Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/org.apache.tomcat/tomcat@9.0.31
Typemaven
Namespaceorg.apache.tomcat
Nametomcat
Version9.0.31
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version9.0.118
Latest_non_vulnerable_version11.0.22
Affected_by_vulnerabilities
0
url VCID-16sq-3qm1-kqb2
vulnerability_id VCID-16sq-3qm1-kqb2
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45648.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45648.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-45648
reference_id
reference_type
scores
0
value 0.62079
scoring_system epss
scoring_elements 0.98373
published_at 2026-06-11T12:55:00Z
1
value 0.62079
scoring_system epss
scoring_elements 0.98379
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-45648
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
4
reference_url https://github.com/apache/tomcat/commit/59583245639d8c42ae0009f4a4a70464d3ea70a0
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/59583245639d8c42ae0009f4a4a70464d3ea70a0
5
reference_url https://github.com/apache/tomcat/commit/8ecff306507be8e4fd3adee1ae5de1ea6661a8f4
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/8ecff306507be8e4fd3adee1ae5de1ea6661a8f4
6
reference_url https://github.com/apache/tomcat/commit/c83fe47725f7ae9ae213568d9039171124fb7ec6
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/c83fe47725f7ae9ae213568d9039171124fb7ec6
7
reference_url https://github.com/apache/tomcat/commit/eb5c094e5560764cda436362254997511a3ca1f6
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/eb5c094e5560764cda436362254997511a3ca1f6
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-45648
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-45648
9
reference_url https://security.netapp.com/advisory/ntap-20231103-0007
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20231103-0007
10
reference_url http://www.openwall.com/lists/oss-security/2023/10/10/10
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2023/10/10/10
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2243749
reference_id 2243749
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2243749
12
reference_url https://lists.apache.org/thread/2pv8yz1pyp088tsxfb7ogltk9msk0jdp
reference_id 2pv8yz1pyp088tsxfb7ogltk9msk0jdp
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T16:59:12Z/
url https://lists.apache.org/thread/2pv8yz1pyp088tsxfb7ogltk9msk0jdp
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45648
reference_id CVE-2023-45648
reference_type
scores
0
value Important
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45648
14
reference_url https://github.com/advisories/GHSA-r6j3-px5g-cq3x
reference_id GHSA-r6j3-px5g-cq3x
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-r6j3-px5g-cq3x
15
reference_url https://access.redhat.com/errata/RHSA-2023:6206
reference_id RHSA-2023:6206
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6206
16
reference_url https://access.redhat.com/errata/RHSA-2023:6207
reference_id RHSA-2023:6207
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6207
17
reference_url https://access.redhat.com/errata/RHSA-2023:7247
reference_id RHSA-2023:7247
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7247
18
reference_url https://access.redhat.com/errata/RHSA-2024:0125
reference_id RHSA-2024:0125
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0125
19
reference_url https://access.redhat.com/errata/RHSA-2024:0474
reference_id RHSA-2024:0474
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0474
20
reference_url https://access.redhat.com/errata/RHSA-2024:4631
reference_id RHSA-2024:4631
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4631
21
reference_url https://usn.ubuntu.com/7106-1/
reference_id USN-7106-1
reference_type
scores
url https://usn.ubuntu.com/7106-1/
22
reference_url https://usn.ubuntu.com/7562-1/
reference_id USN-7562-1
reference_type
scores
url https://usn.ubuntu.com/7562-1/
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@9.0.81
purl pkg:maven/org.apache.tomcat/tomcat@9.0.81
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2n2k-sh22-fkfw
1
vulnerability VCID-63vc-sc11-8kf1
2
vulnerability VCID-697g-gcg9-zyaa
3
vulnerability VCID-6wqu-jupw-tyhu
4
vulnerability VCID-7wr9-uez1-8bdg
5
vulnerability VCID-97et-ubnp-wqcy
6
vulnerability VCID-9xyf-k9wq-g7b9
7
vulnerability VCID-dhxd-kknv-9qb7
8
vulnerability VCID-dj7q-4map-ebg4
9
vulnerability VCID-hv33-kv9q-gugf
10
vulnerability VCID-hvgr-azs4-qqac
11
vulnerability VCID-keh1-ycs9-ybdd
12
vulnerability VCID-ngy5-k9cv-rkbn
13
vulnerability VCID-p4j1-xp15-t3b8
14
vulnerability VCID-s2kf-jwgc-pfas
15
vulnerability VCID-t8tc-zb3w-57gv
16
vulnerability VCID-v5zf-qfdq-kbbp
17
vulnerability VCID-vnfg-9em7-u7ee
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.81
1
url pkg:maven/org.apache.tomcat/tomcat@10.1.14
purl pkg:maven/org.apache.tomcat/tomcat@10.1.14
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2n2k-sh22-fkfw
1
vulnerability VCID-63vc-sc11-8kf1
2
vulnerability VCID-697g-gcg9-zyaa
3
vulnerability VCID-6wqu-jupw-tyhu
4
vulnerability VCID-7wr9-uez1-8bdg
5
vulnerability VCID-97et-ubnp-wqcy
6
vulnerability VCID-9xyf-k9wq-g7b9
7
vulnerability VCID-bwh8-tmf1-8uac
8
vulnerability VCID-dj7q-4map-ebg4
9
vulnerability VCID-hv33-kv9q-gugf
10
vulnerability VCID-hvgr-azs4-qqac
11
vulnerability VCID-keh1-ycs9-ybdd
12
vulnerability VCID-n4qq-m1x3-qkbz
13
vulnerability VCID-ngy5-k9cv-rkbn
14
vulnerability VCID-p4j1-xp15-t3b8
15
vulnerability VCID-s2kf-jwgc-pfas
16
vulnerability VCID-t8tc-zb3w-57gv
17
vulnerability VCID-v5zf-qfdq-kbbp
18
vulnerability VCID-vnfg-9em7-u7ee
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.14
2
url pkg:maven/org.apache.tomcat/tomcat@11.0.0-M12
purl pkg:maven/org.apache.tomcat/tomcat@11.0.0-M12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2n2k-sh22-fkfw
1
vulnerability VCID-63vc-sc11-8kf1
2
vulnerability VCID-697g-gcg9-zyaa
3
vulnerability VCID-6wqu-jupw-tyhu
4
vulnerability VCID-7wr9-uez1-8bdg
5
vulnerability VCID-97et-ubnp-wqcy
6
vulnerability VCID-9xyf-k9wq-g7b9
7
vulnerability VCID-bwh8-tmf1-8uac
8
vulnerability VCID-dhxd-kknv-9qb7
9
vulnerability VCID-dj7q-4map-ebg4
10
vulnerability VCID-hv33-kv9q-gugf
11
vulnerability VCID-hvgr-azs4-qqac
12
vulnerability VCID-keh1-ycs9-ybdd
13
vulnerability VCID-n4qq-m1x3-qkbz
14
vulnerability VCID-ngy5-k9cv-rkbn
15
vulnerability VCID-p4j1-xp15-t3b8
16
vulnerability VCID-s2kf-jwgc-pfas
17
vulnerability VCID-t8tc-zb3w-57gv
18
vulnerability VCID-vnfg-9em7-u7ee
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@11.0.0-M12
aliases CVE-2023-45648, GHSA-r6j3-px5g-cq3x
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-16sq-3qm1-kqb2
1
url VCID-2hmq-5245-jyaf
vulnerability_id VCID-2hmq-5245-jyaf
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34305.json
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34305.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-34305
reference_id
reference_type
scores
0
value 0.17371
scoring_system epss
scoring_elements 0.95225
published_at 2026-06-12T12:55:00Z
1
value 0.17371
scoring_system epss
scoring_elements 0.95209
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-34305
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/apache/tomcat/commit/1a7e95d9c3ef18c4efb5eb997fd1553a71dc6c80
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/1a7e95d9c3ef18c4efb5eb997fd1553a71dc6c80
4
reference_url https://github.com/apache/tomcat/commit/5f6c88b054b0e4fbccff8b7f15974ed55d59a9f7
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/5f6c88b054b0e4fbccff8b7f15974ed55d59a9f7
5
reference_url https://github.com/apache/tomcat/commit/8b60af90b99945379c2d1003277e0cabc6776bac
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/8b60af90b99945379c2d1003277e0cabc6776bac
6
reference_url https://github.com/apache/tomcat/commit/d6251d1cfb683f1bdd00ed022ac8e9b9a7e7792c
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/d6251d1cfb683f1bdd00ed022ac8e9b9a7e7792c
7
reference_url https://lists.apache.org/thread/k04zk0nq6w57m72w5gb0r6z9ryhmvr4k
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread/k04zk0nq6w57m72w5gb0r6z9ryhmvr4k
8
reference_url https://security.netapp.com/advisory/ntap-20220729-0006
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20220729-0006
9
reference_url https://security.netapp.com/advisory/ntap-20220729-0006/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20220729-0006/
10
reference_url http://www.openwall.com/lists/oss-security/2022/06/23/1
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2022/06/23/1
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2102817
reference_id 2102817
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2102817
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34305
reference_id CVE-2022-34305
reference_type
scores
0
value Low
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34305
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-34305
reference_id CVE-2022-34305
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-34305
14
reference_url https://github.com/advisories/GHSA-6j88-6whg-x687
reference_id GHSA-6j88-6whg-x687
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-6j88-6whg-x687
15
reference_url https://security.gentoo.org/glsa/202208-34
reference_id GLSA-202208-34
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202208-34
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@9.0.65
purl pkg:maven/org.apache.tomcat/tomcat@9.0.65
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-16sq-3qm1-kqb2
1
vulnerability VCID-2n2k-sh22-fkfw
2
vulnerability VCID-3kn9-yxww-ryh4
3
vulnerability VCID-63vc-sc11-8kf1
4
vulnerability VCID-697g-gcg9-zyaa
5
vulnerability VCID-6kab-xsqw-37ed
6
vulnerability VCID-6wqu-jupw-tyhu
7
vulnerability VCID-7wr9-uez1-8bdg
8
vulnerability VCID-97et-ubnp-wqcy
9
vulnerability VCID-9xyf-k9wq-g7b9
10
vulnerability VCID-dhxd-kknv-9qb7
11
vulnerability VCID-dj7q-4map-ebg4
12
vulnerability VCID-hv33-kv9q-gugf
13
vulnerability VCID-hvgr-azs4-qqac
14
vulnerability VCID-keh1-ycs9-ybdd
15
vulnerability VCID-ngy5-k9cv-rkbn
16
vulnerability VCID-p4j1-xp15-t3b8
17
vulnerability VCID-s2kf-jwgc-pfas
18
vulnerability VCID-t8tc-zb3w-57gv
19
vulnerability VCID-uyc3-3cnp-wqf3
20
vulnerability VCID-v5zf-qfdq-kbbp
21
vulnerability VCID-vnfg-9em7-u7ee
22
vulnerability VCID-x7wn-uamc-6bg5
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.65
1
url pkg:maven/org.apache.tomcat/tomcat@10.0.22
purl pkg:maven/org.apache.tomcat/tomcat@10.0.22
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2hmq-5245-jyaf
1
vulnerability VCID-3kn9-yxww-ryh4
2
vulnerability VCID-bbye-dcrb-t3ev
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.0.22
2
url pkg:maven/org.apache.tomcat/tomcat@10.0.23
purl pkg:maven/org.apache.tomcat/tomcat@10.0.23
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3kn9-yxww-ryh4
1
vulnerability VCID-bbye-dcrb-t3ev
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.0.23
3
url pkg:maven/org.apache.tomcat/tomcat@10.1.0-M17
purl pkg:maven/org.apache.tomcat/tomcat@10.1.0-M17
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-16sq-3qm1-kqb2
1
vulnerability VCID-2n2k-sh22-fkfw
2
vulnerability VCID-63vc-sc11-8kf1
3
vulnerability VCID-697g-gcg9-zyaa
4
vulnerability VCID-6kab-xsqw-37ed
5
vulnerability VCID-6wqu-jupw-tyhu
6
vulnerability VCID-7wr9-uez1-8bdg
7
vulnerability VCID-97et-ubnp-wqcy
8
vulnerability VCID-9xyf-k9wq-g7b9
9
vulnerability VCID-bbye-dcrb-t3ev
10
vulnerability VCID-bwh8-tmf1-8uac
11
vulnerability VCID-dj7q-4map-ebg4
12
vulnerability VCID-hv33-kv9q-gugf
13
vulnerability VCID-hvgr-azs4-qqac
14
vulnerability VCID-keh1-ycs9-ybdd
15
vulnerability VCID-n4qq-m1x3-qkbz
16
vulnerability VCID-ngy5-k9cv-rkbn
17
vulnerability VCID-p4j1-xp15-t3b8
18
vulnerability VCID-s2kf-jwgc-pfas
19
vulnerability VCID-t8tc-zb3w-57gv
20
vulnerability VCID-uyc3-3cnp-wqf3
21
vulnerability VCID-vnfg-9em7-u7ee
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.0-M17
aliases CVE-2022-34305, GHSA-6j88-6whg-x687
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2hmq-5245-jyaf
2
url VCID-2n2k-sh22-fkfw
vulnerability_id VCID-2n2k-sh22-fkfw
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-41284
reference_id
reference_type
scores
0
value 0.00069
scoring_system epss
scoring_elements 0.21313
published_at 2026-06-11T12:55:00Z
1
value 0.00069
scoring_system epss
scoring_elements 0.21497
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-41284
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
3
reference_url https://github.com/apache/tomcat/commit/17dacd9aa48628da2eba37a9ab743c0b6c71685c
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/17dacd9aa48628da2eba37a9ab743c0b6c71685c
4
reference_url https://github.com/apache/tomcat/commit/a96fffd18487a29c0a30d36f00cb2b2d91f6d42c
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/a96fffd18487a29c0a30d36f00cb2b2d91f6d42c
5
reference_url https://github.com/apache/tomcat/commit/b3d1c1c239142e806be0b7329d304b94a58913ed
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/b3d1c1c239142e806be0b7329d304b94a58913ed
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-41284
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-41284
7
reference_url https://tomcat.apache.org/security-10.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-10.html
8
reference_url https://tomcat.apache.org/security-11.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-11.html
9
reference_url https://tomcat.apache.org/security-9.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-9.html
10
reference_url http://www.openwall.com/lists/oss-security/2026/05/12/12
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2026/05/12/12
11
reference_url https://lists.apache.org/thread/2nvqjr7ovjmvx2vbhb7s61ycd5msc8qc
reference_id 2nvqjr7ovjmvx2vbhb7s61ycd5msc8qc
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-13T15:57:41Z/
url https://lists.apache.org/thread/2nvqjr7ovjmvx2vbhb7s61ycd5msc8qc
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-41284
reference_id CVE-2026-41284
reference_type
scores
0
value Low
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-41284
13
reference_url https://github.com/advisories/GHSA-gx5v-xp9w-j4cg
reference_id GHSA-gx5v-xp9w-j4cg
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-gx5v-xp9w-j4cg
14
reference_url https://usn.ubuntu.com/8417-1/
reference_id USN-8417-1
reference_type
scores
url https://usn.ubuntu.com/8417-1/
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@9.0.118
purl pkg:maven/org.apache.tomcat/tomcat@9.0.118
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.118
1
url pkg:maven/org.apache.tomcat/tomcat@10.1.55
purl pkg:maven/org.apache.tomcat/tomcat@10.1.55
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.55
2
url pkg:maven/org.apache.tomcat/tomcat@11.0.22
purl pkg:maven/org.apache.tomcat/tomcat@11.0.22
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@11.0.22
aliases CVE-2026-41284, GHSA-gx5v-xp9w-j4cg
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2n2k-sh22-fkfw
3
url VCID-3kn9-yxww-ryh4
vulnerability_id VCID-3kn9-yxww-ryh4
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-42252.json
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-42252.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-42252
reference_id
reference_type
scores
0
value 0.0029
scoring_system epss
scoring_elements 0.52751
published_at 2026-06-11T12:55:00Z
1
value 0.0029
scoring_system epss
scoring_elements 0.5288
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-42252
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
4
reference_url https://github.com/apache/tomcat/commit/0d089a15047faf9cb3c82f80f4d28febd4798920
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/0d089a15047faf9cb3c82f80f4d28febd4798920
5
reference_url https://github.com/apache/tomcat/commit/4c7f4fd09d2cc1692112ef70b8ee23a7a037ae77
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/4c7f4fd09d2cc1692112ef70b8ee23a7a037ae77
6
reference_url https://github.com/apache/tomcat/commit/a1c07906d8dcaf7957e5cc97f5cdbac7d18a205a
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/a1c07906d8dcaf7957e5cc97f5cdbac7d18a205a
7
reference_url https://github.com/apache/tomcat/commit/c9fe754e5d17e262dfbd3eab2a03ca96ff372dc3
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/c9fe754e5d17e262dfbd3eab2a03ca96ff372dc3
8
reference_url https://tomcat.apache.org/security-10.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-10.html
9
reference_url https://tomcat.apache.org/security-8.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-8.html
10
reference_url https://tomcat.apache.org/security-9.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-9.html
11
reference_url https://security.gentoo.org/glsa/202305-37
reference_id 202305-37
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-06T15:08:43Z/
url https://security.gentoo.org/glsa/202305-37
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2141329
reference_id 2141329
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2141329
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42252
reference_id CVE-2022-42252
reference_type
scores
0
value Low
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42252
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-42252
reference_id CVE-2022-42252
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-42252
15
reference_url https://github.com/advisories/GHSA-p22x-g9px-3945
reference_id GHSA-p22x-g9px-3945
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-p22x-g9px-3945
16
reference_url https://access.redhat.com/errata/RHSA-2023:1663
reference_id RHSA-2023:1663
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1663
17
reference_url https://access.redhat.com/errata/RHSA-2023:1664
reference_id RHSA-2023:1664
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1664
18
reference_url https://usn.ubuntu.com/6880-1/
reference_id USN-6880-1
reference_type
scores
url https://usn.ubuntu.com/6880-1/
19
reference_url https://lists.apache.org/thread/zzcxzvqfdqn515zfs3dxb7n8gty589sq
reference_id zzcxzvqfdqn515zfs3dxb7n8gty589sq
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-06T15:08:43Z/
url https://lists.apache.org/thread/zzcxzvqfdqn515zfs3dxb7n8gty589sq
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@9.0.68
purl pkg:maven/org.apache.tomcat/tomcat@9.0.68
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-16sq-3qm1-kqb2
1
vulnerability VCID-2n2k-sh22-fkfw
2
vulnerability VCID-63vc-sc11-8kf1
3
vulnerability VCID-697g-gcg9-zyaa
4
vulnerability VCID-6kab-xsqw-37ed
5
vulnerability VCID-6wqu-jupw-tyhu
6
vulnerability VCID-7wr9-uez1-8bdg
7
vulnerability VCID-97et-ubnp-wqcy
8
vulnerability VCID-9xyf-k9wq-g7b9
9
vulnerability VCID-dhxd-kknv-9qb7
10
vulnerability VCID-dj7q-4map-ebg4
11
vulnerability VCID-hv33-kv9q-gugf
12
vulnerability VCID-hvgr-azs4-qqac
13
vulnerability VCID-keh1-ycs9-ybdd
14
vulnerability VCID-ngy5-k9cv-rkbn
15
vulnerability VCID-p4j1-xp15-t3b8
16
vulnerability VCID-s2kf-jwgc-pfas
17
vulnerability VCID-t8tc-zb3w-57gv
18
vulnerability VCID-uyc3-3cnp-wqf3
19
vulnerability VCID-v5zf-qfdq-kbbp
20
vulnerability VCID-vnfg-9em7-u7ee
21
vulnerability VCID-x7wn-uamc-6bg5
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.68
1
url pkg:maven/org.apache.tomcat/tomcat@10.0.27
purl pkg:maven/org.apache.tomcat/tomcat@10.0.27
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bbye-dcrb-t3ev
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.0.27
2
url pkg:maven/org.apache.tomcat/tomcat@10.1.1
purl pkg:maven/org.apache.tomcat/tomcat@10.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-16sq-3qm1-kqb2
1
vulnerability VCID-2n2k-sh22-fkfw
2
vulnerability VCID-63vc-sc11-8kf1
3
vulnerability VCID-697g-gcg9-zyaa
4
vulnerability VCID-6kab-xsqw-37ed
5
vulnerability VCID-6wqu-jupw-tyhu
6
vulnerability VCID-7wr9-uez1-8bdg
7
vulnerability VCID-97et-ubnp-wqcy
8
vulnerability VCID-9xyf-k9wq-g7b9
9
vulnerability VCID-bwh8-tmf1-8uac
10
vulnerability VCID-dj7q-4map-ebg4
11
vulnerability VCID-hv33-kv9q-gugf
12
vulnerability VCID-hvgr-azs4-qqac
13
vulnerability VCID-keh1-ycs9-ybdd
14
vulnerability VCID-n4qq-m1x3-qkbz
15
vulnerability VCID-ngy5-k9cv-rkbn
16
vulnerability VCID-p4j1-xp15-t3b8
17
vulnerability VCID-s2kf-jwgc-pfas
18
vulnerability VCID-t8tc-zb3w-57gv
19
vulnerability VCID-uyc3-3cnp-wqf3
20
vulnerability VCID-v5zf-qfdq-kbbp
21
vulnerability VCID-vnfg-9em7-u7ee
22
vulnerability VCID-x7wn-uamc-6bg5
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.1
aliases CVE-2022-42252, GHSA-p22x-g9px-3945
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3kn9-yxww-ryh4
4
url VCID-697g-gcg9-zyaa
vulnerability_id VCID-697g-gcg9-zyaa
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-41293.json
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-41293.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-41293
reference_id
reference_type
scores
0
value 0.00073
scoring_system epss
scoring_elements 0.2247
published_at 2026-06-12T12:55:00Z
1
value 0.00073
scoring_system epss
scoring_elements 0.22276
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-41293
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
4
reference_url https://github.com/apache/tomcat/commit/19f17a257797e8d139b33ff9c88d362a273be148
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/19f17a257797e8d139b33ff9c88d362a273be148
5
reference_url https://github.com/apache/tomcat/commit/1c70480466572c9192ed412ebefcd43fc63137fd
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/1c70480466572c9192ed412ebefcd43fc63137fd
6
reference_url https://github.com/apache/tomcat/commit/2a2476460e823789f530a22207873ea8cd6eff3b
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/2a2476460e823789f530a22207873ea8cd6eff3b
7
reference_url https://github.com/apache/tomcat/commit/3915fd27e6810b14ccd21e3d900bd8faef44d3df
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/3915fd27e6810b14ccd21e3d900bd8faef44d3df
8
reference_url https://github.com/apache/tomcat/commit/57c2b3bfd62792631e1df24cf4237b990a0b36fa
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/57c2b3bfd62792631e1df24cf4237b990a0b36fa
9
reference_url https://github.com/apache/tomcat/commit/c2925554c677da57390f940d856871e18daaacab
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/c2925554c677da57390f940d856871e18daaacab
10
reference_url https://github.com/apache/tomcat/commit/cf9452443bcbf3b1a4b435ef7d624364f1b65ca3
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/cf9452443bcbf3b1a4b435ef7d624364f1b65ca3
11
reference_url https://github.com/apache/tomcat/commit/e5cef9618c3f4fd31bd6fb1e83f0f18022280dac
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/e5cef9618c3f4fd31bd6fb1e83f0f18022280dac
12
reference_url https://github.com/apache/tomcat/commit/f72a6174ab1f0f5a053435f80448b4f6837fe6d7
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/f72a6174ab1f0f5a053435f80448b4f6837fe6d7
13
reference_url https://lists.apache.org/thread/qwg0q16z7xkb2qrr853wdll5531mvl1r
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread/qwg0q16z7xkb2qrr853wdll5531mvl1r
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-41293
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-41293
15
reference_url https://tomcat.apache.org/security-10.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-10.html
16
reference_url https://tomcat.apache.org/security-11.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-11.html
17
reference_url https://tomcat.apache.org/security-9.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-9.html
18
reference_url http://www.openwall.com/lists/oss-security/2026/05/12/13
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2026/05/12/13
19
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2476513
reference_id 2476513
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2476513
20
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-41293
reference_id CVE-2026-41293
reference_type
scores
0
value Low
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-41293
21
reference_url https://github.com/advisories/GHSA-r29c-68gh-xp6x
reference_id GHSA-r29c-68gh-xp6x
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-r29c-68gh-xp6x
22
reference_url https://usn.ubuntu.com/8417-1/
reference_id USN-8417-1
reference_type
scores
url https://usn.ubuntu.com/8417-1/
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@9.0.118
purl pkg:maven/org.apache.tomcat/tomcat@9.0.118
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.118
1
url pkg:maven/org.apache.tomcat/tomcat@10.1.55
purl pkg:maven/org.apache.tomcat/tomcat@10.1.55
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.55
2
url pkg:maven/org.apache.tomcat/tomcat@11.0.22
purl pkg:maven/org.apache.tomcat/tomcat@11.0.22
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@11.0.22
aliases CVE-2026-41293, GHSA-r29c-68gh-xp6x
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-697g-gcg9-zyaa
5
url VCID-6kab-xsqw-37ed
vulnerability_id VCID-6kab-xsqw-37ed
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-42795.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-42795.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-42795
reference_id
reference_type
scores
0
value 0.00692
scoring_system epss
scoring_elements 0.7232
published_at 2026-06-11T12:55:00Z
1
value 0.00692
scoring_system epss
scoring_elements 0.72403
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-42795
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
4
reference_url https://github.com/apache/tomcat/commit/30f8063d7a9b4c43ae4722f5e382a76af1d7a6bf
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/30f8063d7a9b4c43ae4722f5e382a76af1d7a6bf
5
reference_url https://github.com/apache/tomcat/commit/44d05d75d696ca10ce251e4e370511e38f20ae75
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/44d05d75d696ca10ce251e4e370511e38f20ae75
6
reference_url https://github.com/apache/tomcat/commit/9375d67106f8df9eb9d7b360b2bef052fe67d3d4
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/9375d67106f8df9eb9d7b360b2bef052fe67d3d4
7
reference_url https://github.com/apache/tomcat/commit/d6db22e411307c97ddf78315c15d5889356eca38
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/d6db22e411307c97ddf78315c15d5889356eca38
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-42795
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-42795
9
reference_url https://security.netapp.com/advisory/ntap-20231103-0007
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20231103-0007
10
reference_url http://www.openwall.com/lists/oss-security/2023/10/10/9
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2023/10/10/9
11
reference_url https://lists.apache.org/thread/065jfyo583490r9j2v73nhpyxdob56lw
reference_id 065jfyo583490r9j2v73nhpyxdob56lw
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-18T16:23:53Z/
url https://lists.apache.org/thread/065jfyo583490r9j2v73nhpyxdob56lw
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2243752
reference_id 2243752
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2243752
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42795
reference_id CVE-2023-42795
reference_type
scores
0
value Important
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42795
14
reference_url https://github.com/advisories/GHSA-g8pj-r55q-5c2v
reference_id GHSA-g8pj-r55q-5c2v
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-g8pj-r55q-5c2v
15
reference_url https://access.redhat.com/errata/RHSA-2023:6206
reference_id RHSA-2023:6206
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6206
16
reference_url https://access.redhat.com/errata/RHSA-2023:6207
reference_id RHSA-2023:6207
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6207
17
reference_url https://access.redhat.com/errata/RHSA-2023:7247
reference_id RHSA-2023:7247
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7247
18
reference_url https://access.redhat.com/errata/RHSA-2024:0125
reference_id RHSA-2024:0125
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0125
19
reference_url https://access.redhat.com/errata/RHSA-2024:0474
reference_id RHSA-2024:0474
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0474
20
reference_url https://usn.ubuntu.com/7106-1/
