Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/org.apache.tomcat.embed/tomcat-embed-core@7.0.109
Typemaven
Namespaceorg.apache.tomcat.embed
Nametomcat-embed-core
Version7.0.109
Qualifiers
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version8.0.4
Latest_non_vulnerable_version11.0.18
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-dk58-p9py-rka9
vulnerability_id VCID-dk58-p9py-rka9
summary 
Improper Authentication
A vulnerability in the JNDI Realm of Apache Tomcat allows an attacker to authenticate using variations of a valid user name and/or to bypass some of the protection provided by the `LockOut Realm`.
references
0
reference_url https://lists.apache.org/thread.html/r59f9ef03929d32120f91f4ea7e6e79edd5688d75d0a9b65fd26d1fe8%40%3Cannounce.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r59f9ef03929d32120f91f4ea7e6e79edd5688d75d0a9b65fd26d1fe8%40%3Cannounce.tomcat.apache.org%3E
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-30640
reference_id CVE-2021-30640
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2021-30640
fixed_packages
0
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@7.0.109
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@7.0.109
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@7.0.109
1
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.66
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.66
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.66
2
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.46
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.46
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.46
3
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.0.6
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.0.6
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.0.6
aliases CVE-2021-30640
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dk58-p9py-rka9
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@7.0.109