48c6b9f0fa6a@%3Cannounce.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/df1a2c1b87c8a6c500ecdbbaf134c7f1491c8d79d98b48c6b9f0fa6a%40%3Cannounce.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/df1a2c1b87c8a6c500ecdbbaf134c7f1491c8d79d98b48c6b9f0fa6a%40%3Cannounce.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d%40%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d%40%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0%40%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0%40%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9%40%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9%40%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a%40%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a%40%3Cdev.tomcat.apache.org%3E

reference_url

https://security.netapp.com/advisory/ntap-20190625-0002

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20190625-0002

reference_url	https://security.netapp.com/advisory/ntap-20190625-0002/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20190625-0002/

reference_url

https://support.f5.com/csp/article/K17321505

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://support.f5.com/csp/article/K17321505

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url	https://usn.ubuntu.com/4128-1/
reference_id
reference_type
scores
url	https://usn.ubuntu.com/4128-1/

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20200227033743/http://www.securityfocus.com/bid/108874

reference_url	https://usn.ubuntu.com/4128-2/
reference_id
reference_type
scores
url	https://usn.ubuntu.com/4128-2/

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20200227033743/http://www.securityfocus.com/bid/108874

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuapr2020.html

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuapr2020.html

reference_url

https://www.oracle.com/security-alerts/cpuApr2021.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuApr2021.html

reference_url

https://www.oracle.com/security-alerts/cpujan2020.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpujan2020.html

reference_url

https://www.oracle.com/security-alerts/cpuoct2020.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuoct2020.html

reference_url

https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html

reference_url	https://www.securityfocus.com/bid/108874
reference_id
reference_type
scores
url	https://www.securityfocus.com/bid/108874

reference_url

https://www.synology.com/security/advisory/Synology_SA_19_29

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.synology.com/security/advisory/Synology_SA_19_29

reference_url	http://www.securityfocus.com/bid/108874
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/108874

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931131
reference_id	931131
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931131

reference_url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10072

reference_id

CVE-2019-10072

reference_type

scores

value	Important
scoring_system	apache_tomcat
scoring_elements

url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10072

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-10072

reference_id

CVE-2019-10072

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2019-10072

reference_url

https://github.com/advisories/GHSA-q4hg-rmq2-52q9

reference_id

GHSA-q4hg-rmq2-52q9

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-q4hg-rmq2-52q9

fixed_packages

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.40

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.40

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2kta-z43d-2uhm

vulnerability	VCID-3gvy-wdjq-wkbn

vulnerability	VCID-4pgx-mk91-xyba

vulnerability	VCID-579s-dxd6-f3ek

vulnerability	VCID-7duy-zbjz-pkh2

vulnerability	VCID-8vwz-e3je-nyfn

vulnerability	VCID-cvz2-m9hs-7ker

vulnerability	VCID-f5cj-hyb5-6bd1

vulnerability	VCID-g11a-wp5s-2qdh

vulnerability	VCID-g8re-u2zv-t7ep

vulnerability	VCID-gq7b-ee2j-6kb4

vulnerability	VCID-rcd8-dg2e-3keh

vulnerability	VCID-vayx-r1yd-yfcx

vulnerability	VCID-wj1q-ry9z-33af

vulnerability	VCID-wtt7-38dy-gbec

vulnerability	VCID-zd9x-yf4u-eqgf

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.40

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.41

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.41

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2kta-z43d-2uhm

vulnerability	VCID-3gvy-wdjq-wkbn

vulnerability	VCID-4pgx-mk91-xyba

vulnerability	VCID-579s-dxd6-f3ek

vulnerability	VCID-7duy-zbjz-pkh2

vulnerability	VCID-8vwz-e3je-nyfn

vulnerability	VCID-cvz2-m9hs-7ker

vulnerability	VCID-f5cj-hyb5-6bd1

vulnerability	VCID-g11a-wp5s-2qdh

vulnerability	VCID-g8re-u2zv-t7ep

vulnerability	VCID-gq7b-ee2j-6kb4

vulnerability	VCID-rcd8-dg2e-3keh

vulnerability	VCID-vayx-r1yd-yfcx

vulnerability	VCID-wj1q-ry9z-33af

vulnerability	VCID-wtt7-38dy-gbec

vulnerability	VCID-zd9x-yf4u-eqgf

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.41

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.20

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.20

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2kta-z43d-2uhm

vulnerability	VCID-4pgx-mk91-xyba

vulnerability	VCID-579s-dxd6-f3ek

vulnerability	VCID-7duy-zbjz-pkh2

vulnerability	VCID-8vwz-e3je-nyfn

vulnerability	VCID-cvz2-m9hs-7ker

vulnerability	VCID-f5cj-hyb5-6bd1

vulnerability	VCID-g11a-wp5s-2qdh

vulnerability	VCID-g8re-u2zv-t7ep

vulnerability	VCID-gq7b-ee2j-6kb4

vulnerability	VCID-phdk-vrzg-wkdg

vulnerability	VCID-rcd8-dg2e-3keh

vulnerability	VCID-vayx-r1yd-yfcx

vulnerability	VCID-wj1q-ry9z-33af

vulnerability	VCID-wtt7-38dy-gbec

vulnerability	VCID-zd9x-yf4u-eqgf

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.20

aliases CVE-2019-10072, GHSA-q4hg-rmq2-52q9

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bxhh-7y6z-vya3

url VCID-xqpc-truy-2fhv

vulnerability_id VCID-xqpc-truy-2fhv

summary

references

reference_url

http://packetstormsecurity.com/files/153506/Apache-Tomcat-CGIServlet-enableCmdLineArguments-Remote-Code-Execution.html

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://packetstormsecurity.com/files/153506/Apache-Tomcat-CGIServlet-enableCmdLineArguments-Remote-Code-Execution.html

reference_url

https://access.redhat.com/errata/RHSA-2019:1712

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2019:1712

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-0232

reference_id

reference_type

scores

value	0.94221
scoring_system	epss
scoring_elements	0.99928
published_at	2026-05-30T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-0232

reference_url

https://blog.trendmicro.com/trendlabs-security-intelligence/uncovering-cve-2019-0232-a-remote-code-execution-vulnerability-in-apache-tomcat

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://blog.trendmicro.com/trendlabs-security-intelligence/uncovering-cve-2019-0232-a-remote-code-execution-vulnerability-in-apache-tomcat

reference_url	https://blog.trendmicro.com/trendlabs-security-intelligence/uncovering-cve-2019-0232-a-remote-code-execution-vulnerability-in-apache-tomcat/
reference_id
reference_type
scores
url	https://blog.trendmicro.com/trendlabs-security-intelligence/uncovering-cve-2019-0232-a-remote-code-execution-vulnerability-in-apache-tomcat/

reference_url

https://codewhitesec.blogspot.com/2016/02/java-and-command-line-injections-in-windows.html

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://codewhitesec.blogspot.com/2016/02/java-and-command-line-injections-in-windows.html

reference_url

http://seclists.org/fulldisclosure/2019/May/4

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://seclists.org/fulldisclosure/2019/May/4

reference_url

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url