reference_id USN-7106-1
reference_type
scores
url https://usn.ubuntu.com/7106-1/
21
reference_url https://usn.ubuntu.com/7562-1/
reference_id USN-7562-1
reference_type
scores
url https://usn.ubuntu.com/7562-1/
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@9.0.81
purl pkg:maven/org.apache.tomcat/tomcat@9.0.81
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2n2k-sh22-fkfw
1
vulnerability VCID-63vc-sc11-8kf1
2
vulnerability VCID-697g-gcg9-zyaa
3
vulnerability VCID-6wqu-jupw-tyhu
4
vulnerability VCID-7wr9-uez1-8bdg
5
vulnerability VCID-97et-ubnp-wqcy
6
vulnerability VCID-9xyf-k9wq-g7b9
7
vulnerability VCID-dhxd-kknv-9qb7
8
vulnerability VCID-dj7q-4map-ebg4
9
vulnerability VCID-hv33-kv9q-gugf
10
vulnerability VCID-hvgr-azs4-qqac
11
vulnerability VCID-keh1-ycs9-ybdd
12
vulnerability VCID-ngy5-k9cv-rkbn
13
vulnerability VCID-p4j1-xp15-t3b8
14
vulnerability VCID-s2kf-jwgc-pfas
15
vulnerability VCID-t8tc-zb3w-57gv
16
vulnerability VCID-v5zf-qfdq-kbbp
17
vulnerability VCID-vnfg-9em7-u7ee
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.81
1
url pkg:maven/org.apache.tomcat/tomcat@10.1.14
purl pkg:maven/org.apache.tomcat/tomcat@10.1.14
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2n2k-sh22-fkfw
1
vulnerability VCID-63vc-sc11-8kf1
2
vulnerability VCID-697g-gcg9-zyaa
3
vulnerability VCID-6wqu-jupw-tyhu
4
vulnerability VCID-7wr9-uez1-8bdg
5
vulnerability VCID-97et-ubnp-wqcy
6
vulnerability VCID-9xyf-k9wq-g7b9
7
vulnerability VCID-bwh8-tmf1-8uac
8
vulnerability VCID-dj7q-4map-ebg4
9
vulnerability VCID-hv33-kv9q-gugf
10
vulnerability VCID-hvgr-azs4-qqac
11
vulnerability VCID-keh1-ycs9-ybdd
12
vulnerability VCID-n4qq-m1x3-qkbz
13
vulnerability VCID-ngy5-k9cv-rkbn
14
vulnerability VCID-p4j1-xp15-t3b8
15
vulnerability VCID-s2kf-jwgc-pfas
16
vulnerability VCID-t8tc-zb3w-57gv
17
vulnerability VCID-v5zf-qfdq-kbbp
18
vulnerability VCID-vnfg-9em7-u7ee
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.14
2
url pkg:maven/org.apache.tomcat/tomcat@11.0.0-M12
purl pkg:maven/org.apache.tomcat/tomcat@11.0.0-M12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2n2k-sh22-fkfw
1
vulnerability VCID-63vc-sc11-8kf1
2
vulnerability VCID-697g-gcg9-zyaa
3
vulnerability VCID-6wqu-jupw-tyhu
4
vulnerability VCID-7wr9-uez1-8bdg
5
vulnerability VCID-97et-ubnp-wqcy
6
vulnerability VCID-9xyf-k9wq-g7b9
7
vulnerability VCID-bwh8-tmf1-8uac
8
vulnerability VCID-dhxd-kknv-9qb7
9
vulnerability VCID-dj7q-4map-ebg4
10
vulnerability VCID-hv33-kv9q-gugf
11
vulnerability VCID-hvgr-azs4-qqac
12
vulnerability VCID-keh1-ycs9-ybdd
13
vulnerability VCID-n4qq-m1x3-qkbz
14
vulnerability VCID-ngy5-k9cv-rkbn
15
vulnerability VCID-p4j1-xp15-t3b8
16
vulnerability VCID-s2kf-jwgc-pfas
17
vulnerability VCID-t8tc-zb3w-57gv
18
vulnerability VCID-vnfg-9em7-u7ee
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@11.0.0-M12
aliases CVE-2023-42795, GHSA-g8pj-r55q-5c2v
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6kab-xsqw-37ed
6
url VCID-6wqu-jupw-tyhu
vulnerability_id VCID-6wqu-jupw-tyhu
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-55752.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-55752.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-55752
reference_id
reference_type
scores
0
value 0.00274
scoring_system epss
scoring_elements 0.51126
published_at 2026-06-11T12:55:00Z
1
value 0.00274
scoring_system epss
scoring_elements 0.51257
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-55752
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
4
reference_url https://github.com/apache/tomcat/commit/130d36d8492ef9e4eb22952c17c92423cb35fd06
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/130d36d8492ef9e4eb22952c17c92423cb35fd06
5
reference_url https://github.com/apache/tomcat/commit/b5042622b8b78340ae65403c55dcb9c7416924df
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/b5042622b8b78340ae65403c55dcb9c7416924df
6
reference_url https://github.com/apache/tomcat/commit/fec06c610ed7466b401e29cc567a58aee5ed826a
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/fec06c610ed7466b401e29cc567a58aee5ed826a
7
reference_url https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.45
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.45
8
reference_url https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.11
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.11
9
reference_url https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.109
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.109
10
reference_url http://www.openwall.com/lists/oss-security/2025/10/27/4
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2025/10/27/4
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2406591
reference_id 2406591
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2406591
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-55752
reference_id CVE-2025-55752
reference_type
scores
0
value Important
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-55752
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-55752
reference_id CVE-2025-55752
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-55752
14
reference_url https://www.vicarius.io/vsociety/posts/cve-2025-55752-detect-apache-tomcat-vulnerability
reference_id CVE-2025-55752-DETECT-APACHE-TOMCAT-VULNERABILITY
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.vicarius.io/vsociety/posts/cve-2025-55752-detect-apache-tomcat-vulnerability
15
reference_url https://www.vicarius.io/vsociety/posts/cve-2025-55752-mitigate-apache-tomcat-vulnerability
reference_id CVE-2025-55752-MITIGATE-APACHE-TOMCAT-VULNERABILITY
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.vicarius.io/vsociety/posts/cve-2025-55752-mitigate-apache-tomcat-vulnerability
16
reference_url https://github.com/advisories/GHSA-wmwf-9ccg-fff5
reference_id GHSA-wmwf-9ccg-fff5
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-wmwf-9ccg-fff5
17
reference_url https://lists.apache.org/thread/n05kjcwyj1s45ovs8ll1qrrojhfb1tog
reference_id n05kjcwyj1s45ovs8ll1qrrojhfb1tog
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-28T03:56:06Z/
url https://lists.apache.org/thread/n05kjcwyj1s45ovs8ll1qrrojhfb1tog
18
reference_url https://access.redhat.com/errata/RHSA-2025:19809
reference_id RHSA-2025:19809
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:19809
19
reference_url https://access.redhat.com/errata/RHSA-2025:19810
reference_id RHSA-2025:19810
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:19810
20
reference_url https://access.redhat.com/errata/RHSA-2025:22924
reference_id RHSA-2025:22924
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:22924
21
reference_url https://access.redhat.com/errata/RHSA-2025:22925
reference_id RHSA-2025:22925
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:22925
22
reference_url https://access.redhat.com/errata/RHSA-2025:23044
reference_id RHSA-2025:23044
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23044
23
reference_url https://access.redhat.com/errata/RHSA-2025:23045
reference_id RHSA-2025:23045
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23045
24
reference_url https://access.redhat.com/errata/RHSA-2025:23046
reference_id RHSA-2025:23046
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23046
25
reference_url https://access.redhat.com/errata/RHSA-2025:23047
reference_id RHSA-2025:23047
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23047
26
reference_url https://access.redhat.com/errata/RHSA-2025:23048
reference_id RHSA-2025:23048
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23048
27
reference_url https://access.redhat.com/errata/RHSA-2025:23049
reference_id RHSA-2025:23049
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23049
28
reference_url https://access.redhat.com/errata/RHSA-2025:23050
reference_id RHSA-2025:23050
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23050
29
reference_url https://access.redhat.com/errata/RHSA-2025:23051
reference_id RHSA-2025:23051
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23051
30
reference_url https://access.redhat.com/errata/RHSA-2025:23052
reference_id RHSA-2025:23052
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23052
31
reference_url https://access.redhat.com/errata/RHSA-2025:23053
reference_id RHSA-2025:23053
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23053
32
reference_url https://access.redhat.com/errata/RHSA-2025:23225
reference_id RHSA-2025:23225
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23225
33
reference_url https://access.redhat.com/errata/RHSA-2026:0292
reference_id RHSA-2026:0292
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0292
34
reference_url https://access.redhat.com/errata/RHSA-2026:0293
reference_id RHSA-2026:0293
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0293
35
reference_url https://access.redhat.com/errata/RHSA-2026:2724
reference_id RHSA-2026:2724
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2724
36
reference_url https://access.redhat.com/errata/RHSA-2026:2725
reference_id RHSA-2026:2725
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2725
37
reference_url https://access.redhat.com/errata/RHSA-2026:2726
reference_id RHSA-2026:2726
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2726
38
reference_url https://access.redhat.com/errata/RHSA-2026:6569
reference_id RHSA-2026:6569
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6569
39
reference_url https://access.redhat.com/errata/RHSA-2026:8334
reference_id RHSA-2026:8334
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8334
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@9.0.109
purl pkg:maven/org.apache.tomcat/tomcat@9.0.109
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2n2k-sh22-fkfw
1
vulnerability VCID-697g-gcg9-zyaa
2
vulnerability VCID-7wr9-uez1-8bdg
3
vulnerability VCID-97et-ubnp-wqcy
4
vulnerability VCID-9xyf-k9wq-g7b9
5
vulnerability VCID-bwh8-tmf1-8uac
6
vulnerability VCID-dhxd-kknv-9qb7
7
vulnerability VCID-dj7q-4map-ebg4
8
vulnerability VCID-hv33-kv9q-gugf
9
vulnerability VCID-hvgr-azs4-qqac
10
vulnerability VCID-keh1-ycs9-ybdd
11
vulnerability VCID-n4qq-m1x3-qkbz
12
vulnerability VCID-nctp-shgj-sfgh
13
vulnerability VCID-p4j1-xp15-t3b8
14
vulnerability VCID-s2kf-jwgc-pfas
15
vulnerability VCID-t8tc-zb3w-57gv
16
vulnerability VCID-vnfg-9em7-u7ee
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.109
1
url pkg:maven/org.apache.tomcat/tomcat@10.1.45
purl pkg:maven/org.apache.tomcat/tomcat@10.1.45
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2n2k-sh22-fkfw
1
vulnerability VCID-697g-gcg9-zyaa
2
vulnerability VCID-7wr9-uez1-8bdg
3
vulnerability VCID-97et-ubnp-wqcy
4
vulnerability VCID-9xyf-k9wq-g7b9
5
vulnerability VCID-bwh8-tmf1-8uac
6
vulnerability VCID-dj7q-4map-ebg4
7
vulnerability VCID-hv33-kv9q-gugf
8
vulnerability VCID-hvgr-azs4-qqac
9
vulnerability VCID-keh1-ycs9-ybdd
10
vulnerability VCID-n4qq-m1x3-qkbz
11
vulnerability VCID-nctp-shgj-sfgh
12
vulnerability VCID-p4j1-xp15-t3b8
13
vulnerability VCID-s2kf-jwgc-pfas
14
vulnerability VCID-t8tc-zb3w-57gv
15
vulnerability VCID-vnfg-9em7-u7ee
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.45
2
url pkg:maven/org.apache.tomcat/tomcat@11.0.11
purl pkg:maven/org.apache.tomcat/tomcat@11.0.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2n2k-sh22-fkfw
1
vulnerability VCID-697g-gcg9-zyaa
2
vulnerability VCID-7wr9-uez1-8bdg
3
vulnerability VCID-97et-ubnp-wqcy
4
vulnerability VCID-9xyf-k9wq-g7b9
5
vulnerability VCID-bwh8-tmf1-8uac
6
vulnerability VCID-dhxd-kknv-9qb7
7
vulnerability VCID-dj7q-4map-ebg4
8
vulnerability VCID-hv33-kv9q-gugf
9
vulnerability VCID-hvgr-azs4-qqac
10
vulnerability VCID-keh1-ycs9-ybdd
11
vulnerability VCID-n4qq-m1x3-qkbz
12
vulnerability VCID-nctp-shgj-sfgh
13
vulnerability VCID-p4j1-xp15-t3b8
14
vulnerability VCID-s2kf-jwgc-pfas
15
vulnerability VCID-t8tc-zb3w-57gv
16
vulnerability VCID-vnfg-9em7-u7ee
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@11.0.11
aliases CVE-2025-55752, GHSA-wmwf-9ccg-fff5
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6wqu-jupw-tyhu
7
url VCID-7wr9-uez1-8bdg
vulnerability_id VCID-7wr9-uez1-8bdg
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25854.json
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25854.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-25854
reference_id
reference_type
scores
0
value 0.00033
scoring_system epss
scoring_elements 0.10241
published_at 2026-06-11T12:55:00Z
1
value 0.00033
scoring_system epss
scoring_elements 0.1029
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-25854
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
4
reference_url https://github.com/apache/tomcat/commit/4c5d306001b780c9316aea5ff6502c524fb20695
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/4c5d306001b780c9316aea5ff6502c524fb20695
5
reference_url https://github.com/apache/tomcat/commit/5fb910f9a9dafa37a0c0965a1bd62a21dcf437f2
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/5fb910f9a9dafa37a0c0965a1bd62a21dcf437f2
6
reference_url https://github.com/apache/tomcat/commit/c5a45ae68d07f7a07be2a875e5b6772d66c4e5d0
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/c5a45ae68d07f7a07be2a875e5b6772d66c4e5d0
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-25854
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-25854
8
reference_url http://www.openwall.com/lists/oss-security/2026/04/09/21
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2026/04/09/21
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133356
reference_id 1133356
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133356
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133357
reference_id 1133357
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133357
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2457039
reference_id 2457039
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2457039
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25854
reference_id CVE-2026-25854
reference_type
scores
0
value Low
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25854
13
reference_url https://lists.apache.org/thread/ghct3b6o74bp2vm7q875s1zh0dqrz3h0
reference_id ghct3b6o74bp2vm7q875s1zh0dqrz3h0
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-10T18:21:57Z/
url https://lists.apache.org/thread/ghct3b6o74bp2vm7q875s1zh0dqrz3h0
14
reference_url https://github.com/advisories/GHSA-9m3c-qcxr-9x87
reference_id GHSA-9m3c-qcxr-9x87
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-9m3c-qcxr-9x87
15
reference_url https://access.redhat.com/errata/RHSA-2026:20405
reference_id RHSA-2026:20405
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:20405
16
reference_url https://access.redhat.com/errata/RHSA-2026:20406
reference_id RHSA-2026:20406
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:20406
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@9.0.116
purl pkg:maven/org.apache.tomcat/tomcat@9.0.116
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2n2k-sh22-fkfw
1
vulnerability VCID-697g-gcg9-zyaa
2
vulnerability VCID-97et-ubnp-wqcy
3
vulnerability VCID-9xyf-k9wq-g7b9
4
vulnerability VCID-dhxd-kknv-9qb7
5
vulnerability VCID-dj7q-4map-ebg4
6
vulnerability VCID-hv33-kv9q-gugf
7
vulnerability VCID-hvgr-azs4-qqac
8
vulnerability VCID-nctp-shgj-sfgh
9
vulnerability VCID-nfmu-1t27-e3fu
10
vulnerability VCID-s2kf-jwgc-pfas
11
vulnerability VCID-vnfg-9em7-u7ee
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.116
1
url pkg:maven/org.apache.tomcat/tomcat@10.1.53
purl pkg:maven/org.apache.tomcat/tomcat@10.1.53
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2n2k-sh22-fkfw
1
vulnerability VCID-697g-gcg9-zyaa
2
vulnerability VCID-97et-ubnp-wqcy
3
vulnerability VCID-9xyf-k9wq-g7b9
4
vulnerability VCID-dhxd-kknv-9qb7
5
vulnerability VCID-dj7q-4map-ebg4
6
vulnerability VCID-hv33-kv9q-gugf
7
vulnerability VCID-hvgr-azs4-qqac
8
vulnerability VCID-nctp-shgj-sfgh
9
vulnerability VCID-nfmu-1t27-e3fu
10
vulnerability VCID-s2kf-jwgc-pfas
11
vulnerability VCID-vnfg-9em7-u7ee
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.53
2
url pkg:maven/org.apache.tomcat/tomcat@11.0.20
purl pkg:maven/org.apache.tomcat/tomcat@11.0.20
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2n2k-sh22-fkfw
1
vulnerability VCID-697g-gcg9-zyaa
2
vulnerability VCID-97et-ubnp-wqcy
3
vulnerability VCID-9xyf-k9wq-g7b9
4
vulnerability VCID-dhxd-kknv-9qb7
5
vulnerability VCID-dj7q-4map-ebg4
6
vulnerability VCID-hv33-kv9q-gugf
7
vulnerability VCID-hvgr-azs4-qqac
8
vulnerability VCID-nctp-shgj-sfgh
9
vulnerability VCID-nfmu-1t27-e3fu
10
vulnerability VCID-s2kf-jwgc-pfas
11
vulnerability VCID-vnfg-9em7-u7ee
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@11.0.20
aliases CVE-2026-25854, GHSA-9m3c-qcxr-9x87
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7wr9-uez1-8bdg
8
url VCID-97et-ubnp-wqcy
vulnerability_id VCID-97et-ubnp-wqcy
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43512.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43512.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-43512
reference_id
reference_type
scores
0
value 0.00139
scoring_system epss
scoring_elements 0.33696
published_at 2026-06-11T12:55:00Z
1
value 0.00139
scoring_system epss
scoring_elements 0.33874
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-43512
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/apache/tomcat/commit/3d4d3fae07a6cd9c2eb193c5491001740ec64448
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/3d4d3fae07a6cd9c2eb193c5491001740ec64448
4
reference_url https://github.com/apache/tomcat/commit/6565a6cb6499e56fe2f34457cec99f9d1c4f39e9
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/6565a6cb6499e56fe2f34457cec99f9d1c4f39e9
5
reference_url https://github.com/apache/tomcat/commit/a99c355e8199adbfd67c9a1fffbd85b810b196cd
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/a99c355e8199adbfd67c9a1fffbd85b810b196cd
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-43512
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-43512
7
reference_url https://tomcat.apache.org/security-10.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-10.html
8
reference_url https://tomcat.apache.org/security-11.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-11.html
9
reference_url https://tomcat.apache.org/security-9.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-9.html
10
reference_url http://www.openwall.com/lists/oss-security/2026/05/12/8
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2026/05/12/8
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2476511
reference_id 2476511
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2476511
12
reference_url https://lists.apache.org/thread/7x09x7o12solvclslw3sz0288xc8wx73
reference_id 7x09x7o12solvclslw3sz0288xc8wx73
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-14T16:38:42Z/
url https://lists.apache.org/thread/7x09x7o12solvclslw3sz0288xc8wx73
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-43512
reference_id CVE-2026-43512
reference_type
scores
0
value Moderate
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-43512
14
reference_url https://github.com/advisories/GHSA-h6fc-48rj-7qqh
reference_id GHSA-h6fc-48rj-7qqh
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-h6fc-48rj-7qqh
15
reference_url https://access.redhat.com/errata/RHSA-2026:13745
reference_id RHSA-2026:13745
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:13745
16
reference_url https://access.redhat.com/errata/RHSA-2026:16528
reference_id RHSA-2026:16528
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:16528
17
reference_url https://access.redhat.com/errata/RHSA-2026:25123
reference_id RHSA-2026:25123
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:25123
18
reference_url https://usn.ubuntu.com/8383-1/
reference_id USN-8383-1
reference_type
scores
url https://usn.ubuntu.com/8383-1/
19
reference_url https://usn.ubuntu.com/8417-1/
reference_id USN-8417-1
reference_type
scores
url https://usn.ubuntu.com/8417-1/
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@9.0.118
purl pkg:maven/org.apache.tomcat/tomcat@9.0.118
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.118
1
url pkg:maven/org.apache.tomcat/tomcat@10.1.55
purl pkg:maven/org.apache.tomcat/tomcat@10.1.55
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.55
2
url pkg:maven/org.apache.tomcat/tomcat@11.0.22
purl pkg:maven/org.apache.tomcat/tomcat@11.0.22
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@11.0.22
aliases CVE-2026-43512, GHSA-h6fc-48rj-7qqh
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-97et-ubnp-wqcy
9
url VCID-9xyf-k9wq-g7b9
vulnerability_id VCID-9xyf-k9wq-g7b9
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42498.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42498.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-42498
reference_id
reference_type
scores
0
value 0.0005
scoring_system epss
scoring_elements 0.15929
published_at 2026-06-11T12:55:00Z
1
value 0.0005
scoring_system epss
scoring_elements 0.16071
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-42498
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
4
reference_url https://github.com/apache/tomcat/commit/169d725788ea6aec217ecac70fe4161c837ba423
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/169d725788ea6aec217ecac70fe4161c837ba423
5
reference_url https://github.com/apache/tomcat/commit/6cbe274592ef2d11607b5b188e1df649de52f8d5
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/6cbe274592ef2d11607b5b188e1df649de52f8d5
6
reference_url https://github.com/apache/tomcat/commit/b7b173694d588ddcfa432f079baf763cbbbaa5c4
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/b7b173694d588ddcfa432f079baf763cbbbaa5c4
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-42498
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-42498
8
reference_url https://tomcat.apache.org/security-10.html
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-10.html
9
reference_url https://tomcat.apache.org/security-11.html
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-11.html
10
reference_url https://tomcat.apache.org/security-9.html
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-9.html
11
reference_url http://www.openwall.com/lists/oss-security/2026/05/12/14
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2026/05/12/14
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2476516
reference_id 2476516
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2476516
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42498
reference_id CVE-2026-42498
reference_type
scores
0
value Low
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42498
14
reference_url https://github.com/advisories/GHSA-fv25-8xcx-gqjc
reference_id GHSA-fv25-8xcx-gqjc
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-fv25-8xcx-gqjc
15
reference_url https://lists.apache.org/thread/n61zwf75jrv09rz90j4jssncm244bwdb
reference_id n61zwf75jrv09rz90j4jssncm244bwdb
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-13T15:58:45Z/
url https://lists.apache.org/thread/n61zwf75jrv09rz90j4jssncm244bwdb
16
reference_url https://usn.ubuntu.com/8417-1/
reference_id USN-8417-1
reference_type
scores
url https://usn.ubuntu.com/8417-1/
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@9.0.118
purl pkg:maven/org.apache.tomcat/tomcat@9.0.118
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.118
1
url pkg:maven/org.apache.tomcat/tomcat@10.1.55
purl pkg:maven/org.apache.tomcat/tomcat@10.1.55
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.55
2
url pkg:maven/org.apache.tomcat/tomcat@11.0.22
purl pkg:maven/org.apache.tomcat/tomcat@11.0.22
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@11.0.22
aliases CVE-2026-42498, GHSA-fv25-8xcx-gqjc
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9xyf-k9wq-g7b9
10
url VCID-dhxd-kknv-9qb7
vulnerability_id VCID-dhxd-kknv-9qb7
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-29146.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-29146.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-29146
reference_id
reference_type
scores
0
value 0.12919
scoring_system epss
scoring_elements 0.94218
published_at 2026-06-11T12:55:00Z
1
value 0.12919
scoring_system epss
scoring_elements 0.94239
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-29146
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
4
reference_url https://github.com/apache/tomcat/commit/0112ed22abfccc3d54e44d91eb08804d0886acd1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/0112ed22abfccc3d54e44d91eb08804d0886acd1
5
reference_url https://github.com/apache/tomcat/commit/1fab40ccc752e22639eccfe290d5624afad7eccd
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/1fab40ccc752e22639eccfe290d5624afad7eccd
6
reference_url https://github.com/apache/tomcat/commit/55f3eb9148233054fccfdf761141c6894a050be1
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/55f3eb9148233054fccfdf761141c6894a050be1
7
reference_url https://github.com/apache/tomcat/commit/607ebc0fa522bd9e8c05517baa2d179bbd1e659c
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/607ebc0fa522bd9e8c05517baa2d179bbd1e659c
8
reference_url https://github.com/apache/tomcat/commit/6d955cceca841f2eabf2d6c46b59a8c7e1cd6eaa
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/6d955cceca841f2eabf2d6c46b59a8c7e1cd6eaa
9
reference_url https://github.com/apache/tomcat/commit/776e12b3e2b0b4507b8a3b62c187ceb0b74bf418
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/776e12b3e2b0b4507b8a3b62c187ceb0b74bf418
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-29146
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-29146
11
reference_url https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.53
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.53
12
reference_url https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.20
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.20
13
reference_url https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.116
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.116
14
reference_url https://www.herodevs.com/vulnerability-directory/cve-2026-29146
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.herodevs.com/vulnerability-directory/cve-2026-29146
15
reference_url http://www.openwall.com/lists/oss-security/2026/04/09/24
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2026/04/09/24
16
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133356
reference_id 1133356
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133356
17
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133357
reference_id 1133357
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133357
18
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2457020
reference_id 2457020
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2457020
19
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-29146
reference_id CVE-2026-29146
reference_type
scores
0
value Important
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-29146
20
reference_url https://github.com/advisories/GHSA-h468-7pvh-8vr8
reference_id GHSA-h468-7pvh-8vr8
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-h468-7pvh-8vr8
21
reference_url https://lists.apache.org/thread/lzt04z2pb3dc5tk85obn80xygw3z1p0w
reference_id lzt04z2pb3dc5tk85obn80xygw3z1p0w
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T18:17:02Z/
url https://lists.apache.org/thread/lzt04z2pb3dc5tk85obn80xygw3z1p0w
22
reference_url https://access.redhat.com/errata/RHSA-2026:20405
reference_id RHSA-2026:20405
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:20405
23
reference_url https://access.redhat.com/errata/RHSA-2026:20406
reference_id RHSA-2026:20406
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:20406
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@9.0.116
purl pkg:maven/org.apache.tomcat/tomcat@9.0.116
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2n2k-sh22-fkfw
1
vulnerability VCID-697g-gcg9-zyaa
2
vulnerability VCID-97et-ubnp-wqcy
3
vulnerability VCID-9xyf-k9wq-g7b9
4
vulnerability VCID-dhxd-kknv-9qb7
5
vulnerability VCID-dj7q-4map-ebg4
6
vulnerability VCID-hv33-kv9q-gugf
7
vulnerability VCID-hvgr-azs4-qqac
8
vulnerability VCID-nctp-shgj-sfgh
9
vulnerability VCID-nfmu-1t27-e3fu
10
vulnerability VCID-s2kf-jwgc-pfas
11
vulnerability VCID-vnfg-9em7-u7ee
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.116
1
url pkg:maven/org.apache.tomcat/tomcat@9.0.117
purl pkg:maven/org.apache.tomcat/tomcat@9.0.117
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2n2k-sh22-fkfw
1
vulnerability VCID-697g-gcg9-zyaa
2
vulnerability VCID-97et-ubnp-wqcy
3
vulnerability VCID-9xyf-k9wq-g7b9
4
vulnerability VCID-dj7q-4map-ebg4
5
vulnerability VCID-hv33-kv9q-gugf
6
vulnerability VCID-s2kf-jwgc-pfas
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.117
2
url pkg:maven/org.apache.tomcat/tomcat@10.1.53
purl pkg:maven/org.apache.tomcat/tomcat@10.1.53
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2n2k-sh22-fkfw
1
vulnerability VCID-697g-gcg9-zyaa
2
vulnerability VCID-97et-ubnp-wqcy
3
vulnerability VCID-9xyf-k9wq-g7b9
4
vulnerability VCID-dhxd-kknv-9qb7
5
vulnerability VCID-dj7q-4map-ebg4
6
vulnerability VCID-hv33-kv9q-gugf
7
vulnerability VCID-hvgr-azs4-qqac
8
vulnerability VCID-nctp-shgj-sfgh
9
vulnerability VCID-nfmu-1t27-e3fu
10
vulnerability VCID-s2kf-jwgc-pfas
11
vulnerability VCID-vnfg-9em7-u7ee
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.53
3
url pkg:maven/org.apache.tomcat/tomcat@10.1.54
purl pkg:maven/org.apache.tomcat/tomcat@10.1.54
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2n2k-sh22-fkfw
1
vulnerability VCID-697g-gcg9-zyaa
2
vulnerability VCID-97et-ubnp-wqcy
3
vulnerability VCID-9xyf-k9wq-g7b9
4
vulnerability VCID-dj7q-4map-ebg4
5
vulnerability VCID-hv33-kv9q-gugf
6
vulnerability VCID-s2kf-jwgc-pfas
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.54
4
url pkg:maven/org.apache.tomcat/tomcat@11.0.20
purl pkg:maven/org.apache.tomcat/tomcat@11.0.20
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2n2k-sh22-fkfw
1
vulnerability VCID-697g-gcg9-zyaa
2
vulnerability VCID-97et-ubnp-wqcy
3
vulnerability VCID-9xyf-k9wq-g7b9
4
vulnerability VCID-dhxd-kknv-9qb7
5
vulnerability VCID-dj7q-4map-ebg4
6
vulnerability VCID-hv33-kv9q-gugf
7
vulnerability VCID-hvgr-azs4-qqac
8
vulnerability VCID-nctp-shgj-sfgh
9
vulnerability VCID-nfmu-1t27-e3fu
10
vulnerability VCID-s2kf-jwgc-pfas
11
vulnerability VCID-vnfg-9em7-u7ee
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@11.0.20
5
url pkg:maven/org.apache.tomcat/tomcat@11.0.21
purl pkg:maven/org.apache.tomcat/tomcat@11.0.21
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2n2k-sh22-fkfw
1
vulnerability VCID-697g-gcg9-zyaa
2
vulnerability VCID-97et-ubnp-wqcy
3
vulnerability VCID-9xyf-k9wq-g7b9
4
vulnerability VCID-dj7q-4map-ebg4
5
vulnerability VCID-hv33-kv9q-gugf
6
vulnerability VCID-s2kf-jwgc-pfas
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@11.0.21
aliases CVE-2026-29146, GHSA-h468-7pvh-8vr8
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dhxd-kknv-9qb7
11
url VCID-dj7q-4map-ebg4
vulnerability_id VCID-dj7q-4map-ebg4
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-43515
reference_id
reference_type
scores
0
value 0.00095
scoring_system epss
scoring_elements 0.26417
published_at 2026-06-11T12:55:00Z
1
value 0.00095
scoring_system epss
scoring_elements 0.26619
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-43515
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
3
reference_url https://github.com/apache/tomcat/commit/0659748659ec75253fea5aac72cab6f94e79c419
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/0659748659ec75253fea5aac72cab6f94e79c419
4
reference_url https://github.com/apache/tomcat/commit/276087d9c7abbcecc6c4fb4e4b08cf64780c6e36
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/276087d9c7abbcecc6c4fb4e4b08cf64780c6e36
5
reference_url https://github.com/apache/tomcat/commit/c621317382682206fb58ab92ebd3e1b6fdd10ce9
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/c621317382682206fb58ab92ebd3e1b6fdd10ce9
6
reference_url https://github.com/apache/tomcat/commit/db919ff9912b4d61d1b702a1342b8bde39270031
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/db919ff9912b4d61d1b702a1342b8bde39270031
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-43515
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-43515
8
reference_url https://tomcat.apache.org/security-10.html
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-10.html
9
reference_url https://tomcat.apache.org/security-11.html
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-11.html
10
reference_url https://tomcat.apache.org/security-9.html
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-9.html
11
reference_url http://www.openwall.com/lists/oss-security/2026/05/12/11
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2026/05/12/11
12
reference_url https://lists.apache.org/thread/746nxfxod0wsocxtmv8pb8nkgmwpc6bb
reference_id 746nxfxod0wsocxtmv8pb8nkgmwpc6bb
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-14T16:33:57Z/
url https://lists.apache.org/thread/746nxfxod0wsocxtmv8pb8nkgmwpc6bb
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-43515
reference_id CVE-2026-43515
reference_type
scores
0
value Moderate
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-43515
14
reference_url https://github.com/advisories/GHSA-5m62-pw8w-7w9f
reference_id GHSA-5m62-pw8w-7w9f
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-5m62-pw8w-7w9f
15
reference_url https://usn.ubuntu.com/8383-1/
reference_id USN-8383-1
reference_type
scores
url https://usn.ubuntu.com/8383-1/
16
reference_url https://usn.ubuntu.com/8417-1/
reference_id USN-8417-1
reference_type
scores
url https://usn.ubuntu.com/8417-1/
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@9.0.118
purl pkg:maven/org.apache.tomcat/tomcat@9.0.118
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.118
1
url pkg:maven/org.apache.tomcat/tomcat@10.1.55
purl pkg:maven/org.apache.tomcat/tomcat@10.1.55
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.55
2
url pkg:maven/org.apache.tomcat/tomcat@11.0.22
purl pkg:maven/org.apache.tomcat/tomcat@11.0.22
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@11.0.22
aliases CVE-2026-43515, GHSA-5m62-pw8w-7w9f
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dj7q-4map-ebg4
12
url VCID-dx14-ejnx-37ad
vulnerability_id VCID-dx14-ejnx-37ad
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29885.json
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29885.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-29885
reference_id
reference_type
scores
0
value 0.55532
scoring_system epss
scoring_elements 0.98121
published_at 2026-06-11T12:55:00Z
1
value 0.55532
scoring_system epss
scoring_elements 0.98128
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-29885
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
4
reference_url https://github.com/apache/tomcat/commit/0fa7721f11d565a2cd2e44366c388ad6a3e6357d
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/0fa7721f11d565a2cd2e44366c388ad6a3e6357d
5
reference_url https://github.com/apache/tomcat/commit/36826ea638457d7e17876a70f89cb435b6db0d91
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/36826ea638457d7e17876a70f89cb435b6db0d91
6
reference_url https://github.com/apache/tomcat/commit/b679bc627f5a4ea6510af95adfb7476b07eba890
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/b679bc627f5a4ea6510af95adfb7476b07eba890
7
reference_url https://github.com/apache/tomcat/commit/eaafd28296c54d983e28a47953c1f5cb2c334f48
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/eaafd28296c54d983e28a47953c1f5cb2c334f48
8
reference_url https://lists.apache.org/thread/2b4qmhbcyqvc7dyfpjyx54c03x65vhcv
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread/2b4qmhbcyqvc7dyfpjyx54c03x65vhcv
9
reference_url https://security.netapp.com/advisory/ntap-20220629-0002
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20220629-0002
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2093014
reference_id 2093014
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2093014
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29885
reference_id CVE-2022-29885
reference_type
scores
0
value Low
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29885
12
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/51262.py
reference_id CVE-2022-29885
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/51262.py
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-29885
reference_id CVE-2022-29885
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-29885
14
reference_url https://github.com/advisories/GHSA-r84p-88g2-2vx2
reference_id GHSA-r84p-88g2-2vx2
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-r84p-88g2-2vx2
15
reference_url https://usn.ubuntu.com/6943-1/
reference_id USN-6943-1
reference_type
scores
url https://usn.ubuntu.com/6943-1/
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@9.0.63
purl pkg:maven/org.apache.tomcat/tomcat@9.0.63
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-16sq-3qm1-kqb2
1
vulnerability VCID-2hmq-5245-jyaf
2
vulnerability VCID-2n2k-sh22-fkfw
3
vulnerability VCID-3kn9-yxww-ryh4
4
vulnerability VCID-63vc-sc11-8kf1
5
vulnerability VCID-697g-gcg9-zyaa
6
vulnerability VCID-6kab-xsqw-37ed
7
vulnerability VCID-6wqu-jupw-tyhu
8
vulnerability VCID-7wr9-uez1-8bdg
9
vulnerability VCID-97et-ubnp-wqcy
10
vulnerability VCID-9xyf-k9wq-g7b9
11
vulnerability VCID-dhxd-kknv-9qb7
12
vulnerability VCID-dj7q-4map-ebg4
13
vulnerability VCID-hv33-kv9q-gugf
14
vulnerability VCID-hvgr-azs4-qqac
15
vulnerability VCID-keh1-ycs9-ybdd
16
vulnerability VCID-ngy5-k9cv-rkbn
17
vulnerability VCID-p4j1-xp15-t3b8
18
vulnerability VCID-s2kf-jwgc-pfas
19
vulnerability VCID-t8tc-zb3w-57gv
20
vulnerability VCID-uyc3-3cnp-wqf3
21
vulnerability VCID-v5zf-qfdq-kbbp
22
vulnerability VCID-vnfg-9em7-u7ee
23
vulnerability VCID-x7wn-uamc-6bg5
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.63
1
url pkg:maven/org.apache.tomcat/tomcat@10.0.21
purl pkg:maven/org.apache.tomcat/tomcat@10.0.21
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2hmq-5245-jyaf
1
vulnerability VCID-3kn9-yxww-ryh4
2
vulnerability VCID-bbye-dcrb-t3ev
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.0.21
2
url pkg:maven/org.apache.tomcat/tomcat@10.1.0-M15
purl pkg:maven/org.apache.tomcat/tomcat@10.1.0-M15
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-16sq-3qm1-kqb2
1
vulnerability VCID-2n2k-sh22-fkfw
2
vulnerability VCID-63vc-sc11-8kf1
3
vulnerability VCID-697g-gcg9-zyaa
4
vulnerability VCID-6kab-xsqw-37ed
5
vulnerability VCID-6wqu-jupw-tyhu
6
vulnerability VCID-7wr9-uez1-8bdg
7
vulnerability VCID-97et-ubnp-wqcy
8
vulnerability VCID-9xyf-k9wq-g7b9
9
vulnerability VCID-bbye-dcrb-t3ev
10
vulnerability VCID-bwh8-tmf1-8uac
11
vulnerability VCID-dj7q-4map-ebg4
12
vulnerability VCID-hv33-kv9q-gugf
13
vulnerability VCID-hvgr-azs4-qqac
14
vulnerability VCID-keh1-ycs9-ybdd
15
vulnerability VCID-n4qq-m1x3-qkbz
16
vulnerability VCID-ngy5-k9cv-rkbn
17
vulnerability VCID-p4j1-xp15-t3b8
18
vulnerability VCID-s2kf-jwgc-pfas
19
vulnerability VCID-t8tc-zb3w-57gv
20
vulnerability VCID-uyc3-3cnp-wqf3
21
vulnerability VCID-vnfg-9em7-u7ee
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.0-M15
3
url pkg:maven/org.apache.tomcat/tomcat@10.1.1
purl pkg:maven/org.apache.tomcat/tomcat@10.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-16sq-3qm1-kqb2
1
vulnerability VCID-2n2k-sh22-fkfw
2
vulnerability VCID-63vc-sc11-8kf1
3
vulnerability VCID-697g-gcg9-zyaa
4
vulnerability VCID-6kab-xsqw-37ed
5
vulnerability VCID-6wqu-jupw-tyhu
6
vulnerability VCID-7wr9-uez1-8bdg
7
vulnerability VCID-97et-ubnp-wqcy
8
vulnerability VCID-9xyf-k9wq-g7b9
9
vulnerability VCID-bwh8-tmf1-8uac
10
vulnerability VCID-dj7q-4map-ebg4
11
vulnerability VCID-hv33-kv9q-gugf
12
vulnerability VCID-hvgr-azs4-qqac
13
vulnerability VCID-keh1-ycs9-ybdd
14
vulnerability VCID-n4qq-m1x3-qkbz
15
vulnerability VCID-ngy5-k9cv-rkbn
16
vulnerability VCID-p4j1-xp15-t3b8
17
vulnerability VCID-s2kf-jwgc-pfas
18
vulnerability VCID-t8tc-zb3w-57gv
19
vulnerability VCID-uyc3-3cnp-wqf3
20
vulnerability VCID-v5zf-qfdq-kbbp
21
vulnerability VCID-vnfg-9em7-u7ee
22
vulnerability VCID-x7wn-uamc-6bg5
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.1
aliases CVE-2022-29885, GHSA-r84p-88g2-2vx2
risk_score 10.0
exploitability 2.0
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dx14-ejnx-37ad
13
url VCID-euv9-huaz-y3d1
vulnerability_id VCID-euv9-huaz-y3d1
summary
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00084.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00084.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00088.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00088.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13934.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13934.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-13934
reference_id
reference_type
scores
0
value 0.2338
scoring_system epss
scoring_elements 0.96093
published_at 2026-06-12T12:55:00Z
1
value 0.2338
scoring_system epss
scoring_elements 0.96081
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-13934
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
6
reference_url https://github.com/apache/tomcat/commit/172977f04a5215128f1e278a688983dcd230f399
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/172977f04a5215128f1e278a688983dcd230f399
7
reference_url https://github.com/apache/tomcat/commit/923d834500802a61779318911d7898bd85fc950e
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/923d834500802a61779318911d7898bd85fc950e
8
reference_url https://github.com/apache/tomcat/commit/c9167ae30f3b03b112f3d81772e3450b7d0e6a25
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/c9167ae30f3b03b112f3d81772e3450b7d0e6a25
9
reference_url https://lists.apache.org/thread.html/r61f411cf82488d6ec213063fc15feeeb88e31b0ca9c29652ee4f962e%40%3Cannounce.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r61f411cf82488d6ec213063fc15feeeb88e31b0ca9c29652ee4f962e%40%3Cannounce.tomcat.apache.org%3E
10
reference_url https://lists.apache.org/thread.html/ra072b1f786e7d139e86f1d1145572e0ff71cef38a96d9c6f5362aac8@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/ra072b1f786e7d139e86f1d1145572e0ff71cef38a96d9c6f5362aac8@%3Cdev.tomcat.apache.org%3E
11
reference_url https://lists.debian.org/debian-lts-announce/2020/07/msg00017.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2020/07/msg00017.html
12
reference_url https://security.netapp.com/advisory/ntap-20200724-0003
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20200724-0003
13
reference_url https://usn.ubuntu.com/4596-1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/4596-1
14
reference_url https://www.debian.org/security/2020/dsa-4727
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2020/dsa-4727
15
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1857040
reference_id 1857040
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1857040
16
reference_url https://security.archlinux.org/AVG-1205
reference_id AVG-1205
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1205
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13934
reference_id CVE-2020-13934
reference_type
scores
0
value Moderate
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13934
18
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-13934
reference_id CVE-2020-13934
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-13934
19
reference_url https://github.com/advisories/GHSA-vf77-8h7g-gghp
reference_id GHSA-vf77-8h7g-gghp
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-vf77-8h7g-gghp
20
reference_url https://access.redhat.com/errata/RHSA-2020:3306
reference_id RHSA-2020:3306
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3306
21
reference_url https://access.redhat.com/errata/RHSA-2020:3308
reference_id RHSA-2020:3308
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3308
22
reference_url https://access.redhat.com/errata/RHSA-2020:3806
reference_id RHSA-2020:3806
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3806
23
reference_url https://access.redhat.com/errata/RHSA-2021:3140
reference_id RHSA-2021:3140
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3140
24
reference_url https://usn.ubuntu.com/4596-1/
reference_id USN-4596-1
reference_type
scores
url https://usn.ubuntu.com/4596-1/
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@9.0.36
purl pkg:maven/org.apache.tomcat/tomcat@9.0.36
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-16sq-3qm1-kqb2
1
vulnerability VCID-2hmq-5245-jyaf
2
vulnerability VCID-2n2k-sh22-fkfw
3
vulnerability VCID-3kn9-yxww-ryh4
4
vulnerability VCID-697g-gcg9-zyaa
5
vulnerability VCID-6kab-xsqw-37ed
6
vulnerability VCID-6wqu-jupw-tyhu
7
vulnerability VCID-7wr9-uez1-8bdg
8
vulnerability VCID-97et-ubnp-wqcy
9
vulnerability VCID-9xyf-k9wq-g7b9
10
vulnerability VCID-dhxd-kknv-9qb7
11
vulnerability VCID-dj7q-4map-ebg4
12
vulnerability VCID-dx14-ejnx-37ad
13
vulnerability VCID-euv9-huaz-y3d1
14
vulnerability VCID-hv33-kv9q-gugf
15
vulnerability VCID-keh1-ycs9-ybdd
16
vulnerability VCID-ngy5-k9cv-rkbn
17
vulnerability VCID-nj9t-gdm3-6ycn
18
vulnerability VCID-p4j1-xp15-t3b8
19
vulnerability VCID-p65m-6crd-bufr
20
vulnerability VCID-qvgx-r4rr-xugp
21
vulnerability VCID-r9fd-ndvw-ekfa
22
vulnerability VCID-s2kf-jwgc-pfas
23
vulnerability VCID-t8tc-zb3w-57gv
24
vulnerability VCID-tvrz-n2kd-pba4
25
vulnerability VCID-uyc3-3cnp-wqf3
26
vulnerability VCID-v5zf-qfdq-kbbp
27
vulnerability VCID-vfh6-rc99-e3bf
28
vulnerability VCID-vnfg-9em7-u7ee
29
vulnerability VCID-yjb8-hdqu-4fe5
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.36
1
url pkg:maven/org.apache.tomcat/tomcat@9.0.37
purl pkg:maven/org.apache.tomcat/tomcat@9.0.37
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-16sq-3qm1-kqb2
1
vulnerability VCID-2hmq-5245-jyaf
2
vulnerability VCID-2n2k-sh22-fkfw
3
vulnerability VCID-3kn9-yxww-ryh4
4
vulnerability VCID-697g-gcg9-zyaa
5
vulnerability VCID-6kab-xsqw-37ed
6
vulnerability VCID-6wqu-jupw-tyhu
7
vulnerability VCID-7wr9-uez1-8bdg
8
vulnerability VCID-97et-ubnp-wqcy
9
vulnerability VCID-9xyf-k9wq-g7b9
10
vulnerability VCID-dhxd-kknv-9qb7
11
vulnerability VCID-dj7q-4map-ebg4
12
vulnerability VCID-dx14-ejnx-37ad
13
vulnerability VCID-hv33-kv9q-gugf
14
vulnerability VCID-keh1-ycs9-ybdd
15
vulnerability VCID-ngy5-k9cv-rkbn
16
vulnerability VCID-nj9t-gdm3-6ycn
17
vulnerability VCID-nstu-jfc5-3kgd
18
vulnerability VCID-p4j1-xp15-t3b8
19
vulnerability VCID-qvgx-r4rr-xugp
20
vulnerability VCID-r9fd-ndvw-ekfa
21
vulnerability VCID-s2kf-jwgc-pfas
22
vulnerability VCID-t8tc-zb3w-57gv
23
vulnerability VCID-tvrz-n2kd-pba4
24
vulnerability VCID-uyc3-3cnp-wqf3
25
vulnerability VCID-v5zf-qfdq-kbbp
26
vulnerability VCID-vfh6-rc99-e3bf
27
vulnerability VCID-vnfg-9em7-u7ee
28
vulnerability VCID-yjb8-hdqu-4fe5
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.37
2
url pkg:maven/org.apache.tomcat/tomcat@10.0.0-M6
purl pkg:maven/org.apache.tomcat/tomcat@10.0.0-M6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-euv9-huaz-y3d1
1
vulnerability VCID-p65m-6crd-bufr
2
vulnerability VCID-qvgx-r4rr-xugp
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.0.0-M6
3
url pkg:maven/org.apache.tomcat/tomcat@10.0.0-M7
purl pkg:maven/org.apache.tomcat/tomcat@10.0.0-M7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-nstu-jfc5-3kgd
1
vulnerability VCID-qvgx-r4rr-xugp
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.0.0-M7
aliases CVE-2020-13934, GHSA-vf77-8h7g-gghp
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-euv9-huaz-y3d1
14
url VCID-gecz-htub-27gx
vulnerability_id VCID-gecz-htub-27gx
summary
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00064.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00064.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00072.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00072.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11996.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11996.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-11996
reference_id
reference_type
scores
0
value 0.45121
scoring_system epss
scoring_elements 0.97677
published_at 2026-06-11T12:55:00Z
1
value 0.45121
scoring_system epss
scoring_elements 0.97687
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-11996
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
6
reference_url https://github.com/apache/tomcat/commit/9434a44d3449d620b1be70206819f8275b4a7509
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/9434a44d3449d620b1be70206819f8275b4a7509
7
reference_url https://github.com/apache/tomcat/commit/9a0231683a77e2957cea0fdee88b193b30b0c976
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/9a0231683a77e2957cea0fdee88b193b30b0c976
8
reference_url https://github.com/apache/tomcat/commit/c8acd2ab7371e39aeca7c306f3b5380f00afe552
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/c8acd2ab7371e39aeca7c306f3b5380f00afe552
9
reference_url https://lists.apache.org/thread.html/r2529016c311ce9485e6f173446d469600fdfbb94dccadfcd9dfdac79@%3Cusers.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r2529016c311ce9485e6f173446d469600fdfbb94dccadfcd9dfdac79@%3Cusers.tomcat.apache.org%3E
10
reference_url https://lists.apache.org/thread.html/r3ea96d8f36dd404acce83df8aeb22a9e807d6c13ca9c5dec72f872cd@%3Cnotifications.ofbiz.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r3ea96d8f36dd404acce83df8aeb22a9e807d6c13ca9c5dec72f872cd@%3Cnotifications.ofbiz.apache.org%3E
11
reference_url https://lists.apache.org/thread.html/r5541ef6b6b68b49f76fc4c45695940116da2bcbe0312ef204a00a2e0%40%3Cannounce.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r5541ef6b6b68b49f76fc4c45695940116da2bcbe0312ef204a00a2e0%40%3Cannounce.tomcat.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/r5a4f80a6acc6607d61dae424b643b594c6188dd4e1eff04705c10db2@%3Cnotifications.ofbiz.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r5a4f80a6acc6607d61dae424b643b594c6188dd4e1eff04705c10db2@%3Cnotifications.ofbiz.apache.org%3E
13
reference_url https://lists.apache.org/thread.html/r6c29801370a36c1a5159679269777ad0c73276d3015b8bbefea66e5c@%3Cnotifications.ofbiz.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r6c29801370a36c1a5159679269777ad0c73276d3015b8bbefea66e5c@%3Cnotifications.ofbiz.apache.org%3E
14
reference_url https://lists.apache.org/thread.html/r74f5a8204efe574cbfcd95b2a16236fe95beb45c4d9fee3dc789dca9@%3Ccommits.ofbiz.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r74f5a8204efe574cbfcd95b2a16236fe95beb45c4d9fee3dc789dca9@%3Ccommits.ofbiz.apache.org%3E
15
reference_url https://lists.apache.org/thread.html/r8f3d416c193bc9384a8a7dd368623d441f5fcaff1057115008100561@%3Ccommits.ofbiz.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r8f3d416c193bc9384a8a7dd368623d441f5fcaff1057115008100561@%3Ccommits.ofbiz.apache.org%3E
16
reference_url https://lists.apache.org/thread.html/r8f7484589454638af527182ae55ef5b628ba00c05c5b11887c922fb1@%3Cnotifications.ofbiz.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r8f7484589454638af527182ae55ef5b628ba00c05c5b11887c922fb1@%3Cnotifications.ofbiz.apache.org%3E
17
reference_url https://lists.apache.org/thread.html/r93ca628ef3a4530dfe5ac49fddc795f0920a4b2a408b57a30926a42b@%3Ccommits.ofbiz.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r93ca628ef3a4530dfe5ac49fddc795f0920a4b2a408b57a30926a42b@%3Ccommits.ofbiz.apache.org%3E
18
reference_url https://lists.apache.org/thread.html/r9ad911fe49450ed9405827af0e7a74104041081ff91864b1f2546bbd@%3Cnotifications.ofbiz.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r9ad911fe49450ed9405827af0e7a74104041081ff91864b1f2546bbd@%3Cnotifications.ofbiz.apache.org%3E
19
reference_url https://lists.apache.org/thread.html/ra7092f7492569b39b04ec0decf52628ba86c51f15efb38f5853e2760@%3Cnotifications.ofbiz.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/ra7092f7492569b39b04ec0decf52628ba86c51f15efb38f5853e2760@%3Cnotifications.ofbiz.apache.org%3E
20
reference_url https://lists.apache.org/thread.html/rb4ee49ecc4c59620ffd5e66e84a17e526c2c3cfa95d0cd682d90d338@%3Cnotifications.ofbiz.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb4ee49ecc4c59620ffd5e66e84a17e526c2c3cfa95d0cd682d90d338@%3Cnotifications.ofbiz.apache.org%3E
21
reference_url https://lists.apache.org/thread.html/rb820f1a2a02bf07414be12c653c2ab5321fd87b9bf6c5e635c53ff4b@%3Cnotifications.ofbiz.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb820f1a2a02bf07414be12c653c2ab5321fd87b9bf6c5e635c53ff4b@%3Cnotifications.ofbiz.apache.org%3E
22
reference_url https://lists.apache.org/thread.html/rc80b96b4b96618b2b7461cb90664a428cfd6605eea9f74e51b792542@%3Cnotifications.ofbiz.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rc80b96b4b96618b2b7461cb90664a428cfd6605eea9f74e51b792542@%3Cnotifications.ofbiz.apache.org%3E
23
reference_url https://lists.apache.org/thread.html/rea65d6ef2e45dd1c45faae83922042732866c7b88fa109b76c83db52@%3Cnotifications.ofbiz.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rea65d6ef2e45dd1c45faae83922042732866c7b88fa109b76c83db52@%3Cnotifications.ofbiz.apache.org%3E
24
reference_url https://lists.apache.org/thread.html/ref0339792ac6dac1dba83c071a727ad72380899bde60f6aaad4031b9@%3Cnotifications.ofbiz.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/ref0339792ac6dac1dba83c071a727ad72380899bde60f6aaad4031b9@%3Cnotifications.ofbiz.apache.org%3E
25
reference_url https://lists.debian.org/debian-lts-announce/2020/07/msg00010.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2020/07/msg00010.html
26
reference_url https://security.netapp.com/advisory/ntap-20200709-0002
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20200709-0002
27
reference_url https://tomcat.apache.org/security-10.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-10.html
28
reference_url https://tomcat.apache.org/security-8.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-8.html
29
reference_url https://tomcat.apache.org/security-9.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-9.html
30
reference_url https://usn.ubuntu.com/4596-1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/4596-1
31
reference_url https://www.debian.org/security/2020/dsa-4727
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2020/dsa-4727
32
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1851420
reference_id 1851420
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1851420
33
reference_url https://security.archlinux.org/AVG-1196
reference_id AVG-1196
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1196
34
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11996
reference_id CVE-2020-11996
reference_type
scores
0
value Important
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11996
35
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-11996
reference_id CVE-2020-11996
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-11996
36
reference_url https://github.com/advisories/GHSA-53hp-jpwq-2jgq
reference_id GHSA-53hp-jpwq-2jgq
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-53hp-jpwq-2jgq
37
reference_url https://access.redhat.com/errata/RHSA-2020:5170
reference_id RHSA-2020:5170
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:5170
38
reference_url https://access.redhat.com/errata/RHSA-2020:5173
reference_id RHSA-2020:5173
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:5173
39
reference_url https://access.redhat.com/errata/RHSA-2020:5388
reference_id RHSA-2020:5388
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:5388
40
reference_url https://access.redhat.com/errata/RHSA-2021:0292
reference_id RHSA-2021:0292
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0292
41
reference_url https://access.redhat.com/errata/RHSA-2021:3140
reference_id RHSA-2021:3140
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3140
42
reference_url https://usn.ubuntu.com/4596-1/
reference_id USN-4596-1
reference_type
scores
url https://usn.ubuntu.com/4596-1/
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@9.0.35
purl pkg:maven/org.apache.tomcat/tomcat@9.0.35
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-16sq-3qm1-kqb2
1
vulnerability VCID-2hmq-5245-jyaf
2
vulnerability VCID-2n2k-sh22-fkfw
3
vulnerability VCID-3kn9-yxww-ryh4
4
vulnerability VCID-697g-gcg9-zyaa
5
vulnerability VCID-6kab-xsqw-37ed
6
vulnerability VCID-6wqu-jupw-tyhu
7
vulnerability VCID-7wr9-uez1-8bdg
8
vulnerability VCID-97et-ubnp-wqcy
9
vulnerability VCID-9xyf-k9wq-g7b9
10
vulnerability VCID-dhxd-kknv-9qb7
11
vulnerability VCID-dj7q-4map-ebg4
12
vulnerability VCID-dx14-ejnx-37ad
13
vulnerability VCID-euv9-huaz-y3d1
14
vulnerability VCID-fbxk-sjfu-eyf1
15
vulnerability VCID-gecz-htub-27gx
16
vulnerability VCID-hv33-kv9q-gugf
17
vulnerability VCID-keh1-ycs9-ybdd
18
vulnerability VCID-ngy5-k9cv-rkbn
19
vulnerability VCID-nj9t-gdm3-6ycn
20
vulnerability VCID-p4j1-xp15-t3b8
21
vulnerability VCID-p65m-6crd-bufr
22
vulnerability VCID-qvgx-r4rr-xugp
23
vulnerability VCID-r9fd-ndvw-ekfa
24
vulnerability VCID-s2kf-jwgc-pfas
25
vulnerability VCID-t8tc-zb3w-57gv
26
vulnerability VCID-tvrz-n2kd-pba4
27
vulnerability VCID-uyc3-3cnp-wqf3
28
vulnerability VCID-v5zf-qfdq-kbbp
29
vulnerability VCID-vfh6-rc99-e3bf
30
vulnerability VCID-vnfg-9em7-u7ee
31
vulnerability VCID-yjb8-hdqu-4fe5
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.35
1
url pkg:maven/org.apache.tomcat/tomcat@9.0.36
purl pkg:maven/org.apache.tomcat/tomcat@9.0.36
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-16sq-3qm1-kqb2
1
vulnerability VCID-2hmq-5245-jyaf
2
vulnerability VCID-2n2k-sh22-fkfw
3
vulnerability VCID-3kn9-yxww-ryh4
4
vulnerability VCID-697g-gcg9-zyaa
5
vulnerability VCID-6kab-xsqw-37ed
6
vulnerability VCID-6wqu-jupw-tyhu
7
vulnerability VCID-7wr9-uez1-8bdg
8
vulnerability VCID-97et-ubnp-wqcy
9
vulnerability VCID-9xyf-k9wq-g7b9
10
vulnerability VCID-dhxd-kknv-9qb7
11
vulnerability VCID-dj7q-4map-ebg4
12
vulnerability VCID-dx14-ejnx-37ad
13
vulnerability VCID-euv9-huaz-y3d1
14
vulnerability VCID-hv33-kv9q-gugf
15
vulnerability VCID-keh1-ycs9-ybdd
16
vulnerability VCID-ngy5-k9cv-rkbn
17
vulnerability VCID-nj9t-gdm3-6ycn
18
vulnerability VCID-p4j1-xp15-t3b8
19
vulnerability VCID-p65m-6crd-bufr
20
vulnerability VCID-qvgx-r4rr-xugp
21
vulnerability VCID-r9fd-ndvw-ekfa
22
vulnerability VCID-s2kf-jwgc-pfas
23
vulnerability VCID-t8tc-zb3w-57gv
24
vulnerability VCID-tvrz-n2kd-pba4
25
vulnerability VCID-uyc3-3cnp-wqf3
26
vulnerability VCID-v5zf-qfdq-kbbp
27
vulnerability VCID-vfh6-rc99-e3bf
28
vulnerability VCID-vnfg-9em7-u7ee
29
vulnerability VCID-yjb8-hdqu-4fe5
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.36
2
url pkg:maven/org.apache.tomcat/tomcat@10.0.0-M5
purl pkg:maven/org.apache.tomcat/tomcat@10.0.0-M5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-euv9-huaz-y3d1
1
vulnerability VCID-fbxk-sjfu-eyf1
2
vulnerability VCID-gecz-htub-27gx
3
vulnerability VCID-p65m-6crd-bufr
4
vulnerability VCID-qvgx-r4rr-xugp
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.0.0-M5
3
url pkg:maven/org.apache.tomcat/tomcat@10.0.0-M6
purl pkg:maven/org.apache.tomcat/tomcat@10.0.0-M6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-euv9-huaz-y3d1
1
vulnerability VCID-p65m-6crd-bufr
2
vulnerability VCID-qvgx-r4rr-xugp
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.0.0-M6
aliases CVE-2020-11996, GHSA-53hp-jpwq-2jgq
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gecz-htub-27gx
15
url VCID-hv33-kv9q-gugf
vulnerability_id VCID-hv33-kv9q-gugf
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-43513
reference_id
reference_type
scores
0
value 0.00082
scoring_system epss
scoring_elements 0.24017
published_at 2026-06-11T12:55:00Z
1
value 0.00082
scoring_system epss
scoring_elements 0.24213
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-43513
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
3
reference_url https://github.com/apache/tomcat/commit/4a90d3fa93988c447cd5bb7482f76ff70d7f15c2
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/4a90d3fa93988c447cd5bb7482f76ff70d7f15c2
4
reference_url https://github.com/apache/tomcat/commit/6dd75beb55bd42fc5f78e929596b25018cd17717
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/6dd75beb55bd42fc5f78e929596b25018cd17717
5
reference_url https://github.com/apache/tomcat/commit/83f3e51df7b87f5f6e626951c575ded1a512e8ef
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/83f3e51df7b87f5f6e626951c575ded1a512e8ef
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-43513
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-43513
7
reference_url https://tomcat.apache.org/security-10.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-10.html
8
reference_url https://tomcat.apache.org/security-11.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-11.html
9
reference_url https://tomcat.apache.org/security-9.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-9.html
10
reference_url http://www.openwall.com/lists/oss-security/2026/05/12/9
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2026/05/12/9
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-43513
reference_id CVE-2026-43513
reference_type
scores
0
value Low
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-43513
12
reference_url https://github.com/advisories/GHSA-5mp6-jrq3-r938
reference_id GHSA-5mp6-jrq3-r938
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-5mp6-jrq3-r938
13
reference_url https://usn.ubuntu.com/8383-1/
reference_id USN-8383-1
reference_type
scores
url https://usn.ubuntu.com/8383-1/
14
reference_url https://usn.ubuntu.com/8417-1/
reference_id USN-8417-1
reference_type
scores
url https://usn.ubuntu.com/8417-1/
15
reference_url https://lists.apache.org/thread/ytjcgldshj73lcnd1sh95od5hrghwogp
reference_id ytjcgldshj73lcnd1sh95od5hrghwogp
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-14T16:34:43Z/
url https://lists.apache.org/thread/ytjcgldshj73lcnd1sh95od5hrghwogp
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@9.0.118
purl pkg:maven/org.apache.tomcat/tomcat@9.0.118
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.118
1
url pkg:maven/org.apache.tomcat/tomcat@10.1.55
purl pkg:maven/org.apache.tomcat/tomcat@10.1.55
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.55
2
url pkg:maven/org.apache.tomcat/tomcat@11.0.22
purl pkg:maven/org.apache.tomcat/tomcat@11.0.22
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@11.0.22
aliases CVE-2026-43513, GHSA-5mp6-jrq3-r938
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hv33-kv9q-gugf
16
url VCID-keh1-ycs9-ybdd
vulnerability_id VCID-keh1-ycs9-ybdd
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61795.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61795.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-61795
reference_id
reference_type
scores
0
value 0.00129
scoring_system epss
scoring_elements 0.31943
published_at 2026-06-11T12:55:00Z
1
value 0.00129
scoring_system epss
scoring_elements 0.32128
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-61795
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
4
reference_url https://github.com/apache/tomcat/commit/1cdf5f730ede75a0759492f179ac21ca4ff68e06
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/1cdf5f730ede75a0759492f179ac21ca4ff68e06
5
reference_url https://github.com/apache/tomcat/commit/af6e9181620304c0d818121c29c074e1330610d0
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/af6e9181620304c0d818121c29c074e1330610d0
6
reference_url https://github.com/apache/tomcat/commit/afa422bd7ca1eef0f507259c682fd876494d9c3b
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/afa422bd7ca1eef0f507259c682fd876494d9c3b
7
reference_url https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.47
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value LOW
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.47
8
reference_url https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.12
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value LOW
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.12
9
reference_url https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.110
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value LOW
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.110
10
reference_url http://www.openwall.com/lists/oss-security/2025/10/27/6
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value LOW
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2025/10/27/6
11
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1119293
reference_id 1119293
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1119293
12
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1119294
reference_id 1119294
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1119294
13
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2406588
reference_id 2406588
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2406588
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61795
reference_id CVE-2025-61795
reference_type
scores
0
value Low
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61795
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-61795
reference_id CVE-2025-61795
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-61795
16
reference_url https://github.com/advisories/GHSA-hgrr-935x-pq79
reference_id GHSA-hgrr-935x-pq79
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-hgrr-935x-pq79
17
reference_url https://access.redhat.com/errata/RHSA-2025:19809
reference_id RHSA-2025:19809
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:19809
18
reference_url https://access.redhat.com/errata/RHSA-2025:19810
reference_id RHSA-2025:19810
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:19810
19
reference_url https://access.redhat.com/errata/RHSA-2025:23050
reference_id RHSA-2025:23050
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23050
20
reference_url https://access.redhat.com/errata/RHSA-2025:23051
reference_id RHSA-2025:23051
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23051
21
reference_url https://access.redhat.com/errata/RHSA-2026:6569
reference_id RHSA-2026:6569
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6569
22
reference_url https://access.redhat.com/errata/RHSA-2026:8334
reference_id RHSA-2026:8334
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8334
23
reference_url https://lists.apache.org/thread/wm9mx8brmx9g4zpywm06ryrtvd3160pp
reference_id wm9mx8brmx9g4zpywm06ryrtvd3160pp
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value LOW
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-27T18:48:52Z/
url https://lists.apache.org/thread/wm9mx8brmx9g4zpywm06ryrtvd3160pp
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@9.0.110
purl pkg:maven/org.apache.tomcat/tomcat@9.0.110
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2n2k-sh22-fkfw
1
vulnerability VCID-697g-gcg9-zyaa
2
vulnerability VCID-7wr9-uez1-8bdg
3
vulnerability VCID-97et-ubnp-wqcy
4
vulnerability VCID-9xyf-k9wq-g7b9
5
vulnerability VCID-bwh8-tmf1-8uac
6
vulnerability VCID-dhxd-kknv-9qb7
7
vulnerability VCID-dj7q-4map-ebg4
8
vulnerability VCID-hv33-kv9q-gugf
9
vulnerability VCID-hvgr-azs4-qqac
10
vulnerability VCID-n4qq-m1x3-qkbz
11
vulnerability VCID-nctp-shgj-sfgh
12
vulnerability VCID-p4j1-xp15-t3b8
13
vulnerability VCID-s2kf-jwgc-pfas
14
vulnerability VCID-t8tc-zb3w-57gv
15
vulnerability VCID-vnfg-9em7-u7ee
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.110
1
url pkg:maven/org.apache.tomcat/tomcat@10.1.47
purl pkg:maven/org.apache.tomcat/tomcat@10.1.47
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2n2k-sh22-fkfw
1
vulnerability VCID-697g-gcg9-zyaa
2
vulnerability VCID-7wr9-uez1-8bdg
3
vulnerability VCID-97et-ubnp-wqcy
4
vulnerability VCID-9xyf-k9wq-g7b9
5
vulnerability VCID-bwh8-tmf1-8uac
6
vulnerability VCID-dj7q-4map-ebg4
7
vulnerability VCID-hv33-kv9q-gugf
8
vulnerability VCID-hvgr-azs4-qqac
9
vulnerability VCID-n4qq-m1x3-qkbz
10
vulnerability VCID-nctp-shgj-sfgh
11
vulnerability VCID-p4j1-xp15-t3b8
12
vulnerability VCID-s2kf-jwgc-pfas
13
vulnerability VCID-t8tc-zb3w-57gv
14
vulnerability VCID-vnfg-9em7-u7ee
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.47
2
url pkg:maven/org.apache.tomcat/tomcat@11.0.12
purl pkg:maven/org.apache.tomcat/tomcat@11.0.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2n2k-sh22-fkfw
1
vulnerability VCID-697g-gcg9-zyaa
2
vulnerability VCID-7wr9-uez1-8bdg
3
vulnerability VCID-97et-ubnp-wqcy
4
vulnerability VCID-9xyf-k9wq-g7b9
5
vulnerability VCID-bwh8-tmf1-8uac
6
vulnerability VCID-dhxd-kknv-9qb7
7
vulnerability VCID-dj7q-4map-ebg4
8
vulnerability VCID-hv33-kv9q-gugf
9
vulnerability VCID-hvgr-azs4-qqac
10
vulnerability VCID-n4qq-m1x3-qkbz
11
vulnerability VCID-nctp-shgj-sfgh
12
vulnerability VCID-p4j1-xp15-t3b8
13
vulnerability VCID-s2kf-jwgc-pfas
14
vulnerability VCID-t8tc-zb3w-57gv
15
vulnerability VCID-vnfg-9em7-u7ee
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@11.0.12
aliases CVE-2025-61795, GHSA-hgrr-935x-pq79
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-keh1-ycs9-ybdd
17
url VCID-ngy5-k9cv-rkbn
vulnerability_id VCID-ngy5-k9cv-rkbn
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-54677.json
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-54677.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-54677
reference_id
reference_type
scores
0
value 0.01228
scoring_system epss
scoring_elements 0.79627
published_at 2026-06-12T12:55:00Z
1
value 0.01228
scoring_system epss
scoring_elements 0.79562
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-54677
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
4
reference_url https://github.com/apache/tomcat/commit/1d88dd3ffaed76188dd4ee32ce77709ce6e153cd
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/1d88dd3ffaed76188dd4ee32ce77709ce6e153cd
5
reference_url https://github.com/apache/tomcat/commit/3315a9027a7eaab18f42625b97b569940ff1365d
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/3315a9027a7eaab18f42625b97b569940ff1365d
6
reference_url https://github.com/apache/tomcat/commit/4a335c6dcba8d6f8a54629eda392a50da267bdf4
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/4a335c6dcba8d6f8a54629eda392a50da267bdf4
7
reference_url https://github.com/apache/tomcat/commit/4d5cc6538d91386f950373ac8120e98c2c78ed3a
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/4d5cc6538d91386f950373ac8120e98c2c78ed3a
8
reference_url https://github.com/apache/tomcat/commit/4f0236606961176257b883213e1621b1859ed746
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/4f0236606961176257b883213e1621b1859ed746
9
reference_url https://github.com/apache/tomcat/commit/54e56495e9a106218efe9fc9c79d976c0032bbfd
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/54e56495e9a106218efe9fc9c79d976c0032bbfd
10
reference_url https://github.com/apache/tomcat/commit/721544ea28e92549824b106be954a9f411867a1c
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/721544ea28e92549824b106be954a9f411867a1c
11
reference_url https://github.com/apache/tomcat/commit/722814668708c42a61b0c1e340b15bc2b785c0d1
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/722814668708c42a61b0c1e340b15bc2b785c0d1
12
reference_url https://github.com/apache/tomcat/commit/75ff7e8622edcc024b268677aa789ee8f0880ecc
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/75ff7e8622edcc024b268677aa789ee8f0880ecc
13
reference_url https://github.com/apache/tomcat/commit/84065e26ca4555e63a922bb29b13b0a1c86b7654
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/84065e26ca4555e63a922bb29b13b0a1c86b7654
14
reference_url https://github.com/apache/tomcat/commit/84c4af76e7a10fc7f8630ce62e6a46632ea4a90e
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/84c4af76e7a10fc7f8630ce62e6a46632ea4a90e
15
reference_url https://github.com/apache/tomcat/commit/9ffd23fc27f5d1fc95bf97e5cea175c8968f4533
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/9ffd23fc27f5d1fc95bf97e5cea175c8968f4533
16
reference_url https://github.com/apache/tomcat/commit/a95bf2b0303442a2c9a1ac364b0e63b56049e33a
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/a95bf2b0303442a2c9a1ac364b0e63b56049e33a
17
reference_url https://github.com/apache/tomcat/commit/aa5b4d0043289cf054f531ec55126c980d3572e1
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/aa5b4d0043289cf054f531ec55126c980d3572e1
18
reference_url https://github.com/apache/tomcat/commit/b1f65728b37d7d227a0764344473b7e261a13408
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/b1f65728b37d7d227a0764344473b7e261a13408
19
reference_url https://github.com/apache/tomcat/commit/bbd82e9593314ade4cfd57248f9285fbad686f66
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/bbd82e9593314ade4cfd57248f9285fbad686f66
20
reference_url https://github.com/apache/tomcat/commit/c0a23927ea5e061ca3fdff695138464179fe674a
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/c0a23927ea5e061ca3fdff695138464179fe674a
21
reference_url https://github.com/apache/tomcat/commit/c2f7ce21c3fb12caefee87c517a8bb4f80700044
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/c2f7ce21c3fb12caefee87c517a8bb4f80700044
22
reference_url https://github.com/apache/tomcat/commit/cb1707685472994e9d924746f8c91cb116fa5213
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/cb1707685472994e9d924746f8c91cb116fa5213
23
reference_url https://github.com/apache/tomcat/commit/d63a10afc142b12f462a15f7d10f79fd80ff94eb
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/d63a10afc142b12f462a15f7d10f79fd80ff94eb
24
reference_url https://github.com/apache/tomcat/commit/dbec927859d9484cb8bd680a7c67b1a560f48444
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/dbec927859d9484cb8bd680a7c67b1a560f48444
25
reference_url https://github.com/apache/tomcat/commit/e8c16cdba833884e1bd49fff1f1cb699da177585
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/e8c16cdba833884e1bd49fff1f1cb699da177585
26
reference_url https://github.com/apache/tomcat/commit/f57a9d9847c1038be61f5818d73b8be907c460d4
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/f57a9d9847c1038be61f5818d73b8be907c460d4
27
reference_url https://lists.debian.org/debian-lts-announce/2025/07/msg00009.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U
2
value LOW
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2025/07/msg00009.html
28
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-54677
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U
2
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-54677
29
reference_url https://security.netapp.com/advisory/ntap-20250131-0006
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U
2
value LOW
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20250131-0006
30
reference_url https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.34
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U
2
value LOW
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.34
31
reference_url https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.2
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U
2
value LOW
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.2
32
reference_url https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.98
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U
2
value LOW
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.98
33
reference_url http://www.openwall.com/lists/oss-security/2024/12/17/5
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U
2
value LOW
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2024/12/17/5
34
reference_url http://www.openwall.com/lists/oss-security/2024/12/17/6
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U
2
value LOW
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2024/12/17/6
35
reference_url http://www.openwall.com/lists/oss-security/2024/12/18/1
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U
2
value LOW
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2024/12/18/1
36
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2332815
reference_id 2332815
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2332815
37
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54677
reference_id CVE-2024-54677
reference_type
scores
0
value Low
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54677
38
reference_url https://github.com/advisories/GHSA-653p-vg55-5652
reference_id GHSA-653p-vg55-5652
reference_type
scores
url https://github.com/advisories/GHSA-653p-vg55-5652
39
reference_url https://access.redhat.com/errata/RHSA-2025:7497
reference_id RHSA-2025:7497
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:7497
40
reference_url https://lists.apache.org/thread/tdtbbxpg5trdwc2wnopcth9ccvdftq2n
reference_id tdtbbxpg5trdwc2wnopcth9ccvdftq2n
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U
2
value LOW
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-12-17T16:41:40Z/
url https://lists.apache.org/thread/tdtbbxpg5trdwc2wnopcth9ccvdftq2n
41
reference_url https://usn.ubuntu.com/7705-1/
reference_id USN-7705-1
reference_type
scores
url https://usn.ubuntu.com/7705-1/
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@9.0.98
purl pkg:maven/org.apache.tomcat/tomcat@9.0.98
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2n2k-sh22-fkfw
1
vulnerability VCID-63vc-sc11-8kf1
2
vulnerability VCID-697g-gcg9-zyaa
3
vulnerability VCID-6wqu-jupw-tyhu
4
vulnerability VCID-7wr9-uez1-8bdg
5
vulnerability VCID-97et-ubnp-wqcy
6
vulnerability VCID-9xyf-k9wq-g7b9
7
vulnerability VCID-bwh8-tmf1-8uac
8
vulnerability VCID-dhxd-kknv-9qb7
9
vulnerability VCID-dj7q-4map-ebg4
10
vulnerability VCID-hv33-kv9q-gugf
11
vulnerability VCID-hvgr-azs4-qqac
12
vulnerability VCID-keh1-ycs9-ybdd
13
vulnerability VCID-kehq-gcjx-17e4
14
vulnerability VCID-n4qq-m1x3-qkbz
15
vulnerability VCID-nctp-shgj-sfgh
16
vulnerability VCID-p4j1-xp15-t3b8
17
vulnerability VCID-s2kf-jwgc-pfas
18
vulnerability VCID-t8tc-zb3w-57gv
19
vulnerability VCID-vnfg-9em7-u7ee
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.98
1
url pkg:maven/org.apache.tomcat/tomcat@10.1.34
purl pkg:maven/org.apache.tomcat/tomcat@10.1.34
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2n2k-sh22-fkfw
1
vulnerability VCID-63vc-sc11-8kf1
2
vulnerability VCID-697g-gcg9-zyaa
3
vulnerability VCID-6wqu-jupw-tyhu
4
vulnerability VCID-7wr9-uez1-8bdg
5
vulnerability VCID-97et-ubnp-wqcy
6
vulnerability VCID-9xyf-k9wq-g7b9
7
vulnerability VCID-bwh8-tmf1-8uac
8
vulnerability VCID-dj7q-4map-ebg4
9
vulnerability VCID-hv33-kv9q-gugf
10
vulnerability VCID-hvgr-azs4-qqac
11
vulnerability VCID-keh1-ycs9-ybdd
12
vulnerability VCID-kehq-gcjx-17e4
13
vulnerability VCID-n4qq-m1x3-qkbz
14
vulnerability VCID-nctp-shgj-sfgh
15
vulnerability VCID-p4j1-xp15-t3b8
16
vulnerability VCID-s2kf-jwgc-pfas
17
vulnerability VCID-t8tc-zb3w-57gv
18
vulnerability VCID-vnfg-9em7-u7ee
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.34
2
url pkg:maven/org.apache.tomcat/tomcat@11.0.2
purl pkg:maven/org.apache.tomcat/tomcat@11.0.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2n2k-sh22-fkfw
1
vulnerability VCID-63vc-sc11-8kf1
2
vulnerability VCID-697g-gcg9-zyaa
3
vulnerability VCID-6wqu-jupw-tyhu
4
vulnerability VCID-7wr9-uez1-8bdg
5
vulnerability VCID-97et-ubnp-wqcy
6
vulnerability VCID-9xyf-k9wq-g7b9
7
vulnerability VCID-bwh8-tmf1-8uac
8
vulnerability VCID-dhxd-kknv-9qb7
9
vulnerability VCID-dj7q-4map-ebg4
10
vulnerability VCID-hv33-kv9q-gugf
11
vulnerability VCID-hvgr-azs4-qqac
12
vulnerability VCID-keh1-ycs9-ybdd
13
vulnerability VCID-kehq-gcjx-17e4
14
vulnerability VCID-n4qq-m1x3-qkbz
15
vulnerability VCID-nctp-shgj-sfgh
16
vulnerability VCID-p4j1-xp15-t3b8
17
vulnerability VCID-s2kf-jwgc-pfas
18
vulnerability VCID-t8tc-zb3w-57gv
19
vulnerability VCID-vnfg-9em7-u7ee
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@11.0.2
aliases CVE-2024-54677, GHSA-653p-vg55-5652
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ngy5-k9cv-rkbn
18
url VCID-nj9t-gdm3-6ycn
vulnerability_id VCID-nj9t-gdm3-6ycn
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-17527.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-17527.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-17527
reference_id
reference_type
scores
0
value 0.10506
scoring_system epss
scoring_elements 0.93425
published_at 2026-06-11T12:55:00Z
1
value 0.10506
scoring_system epss
scoring_elements 0.93446
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-17527
2
reference_url https://bz.apache.org/bugzilla/show_bug.cgi?id=64830
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://bz.apache.org/bugzilla/show_bug.cgi?id=64830
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
5
reference_url https://github.com/apache/tomcat/commit/21e3408671aac7e0d7e264e720cac8b1b189eb29
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/21e3408671aac7e0d7e264e720cac8b1b189eb29
6
reference_url https://github.com/apache/tomcat/commit/8d2fe6894d6e258a6d615d7f786acca80e6020cb
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/8d2fe6894d6e258a6d615d7f786acca80e6020cb
7
reference_url https://github.com/apache/tomcat/commit/d56293f816d6dc9e2b47107f208fa9e95db58c65
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/d56293f816d6dc9e2b47107f208fa9e95db58c65
8
reference_url https://lists.apache.org/thread.html/r26a2a66339087fc37db3caf201e446d3e83b5cce314371e235ff1784@%3Ccommits.tomee.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r26a2a66339087fc37db3caf201e446d3e83b5cce314371e235ff1784@%3Ccommits.tomee.apache.org%3E
9
reference_url https://lists.apache.org/thread.html/r2d6e05c5ff96f8068a59dfdb3800e9ee8d4e36ce1971783c6e5f9b20@%3Ccommits.tomee.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r2d6e05c5ff96f8068a59dfdb3800e9ee8d4e36ce1971783c6e5f9b20@%3Ccommits.tomee.apache.org%3E
10
reference_url https://lists.apache.org/thread.html/r5a285242737ddef4d338236328aaaf3237183e1465a5efafd16b99ed@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r5a285242737ddef4d338236328aaaf3237183e1465a5efafd16b99ed@%3Cdev.tomcat.apache.org%3E
11
reference_url https://lists.apache.org/thread.html/r8a227ac6a755a6406c1cc47dd48800e973d4cf13fe7fe68ac59c679c@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r8a227ac6a755a6406c1cc47dd48800e973d4cf13fe7fe68ac59c679c@%3Cdev.tomcat.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/r9fd47f1b03e9b41d16a5cf72659b533887267d3398d963c2fff3abfa@%3Ccommits.tomee.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r9fd47f1b03e9b41d16a5cf72659b533887267d3398d963c2fff3abfa@%3Ccommits.tomee.apache.org%3E
13
reference_url https://lists.apache.org/thread.html/ra35c8d617b17d59f400112cebadec43ad379f98198b4a9726190d7ee@%3Cissues.guacamole.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/ra35c8d617b17d59f400112cebadec43ad379f98198b4a9726190d7ee@%3Cissues.guacamole.apache.org%3E
14
reference_url https://lists.apache.org/thread.html/ra9fcdb904dd2e2256ef90b3e4ced279cd464cb0ab63a6c64df5c010d@%3Cannounce.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/ra9fcdb904dd2e2256ef90b3e4ced279cd464cb0ab63a6c64df5c010d@%3Cannounce.apache.org%3E
15
reference_url https://lists.apache.org/thread.html/ra9fcdb904dd2e2256ef90b3e4ced279cd464cb0ab63a6c64df5c010d@%3Cannounce.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/ra9fcdb904dd2e2256ef90b3e4ced279cd464cb0ab63a6c64df5c010d@%3Cannounce.tomcat.apache.org%3E
16
reference_url https://lists.apache.org/thread.html/raa0e9ad388c1e6fd1e301b5e080f9439f64cb4178119a86a4801cc53@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/raa0e9ad388c1e6fd1e301b5e080f9439f64cb4178119a86a4801cc53@%3Cdev.tomcat.apache.org%3E
17
reference_url https://lists.apache.org/thread.html/rabbe6b3ae6a9795641d7a05c00d2378d5bbbe4240b7e20f09b092cce@%3Cissues.guacamole.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rabbe6b3ae6a9795641d7a05c00d2378d5bbbe4240b7e20f09b092cce@%3Cissues.guacamole.apache.org%3E
18
reference_url https://lists.apache.org/thread.html/rbba08c4dcef3603e36276d49adda8eedbe458c5104314b4038f697e1@%3Cusers.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rbba08c4dcef3603e36276d49adda8eedbe458c5104314b4038f697e1@%3Cusers.tomcat.apache.org%3E
19
reference_url https://lists.apache.org/thread.html/rca833c6d42b7b9ce1563488c0929f29fcc95947d86e5e740258c8937@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rca833c6d42b7b9ce1563488c0929f29fcc95947d86e5e740258c8937@%3Cdev.tomcat.apache.org%3E
20
reference_url https://lists.apache.org/thread.html/rce5ac9a40173651d540babce59f6f3825f12c6d4e886ba00823b11e5@%3Cannounce.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rce5ac9a40173651d540babce59f6f3825f12c6d4e886ba00823b11e5@%3Cannounce.apache.org%3E
21
reference_url https://lists.apache.org/thread.html/rce5ac9a40173651d540babce59f6f3825f12c6d4e886ba00823b11e5@%3Cannounce.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rce5ac9a40173651d540babce59f6f3825f12c6d4e886ba00823b11e5@%3Cannounce.tomcat.apache.org%3E
22
reference_url https://lists.apache.org/thread.html/rce5ac9a40173651d540babce59f6f3825f12c6d4e886ba00823b11e5%40%3Cannounce.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rce5ac9a40173651d540babce59f6f3825f12c6d4e886ba00823b11e5%40%3Cannounce.tomcat.apache.org%3E
23
reference_url https://lists.apache.org/thread.html/rd5babd13d7a350b369b2f647b4dd32ce678af42f9aba5389df1ae6ca@%3Cusers.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rd5babd13d7a350b369b2f647b4dd32ce678af42f9aba5389df1ae6ca@%3Cusers.tomcat.apache.org%3E
24
reference_url https://lists.debian.org/debian-lts-announce/2020/12/msg00022.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2020/12/msg00022.html
25
reference_url https://security.netapp.com/advisory/ntap-20201210-0003
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20201210-0003
26
reference_url https://tomcat.apache.org/security-10.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-10.html
27
reference_url https://tomcat.apache.org/security-8.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-8.html
28
reference_url https://tomcat.apache.org/security-9.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-9.html
29
reference_url https://www.debian.org/security/2021/dsa-4835
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2021/dsa-4835
30
reference_url http://www.openwall.com/lists/oss-security/2020/12/03/3
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2020/12/03/3
31
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1904221
reference_id 1904221
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1904221
32
reference_url https://security.archlinux.org/ASA-202012-3
reference_id ASA-202012-3
reference_type
scores
url https://security.archlinux.org/ASA-202012-3
33
reference_url https://security.archlinux.org/AVG-1317
reference_id AVG-1317
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1317
34
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17527
reference_id CVE-2020-17527
reference_type
scores
0
value Moderate
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17527
35
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-17527
reference_id CVE-2020-17527
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-17527
36
reference_url https://github.com/advisories/GHSA-vvw4-rfwf-p6hx
reference_id GHSA-vvw4-rfwf-p6hx
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-vvw4-rfwf-p6hx
37
reference_url https://security.gentoo.org/glsa/202012-23
reference_id GLSA-202012-23
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202012-23
38
reference_url https://access.redhat.com/errata/RHSA-2021:0494
reference_id RHSA-2021:0494
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0494
39
reference_url https://access.redhat.com/errata/RHSA-2021:0495
reference_id RHSA-2021:0495
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0495
40
reference_url https://access.redhat.com/errata/RHSA-2021:4012
reference_id RHSA-2021:4012
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4012
41
reference_url https://access.redhat.com/errata/RHSA-2021:5134
reference_id RHSA-2021:5134
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5134
42
reference_url https://usn.ubuntu.com/5360-1/
reference_id USN-5360-1
reference_type
scores
url https://usn.ubuntu.com/5360-1/
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@9.0.40
purl pkg:maven/org.apache.tomcat/tomcat@9.0.40
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-16sq-3qm1-kqb2
1
vulnerability VCID-2hmq-5245-jyaf
2
vulnerability VCID-2n2k-sh22-fkfw
3
vulnerability VCID-3kn9-yxww-ryh4
4
vulnerability VCID-63vc-sc11-8kf1
5
vulnerability VCID-697g-gcg9-zyaa
6
vulnerability VCID-6kab-xsqw-37ed
7
vulnerability VCID-6wqu-jupw-tyhu
8
vulnerability VCID-7wr9-uez1-8bdg
9
vulnerability VCID-97et-ubnp-wqcy
10
vulnerability VCID-9xyf-k9wq-g7b9
11
vulnerability VCID-bbye-dcrb-t3ev
12
vulnerability VCID-dhxd-kknv-9qb7
13
vulnerability VCID-dj7q-4map-ebg4
14
vulnerability VCID-dx14-ejnx-37ad
15
vulnerability VCID-hv33-kv9q-gugf
16
vulnerability VCID-hvgr-azs4-qqac
17
vulnerability VCID-keh1-ycs9-ybdd
18
vulnerability VCID-ngy5-k9cv-rkbn
19
vulnerability VCID-p4j1-xp15-t3b8
20
vulnerability VCID-r9fd-ndvw-ekfa
21
vulnerability VCID-s2kf-jwgc-pfas
22
vulnerability VCID-t8tc-zb3w-57gv
23
vulnerability VCID-tvrz-n2kd-pba4
24
vulnerability VCID-uyc3-3cnp-wqf3
25
vulnerability VCID-v5zf-qfdq-kbbp
26
vulnerability VCID-vfh6-rc99-e3bf
27
vulnerability VCID-vnfg-9em7-u7ee
28
vulnerability VCID-x7wn-uamc-6bg5
29
vulnerability VCID-yjb8-hdqu-4fe5
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.40
1
url pkg:maven/org.apache.tomcat/tomcat@10.0.0-M10
purl pkg:maven/org.apache.tomcat/tomcat@10.0.0-M10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bbye-dcrb-t3ev
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.0.0-M10
2
url pkg:maven/org.apache.tomcat/tomcat@10.0.2
purl pkg:maven/org.apache.tomcat/tomcat@10.0.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2hmq-5245-jyaf
1
vulnerability VCID-3kn9-yxww-ryh4
2
vulnerability VCID-bbye-dcrb-t3ev
3
vulnerability VCID-dx14-ejnx-37ad
4
vulnerability VCID-r9fd-ndvw-ekfa
5
vulnerability VCID-tvrz-n2kd-pba4
6
vulnerability VCID-vfh6-rc99-e3bf
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.0.2
aliases CVE-2020-17527, GHSA-vvw4-rfwf-p6hx
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nj9t-gdm3-6ycn
19
url VCID-p4j1-xp15-t3b8
vulnerability_id VCID-p4j1-xp15-t3b8
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-66614.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-66614.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-66614
reference_id
reference_type
scores
0
value 0.00051
scoring_system epss
scoring_elements 0.16385
published_at 2026-06-11T12:55:00Z
1
value 0.00051
scoring_system epss
scoring_elements 0.1653
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-66614
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
4
reference_url https://github.com/apache/tomcat/commit/021d1f833e38b683a44688f7b28f1f27e8e37c36
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/021d1f833e38b683a44688f7b28f1f27e8e37c36
5
reference_url https://github.com/apache/tomcat/commit/152c14885d45f5e0a8b59bd9f93c289cfe20ce30
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/152c14885d45f5e0a8b59bd9f93c289cfe20ce30
6
reference_url https://github.com/apache/tomcat/commit/258a591b61f8cf5c22109e21e5a2a38b63454fd2
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/258a591b61f8cf5c22109e21e5a2a38b63454fd2
7
reference_url https://github.com/apache/tomcat/commit/4d0615a5c718c260d6d4e0b944a050f09a490c02
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/4d0615a5c718c260d6d4e0b944a050f09a490c02
8
reference_url https://github.com/apache/tomcat/commit/5053fa82a1b2b52756810601227984a8b71888a4
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/5053fa82a1b2b52756810601227984a8b71888a4
9
reference_url https://github.com/apache/tomcat/commit/9276b5e783c8cd5b3fe2bb716306b65004bdd940
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/9276b5e783c8cd5b3fe2bb716306b65004bdd940
10
reference_url https://github.com/apache/tomcat/commit/95f7778248cac46d03e6af04de9c72a598be3a53
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/95f7778248cac46d03e6af04de9c72a598be3a53
11
reference_url https://github.com/apache/tomcat/commit/972f9a5e2a07674d92610c478aac1b205d60724e
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/972f9a5e2a07674d92610c478aac1b205d60724e
12
reference_url https://github.com/apache/tomcat/commit/a4aa74232e826028cd2f7ba0445caf8a8b52c509
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/a4aa74232e826028cd2f7ba0445caf8a8b52c509
13
reference_url https://tomcat.apache.org/security-10.html
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-10.html
14
reference_url https://tomcat.apache.org/security-11.html
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-11.html
15
reference_url https://tomcat.apache.org/security-9.html
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-9.html
16
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2440430
reference_id 2440430
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2440430
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-66614
reference_id CVE-2025-66614
reference_type
scores
0
value Moderate
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-66614
18
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-66614
reference_id CVE-2025-66614
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-66614
19
reference_url https://github.com/advisories/GHSA-fpj8-gq4v-p354
reference_id GHSA-fpj8-gq4v-p354
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-fpj8-gq4v-p354
20
reference_url https://access.redhat.com/errata/RHSA-2026:12194
reference_id RHSA-2026:12194
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:12194
21
reference_url https://access.redhat.com/errata/RHSA-2026:12195
reference_id RHSA-2026:12195
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:12195
22
reference_url https://access.redhat.com/errata/RHSA-2026:6569
reference_id RHSA-2026:6569
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6569
23
reference_url https://access.redhat.com/errata/RHSA-2026:8334
reference_id RHSA-2026:8334
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8334
24
reference_url https://lists.apache.org/thread/vw6lxtlh2qbqwpb61wd3sv1flm2nttw7
reference_id vw6lxtlh2qbqwpb61wd3sv1flm2nttw7
reference_type
scores
0
value 7.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L
1
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
2
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-21T21:17:26Z/
url https://lists.apache.org/thread/vw6lxtlh2qbqwpb61wd3sv1flm2nttw7
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@9.0.113
purl pkg:maven/org.apache.tomcat/tomcat@9.0.113
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2n2k-sh22-fkfw
1
vulnerability VCID-697g-gcg9-zyaa
2
vulnerability VCID-7wr9-uez1-8bdg
3
vulnerability VCID-8sda-scr3-qfex
4
vulnerability VCID-97et-ubnp-wqcy
5
vulnerability VCID-9xyf-k9wq-g7b9
6
vulnerability VCID-bwh8-tmf1-8uac
7
vulnerability VCID-dhxd-kknv-9qb7
8
vulnerability VCID-dj7q-4map-ebg4
9
vulnerability VCID-hv33-kv9q-gugf
10
vulnerability VCID-hvgr-azs4-qqac
11
vulnerability VCID-n4qq-m1x3-qkbz
12
vulnerability VCID-nctp-shgj-sfgh
13
vulnerability VCID-p4j1-xp15-t3b8
14
vulnerability VCID-s2kf-jwgc-pfas
15
vulnerability VCID-t8tc-zb3w-57gv
16
vulnerability VCID-vnfg-9em7-u7ee
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.113
1
url pkg:maven/org.apache.tomcat/tomcat@9.0.116
purl pkg:maven/org.apache.tomcat/tomcat@9.0.116
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2n2k-sh22-fkfw
1
vulnerability VCID-697g-gcg9-zyaa
2
vulnerability VCID-97et-ubnp-wqcy
3
vulnerability VCID-9xyf-k9wq-g7b9
4
vulnerability VCID-dhxd-kknv-9qb7
5
vulnerability VCID-dj7q-4map-ebg4
6
vulnerability VCID-hv33-kv9q-gugf
7
vulnerability VCID-hvgr-azs4-qqac
8
vulnerability VCID-nctp-shgj-sfgh
9
vulnerability VCID-nfmu-1t27-e3fu
10
vulnerability VCID-s2kf-jwgc-pfas
11
vulnerability VCID-vnfg-9em7-u7ee
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.116
2
url pkg:maven/org.apache.tomcat/tomcat@10.1.50
purl pkg:maven/org.apache.tomcat/tomcat@10.1.50
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2n2k-sh22-fkfw
1
vulnerability VCID-697g-gcg9-zyaa
2
vulnerability VCID-7wr9-uez1-8bdg
3
vulnerability VCID-8sda-scr3-qfex
4
vulnerability VCID-97et-ubnp-wqcy
5
vulnerability VCID-9xyf-k9wq-g7b9
6
vulnerability VCID-bwh8-tmf1-8uac
7
vulnerability VCID-dhxd-kknv-9qb7
8
vulnerability VCID-dj7q-4map-ebg4
9
vulnerability VCID-hv33-kv9q-gugf
10
vulnerability VCID-hvgr-azs4-qqac
11
vulnerability VCID-n4qq-m1x3-qkbz
12
vulnerability VCID-nctp-shgj-sfgh
13
vulnerability VCID-p4j1-xp15-t3b8
14
vulnerability VCID-s2kf-jwgc-pfas
15
vulnerability VCID-t8tc-zb3w-57gv
16
vulnerability VCID-vnfg-9em7-u7ee
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.50
3
url pkg:maven/org.apache.tomcat/tomcat@10.1.53
purl pkg:maven/org.apache.tomcat/tomcat@10.1.53
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2n2k-sh22-fkfw
1
vulnerability VCID-697g-gcg9-zyaa
2
vulnerability VCID-97et-ubnp-wqcy
3
vulnerability VCID-9xyf-k9wq-g7b9
4
vulnerability VCID-dhxd-kknv-9qb7
5
vulnerability VCID-dj7q-4map-ebg4
6
vulnerability VCID-hv33-kv9q-gugf
7
vulnerability VCID-hvgr-azs4-qqac
8
vulnerability VCID-nctp-shgj-sfgh
9
vulnerability VCID-nfmu-1t27-e3fu
10
vulnerability VCID-s2kf-jwgc-pfas
11
vulnerability VCID-vnfg-9em7-u7ee
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.53
4
url pkg:maven/org.apache.tomcat/tomcat@11.0.15
purl pkg:maven/org.apache.tomcat/tomcat@11.0.15
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2n2k-sh22-fkfw
1
vulnerability VCID-697g-gcg9-zyaa
2
vulnerability VCID-7wr9-uez1-8bdg
3
vulnerability VCID-8sda-scr3-qfex
4
vulnerability VCID-97et-ubnp-wqcy
5
vulnerability VCID-9xyf-k9wq-g7b9
6
vulnerability VCID-bwh8-tmf1-8uac
7
vulnerability VCID-dhxd-kknv-9qb7
8
vulnerability VCID-dj7q-4map-ebg4
9
vulnerability VCID-hv33-kv9q-gugf
10
vulnerability VCID-hvgr-azs4-qqac
11
vulnerability VCID-n4qq-m1x3-qkbz
12
vulnerability VCID-nctp-shgj-sfgh
13
vulnerability VCID-p4j1-xp15-t3b8
14
vulnerability VCID-s2kf-jwgc-pfas
15
vulnerability VCID-t8tc-zb3w-57gv
16
vulnerability VCID-vnfg-9em7-u7ee
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@11.0.15
5
url pkg:maven/org.apache.tomcat/tomcat@11.0.20
purl pkg:maven/org.apache.tomcat/tomcat@11.0.20
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2n2k-sh22-fkfw
1
vulnerability VCID-697g-gcg9-zyaa
2
vulnerability VCID-97et-ubnp-wqcy
3
vulnerability VCID-9xyf-k9wq-g7b9
4
vulnerability VCID-dhxd-kknv-9qb7
5
vulnerability VCID-dj7q-4map-ebg4
6
vulnerability VCID-hv33-kv9q-gugf
7
vulnerability VCID-hvgr-azs4-qqac
8
vulnerability VCID-nctp-shgj-sfgh
9
vulnerability VCID-nfmu-1t27-e3fu
10
vulnerability VCID-s2kf-jwgc-pfas
11
vulnerability VCID-vnfg-9em7-u7ee
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@11.0.20
aliases CVE-2025-66614, GHSA-fpj8-gq4v-p354
risk_score 4.1
exploitability 0.5
weighted_severity 8.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p4j1-xp15-t3b8
20
url VCID-p65m-6crd-bufr
vulnerability_id VCID-p65m-6crd-bufr
summary
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00084.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00084.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00088.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00088.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13935.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13935.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-13935
reference_id
reference_type
scores
0
value 0.92155
scoring_system epss
scoring_elements 0.99728
published_at 2026-06-12T12:55:00Z
1
value 0.92155
scoring_system epss
scoring_elements 0.99726
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-13935
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
6
reference_url https://github.com/apache/tomcat/commit/12d715676038efbf9c728af10163f8277fc019d5
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/12d715676038efbf9c728af10163f8277fc019d5
7
reference_url https://github.com/apache/tomcat/commit/1c1c77b0efb667cea80b532440b44cea1dc427c3
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/1c1c77b0efb667cea80b532440b44cea1dc427c3
8
reference_url https://github.com/apache/tomcat/commit/40fa74c74822711ab878079d0a69f7357926723d
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/40fa74c74822711ab878079d0a69f7357926723d
9
reference_url https://github.com/apache/tomcat/commit/4c04982870d6e730c38e21e58fb653b7cf723784
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/4c04982870d6e730c38e21e58fb653b7cf723784
10
reference_url https://github.com/apache/tomcat/commit/f9f75c14678b68633f79030ddf4ff827f014cc84
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/f9f75c14678b68633f79030ddf4ff827f014cc84
11
reference_url https://lists.apache.org/thread.html/r4e5d3c09f4dd2923191e972408b40fb8b42dbff0bc7904d44b651e50@%3Cusers.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r4e5d3c09f4dd2923191e972408b40fb8b42dbff0bc7904d44b651e50@%3Cusers.tomcat.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/rd48c72bd3255bda87564d4da3791517c074d94f8a701f93b85752651%40%3Cannounce.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rd48c72bd3255bda87564d4da3791517c074d94f8a701f93b85752651%40%3Cannounce.tomcat.apache.org%3E
13
reference_url https://lists.debian.org/debian-lts-announce/2020/07/msg00017.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2020/07/msg00017.html
14
reference_url https://security.netapp.com/advisory/ntap-20200724-0003
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20200724-0003
15
reference_url https://security.netapp.com/advisory/ntap-20200724-0003/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20200724-0003/
16
reference_url https://tomcat.apache.org/security-10.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-10.html
17
reference_url https://tomcat.apache.org/security-7.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-7.html
18
reference_url https://tomcat.apache.org/security-8.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-8.html
19
reference_url https://tomcat.apache.org/security-9.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-9.html
20
reference_url https://usn.ubuntu.com/4448-1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/4448-1
21
reference_url https://usn.ubuntu.com/4448-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/4448-1/
22
reference_url https://usn.ubuntu.com/4596-1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/4596-1
23
reference_url https://www.debian.org/security/2020/dsa-4727
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2020/dsa-4727
24
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1857024
reference_id 1857024
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1857024
25
reference_url https://security.archlinux.org/AVG-1205
reference_id AVG-1205
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1205
26
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13935
reference_id CVE-2020-13935
reference_type
scores
0
value Important
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13935
27
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-13935
reference_id CVE-2020-13935
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-13935
28
reference_url https://github.com/advisories/GHSA-m7jv-hq7h-mq7c
reference_id GHSA-m7jv-hq7h-mq7c
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-m7jv-hq7h-mq7c
29
reference_url https://access.redhat.com/errata/RHSA-2020:3303
reference_id RHSA-2020:3303
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3303
30
reference_url https://access.redhat.com/errata/RHSA-2020:3305
reference_id RHSA-2020:3305
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3305
31
reference_url https://access.redhat.com/errata/RHSA-2020:3306
reference_id RHSA-2020:3306
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3306
32
reference_url https://access.redhat.com/errata/RHSA-2020:3308
reference_id RHSA-2020:3308
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3308
33
reference_url https://access.redhat.com/errata/RHSA-2020:3382
reference_id RHSA-2020:3382
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3382
34
reference_url https://access.redhat.com/errata/RHSA-2020:3383
reference_id RHSA-2020:3383
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3383
35
reference_url https://access.redhat.com/errata/RHSA-2020:3806
reference_id RHSA-2020:3806
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3806
36
reference_url https://access.redhat.com/errata/RHSA-2020:4004
reference_id RHSA-2020:4004
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4004
37
reference_url https://access.redhat.com/errata/RHSA-2021:3140
reference_id RHSA-2021:3140
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3140
38
reference_url https://access.redhat.com/errata/RHSA-2022:5458
reference_id RHSA-2022:5458
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5458
39
reference_url https://access.redhat.com/errata/RHSA-2022:5459
reference_id RHSA-2022:5459
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5459
40
reference_url https://access.redhat.com/errata/RHSA-2022:5460
reference_id RHSA-2022:5460
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5460
41
reference_url https://usn.ubuntu.com/4596-1/
reference_id USN-4596-1
reference_type
scores
url https://usn.ubuntu.com/4596-1/
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@9.0.37
purl pkg:maven/org.apache.tomcat/tomcat@9.0.37
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-16sq-3qm1-kqb2
1
vulnerability VCID-2hmq-5245-jyaf
2
vulnerability VCID-2n2k-sh22-fkfw
3
vulnerability VCID-3kn9-yxww-ryh4
4
vulnerability VCID-697g-gcg9-zyaa
5
vulnerability VCID-6kab-xsqw-37ed
6
vulnerability VCID-6wqu-jupw-tyhu
7
vulnerability VCID-7wr9-uez1-8bdg
8
vulnerability VCID-97et-ubnp-wqcy
9
vulnerability VCID-9xyf-k9wq-g7b9
10
vulnerability VCID-dhxd-kknv-9qb7
11
vulnerability VCID-dj7q-4map-ebg4
12
vulnerability VCID-dx14-ejnx-37ad
13
vulnerability VCID-hv33-kv9q-gugf
14
vulnerability VCID-keh1-ycs9-ybdd
15
vulnerability VCID-ngy5-k9cv-rkbn
16
vulnerability VCID-nj9t-gdm3-6ycn
17
vulnerability VCID-nstu-jfc5-3kgd
18
vulnerability VCID-p4j1-xp15-t3b8
19
vulnerability VCID-qvgx-r4rr-xugp
20
vulnerability VCID-r9fd-ndvw-ekfa
21
vulnerability VCID-s2kf-jwgc-pfas
22
vulnerability VCID-t8tc-zb3w-57gv
23
vulnerability VCID-tvrz-n2kd-pba4
24
vulnerability VCID-uyc3-3cnp-wqf3
25
vulnerability VCID-v5zf-qfdq-kbbp
26
vulnerability VCID-vfh6-rc99-e3bf
27
vulnerability VCID-vnfg-9em7-u7ee
28
vulnerability VCID-yjb8-hdqu-4fe5
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.37
1
url pkg:maven/org.apache.tomcat/tomcat@10.0.0-M7
purl pkg:maven/org.apache.tomcat/tomcat@10.0.0-M7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-nstu-jfc5-3kgd
1
vulnerability VCID-qvgx-r4rr-xugp
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.0.0-M7
aliases CVE-2020-13935, GHSA-m7jv-hq7h-mq7c
risk_score 10.0
exploitability 2.0
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p65m-6crd-bufr
21
url VCID-qvgx-r4rr-xugp
vulnerability_id VCID-qvgx-r4rr-xugp
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-24122.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-24122.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-24122
reference_id
reference_type
scores
0
value 0.61383
scoring_system epss
scoring_elements 0.98357
published_at 2026-06-12T12:55:00Z
1
value 0.61383
scoring_system epss
scoring_elements 0.98352
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-24122
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
4
reference_url https://github.com/apache/tomcat/commit/7f004ac4531c45f9a2a2d1470561fe135cf27bc2
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/7f004ac4531c45f9a2a2d1470561fe135cf27bc2
5
reference_url https://github.com/apache/tomcat/commit/800b03140e640f8892f27021e681645e8e320177
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/800b03140e640f8892f27021e681645e8e320177
6
reference_url https://github.com/apache/tomcat/commit/920dddbdb981f92e8d5872a4bb126a10af5ca8a9
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/920dddbdb981f92e8d5872a4bb126a10af5ca8a9
7
reference_url https://github.com/apache/tomcat/commit/935fc5582dc25ae10bab6f9d5629ff8d996cb533
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/935fc5582dc25ae10bab6f9d5629ff8d996cb533
8
reference_url https://lists.apache.org/thread.html/r1595889b083e05986f42b944dc43060d6b083022260b6ea64d2cec52@%3Cannounce.apache.org%3E
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r1595889b083e05986f42b944dc43060d6b083022260b6ea64d2cec52@%3Cannounce.apache.org%3E
9
reference_url https://lists.apache.org/thread.html/r1595889b083e05986f42b944dc43060d6b083022260b6ea64d2cec52@%3Cannounce.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r1595889b083e05986f42b944dc43060d6b083022260b6ea64d2cec52@%3Cannounce.tomcat.apache.org%3E
10
reference_url https://lists.apache.org/thread.html/r1595889b083e05986f42b944dc43060d6b083022260b6ea64d2cec52%40%3Cannounce.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r1595889b083e05986f42b944dc43060d6b083022260b6ea64d2cec52%40%3Cannounce.tomcat.apache.org%3E
11
reference_url https://lists.apache.org/thread.html/r7382e1e35b9bc7c8f320b90ad77e74c13172d08034e20c18000fe710@%3Cdev.tomee.apache.org%3E
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r7382e1e35b9bc7c8f320b90ad77e74c13172d08034e20c18000fe710@%3Cdev.tomee.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/r776c64337495bf28b7d5597268114a888e3fad6045c40a0da0c66d4d@%3Cdev.tomee.apache.org%3E
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r776c64337495bf28b7d5597268114a888e3fad6045c40a0da0c66d4d@%3Cdev.tomee.apache.org%3E
13
reference_url https://lists.apache.org/thread.html/r7e0bb9ea415724550e2b325e143b23e269579e54d66fcd7754bd0c20@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r7e0bb9ea415724550e2b325e143b23e269579e54d66fcd7754bd0c20@%3Cdev.tomcat.apache.org%3E
14
reference_url https://lists.apache.org/thread.html/rb32a73b7cb919d4f44a2596b6b951274c0004fc8b0e393d6829a45f9@%3Cusers.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb32a73b7cb919d4f44a2596b6b951274c0004fc8b0e393d6829a45f9@%3Cusers.tomcat.apache.org%3E
15
reference_url https://lists.apache.org/thread.html/rca833c6d42b7b9ce1563488c0929f29fcc95947d86e5e740258c8937@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rca833c6d42b7b9ce1563488c0929f29fcc95947d86e5e740258c8937@%3Cdev.tomcat.apache.org%3E
16
reference_url https://lists.debian.org/debian-lts-announce/2021/03/msg00018.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2021/03/msg00018.html
17
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-24122
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-24122
18
reference_url https://security.netapp.com/advisory/ntap-20210212-0008
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20210212-0008
19
reference_url https://tomcat.apache.org/security-10.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-10.html
20
reference_url https://tomcat.apache.org/security-7.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-7.html
21
reference_url https://tomcat.apache.org/security-8.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-8.html
22
reference_url https://tomcat.apache.org/security-9.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-9.html
23
reference_url http://www.openwall.com/lists/oss-security/2021/01/14/1
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2021/01/14/1
24
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1917209
reference_id 1917209
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1917209
25
reference_url https://security.archlinux.org/AVG-1452
reference_id AVG-1452
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1452
26
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24122
reference_id CVE-2021-24122
reference_type
scores
0
value Important
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24122
27
reference_url https://github.com/advisories/GHSA-2rvv-w9r2-rg7m
reference_id GHSA-2rvv-w9r2-rg7m
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-2rvv-w9r2-rg7m
28
reference_url https://access.redhat.com/errata/RHSA-2021:0494
reference_id RHSA-2021:0494
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0494
29
reference_url https://access.redhat.com/errata/RHSA-2021:0495
reference_id RHSA-2021:0495
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0495
30
reference_url https://access.redhat.com/errata/RHSA-2021:3425
reference_id RHSA-2021:3425
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3425
31
reference_url https://access.redhat.com/errata/RHSA-2022:5532
reference_id RHSA-2022:5532
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5532
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@9.0.40
purl pkg:maven/org.apache.tomcat/tomcat@9.0.40
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-16sq-3qm1-kqb2
1
vulnerability VCID-2hmq-5245-jyaf
2
vulnerability VCID-2n2k-sh22-fkfw
3
vulnerability VCID-3kn9-yxww-ryh4
4
vulnerability VCID-63vc-sc11-8kf1
5
vulnerability VCID-697g-gcg9-zyaa
6
vulnerability VCID-6kab-xsqw-37ed
7
vulnerability VCID-6wqu-jupw-tyhu
8
vulnerability VCID-7wr9-uez1-8bdg
9
vulnerability VCID-97et-ubnp-wqcy
10
vulnerability VCID-9xyf-k9wq-g7b9
11
vulnerability VCID-bbye-dcrb-t3ev
12
vulnerability VCID-dhxd-kknv-9qb7
13
vulnerability VCID-dj7q-4map-ebg4
14
vulnerability VCID-dx14-ejnx-37ad
15
vulnerability VCID-hv33-kv9q-gugf
16
vulnerability VCID-hvgr-azs4-qqac
17
vulnerability VCID-keh1-ycs9-ybdd
18
vulnerability VCID-ngy5-k9cv-rkbn
19
vulnerability VCID-p4j1-xp15-t3b8
20
vulnerability VCID-r9fd-ndvw-ekfa
21
vulnerability VCID-s2kf-jwgc-pfas
22
vulnerability VCID-t8tc-zb3w-57gv
23
vulnerability VCID-tvrz-n2kd-pba4
24
vulnerability VCID-uyc3-3cnp-wqf3
25
vulnerability VCID-v5zf-qfdq-kbbp
26
vulnerability VCID-vfh6-rc99-e3bf
27
vulnerability VCID-vnfg-9em7-u7ee
28
vulnerability VCID-x7wn-uamc-6bg5
29
vulnerability VCID-yjb8-hdqu-4fe5
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.40
1
url pkg:maven/org.apache.tomcat/tomcat@10.0.0-M10
purl pkg:maven/org.apache.tomcat/tomcat@10.0.0-M10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bbye-dcrb-t3ev
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.0.0-M10
aliases CVE-2021-24122, GHSA-2rvv-w9r2-rg7m
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qvgx-r4rr-xugp
22
url VCID-r9fd-ndvw-ekfa
vulnerability_id VCID-r9fd-ndvw-ekfa
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-41079.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-41079.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-41079
reference_id
reference_type
scores
0
value 0.00103
scoring_system epss
scoring_elements 0.27889
published_at 2026-06-12T12:55:00Z
1
value 0.00103
scoring_system epss
scoring_elements 0.27687
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-41079
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
4
reference_url https://github.com/apache/tomcat/commit/34115fb3c83f6cd97772232316a492a4cc5729e0
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/34115fb3c83f6cd97772232316a492a4cc5729e0
5
reference_url https://github.com/apache/tomcat/commit/b90d4fc1ff44f30e4b3aba622ba6677e3f003822
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/b90d4fc1ff44f30e4b3aba622ba6677e3f003822
6
reference_url https://github.com/apache/tomcat/commit/d4b340fa8feaf55831f9a59350578f7b6ca048b8
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/d4b340fa8feaf55831f9a59350578f7b6ca048b8
7
reference_url https://lists.apache.org/thread.html/r6b6b674e3f168dd010e67dbe6848b866e2acf26371452fdae313b98a@%3Cusers.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r6b6b674e3f168dd010e67dbe6848b866e2acf26371452fdae313b98a@%3Cusers.tomcat.apache.org%3E
8
reference_url https://lists.apache.org/thread.html/rb4de81ac647043541a32881099aa6eb5a23f1b7fd116f713f8ab9dbe@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb4de81ac647043541a32881099aa6eb5a23f1b7fd116f713f8ab9dbe@%3Cdev.tomcat.apache.org%3E
9
reference_url https://lists.apache.org/thread.html/rccdef0349fdf4fb73a4e4403095446d7fe6264e0a58e2df5c6799434%40%3Cannounce.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rccdef0349fdf4fb73a4e4403095446d7fe6264e0a58e2df5c6799434%40%3Cannounce.tomcat.apache.org%3E
10
reference_url https://lists.debian.org/debian-lts-announce/2021/09/msg00012.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2021/09/msg00012.html
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-41079
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-41079
12
reference_url https://security.netapp.com/advisory/ntap-20211008-0005
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20211008-0005
13
reference_url https://security.netapp.com/advisory/ntap-20211008-0005/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20211008-0005/
14
reference_url https://www.debian.org/security/2021/dsa-4986
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2021/dsa-4986
15
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2004820
reference_id 2004820
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2004820
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41079
reference_id CVE-2021-41079
reference_type
scores
0
value Important
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41079
17
reference_url https://github.com/advisories/GHSA-59g9-7gfx-c72p
reference_id GHSA-59g9-7gfx-c72p
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-59g9-7gfx-c72p
18
reference_url https://access.redhat.com/errata/RHSA-2021:3741
reference_id RHSA-2021:3741
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3741
19
reference_url https://access.redhat.com/errata/RHSA-2021:3743
reference_id RHSA-2021:3743
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3743
20
reference_url https://access.redhat.com/errata/RHSA-2022:1179
reference_id RHSA-2022:1179
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1179
21
reference_url https://access.redhat.com/errata/RHSA-2022:5532
reference_id RHSA-2022:5532
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5532
22
reference_url https://usn.ubuntu.com/5360-1/
reference_id USN-5360-1
reference_type
scores
url https://usn.ubuntu.com/5360-1/
23
reference_url https://usn.ubuntu.com/6943-1/
reference_id USN-6943-1
reference_type
scores
url https://usn.ubuntu.com/6943-1/
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@9.0.44
purl pkg:maven/org.apache.tomcat/tomcat@9.0.44
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-16sq-3qm1-kqb2
1
vulnerability VCID-2hmq-5245-jyaf
2
vulnerability VCID-2n2k-sh22-fkfw
3
vulnerability VCID-3kn9-yxww-ryh4
4
vulnerability VCID-63vc-sc11-8kf1
5
vulnerability VCID-697g-gcg9-zyaa
6
vulnerability VCID-6kab-xsqw-37ed
7
vulnerability VCID-6wqu-jupw-tyhu
8
vulnerability VCID-7wr9-uez1-8bdg
9
vulnerability VCID-97et-ubnp-wqcy
10
vulnerability VCID-9xyf-k9wq-g7b9
11
vulnerability VCID-bbye-dcrb-t3ev
12
vulnerability VCID-dhxd-kknv-9qb7
13
vulnerability VCID-dj7q-4map-ebg4
14
vulnerability VCID-dx14-ejnx-37ad
15
vulnerability VCID-hv33-kv9q-gugf
16
vulnerability VCID-hvgr-azs4-qqac
17
vulnerability VCID-keh1-ycs9-ybdd
18
vulnerability VCID-ndb1-hdsw-v7fq
19
vulnerability VCID-ngy5-k9cv-rkbn
20
vulnerability VCID-p4j1-xp15-t3b8
21
vulnerability VCID-s2kf-jwgc-pfas
22
vulnerability VCID-t8tc-zb3w-57gv
23
vulnerability VCID-tvrz-n2kd-pba4
24
vulnerability VCID-uyc3-3cnp-wqf3
25
vulnerability VCID-v5zf-qfdq-kbbp
26
vulnerability VCID-vfh6-rc99-e3bf
27
vulnerability VCID-vnfg-9em7-u7ee
28
vulnerability VCID-x7wn-uamc-6bg5
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.44
1
url pkg:maven/org.apache.tomcat/tomcat@10.0.4
purl pkg:maven/org.apache.tomcat/tomcat@10.0.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2hmq-5245-jyaf
1
vulnerability VCID-3kn9-yxww-ryh4
2
vulnerability VCID-bbye-dcrb-t3ev
3
vulnerability VCID-dx14-ejnx-37ad
4
vulnerability VCID-ndb1-hdsw-v7fq
5
vulnerability VCID-tvrz-n2kd-pba4
6
vulnerability VCID-vfh6-rc99-e3bf
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.0.4
aliases CVE-2021-41079, GHSA-59g9-7gfx-c72p
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r9fd-ndvw-ekfa
23
url VCID-s2kf-jwgc-pfas
vulnerability_id VCID-s2kf-jwgc-pfas
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43514.json
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43514.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-43514
reference_id
reference_type
scores
0
value 0.001
scoring_system epss
scoring_elements 0.27214
published_at 2026-06-11T12:55:00Z
1
value 0.001
scoring_system epss
scoring_elements 0.27415
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-43514
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
4
reference_url https://github.com/apache/tomcat/commit/2e676264ce27448a4d4841e42c1238bd10ca3755
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/2e676264ce27448a4d4841e42c1238bd10ca3755
5
reference_url https://github.com/apache/tomcat/commit/933dcdbf2515972280002929e7e597dead2e9ffa
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/933dcdbf2515972280002929e7e597dead2e9ffa
6
reference_url https://github.com/apache/tomcat/commit/a102a2a157868ca51d83eaf5a119ccd9976a113e
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/a102a2a157868ca51d83eaf5a119ccd9976a113e
7
reference_url https://github.com/apache/tomcat/commit/a90c358400c133b6173c6b26591923bf814a8508
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/a90c358400c133b6173c6b26591923bf814a8508
8
reference_url https://github.com/apache/tomcat/commit/d35d9d23263c8e4af561f615c960c91697ff200e
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/d35d9d23263c8e4af561f615c960c91697ff200e
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-43514
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-43514
10
reference_url https://tomcat.apache.org/security-10.html
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-10.html
11
reference_url https://tomcat.apache.org/security-11.html
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-11.html
12
reference_url https://tomcat.apache.org/security-9.html
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-9.html
13
reference_url http://www.openwall.com/lists/oss-security/2026/05/12/10
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2026/05/12/10
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2476512
reference_id 2476512
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2476512
15
reference_url https://lists.apache.org/thread/2k654v5cq123npfsd1b2kk1y30owqb1m
reference_id 2k654v5cq123npfsd1b2kk1y30owqb1m
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-13T17:22:38Z/
url https://lists.apache.org/thread/2k654v5cq123npfsd1b2kk1y30owqb1m
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-43514
reference_id CVE-2026-43514
reference_type
scores
0
value Low
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-43514
17
reference_url https://github.com/advisories/GHSA-9m89-8frq-c98c
reference_id GHSA-9m89-8frq-c98c
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-9m89-8frq-c98c
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@9.0.118
purl pkg:maven/org.apache.tomcat/tomcat@9.0.118
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.118
1
url pkg:maven/org.apache.tomcat/tomcat@10.1.55
purl pkg:maven/org.apache.tomcat/tomcat@10.1.55
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.55
2
url pkg:maven/org.apache.tomcat/tomcat@11.0.22
purl pkg:maven/org.apache.tomcat/tomcat@11.0.22
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@11.0.22
aliases CVE-2026-43514, GHSA-9m89-8frq-c98c
risk_score 1.6
exploitability 0.5
weighted_severity 3.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-s2kf-jwgc-pfas
24
url VCID-t8tc-zb3w-57gv
vulnerability_id VCID-t8tc-zb3w-57gv
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-24880.json
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-24880.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-24880
reference_id
reference_type
scores
0
value 0.00176
scoring_system epss
scoring_elements 0.38954
published_at 2026-06-11T12:55:00Z
1
value 0.00176
scoring_system epss
scoring_elements 0.39126
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-24880
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
4
reference_url https://github.com/apache/tomcat/commit/1b586d6aa8ae65726da5fa8799427b5d4718478a
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/1b586d6aa8ae65726da5fa8799427b5d4718478a
5
reference_url https://github.com/apache/tomcat/commit/1e71441a15972f56e661b0b549fb9e5d838b83bb
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/1e71441a15972f56e661b0b549fb9e5d838b83bb
6
reference_url https://github.com/apache/tomcat/commit/2cb06c34f661ca42f7570bbcc21e99806184bcc5
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/2cb06c34f661ca42f7570bbcc21e99806184bcc5
7
reference_url https://github.com/apache/tomcat/commit/6d478dbe18b7c4bb671c30fedf130309b0dab77c
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/6d478dbe18b7c4bb671c30fedf130309b0dab77c
8
reference_url https://github.com/apache/tomcat/commit/f07df938d00f7419b40fa65aa912966d0efac522
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/f07df938d00f7419b40fa65aa912966d0efac522
9
reference_url https://github.com/apache/tomcat/commit/fde1a8235fb73125217bd41e162aa0a113f33552
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/fde1a8235fb73125217bd41e162aa0a113f33552
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-24880
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-24880
11
reference_url https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.53
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.53
12
reference_url https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.20
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.20
13
reference_url https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.116
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.116
14
reference_url https://www.herodevs.com/vulnerability-directory/cve-2026-24880
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.herodevs.com/vulnerability-directory/cve-2026-24880
15
reference_url http://www.openwall.com/lists/oss-security/2026/04/09/20
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2026/04/09/20
16
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133356
reference_id 1133356
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133356
17
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133357
reference_id 1133357
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133357
18
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2457040
reference_id 2457040
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2457040
19
reference_url https://lists.apache.org/thread/2c682qnlg2tv4o5knlggqbl9yc2gb5sn
reference_id 2c682qnlg2tv4o5knlggqbl9yc2gb5sn
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T18:33:19Z/
url https://lists.apache.org/thread/2c682qnlg2tv4o5knlggqbl9yc2gb5sn
20
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-24880
reference_id CVE-2026-24880
reference_type
scores
0
value Low
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-24880
21
reference_url https://github.com/advisories/GHSA-563x-q5rq-57qp
reference_id GHSA-563x-q5rq-57qp
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-563x-q5rq-57qp
22
reference_url https://access.redhat.com/errata/RHSA-2026:20405
reference_id RHSA-2026:20405
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:20405
23
reference_url https://access.redhat.com/errata/RHSA-2026:20406
reference_id RHSA-2026:20406
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:20406
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@9.0.116
purl pkg:maven/org.apache.tomcat/tomcat@9.0.116
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2n2k-sh22-fkfw
1
vulnerability VCID-697g-gcg9-zyaa
2
vulnerability VCID-97et-ubnp-wqcy
3
vulnerability VCID-9xyf-k9wq-g7b9
4
vulnerability VCID-dhxd-kknv-9qb7
5
vulnerability VCID-dj7q-4map-ebg4
6
vulnerability VCID-hv33-kv9q-gugf
7
vulnerability VCID-hvgr-azs4-qqac
8
vulnerability VCID-nctp-shgj-sfgh
9
vulnerability VCID-nfmu-1t27-e3fu
10
vulnerability VCID-s2kf-jwgc-pfas
11
vulnerability VCID-vnfg-9em7-u7ee
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.116
1
url pkg:maven/org.apache.tomcat/tomcat@10.1.52
purl pkg:maven/org.apache.tomcat/tomcat@10.1.52
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2n2k-sh22-fkfw
1
vulnerability VCID-697g-gcg9-zyaa
2
vulnerability VCID-7wr9-uez1-8bdg
3
vulnerability VCID-8sda-scr3-qfex
4
vulnerability VCID-97et-ubnp-wqcy
5
vulnerability VCID-9xyf-k9wq-g7b9
6
vulnerability VCID-dhxd-kknv-9qb7
7
vulnerability VCID-dj7q-4map-ebg4
8
vulnerability VCID-hv33-kv9q-gugf
9
vulnerability VCID-hvgr-azs4-qqac
10
vulnerability VCID-n4qq-m1x3-qkbz
11
vulnerability VCID-nctp-shgj-sfgh
12
vulnerability VCID-p4j1-xp15-t3b8
13
vulnerability VCID-r6yr-45cm-8ucv
14
vulnerability VCID-s2kf-jwgc-pfas
15
vulnerability VCID-t8tc-zb3w-57gv
16
vulnerability VCID-vnfg-9em7-u7ee
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.52
2
url pkg:maven/org.apache.tomcat/tomcat@10.1.53
purl pkg:maven/org.apache.tomcat/tomcat@10.1.53
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2n2k-sh22-fkfw
1
vulnerability VCID-697g-gcg9-zyaa
2
vulnerability VCID-97et-ubnp-wqcy
3
vulnerability VCID-9xyf-k9wq-g7b9
4
vulnerability VCID-dhxd-kknv-9qb7
5
vulnerability VCID-dj7q-4map-ebg4
6
vulnerability VCID-hv33-kv9q-gugf
7
vulnerability VCID-hvgr-azs4-qqac
8
vulnerability VCID-nctp-shgj-sfgh
9
vulnerability VCID-nfmu-1t27-e3fu
10
vulnerability VCID-s2kf-jwgc-pfas
11
vulnerability VCID-vnfg-9em7-u7ee
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.53
3
url pkg:maven/org.apache.tomcat/tomcat@11.0.20
purl pkg:maven/org.apache.tomcat/tomcat@11.0.20
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2n2k-sh22-fkfw
1
vulnerability VCID-697g-gcg9-zyaa
2
vulnerability VCID-97et-ubnp-wqcy
3
vulnerability VCID-9xyf-k9wq-g7b9
4
vulnerability VCID-dhxd-kknv-9qb7
5
vulnerability VCID-dj7q-4map-ebg4
6
vulnerability VCID-hv33-kv9q-gugf
7
vulnerability VCID-hvgr-azs4-qqac
8
vulnerability VCID-nctp-shgj-sfgh
9
vulnerability VCID-nfmu-1t27-e3fu
10
vulnerability VCID-s2kf-jwgc-pfas
11
vulnerability VCID-vnfg-9em7-u7ee
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@11.0.20
aliases CVE-2026-24880, GHSA-563x-q5rq-57qp
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-t8tc-zb3w-57gv
25
url VCID-tvrz-n2kd-pba4
vulnerability_id VCID-tvrz-n2kd-pba4
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43980.json
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43980.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-43980
reference_id
reference_type
scores
0
value 0.00203
scoring_system epss
scoring_elements 0.42334
published_at 2026-06-11T12:55:00Z
1
value 0.00203
scoring_system epss
scoring_elements 0.42498
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-43980
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
4
reference_url https://github.com/apache/tomcat/commit/170e0f792bd18ff031677890ba2fe50eb7a376c1
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/170e0f792bd18ff031677890ba2fe50eb7a376c1
5
reference_url https://github.com/apache/tomcat/commit/17f177eeb7df5938f67ef9ea580411b120195f13
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/17f177eeb7df5938f67ef9ea580411b120195f13
6
reference_url https://github.com/apache/tomcat/commit/4a00b0c0890538b9d3107eef8f2e0afadd119beb
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/4a00b0c0890538b9d3107eef8f2e0afadd119beb
7
reference_url https://github.com/apache/tomcat/commit/9651b83a1d04583791525e5f0c4c9089f678d9fc
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/9651b83a1d04583791525e5f0c4c9089f678d9fc
8
reference_url https://tomcat.apache.org/security-10.html
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-10.html
9
reference_url https://tomcat.apache.org/security-8.html
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-8.html
10
reference_url https://tomcat.apache.org/security-9.html
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-9.html
11
reference_url http://www.openwall.com/lists/oss-security/2022/09/28/1
reference_id 1
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-21T14:59:33Z/
url http://www.openwall.com/lists/oss-security/2022/09/28/1
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2130599
reference_id 2130599
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2130599
13
reference_url https://lists.apache.org/thread/3jjqbsp6j88b198x5rmg99b1qr8ht3g3
reference_id 3jjqbsp6j88b198x5rmg99b1qr8ht3g3
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-21T14:59:33Z/
url https://lists.apache.org/thread/3jjqbsp6j88b198x5rmg99b1qr8ht3g3
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43980
reference_id CVE-2021-43980
reference_type
scores
0
value High
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43980
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-43980
reference_id CVE-2021-43980
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-43980
16
reference_url https://www.debian.org/security/2022/dsa-5265
reference_id dsa-5265
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-21T14:59:33Z/
url https://www.debian.org/security/2022/dsa-5265
17
reference_url https://github.com/advisories/GHSA-jx7c-7mj5-9438
reference_id GHSA-jx7c-7mj5-9438
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-jx7c-7mj5-9438
18
reference_url https://lists.debian.org/debian-lts-announce/2022/10/msg00029.html
reference_id msg00029.html
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-21T14:59:33Z/
url https://lists.debian.org/debian-lts-announce/2022/10/msg00029.html
19
reference_url https://access.redhat.com/errata/RHSA-2022:7272
reference_id RHSA-2022:7272
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7272
20
reference_url https://access.redhat.com/errata/RHSA-2022:7273
reference_id RHSA-2022:7273
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7273
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@9.0.62
purl pkg:maven/org.apache.tomcat/tomcat@9.0.62
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-16sq-3qm1-kqb2
1
vulnerability VCID-2hmq-5245-jyaf
2
vulnerability VCID-2n2k-sh22-fkfw
3
vulnerability VCID-3kn9-yxww-ryh4
4
vulnerability VCID-63vc-sc11-8kf1
5
vulnerability VCID-697g-gcg9-zyaa
6
vulnerability VCID-6kab-xsqw-37ed
7
vulnerability VCID-6wqu-jupw-tyhu
8
vulnerability VCID-7wr9-uez1-8bdg
9
vulnerability VCID-97et-ubnp-wqcy
10
vulnerability VCID-9xyf-k9wq-g7b9
11
vulnerability VCID-dhxd-kknv-9qb7
12
vulnerability VCID-dj7q-4map-ebg4
13
vulnerability VCID-dx14-ejnx-37ad
14
vulnerability VCID-hv33-kv9q-gugf
15
vulnerability VCID-hvgr-azs4-qqac
16
vulnerability VCID-keh1-ycs9-ybdd
17
vulnerability VCID-ngy5-k9cv-rkbn
18
vulnerability VCID-p4j1-xp15-t3b8
19
vulnerability VCID-s2kf-jwgc-pfas
20
vulnerability VCID-t8tc-zb3w-57gv
21
vulnerability VCID-uyc3-3cnp-wqf3
22
vulnerability VCID-v5zf-qfdq-kbbp
23
vulnerability VCID-vnfg-9em7-u7ee
24
vulnerability VCID-x7wn-uamc-6bg5
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.62
1
url pkg:maven/org.apache.tomcat/tomcat@10.0.20
purl pkg:maven/org.apache.tomcat/tomcat@10.0.20
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2hmq-5245-jyaf
1
vulnerability VCID-3kn9-yxww-ryh4
2
vulnerability VCID-bbye-dcrb-t3ev
3
vulnerability VCID-dx14-ejnx-37ad
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.0.20
2
url pkg:maven/org.apache.tomcat/tomcat@10.1.0-M14
purl pkg:maven/org.apache.tomcat/tomcat@10.1.0-M14
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-16sq-3qm1-kqb2
1
vulnerability VCID-2n2k-sh22-fkfw
2
vulnerability VCID-63vc-sc11-8kf1
3
vulnerability VCID-697g-gcg9-zyaa
4
vulnerability VCID-6kab-xsqw-37ed
5
vulnerability VCID-6wqu-jupw-tyhu
6
vulnerability VCID-7wr9-uez1-8bdg
7
vulnerability VCID-97et-ubnp-wqcy
8
vulnerability VCID-9xyf-k9wq-g7b9
9
vulnerability VCID-bbye-dcrb-t3ev
10
vulnerability VCID-bwh8-tmf1-8uac
11
vulnerability VCID-dj7q-4map-ebg4
12
vulnerability VCID-dx14-ejnx-37ad
13
vulnerability VCID-hv33-kv9q-gugf
14
vulnerability VCID-hvgr-azs4-qqac
15
vulnerability VCID-keh1-ycs9-ybdd
16
vulnerability VCID-n4qq-m1x3-qkbz
17
vulnerability VCID-ngy5-k9cv-rkbn
18
vulnerability VCID-p4j1-xp15-t3b8
19
vulnerability VCID-s2kf-jwgc-pfas
20
vulnerability VCID-t8tc-zb3w-57gv
21
vulnerability VCID-uyc3-3cnp-wqf3
22
vulnerability VCID-vnfg-9em7-u7ee
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.0-M14
3
url pkg:maven/org.apache.tomcat/tomcat@10.1.1
purl pkg:maven/org.apache.tomcat/tomcat@10.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-16sq-3qm1-kqb2
1
vulnerability VCID-2n2k-sh22-fkfw
2
vulnerability VCID-63vc-sc11-8kf1
3
vulnerability VCID-697g-gcg9-zyaa
4
vulnerability VCID-6kab-xsqw-37ed
5
vulnerability VCID-6wqu-jupw-tyhu
6
vulnerability VCID-7wr9-uez1-8bdg
7
vulnerability VCID-97et-ubnp-wqcy
8
vulnerability VCID-9xyf-k9wq-g7b9
9
vulnerability VCID-bwh8-tmf1-8uac
10
vulnerability VCID-dj7q-4map-ebg4
11
vulnerability VCID-hv33-kv9q-gugf
12
vulnerability VCID-hvgr-azs4-qqac
13
vulnerability VCID-keh1-ycs9-ybdd
14
vulnerability VCID-n4qq-m1x3-qkbz
15
vulnerability VCID-ngy5-k9cv-rkbn
16
vulnerability VCID-p4j1-xp15-t3b8
17
vulnerability VCID-s2kf-jwgc-pfas
18
vulnerability VCID-t8tc-zb3w-57gv
19
vulnerability VCID-uyc3-3cnp-wqf3
20
vulnerability VCID-v5zf-qfdq-kbbp
21
vulnerability VCID-vnfg-9em7-u7ee
22
vulnerability VCID-x7wn-uamc-6bg5
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.1
aliases CVE-2021-43980, GHSA-jx7c-7mj5-9438
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tvrz-n2kd-pba4
26
url VCID-uyc3-3cnp-wqf3
vulnerability_id VCID-uyc3-3cnp-wqf3
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-41080.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-41080.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-41080
reference_id
reference_type
scores
0
value 0.11586
scoring_system epss
scoring_elements 0.93829
published_at 2026-06-12T12:55:00Z
1
value 0.11586
scoring_system epss
scoring_elements 0.93808
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-41080
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
4
reference_url https://github.com/apache/tomcat/commit/4998ad745b67edeadefe541c94ed029b53933d3b
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/4998ad745b67edeadefe541c94ed029b53933d3b
5
reference_url https://github.com/apache/tomcat/commit/77c0ce2d169efa248b64b992e547aad549ec906b
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/77c0ce2d169efa248b64b992e547aad549ec906b
6
reference_url https://github.com/apache/tomcat/commit/bb4624a9f3e69d495182ebfa68d7983076407a27
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/bb4624a9f3e69d495182ebfa68d7983076407a27
7
reference_url https://github.com/apache/tomcat/commit/e3703c9abb8fe0d5602f6ba8a8f11d4b6940815a
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/e3703c9abb8fe0d5602f6ba8a8f11d4b6940815a
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-41080
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-41080
9
reference_url https://security.netapp.com/advisory/ntap-20230921-0006
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20230921-0006
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2235370
reference_id 2235370
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2235370
11
reference_url https://lists.apache.org/thread/71wvwprtx2j2m54fovq9zr7gbm2wow2f
reference_id 71wvwprtx2j2m54fovq9zr7gbm2wow2f
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-27T18:42:58Z/
url https://lists.apache.org/thread/71wvwprtx2j2m54fovq9zr7gbm2wow2f
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41080
reference_id CVE-2023-41080
reference_type
scores
0
value Moderate
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41080
13
reference_url https://github.com/advisories/GHSA-q3mw-pvr8-9ggc
reference_id GHSA-q3mw-pvr8-9ggc
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-q3mw-pvr8-9ggc
14
reference_url https://access.redhat.com/errata/RHSA-2023:5946
reference_id RHSA-2023:5946
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5946
15
reference_url https://access.redhat.com/errata/RHSA-2023:7622
reference_id RHSA-2023:7622
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7622
16
reference_url https://access.redhat.com/errata/RHSA-2023:7623
reference_id RHSA-2023:7623
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7623
17
reference_url https://access.redhat.com/errata/RHSA-2023:7678
reference_id RHSA-2023:7678
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7678
18
reference_url https://access.redhat.com/errata/RHSA-2024:0125
reference_id RHSA-2024:0125
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0125
19
reference_url https://access.redhat.com/errata/RHSA-2024:0474
reference_id RHSA-2024:0474
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0474
20
reference_url https://access.redhat.com/errata/RHSA-2024:1324
reference_id RHSA-2024:1324
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1324
21
reference_url https://access.redhat.com/errata/RHSA-2024:1325
reference_id RHSA-2024:1325
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1325
22
reference_url https://access.redhat.com/errata/RHSA-2024:4631
reference_id RHSA-2024:4631
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4631
23
reference_url https://usn.ubuntu.com/7106-1/
reference_id USN-7106-1
reference_type
scores
url https://usn.ubuntu.com/7106-1/
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@9.0.80
purl pkg:maven/org.apache.tomcat/tomcat@9.0.80
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-16sq-3qm1-kqb2
1
vulnerability VCID-1weg-s38v-nkh9
2
vulnerability VCID-2n2k-sh22-fkfw
3
vulnerability VCID-63vc-sc11-8kf1
4
vulnerability VCID-697g-gcg9-zyaa
5
vulnerability VCID-6kab-xsqw-37ed
6
vulnerability VCID-6wqu-jupw-tyhu
7
vulnerability VCID-7wr9-uez1-8bdg
8
vulnerability VCID-97et-ubnp-wqcy
9
vulnerability VCID-9xyf-k9wq-g7b9
10
vulnerability VCID-dhxd-kknv-9qb7
11
vulnerability VCID-dj7q-4map-ebg4
12
vulnerability VCID-hv33-kv9q-gugf
13
vulnerability VCID-hvgr-azs4-qqac
14
vulnerability VCID-keh1-ycs9-ybdd
15
vulnerability VCID-ngy5-k9cv-rkbn
16
vulnerability VCID-p4j1-xp15-t3b8
17
vulnerability VCID-s2kf-jwgc-pfas
18
vulnerability VCID-t8tc-zb3w-57gv
19
vulnerability VCID-v5zf-qfdq-kbbp
20
vulnerability VCID-vnfg-9em7-u7ee
21
vulnerability VCID-xuma-qnw9-8bb8
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.80
1
url pkg:maven/org.apache.tomcat/tomcat@10.1.13
purl pkg:maven/org.apache.tomcat/tomcat@10.1.13
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-16sq-3qm1-kqb2
1
vulnerability VCID-1weg-s38v-nkh9
2
vulnerability VCID-2n2k-sh22-fkfw
3
vulnerability VCID-63vc-sc11-8kf1
4
vulnerability VCID-697g-gcg9-zyaa
5
vulnerability VCID-6kab-xsqw-37ed
6
vulnerability VCID-6wqu-jupw-tyhu
7
vulnerability VCID-7wr9-uez1-8bdg
8
vulnerability VCID-97et-ubnp-wqcy
9
vulnerability VCID-9xyf-k9wq-g7b9
10
vulnerability VCID-bwh8-tmf1-8uac
11
vulnerability VCID-dj7q-4map-ebg4
12
vulnerability VCID-hv33-kv9q-gugf
13
vulnerability VCID-hvgr-azs4-qqac
14
vulnerability VCID-keh1-ycs9-ybdd
15
vulnerability VCID-n4qq-m1x3-qkbz
16
vulnerability VCID-ngy5-k9cv-rkbn
17
vulnerability VCID-p4j1-xp15-t3b8
18
vulnerability VCID-s2kf-jwgc-pfas
19
vulnerability VCID-t8tc-zb3w-57gv
20
vulnerability VCID-v5zf-qfdq-kbbp
21
vulnerability VCID-vnfg-9em7-u7ee
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.13
2
url pkg:maven/org.apache.tomcat/tomcat@11.0.0-M11
purl pkg:maven/org.apache.tomcat/tomcat@11.0.0-M11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-16sq-3qm1-kqb2
1
vulnerability VCID-1weg-s38v-nkh9
2
vulnerability VCID-2n2k-sh22-fkfw
3
vulnerability VCID-63vc-sc11-8kf1
4
vulnerability VCID-697g-gcg9-zyaa
5
vulnerability VCID-6kab-xsqw-37ed
6
vulnerability VCID-6wqu-jupw-tyhu
7
vulnerability VCID-7wr9-uez1-8bdg
8
vulnerability VCID-97et-ubnp-wqcy
9
vulnerability VCID-9xyf-k9wq-g7b9
10
vulnerability VCID-bwh8-tmf1-8uac
11
vulnerability VCID-dhxd-kknv-9qb7
12
vulnerability VCID-dj7q-4map-ebg4
13
vulnerability VCID-hv33-kv9q-gugf
14
vulnerability VCID-hvgr-azs4-qqac
15
vulnerability VCID-keh1-ycs9-ybdd
16
vulnerability VCID-n4qq-m1x3-qkbz
17
vulnerability VCID-ngy5-k9cv-rkbn
18
vulnerability VCID-p4j1-xp15-t3b8
19
vulnerability VCID-s2kf-jwgc-pfas
20
vulnerability VCID-t8tc-zb3w-57gv
21
vulnerability VCID-vnfg-9em7-u7ee
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@11.0.0-M11
aliases CVE-2023-41080, GHSA-q3mw-pvr8-9ggc
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uyc3-3cnp-wqf3
27
url VCID-v5zf-qfdq-kbbp
vulnerability_id VCID-v5zf-qfdq-kbbp
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-46589.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-46589.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-46589
reference_id
reference_type
scores
0
value 0.53163
scoring_system epss
scoring_elements 0.98026
published_at 2026-06-11T12:55:00Z
1
value 0.53163
scoring_system epss
scoring_elements 0.98033
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-46589
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
4
reference_url https://github.com/apache/tomcat/commit/6f181e1062a472bc5f0234980f66cbde42c1041b
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/6f181e1062a472bc5f0234980f66cbde42c1041b
5
reference_url https://github.com/apache/tomcat/commit/7a2d8818fcea0b51747a67af9510ce7977245ebd
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/7a2d8818fcea0b51747a67af9510ce7977245ebd
6
reference_url https://github.com/apache/tomcat/commit/aa92971e879a519384c517febc39fd04c48d4642
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/aa92971e879a519384c517febc39fd04c48d4642
7
reference_url https://github.com/apache/tomcat/commit/b5776d769bffeade865061bc8ecbeb2b56167b08
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/b5776d769bffeade865061bc8ecbeb2b56167b08
8
reference_url https://lists.debian.org/debian-lts-announce/2024/01/msg00001.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2024/01/msg00001.html
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-46589
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-46589
10
reference_url https://security.netapp.com/advisory/ntap-20231214-0009
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20231214-0009
11
reference_url https://tomcat.apache.org/security-10.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-10.html
12
reference_url https://tomcat.apache.org/security-11.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-11.html
13
reference_url https://tomcat.apache.org/security-8.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-8.html
14
reference_url https://tomcat.apache.org/security-9.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-9.html
15
reference_url http://www.openwall.com/lists/oss-security/2023/11/28/2
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2023/11/28/2
16
reference_url https://lists.apache.org/thread/0rqq6ktozqc42ro8hhxdmmdjm1k1tpxr
reference_id 0rqq6ktozqc42ro8hhxdmmdjm1k1tpxr
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-11T16:04:24Z/
url https://lists.apache.org/thread/0rqq6ktozqc42ro8hhxdmmdjm1k1tpxr
17
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1057082
reference_id 1057082
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1057082
18
reference_url https://www.openwall.com/lists/oss-security/2023/11/28/2
reference_id 2
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-11T16:04:24Z/
url https://www.openwall.com/lists/oss-security/2023/11/28/2
19
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2252050
reference_id 2252050
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2252050
20
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46589
reference_id CVE-2023-46589
reference_type
scores
0
value Important
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46589
21
reference_url https://github.com/advisories/GHSA-fccv-jmmp-qg76
reference_id GHSA-fccv-jmmp-qg76
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-fccv-jmmp-qg76
22
reference_url https://access.redhat.com/errata/RHSA-2024:0532
reference_id RHSA-2024:0532
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0532
23
reference_url https://access.redhat.com/errata/RHSA-2024:0539
reference_id RHSA-2024:0539
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0539
24
reference_url https://access.redhat.com/errata/RHSA-2024:1092
reference_id RHSA-2024:1092
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1092
25
reference_url https://access.redhat.com/errata/RHSA-2024:1134
reference_id RHSA-2024:1134
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1134
26
reference_url https://access.redhat.com/errata/RHSA-2024:1318
reference_id RHSA-2024:1318
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1318
27
reference_url https://access.redhat.com/errata/RHSA-2024:1319
reference_id RHSA-2024:1319
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1319
28
reference_url https://access.redhat.com/errata/RHSA-2024:1324
reference_id RHSA-2024:1324
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1324
29
reference_url https://access.redhat.com/errata/RHSA-2024:1325
reference_id RHSA-2024:1325
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1325
30
reference_url https://access.redhat.com/errata/RHSA-2024:3354
reference_id RHSA-2024:3354
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:3354
31
reference_url https://usn.ubuntu.com/7032-1/
reference_id USN-7032-1
reference_type
scores
url https://usn.ubuntu.com/7032-1/
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@9.0.83
purl pkg:maven/org.apache.tomcat/tomcat@9.0.83
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2n2k-sh22-fkfw
1
vulnerability VCID-63vc-sc11-8kf1
2
vulnerability VCID-697g-gcg9-zyaa
3
vulnerability VCID-6wqu-jupw-tyhu
4
vulnerability VCID-7wr9-uez1-8bdg
5
vulnerability VCID-97et-ubnp-wqcy
6
vulnerability VCID-9xyf-k9wq-g7b9
7
vulnerability VCID-bwh8-tmf1-8uac
8
vulnerability VCID-dhxd-kknv-9qb7
9
vulnerability VCID-dj7q-4map-ebg4
10
vulnerability VCID-hv33-kv9q-gugf
11
vulnerability VCID-hvgr-azs4-qqac
12
vulnerability VCID-keh1-ycs9-ybdd
13
vulnerability VCID-n4qq-m1x3-qkbz
14
vulnerability VCID-ngy5-k9cv-rkbn
15
vulnerability VCID-p4j1-xp15-t3b8
16
vulnerability VCID-s2kf-jwgc-pfas
17
vulnerability VCID-t8tc-zb3w-57gv
18
vulnerability VCID-vnfg-9em7-u7ee
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.83
1
url pkg:maven/org.apache.tomcat/tomcat@10.1.16
purl pkg:maven/org.apache.tomcat/tomcat@10.1.16
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2n2k-sh22-fkfw
1
vulnerability VCID-63vc-sc11-8kf1
2
vulnerability VCID-697g-gcg9-zyaa
3
vulnerability VCID-6wqu-jupw-tyhu
4
vulnerability VCID-7wr9-uez1-8bdg
5
vulnerability VCID-97et-ubnp-wqcy
6
vulnerability VCID-9xyf-k9wq-g7b9
7
vulnerability VCID-bwh8-tmf1-8uac
8
vulnerability VCID-dj7q-4map-ebg4
9
vulnerability VCID-hv33-kv9q-gugf
10
vulnerability VCID-hvgr-azs4-qqac
11
vulnerability VCID-keh1-ycs9-ybdd
12
vulnerability VCID-n4qq-m1x3-qkbz
13
vulnerability VCID-ngy5-k9cv-rkbn
14
vulnerability VCID-p4j1-xp15-t3b8
15
vulnerability VCID-s2kf-jwgc-pfas
16
vulnerability VCID-t8tc-zb3w-57gv
17
vulnerability VCID-vnfg-9em7-u7ee
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.16
2
url pkg:maven/org.apache.tomcat/tomcat@11.0.0-M11
purl pkg:maven/org.apache.tomcat/tomcat@11.0.0-M11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-16sq-3qm1-kqb2
1
vulnerability VCID-1weg-s38v-nkh9
2
vulnerability VCID-2n2k-sh22-fkfw
3
vulnerability VCID-63vc-sc11-8kf1
4
vulnerability VCID-697g-gcg9-zyaa
5
vulnerability VCID-6kab-xsqw-37ed
6
vulnerability VCID-6wqu-jupw-tyhu
7
vulnerability VCID-7wr9-uez1-8bdg
8
vulnerability VCID-97et-ubnp-wqcy
9
vulnerability VCID-9xyf-k9wq-g7b9
10
vulnerability VCID-bwh8-tmf1-8uac
11
vulnerability VCID-dhxd-kknv-9qb7
12
vulnerability VCID-dj7q-4map-ebg4
13
vulnerability VCID-hv33-kv9q-gugf
14
vulnerability VCID-hvgr-azs4-qqac
15
vulnerability VCID-keh1-ycs9-ybdd
16
vulnerability VCID-n4qq-m1x3-qkbz
17
vulnerability VCID-ngy5-k9cv-rkbn
18
vulnerability VCID-p4j1-xp15-t3b8
19
vulnerability VCID-s2kf-jwgc-pfas
20
vulnerability VCID-t8tc-zb3w-57gv
21
vulnerability VCID-vnfg-9em7-u7ee
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@11.0.0-M11
3
url pkg:maven/org.apache.tomcat/tomcat@11.0.1
purl pkg:maven/org.apache.tomcat/tomcat@11.0.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2n2k-sh22-fkfw
1
vulnerability VCID-63vc-sc11-8kf1
2
vulnerability VCID-697g-gcg9-zyaa
3
vulnerability VCID-6wqu-jupw-tyhu
4
vulnerability VCID-7wr9-uez1-8bdg
5
vulnerability VCID-8zsm-8skx-dfha
6
vulnerability VCID-97et-ubnp-wqcy
7
vulnerability VCID-9xyf-k9wq-g7b9
8
vulnerability VCID-bwh8-tmf1-8uac
9
vulnerability VCID-dhxd-kknv-9qb7
10
vulnerability VCID-dj7q-4map-ebg4
11
vulnerability VCID-hv33-kv9q-gugf
12
vulnerability VCID-hvgr-azs4-qqac
13
vulnerability VCID-keh1-ycs9-ybdd
14
vulnerability VCID-n4qq-m1x3-qkbz
15
vulnerability VCID-nctp-shgj-sfgh
16
vulnerability VCID-ngy5-k9cv-rkbn
17
vulnerability VCID-p4j1-xp15-t3b8
18
vulnerability VCID-s2kf-jwgc-pfas
19
vulnerability VCID-t8tc-zb3w-57gv
20
vulnerability VCID-uqgg-5gr8-sfgg
21
vulnerability VCID-vnfg-9em7-u7ee
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@11.0.1
aliases CVE-2023-46589, GHSA-fccv-jmmp-qg76
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v5zf-qfdq-kbbp
28
url VCID-vfh6-rc99-e3bf
vulnerability_id VCID-vfh6-rc99-e3bf
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-30640.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-30640.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-30640
reference_id
reference_type
scores
0
value 0.00123
scoring_system epss
scoring_elements 0.31153
published_at 2026-06-12T12:55:00Z
1
value 0.00123
scoring_system epss
scoring_elements 0.30957
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-30640
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/apache/tomcat/commit/0a272b00aed57526dbfc8b881ab253c23c61f100
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/0a272b00aed57526dbfc8b881ab253c23c61f100
4
reference_url https://github.com/apache/tomcat/commit/17208c645d68d2af1444ee8c64f36a9b8f0ba76f
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/17208c645d68d2af1444ee8c64f36a9b8f0ba76f
5
reference_url https://github.com/apache/tomcat/commit/24dfb30076997b640e5123e92c4b8d7f206f609c
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/24dfb30076997b640e5123e92c4b8d7f206f609c
6
reference_url https://github.com/apache/tomcat/commit/329932012d3a9b95fde0b18618416e659ecffdc0
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/329932012d3a9b95fde0b18618416e659ecffdc0
7
reference_url https://github.com/apache/tomcat/commit/3ce84512ed8783577d9945df28da5a033465b945
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/3ce84512ed8783577d9945df28da5a033465b945
8
reference_url https://github.com/apache/tomcat/commit/4e61e1d625a4a64d6b775e3a03c77a0b100d56d7
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/4e61e1d625a4a64d6b775e3a03c77a0b100d56d7
9
reference_url https://github.com/apache/tomcat/commit/4e86b4ea0d1a9b00fa93971c31b93ad1bd49c7fe
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/4e86b4ea0d1a9b00fa93971c31b93ad1bd49c7fe
10
reference_url https://github.com/apache/tomcat/commit/6a9129ac9bd06555ce04bb564a76fc3987311f38
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/6a9129ac9bd06555ce04bb564a76fc3987311f38
11
reference_url https://github.com/apache/tomcat/commit/749f3cc192c68c34f2375509aea087be45fc4434
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/749f3cc192c68c34f2375509aea087be45fc4434
12
reference_url https://github.com/apache/tomcat/commit/79580e7f70a07c083be07307376511bb864d5a7b
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/79580e7f70a07c083be07307376511bb864d5a7b
13
reference_url https://github.com/apache/tomcat/commit/81f16b0a7186ed02efbfac336589d6cff28d1e89
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/81f16b0a7186ed02efbfac336589d6cff28d1e89
14
reference_url https://github.com/apache/tomcat/commit/91ecdc61ce3420054c04114baaaf1c1e0cbd5d56
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/91ecdc61ce3420054c04114baaaf1c1e0cbd5d56
15
reference_url https://github.com/apache/tomcat/commit/ad22db641dcd61c2e8078f658fa709897b5da375
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/ad22db641dcd61c2e8078f658fa709897b5da375
16
reference_url https://github.com/apache/tomcat/commit/b5585a9e5d4fec020cc5ebadb82f899fae22bc43
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/b5585a9e5d4fec020cc5ebadb82f899fae22bc43
17
reference_url https://github.com/apache/tomcat/commit/b930d0b3161d9ec78d5fa57f886ed2de4680518b
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/b930d0b3161d9ec78d5fa57f886ed2de4680518b
18
reference_url https://github.com/apache/tomcat/commit/bd4d1fbe9146dff4714130594afd668406a6a5ef
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/bd4d1fbe9146dff4714130594afd668406a6a5ef
19
reference_url https://github.com/apache/tomcat/commit/c4df8d44a959a937d507d15e5b1ca35c3dbc41eb
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/c4df8d44a959a937d507d15e5b1ca35c3dbc41eb
20
reference_url https://github.com/apache/tomcat/commit/c6b6e1015ae44c936971b6bf8bce70987935b92e
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/c6b6e1015ae44c936971b6bf8bce70987935b92e
21
reference_url https://github.com/apache/tomcat/commit/c9f21a2a7908c7c4ecd4f9bb495d3ee36a2bd822
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/c9f21a2a7908c7c4ecd4f9bb495d3ee36a2bd822
22
reference_url https://github.com/apache/tomcat/commit/d3407672774e372fae8b5898d55f85d16f22b972
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/d3407672774e372fae8b5898d55f85d16f22b972
23
reference_url https://github.com/apache/tomcat/commit/d5303a506c7533803d2b3bc46e6120ce673a6667
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/d5303a506c7533803d2b3bc46e6120ce673a6667
24
reference_url https://github.com/apache/tomcat/commit/e21eb4764ccda55e5a35a5a7c19a6fd2b0757fe9
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/e21eb4764ccda55e5a35a5a7c19a6fd2b0757fe9
25
reference_url https://github.com/apache/tomcat/commit/e50067486cf86564175ca0cfdcbf7d209c6df862
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/e50067486cf86564175ca0cfdcbf7d209c6df862
26
reference_url https://github.com/apache/tomcat/commit/eeb7351219bd8803c0053e1e80444664a7cf5b51
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/eeb7351219bd8803c0053e1e80444664a7cf5b51
27
reference_url https://github.com/apache/tomcat/commit/f4d9bdef53ec009b7717620d890465fa273721a6
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/f4d9bdef53ec009b7717620d890465fa273721a6
28
reference_url https://lists.apache.org/thread.html/r59f9ef03929d32120f91f4ea7e6e79edd5688d75d0a9b65fd26d1fe8%40%3Cannounce.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r59f9ef03929d32120f91f4ea7e6e79edd5688d75d0a9b65fd26d1fe8%40%3Cannounce.tomcat.apache.org%3E
29
reference_url https://lists.debian.org/debian-lts-announce/2021/08/msg00009.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2021/08/msg00009.html
30
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-30640
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-30640
31
reference_url https://security.netapp.com/advisory/ntap-20210827-0007
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20210827-0007
32
reference_url https://security.netapp.com/advisory/ntap-20210827-0007/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20210827-0007/
33
reference_url https://www.debian.org/security/2021/dsa-4952
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2021/dsa-4952
34
reference_url https://www.debian.org/security/2021/dsa-4986
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2021/dsa-4986
35
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1981544
reference_id 1981544
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1981544
36
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991046
reference_id 991046
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991046
37
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30640
reference_id CVE-2021-30640
reference_type
scores
0
value Low
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30640
38
reference_url https://github.com/advisories/GHSA-36qh-35cm-5w2w
reference_id GHSA-36qh-35cm-5w2w
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-36qh-35cm-5w2w
39
reference_url https://security.gentoo.org/glsa/202208-34
reference_id GLSA-202208-34
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202208-34
40
reference_url https://access.redhat.com/errata/RHSA-2021:4861
reference_id RHSA-2021:4861
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4861
41
reference_url https://access.redhat.com/errata/RHSA-2021:4863
reference_id RHSA-2021:4863
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4863
42
reference_url https://access.redhat.com/errata/RHSA-2022:1179
reference_id RHSA-2022:1179
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1179
43
reference_url https://access.redhat.com/errata/RHSA-2022:5532
reference_id RHSA-2022:5532
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5532
44
reference_url https://usn.ubuntu.com/5360-1/
reference_id USN-5360-1
reference_type
scores
url https://usn.ubuntu.com/5360-1/
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@9.0.45
purl pkg:maven/org.apache.tomcat/tomcat@9.0.45
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-16sq-3qm1-kqb2
1
vulnerability VCID-2hmq-5245-jyaf
2
vulnerability VCID-2n2k-sh22-fkfw
3
vulnerability VCID-3kn9-yxww-ryh4
4
vulnerability VCID-63vc-sc11-8kf1
5
vulnerability VCID-697g-gcg9-zyaa
6
vulnerability VCID-6kab-xsqw-37ed
7
vulnerability VCID-6wqu-jupw-tyhu
8
vulnerability VCID-7wr9-uez1-8bdg
9
vulnerability VCID-97et-ubnp-wqcy
10
vulnerability VCID-9xyf-k9wq-g7b9
11
vulnerability VCID-bbye-dcrb-t3ev
12
vulnerability VCID-dhxd-kknv-9qb7
13
vulnerability VCID-dj7q-4map-ebg4
14
vulnerability VCID-dx14-ejnx-37ad
15
vulnerability VCID-hv33-kv9q-gugf
16
vulnerability VCID-hvgr-azs4-qqac
17
vulnerability VCID-keh1-ycs9-ybdd
18
vulnerability VCID-ngy5-k9cv-rkbn
19
vulnerability VCID-p4j1-xp15-t3b8
20
vulnerability VCID-s2kf-jwgc-pfas
21
vulnerability VCID-t8tc-zb3w-57gv
22
vulnerability VCID-tvrz-n2kd-pba4
23
vulnerability VCID-uyc3-3cnp-wqf3
24
vulnerability VCID-v5zf-qfdq-kbbp
25
vulnerability VCID-vfh6-rc99-e3bf
26
vulnerability VCID-vnfg-9em7-u7ee
27
vulnerability VCID-x7wn-uamc-6bg5
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.45
1
url pkg:maven/org.apache.tomcat/tomcat@9.0.46
purl pkg:maven/org.apache.tomcat/tomcat@9.0.46
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-16sq-3qm1-kqb2
1
vulnerability VCID-2hmq-5245-jyaf
2
vulnerability VCID-2n2k-sh22-fkfw
3
vulnerability VCID-3kn9-yxww-ryh4
4
vulnerability VCID-63vc-sc11-8kf1
5
vulnerability VCID-64zy-xgrf-eba1
6
vulnerability VCID-697g-gcg9-zyaa
7
vulnerability VCID-6kab-xsqw-37ed
8
vulnerability VCID-6wqu-jupw-tyhu
9
vulnerability VCID-7wr9-uez1-8bdg
10
vulnerability VCID-97et-ubnp-wqcy
11
vulnerability VCID-9xyf-k9wq-g7b9
12
vulnerability VCID-bbye-dcrb-t3ev
13
vulnerability VCID-dhxd-kknv-9qb7
14
vulnerability VCID-dj7q-4map-ebg4
15
vulnerability VCID-dx14-ejnx-37ad
16
vulnerability VCID-hv33-kv9q-gugf
17
vulnerability VCID-hvgr-azs4-qqac
18
vulnerability VCID-keh1-ycs9-ybdd
19
vulnerability VCID-ngy5-k9cv-rkbn
20
vulnerability VCID-p4j1-xp15-t3b8
21
vulnerability VCID-s2kf-jwgc-pfas
22
vulnerability VCID-t8tc-zb3w-57gv
23
vulnerability VCID-tvrz-n2kd-pba4
24
vulnerability VCID-uyc3-3cnp-wqf3
25
vulnerability VCID-v5zf-qfdq-kbbp
26
vulnerability VCID-vnfg-9em7-u7ee
27
vulnerability VCID-x7wn-uamc-6bg5
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.46
2
url pkg:maven/org.apache.tomcat/tomcat@10.0.5
purl pkg:maven/org.apache.tomcat/tomcat@10.0.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2hmq-5245-jyaf
1
vulnerability VCID-3kn9-yxww-ryh4
2
vulnerability VCID-bbye-dcrb-t3ev
3
vulnerability VCID-dx14-ejnx-37ad
4
vulnerability VCID-tvrz-n2kd-pba4
5
vulnerability VCID-vfh6-rc99-e3bf
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.0.5
3
url pkg:maven/org.apache.tomcat/tomcat@10.0.6
purl pkg:maven/org.apache.tomcat/tomcat@10.0.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2hmq-5245-jyaf
1
vulnerability VCID-3kn9-yxww-ryh4
2
vulnerability VCID-64zy-xgrf-eba1
3
vulnerability VCID-bbye-dcrb-t3ev
4
vulnerability VCID-dx14-ejnx-37ad
5
vulnerability VCID-tvrz-n2kd-pba4
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.0.6
aliases CVE-2021-30640, GHSA-36qh-35cm-5w2w
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vfh6-rc99-e3bf
29
url VCID-vnfg-9em7-u7ee
vulnerability_id VCID-vnfg-9em7-u7ee
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34487.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34487.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-34487
reference_id
reference_type
scores
0
value 0.00073
scoring_system epss
scoring_elements 0.22184
published_at 2026-06-11T12:55:00Z
1
value 0.00073
scoring_system epss
scoring_elements 0.22375
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-34487
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
4
reference_url https://github.com/apache/tomcat/commit/301bc6efbf72feb14dacfdfa3f50372182736150
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/301bc6efbf72feb14dacfdfa3f50372182736150
5
reference_url https://github.com/apache/tomcat/commit/5eff2a773b8b728083e5195b3183df1b9e12a03d
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/5eff2a773b8b728083e5195b3183df1b9e12a03d
6
reference_url https://github.com/apache/tomcat/commit/f593292a082e5ef9336a8db2b4b522f7f3e36976
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/f593292a082e5ef9336a8db2b4b522f7f3e36976
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-34487
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-34487
8
reference_url http://www.openwall.com/lists/oss-security/2026/04/09/28
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2026/04/09/28
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133356
reference_id 1133356
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133356
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133357
reference_id 1133357
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133357
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2457038
reference_id 2457038
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2457038
12
reference_url https://lists.apache.org/thread/4xpkwolpkrj8v5xzp5nyovtlqp3y850h
reference_id 4xpkwolpkrj8v5xzp5nyovtlqp3y850h
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T17:47:28Z/
url https://lists.apache.org/thread/4xpkwolpkrj8v5xzp5nyovtlqp3y850h
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34487
reference_id CVE-2026-34487
reference_type
scores
0
value Low
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34487
14
reference_url https://github.com/advisories/GHSA-x4m4-345f-5h5g
reference_id GHSA-x4m4-345f-5h5g
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-x4m4-345f-5h5g
15
reference_url https://access.redhat.com/errata/RHSA-2026:20405
reference_id RHSA-2026:20405
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:20405
16
reference_url https://access.redhat.com/errata/RHSA-2026:20406
reference_id RHSA-2026:20406
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:20406
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@9.0.117
purl pkg:maven/org.apache.tomcat/tomcat@9.0.117
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2n2k-sh22-fkfw
1
vulnerability VCID-697g-gcg9-zyaa
2
vulnerability VCID-97et-ubnp-wqcy
3
vulnerability VCID-9xyf-k9wq-g7b9
4
vulnerability VCID-dj7q-4map-ebg4
5
vulnerability VCID-hv33-kv9q-gugf
6
vulnerability VCID-s2kf-jwgc-pfas
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.117
1
url pkg:maven/org.apache.tomcat/tomcat@10.1.54
purl pkg:maven/org.apache.tomcat/tomcat@10.1.54
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2n2k-sh22-fkfw
1
vulnerability VCID-697g-gcg9-zyaa
2
vulnerability VCID-97et-ubnp-wqcy
3
vulnerability VCID-9xyf-k9wq-g7b9
4
vulnerability VCID-dj7q-4map-ebg4
5
vulnerability VCID-hv33-kv9q-gugf
6
vulnerability VCID-s2kf-jwgc-pfas
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.54
2
url pkg:maven/org.apache.tomcat/tomcat@11.0.21
purl pkg:maven/org.apache.tomcat/tomcat@11.0.21
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2n2k-sh22-fkfw
1
vulnerability VCID-697g-gcg9-zyaa
2
vulnerability VCID-97et-ubnp-wqcy
3
vulnerability VCID-9xyf-k9wq-g7b9
4
vulnerability VCID-dj7q-4map-ebg4
5
vulnerability VCID-hv33-kv9q-gugf
6
vulnerability VCID-s2kf-jwgc-pfas
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@11.0.21
aliases CVE-2026-34487, GHSA-x4m4-345f-5h5g
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vnfg-9em7-u7ee
30
url VCID-yg5s-2fsb-gub2
vulnerability_id VCID-yg5s-2fsb-gub2
summary
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00066.html
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00066.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8022.json
reference_id
reference_type
scores
0
value 7.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8022.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-8022
reference_id
reference_type
scores
0
value 0.00187
scoring_system epss
scoring_elements 0.40408
published_at 2026-06-11T12:55:00Z
1
value 0.00187
scoring_system epss
scoring_elements 0.40575
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-8022
3
reference_url https://bugzilla.suse.com/show_bug.cgi?id=1172405
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.suse.com/show_bug.cgi?id=1172405
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://lists.apache.org/thread.html/r393d4f431683e99c839b4aed68f720b8583bca6c35cd84adccaa02be@%3Cjava-dev.axis.apache.org%3E
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r393d4f431683e99c839b4aed68f720b8583bca6c35cd84adccaa02be@%3Cjava-dev.axis.apache.org%3E
6
reference_url https://lists.apache.org/thread.html/r5be80ba868a11a1f64e4922399f171b8619bca4bc2039f79cf913928@%3Cjava-dev.axis.apache.org%3E
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r5be80ba868a11a1f64e4922399f171b8619bca4bc2039f79cf913928@%3Cjava-dev.axis.apache.org%3E
7
reference_url https://lists.apache.org/thread.html/ra87ec20a0f4b226c81c7eed27e5d7433ccdc41e61a8da408a45f0fa1@%3Cusers.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/ra87ec20a0f4b226c81c7eed27e5d7433ccdc41e61a8da408a45f0fa1@%3Cusers.tomcat.apache.org%3E
8
reference_url https://lists.apache.org/thread.html/rf50d02409e5732c4ee37f19a193af171251a25a652599ce3c2bc69e7@%3Cusers.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rf50d02409e5732c4ee37f19a193af171251a25a652599ce3c2bc69e7@%3Cusers.tomcat.apache.org%3E
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1852863
reference_id 1852863
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1852863
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-8022
reference_id CVE-2020-8022
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-8022
11
reference_url https://github.com/advisories/GHSA-gc58-v8h3-x2gr
reference_id GHSA-gc58-v8h3-x2gr
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-gc58-v8h3-x2gr
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@9.0.35
purl pkg:maven/org.apache.tomcat/tomcat@9.0.35
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-16sq-3qm1-kqb2
1
vulnerability VCID-2hmq-5245-jyaf
2
vulnerability VCID-2n2k-sh22-fkfw
3
vulnerability VCID-3kn9-yxww-ryh4
4
vulnerability VCID-697g-gcg9-zyaa
5
vulnerability VCID-6kab-xsqw-37ed
6
vulnerability VCID-6wqu-jupw-tyhu
7
vulnerability VCID-7wr9-uez1-8bdg
8
vulnerability VCID-97et-ubnp-wqcy
9
vulnerability VCID-9xyf-k9wq-g7b9
10
vulnerability VCID-dhxd-kknv-9qb7
11
vulnerability VCID-dj7q-4map-ebg4
12
vulnerability VCID-dx14-ejnx-37ad
13
vulnerability VCID-euv9-huaz-y3d1
14
vulnerability VCID-fbxk-sjfu-eyf1
15
vulnerability VCID-gecz-htub-27gx
16
vulnerability VCID-hv33-kv9q-gugf
17
vulnerability VCID-keh1-ycs9-ybdd
18
vulnerability VCID-ngy5-k9cv-rkbn
19
vulnerability VCID-nj9t-gdm3-6ycn
20
vulnerability VCID-p4j1-xp15-t3b8
21
vulnerability VCID-p65m-6crd-bufr
22
vulnerability VCID-qvgx-r4rr-xugp
23
vulnerability VCID-r9fd-ndvw-ekfa
24
vulnerability VCID-s2kf-jwgc-pfas
25
vulnerability VCID-t8tc-zb3w-57gv
26
vulnerability VCID-tvrz-n2kd-pba4
27
vulnerability VCID-uyc3-3cnp-wqf3
28
vulnerability VCID-v5zf-qfdq-kbbp
29
vulnerability VCID-vfh6-rc99-e3bf
30
vulnerability VCID-vnfg-9em7-u7ee
31
vulnerability VCID-yjb8-hdqu-4fe5
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.35
aliases CVE-2020-8022, GHSA-gc58-v8h3-x2gr
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yg5s-2fsb-gub2
31
url VCID-yjb8-hdqu-4fe5
vulnerability_id VCID-yjb8-hdqu-4fe5
summary
references
0
reference_url http://packetstormsecurity.com/files/176951/Apache-Tomcat-8.5.63-9.0.43-HTTP-Response-Smuggling.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://packetstormsecurity.com/files/176951/Apache-Tomcat-8.5.63-9.0.43-HTTP-Response-Smuggling.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21733.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21733.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-21733
reference_id
reference_type
scores
0
value 0.70951
scoring_system epss
scoring_elements 0.98731
published_at 2026-06-12T12:55:00Z
1
value 0.70951
scoring_system epss
scoring_elements 0.98726
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-21733
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
5
reference_url https://github.com/apache/tomcat/commit/86ccc43940861703c2be96a5f35384407522125a
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/86ccc43940861703c2be96a5f35384407522125a
6
reference_url https://github.com/apache/tomcat/commit/ce4b154e7b48f66bd98858626347747cd2514311
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/ce4b154e7b48f66bd98858626347747cd2514311
7
reference_url https://lists.debian.org/debian-lts-announce/2025/01/msg00009.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2025/01/msg00009.html
8
reference_url https://security.netapp.com/advisory/ntap-20240216-0005
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20240216-0005
9
reference_url https://tomcat.apache.org/security-8.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-8.html
10
reference_url https://tomcat.apache.org/security-9.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-9.html
11
reference_url http://www.openwall.com/lists/oss-security/2024/01/19/2
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2024/01/19/2
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2259204
reference_id 2259204
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2259204
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21733
reference_id CVE-2024-21733
reference_type
scores
0
value Important
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21733
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-21733
reference_id CVE-2024-21733
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-21733
15
reference_url https://github.com/advisories/GHSA-f4qf-m5gf-8jm8
reference_id GHSA-f4qf-m5gf-8jm8
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-f4qf-m5gf-8jm8
16
reference_url https://lists.apache.org/thread/h9bjqdd0odj6lhs2o96qgowcc6hb0cfz
reference_id h9bjqdd0odj6lhs2o96qgowcc6hb0cfz
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-13T16:09:11Z/
url https://lists.apache.org/thread/h9bjqdd0odj6lhs2o96qgowcc6hb0cfz
17
reference_url https://access.redhat.com/errata/RHSA-2024:2707
reference_id RHSA-2024:2707
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2707
18
reference_url https://access.redhat.com/errata/RHSA-2024:3354
reference_id RHSA-2024:3354
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:3354
19
reference_url https://usn.ubuntu.com/7562-1/
reference_id USN-7562-1
reference_type
scores
url https://usn.ubuntu.com/7562-1/
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@9.0.44
purl pkg:maven/org.apache.tomcat/tomcat@9.0.44
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-16sq-3qm1-kqb2
1
vulnerability VCID-2hmq-5245-jyaf
2
vulnerability VCID-2n2k-sh22-fkfw
3
vulnerability VCID-3kn9-yxww-ryh4
4
vulnerability VCID-63vc-sc11-8kf1
5
vulnerability VCID-697g-gcg9-zyaa
6
vulnerability VCID-6kab-xsqw-37ed
7
vulnerability VCID-6wqu-jupw-tyhu
8
vulnerability VCID-7wr9-uez1-8bdg
9
vulnerability VCID-97et-ubnp-wqcy
10
vulnerability VCID-9xyf-k9wq-g7b9
11
vulnerability VCID-bbye-dcrb-t3ev
12
vulnerability VCID-dhxd-kknv-9qb7
13
vulnerability VCID-dj7q-4map-ebg4
14
vulnerability VCID-dx14-ejnx-37ad
15
vulnerability VCID-hv33-kv9q-gugf
16
vulnerability VCID-hvgr-azs4-qqac
17
vulnerability VCID-keh1-ycs9-ybdd
18
vulnerability VCID-ndb1-hdsw-v7fq
19
vulnerability VCID-ngy5-k9cv-rkbn
20
vulnerability VCID-p4j1-xp15-t3b8
21
vulnerability VCID-s2kf-jwgc-pfas
22
vulnerability VCID-t8tc-zb3w-57gv
23
vulnerability VCID-tvrz-n2kd-pba4
24
vulnerability VCID-uyc3-3cnp-wqf3
25
vulnerability VCID-v5zf-qfdq-kbbp
26
vulnerability VCID-vfh6-rc99-e3bf
27
vulnerability VCID-vnfg-9em7-u7ee
28
vulnerability VCID-x7wn-uamc-6bg5
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.44
aliases CVE-2024-21733, GHSA-f4qf-m5gf-8jm8
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yjb8-hdqu-4fe5
Fixing_vulnerabilities
0
url VCID-824z-m36f-87ea
vulnerability_id VCID-824z-m36f-87ea
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1935.json
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1935.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-1935
reference_id
reference_type
scores
0
value 0.01382
scoring_system epss
scoring_elements 0.80716
published_at 2026-06-11T12:55:00Z
1
value 0.01382
scoring_system epss
scoring_elements 0.80776
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-1935
2
reference_url https://github.com/apache/tomcat/commit/702bf15bea292915684d931526d95d4990b2e73d
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/702bf15bea292915684d931526d95d4990b2e73d
3
reference_url https://github.com/apache/tomcat/commit/8bfb0ff7f25fe7555a5eb2f7984f73546c11aa26
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/8bfb0ff7f25fe7555a5eb2f7984f73546c11aa26
4
reference_url https://github.com/apache/tomcat/commit/8fbe2e962f0ea138d92361921643fe5abe0c4f56
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/8fbe2e962f0ea138d92361921643fe5abe0c4f56
5
reference_url https://lists.apache.org/thread.html/r127f76181aceffea2bd4711b03c595d0f115f63e020348fe925a916c%40%3Cannounce.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r127f76181aceffea2bd4711b03c595d0f115f63e020348fe925a916c%40%3Cannounce.tomcat.apache.org%3E
6
reference_url https://lists.apache.org/thread.html/r441c1f30a252bf14b07396286f6abd8089ce4240e91323211f1a2d75@%3Cusers.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r441c1f30a252bf14b07396286f6abd8089ce4240e91323211f1a2d75@%3Cusers.tomcat.apache.org%3E
7
reference_url https://lists.apache.org/thread.html/r660cd379afe346f10d72c0eaa8459ccc95d83aff181671b7e9076919@%3Cusers.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r660cd379afe346f10d72c0eaa8459ccc95d83aff181671b7e9076919@%3Cusers.tomcat.apache.org%3E
8
reference_url https://lists.apache.org/thread.html/r7bc994c965a34876bd94d5ff15b4e1e30b6220a15eb9b47c81915b78@%3Ccommits.tomee.apache.org%3E
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r7bc994c965a34876bd94d5ff15b4e1e30b6220a15eb9b47c81915b78@%3Ccommits.tomee.apache.org%3E
9
reference_url https://lists.apache.org/thread.html/r80e9c8417c77d52c62809168b96912bda70ddf7748f19f8210f745b1@%3Cusers.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r80e9c8417c77d52c62809168b96912bda70ddf7748f19f8210f745b1@%3Cusers.tomcat.apache.org%3E
10
reference_url https://lists.apache.org/thread.html/r9ce7918faf347e7aac32be930bf26c233b0b140fe37af0bb294158b6@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r9ce7918faf347e7aac32be930bf26c233b0b140fe37af0bb294158b6@%3Cdev.tomcat.apache.org%3E
11
reference_url https://lists.apache.org/thread.html/ra5dee390ad2d60307b8362505c059cd6a726de4d146d63dfce1e05e7@%3Cusers.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/ra5dee390ad2d60307b8362505c059cd6a726de4d146d63dfce1e05e7@%3Cusers.tomcat.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/rc31cbabb46cdc58bbdd8519a8f64b6236b2635a3922bbeba0f0e3743@%3Ccommits.tomee.apache.org%3E
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rc31cbabb46cdc58bbdd8519a8f64b6236b2635a3922bbeba0f0e3743@%3Ccommits.tomee.apache.org%3E
13
reference_url https://lists.apache.org/thread.html/rd547be0c9d821b4b1000a694b8e58ef9f5e2d66db03a31dfe77c4b18@%3Cusers.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rd547be0c9d821b4b1000a694b8e58ef9f5e2d66db03a31dfe77c4b18@%3Cusers.tomcat.apache.org%3E
14
reference_url https://security.netapp.com/advisory/ntap-20200327-0005
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20200327-0005
15
reference_url https://security.netapp.com/advisory/ntap-20200327-0005/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20200327-0005/
16
reference_url https://usn.ubuntu.com/4448-1
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/4448-1
17
reference_url https://usn.ubuntu.com/4448-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/4448-1/
18
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1806835
reference_id 1806835
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1806835
19
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1935
reference_id CVE-2020-1935
reference_type
scores
0
value Low
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1935
20
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-1935
reference_id CVE-2020-1935
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-1935
21
reference_url https://github.com/advisories/GHSA-qxf4-chvg-4r8r
reference_id GHSA-qxf4-chvg-4r8r
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-qxf4-chvg-4r8r
22
reference_url https://access.redhat.com/errata/RHSA-2020:1520
reference_id RHSA-2020:1520
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1520
23
reference_url https://access.redhat.com/errata/RHSA-2020:1521
reference_id RHSA-2020:1521
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1521
24
reference_url https://access.redhat.com/errata/RHSA-2020:2367
reference_id RHSA-2020:2367
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2367
25
reference_url https://access.redhat.com/errata/RHSA-2020:3303
reference_id RHSA-2020:3303
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3303
26
reference_url https://access.redhat.com/errata/RHSA-2020:3305
reference_id RHSA-2020:3305
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3305
27
reference_url https://access.redhat.com/errata/RHSA-2020:4847
reference_id RHSA-2020:4847
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4847
28
reference_url https://access.redhat.com/errata/RHSA-2020:5020
reference_id RHSA-2020:5020
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:5020
29
reference_url https://access.redhat.com/errata/RHSA-2021:0882
reference_id RHSA-2021:0882
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0882
30
reference_url https://access.redhat.com/errata/RHSA-2021:1030
reference_id RHSA-2021:1030
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:1030
31
reference_url https://access.redhat.com/errata/RHSA-2021:3140
reference_id RHSA-2021:3140
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3140
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@7.0.100
purl pkg:maven/org.apache.tomcat/tomcat@7.0.100
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2n2k-sh22-fkfw
1
vulnerability VCID-697g-gcg9-zyaa
2
vulnerability VCID-97et-ubnp-wqcy
3
vulnerability VCID-9xyf-k9wq-g7b9
4
vulnerability VCID-dhxd-kknv-9qb7
5
vulnerability VCID-dj7q-4map-ebg4
6
vulnerability VCID-hv33-kv9q-gugf
7
vulnerability VCID-p4j1-xp15-t3b8
8
vulnerability VCID-p65m-6crd-bufr
9
vulnerability VCID-qvgx-r4rr-xugp
10
vulnerability VCID-s2kf-jwgc-pfas
11
vulnerability VCID-t8tc-zb3w-57gv
12
vulnerability VCID-vfh6-rc99-e3bf
13
vulnerability VCID-yg5s-2fsb-gub2
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@7.0.100
1
url pkg:maven/org.apache.tomcat/tomcat@8.5.51
purl pkg:maven/org.apache.tomcat/tomcat@8.5.51
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-16sq-3qm1-kqb2
1
vulnerability VCID-2hmq-5245-jyaf
2
vulnerability VCID-2n2k-sh22-fkfw
3
vulnerability VCID-3kn9-yxww-ryh4
4
vulnerability VCID-697g-gcg9-zyaa
5
vulnerability VCID-6kab-xsqw-37ed
6
vulnerability VCID-6wqu-jupw-tyhu
7
vulnerability VCID-7wr9-uez1-8bdg
8
vulnerability VCID-97et-ubnp-wqcy
9
vulnerability VCID-9xyf-k9wq-g7b9
10
vulnerability VCID-dhxd-kknv-9qb7
11
vulnerability VCID-dj7q-4map-ebg4
12
vulnerability VCID-dx14-ejnx-37ad
13
vulnerability VCID-euv9-huaz-y3d1
14
vulnerability VCID-gecz-htub-27gx
15
vulnerability VCID-hv33-kv9q-gugf
16
vulnerability VCID-keh1-ycs9-ybdd
17
vulnerability VCID-m3py-3ba2-jkg7
18
vulnerability VCID-nj9t-gdm3-6ycn
19
vulnerability VCID-p4j1-xp15-t3b8
20
vulnerability VCID-p65m-6crd-bufr
21
vulnerability VCID-qvgx-r4rr-xugp
22
vulnerability VCID-qxfb-yg6b-nfda
23
vulnerability VCID-r9fd-ndvw-ekfa
24
vulnerability VCID-s2kf-jwgc-pfas
25
vulnerability VCID-t8tc-zb3w-57gv
26
vulnerability VCID-tvrz-n2kd-pba4
27
vulnerability VCID-uyc3-3cnp-wqf3
28
vulnerability VCID-v5zf-qfdq-kbbp
29
vulnerability VCID-vfh6-rc99-e3bf
30
vulnerability VCID-yjb8-hdqu-4fe5
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@8.5.51
2
url pkg:maven/org.apache.tomcat/tomcat@9.0.31
purl pkg:maven/org.apache.tomcat/tomcat@9.0.31
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-16sq-3qm1-kqb2
1
vulnerability VCID-2hmq-5245-jyaf
2
vulnerability VCID-2n2k-sh22-fkfw
3
vulnerability VCID-3kn9-yxww-ryh4
4
vulnerability VCID-697g-gcg9-zyaa
5
vulnerability VCID-6kab-xsqw-37ed
6
vulnerability VCID-6wqu-jupw-tyhu
7
vulnerability VCID-7wr9-uez1-8bdg
8
vulnerability VCID-97et-ubnp-wqcy
9
vulnerability VCID-9xyf-k9wq-g7b9
10
vulnerability VCID-dhxd-kknv-9qb7
11
vulnerability VCID-dj7q-4map-ebg4
12
vulnerability VCID-dx14-ejnx-37ad
13
vulnerability VCID-euv9-huaz-y3d1
14
vulnerability VCID-gecz-htub-27gx
15
vulnerability VCID-hv33-kv9q-gugf
16
vulnerability VCID-keh1-ycs9-ybdd
17
vulnerability VCID-ngy5-k9cv-rkbn
18
vulnerability VCID-nj9t-gdm3-6ycn
19
vulnerability VCID-p4j1-xp15-t3b8
20
vulnerability VCID-p65m-6crd-bufr
21
vulnerability VCID-qvgx-r4rr-xugp
22
vulnerability VCID-r9fd-ndvw-ekfa
23
vulnerability VCID-s2kf-jwgc-pfas
24
vulnerability VCID-t8tc-zb3w-57gv
25
vulnerability VCID-tvrz-n2kd-pba4
26
vulnerability VCID-uyc3-3cnp-wqf3
27
vulnerability VCID-v5zf-qfdq-kbbp
28
vulnerability VCID-vfh6-rc99-e3bf
29
vulnerability VCID-vnfg-9em7-u7ee
30
vulnerability VCID-yg5s-2fsb-gub2
31
vulnerability VCID-yjb8-hdqu-4fe5
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.31
aliases CVE-2020-1935, GHSA-qxf4-chvg-4r8r
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-824z-m36f-87ea
1
url VCID-bv5e-eycn-n7e2
vulnerability_id VCID-bv5e-eycn-n7e2
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17569.json
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17569.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-17569
reference_id
reference_type
scores
0
value 0.06163
scoring_system epss
scoring_elements 0.91055
published_at 2026-06-12T12:55:00Z
1
value 0.06163
scoring_system epss
scoring_elements 0.91024
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-17569
2
reference_url https://github.com/apache/tomcat/commit/060ecc5eb839208687b7fcc9e35287ac8eb46998
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/060ecc5eb839208687b7fcc9e35287ac8eb46998
3
reference_url https://github.com/apache/tomcat/commit/959f1dfd767bf3cb64776b44f7395d1d8d8f7ab3
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/959f1dfd767bf3cb64776b44f7395d1d8d8f7ab3
4
reference_url https://github.com/apache/tomcat/commit/b191a0d9cf06f4e04257c221bfe41d2b108a9cc8
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/b191a0d9cf06f4e04257c221bfe41d2b108a9cc8
5
reference_url https://lists.apache.org/thread.html/r7bc994c965a34876bd94d5ff15b4e1e30b6220a15eb9b47c81915b78@%3Ccommits.tomee.apache.org%3E
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r7bc994c965a34876bd94d5ff15b4e1e30b6220a15eb9b47c81915b78@%3Ccommits.tomee.apache.org%3E
6
reference_url https://lists.apache.org/thread.html/r88def002c5c78534674ca67472e035099fbe088813d50062094a1390%40%3Cannounce.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r88def002c5c78534674ca67472e035099fbe088813d50062094a1390%40%3Cannounce.tomcat.apache.org%3E
7
reference_url https://lists.apache.org/thread.html/rc31cbabb46cdc58bbdd8519a8f64b6236b2635a3922bbeba0f0e3743@%3Ccommits.tomee.apache.org%3E
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rc31cbabb46cdc58bbdd8519a8f64b6236b2635a3922bbeba0f0e3743@%3Ccommits.tomee.apache.org%3E
8
reference_url https://security.netapp.com/advisory/ntap-20200327-0005
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20200327-0005
9
reference_url https://security.netapp.com/advisory/ntap-20200327-0005/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20200327-0005/
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1806849
reference_id 1806849
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1806849
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17569
reference_id CVE-2019-17569
reference_type
scores
0
value Low
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17569
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-17569
reference_id CVE-2019-17569
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-17569
13
reference_url https://github.com/advisories/GHSA-767j-jfh2-jvrc
reference_id GHSA-767j-jfh2-jvrc
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-767j-jfh2-jvrc
14
reference_url https://access.redhat.com/errata/RHSA-2020:1520
reference_id RHSA-2020:1520
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1520
15
reference_url https://access.redhat.com/errata/RHSA-2020:1521
reference_id RHSA-2020:1521
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1521
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@7.0.100
purl pkg:maven/org.apache.tomcat/tomcat@7.0.100
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2n2k-sh22-fkfw
1
vulnerability VCID-697g-gcg9-zyaa
2
vulnerability VCID-97et-ubnp-wqcy
3
vulnerability VCID-9xyf-k9wq-g7b9
4
vulnerability VCID-dhxd-kknv-9qb7
5
vulnerability VCID-dj7q-4map-ebg4
6
vulnerability VCID-hv33-kv9q-gugf
7
vulnerability VCID-p4j1-xp15-t3b8
8
vulnerability VCID-p65m-6crd-bufr
9
vulnerability VCID-qvgx-r4rr-xugp
10
vulnerability VCID-s2kf-jwgc-pfas
11
vulnerability VCID-t8tc-zb3w-57gv
12
vulnerability VCID-vfh6-rc99-e3bf
13
vulnerability VCID-yg5s-2fsb-gub2
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@7.0.100
1
url pkg:maven/org.apache.tomcat/tomcat@8.5.51
purl pkg:maven/org.apache.tomcat/tomcat@8.5.51
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-16sq-3qm1-kqb2
1
vulnerability VCID-2hmq-5245-jyaf
2
vulnerability VCID-2n2k-sh22-fkfw
3
vulnerability VCID-3kn9-yxww-ryh4
4
vulnerability VCID-697g-gcg9-zyaa
5
vulnerability VCID-6kab-xsqw-37ed
6
vulnerability VCID-6wqu-jupw-tyhu
7
vulnerability VCID-7wr9-uez1-8bdg
8
vulnerability VCID-97et-ubnp-wqcy
9
vulnerability VCID-9xyf-k9wq-g7b9
10
vulnerability VCID-dhxd-kknv-9qb7
11
vulnerability VCID-dj7q-4map-ebg4
12
vulnerability VCID-dx14-ejnx-37ad
13
vulnerability VCID-euv9-huaz-y3d1
14
vulnerability VCID-gecz-htub-27gx
15
vulnerability VCID-hv33-kv9q-gugf
16
vulnerability VCID-keh1-ycs9-ybdd
17
vulnerability VCID-m3py-3ba2-jkg7
18
vulnerability VCID-nj9t-gdm3-6ycn
19
vulnerability VCID-p4j1-xp15-t3b8
20
vulnerability VCID-p65m-6crd-bufr
21
vulnerability VCID-qvgx-r4rr-xugp
22
vulnerability VCID-qxfb-yg6b-nfda
23
vulnerability VCID-r9fd-ndvw-ekfa
24
vulnerability VCID-s2kf-jwgc-pfas
25
vulnerability VCID-t8tc-zb3w-57gv
26
vulnerability VCID-tvrz-n2kd-pba4
27
vulnerability VCID-uyc3-3cnp-wqf3
28
vulnerability VCID-v5zf-qfdq-kbbp
29
vulnerability VCID-vfh6-rc99-e3bf
30
vulnerability VCID-yjb8-hdqu-4fe5
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@8.5.51
2
url pkg:maven/org.apache.tomcat/tomcat@9.0.31
purl pkg:maven/org.apache.tomcat/tomcat@9.0.31
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-16sq-3qm1-kqb2
1
vulnerability VCID-2hmq-5245-jyaf
2
vulnerability VCID-2n2k-sh22-fkfw
3
vulnerability VCID-3kn9-yxww-ryh4
4
vulnerability VCID-697g-gcg9-zyaa
5
vulnerability VCID-6kab-xsqw-37ed
6
vulnerability VCID-6wqu-jupw-tyhu
7
vulnerability VCID-7wr9-uez1-8bdg
8
vulnerability VCID-97et-ubnp-wqcy
9
vulnerability VCID-9xyf-k9wq-g7b9
10
vulnerability VCID-dhxd-kknv-9qb7
11
vulnerability VCID-dj7q-4map-ebg4
12
vulnerability VCID-dx14-ejnx-37ad
13
vulnerability VCID-euv9-huaz-y3d1
14
vulnerability VCID-gecz-htub-27gx
15
vulnerability VCID-hv33-kv9q-gugf
16
vulnerability VCID-keh1-ycs9-ybdd
17
vulnerability VCID-ngy5-k9cv-rkbn
18
vulnerability VCID-nj9t-gdm3-6ycn
19
vulnerability VCID-p4j1-xp15-t3b8
20
vulnerability VCID-p65m-6crd-bufr
21
vulnerability VCID-qvgx-r4rr-xugp
22
vulnerability VCID-r9fd-ndvw-ekfa
23
vulnerability VCID-s2kf-jwgc-pfas
24
vulnerability VCID-t8tc-zb3w-57gv
25
vulnerability VCID-tvrz-n2kd-pba4
26
vulnerability VCID-uyc3-3cnp-wqf3
27
vulnerability VCID-v5zf-qfdq-kbbp
28
vulnerability VCID-vfh6-rc99-e3bf
29
vulnerability VCID-vnfg-9em7-u7ee
30
vulnerability VCID-yg5s-2fsb-gub2
31
vulnerability VCID-yjb8-hdqu-4fe5
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.31
aliases CVE-2019-17569, GHSA-767j-jfh2-jvrc
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bv5e-eycn-n7e2
2
url VCID-t7xw-r7rz-u3g5
vulnerability_id VCID-t7xw-r7rz-u3g5
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1938.json
reference_id
reference_type
scores
0
value 7.6
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1938.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-1938
reference_id
reference_type
scores
0
value 0.94469
scoring_system epss
scoring_elements 0.99998
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-1938
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
4
reference_url https://github.com/apache/tomcat/commit/03c436126db6794db5277a3b3d871016fb9a3f23
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/03c436126db6794db5277a3b3d871016fb9a3f23
5
reference_url https://github.com/apache/tomcat/commit/0d633e72ebc7b3c242d0081c23bba5e4dacd9b72
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/0d633e72ebc7b3c242d0081c23bba5e4dacd9b72
6
reference_url https://github.com/apache/tomcat/commit/0e8a50f0a5958744bea1fd6768c862e04d3b7e75
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/0e8a50f0a5958744bea1fd6768c862e04d3b7e75
7
reference_url https://github.com/apache/tomcat/commit/40d5d93bd284033cf4a1f77f5492444f83d803e2
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/40d5d93bd284033cf4a1f77f5492444f83d803e2
8
reference_url https://github.com/apache/tomcat/commit/49ad3f954f69c6e838c8cd112ad79aa5fa8e7153
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/49ad3f954f69c6e838c8cd112ad79aa5fa8e7153
9
reference_url https://github.com/apache/tomcat/commit/5a5494f023e81aa353e262fb14fff4cd0338a67c
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/5a5494f023e81aa353e262fb14fff4cd0338a67c
10
reference_url https://github.com/apache/tomcat/commit/64159aa1d7cdc2c118fcb5eac098e70129d54a19
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/64159aa1d7cdc2c118fcb5eac098e70129d54a19
11
reference_url https://github.com/apache/tomcat/commit/64fa5b99442589ef0bf2a7fcd71ad2bc68b35fad
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/64fa5b99442589ef0bf2a7fcd71ad2bc68b35fad
12
reference_url https://github.com/apache/tomcat/commit/69c56080fb3355507e1b55d014ec0ee6767a6150
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/69c56080fb3355507e1b55d014ec0ee6767a6150
13
reference_url https://github.com/apache/tomcat/commit/7a1406a3cd20fdd90656add6cd8f27ef8f24e957
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/7a1406a3cd20fdd90656add6cd8f27ef8f24e957
14
reference_url https://github.com/apache/tomcat/commit/9ac90532e9a7d239f90952edb229b07c80a9a3eb
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/9ac90532e9a7d239f90952edb229b07c80a9a3eb
15
reference_url https://github.com/apache/tomcat/commit/9be57601efb8a81e3832feb0dd60b1eb9d2b61d5
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/9be57601efb8a81e3832feb0dd60b1eb9d2b61d5
16
reference_url https://github.com/apache/tomcat/commit/b962835f98b905286b78c414d5aaec2d0e711f75
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/b962835f98b905286b78c414d5aaec2d0e711f75
17
reference_url https://github.com/apache/tomcat/commit/b99fba5bd796d876ea536e83299603443842feba
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/b99fba5bd796d876ea536e83299603443842feba
18
reference_url https://github.com/apache/tomcat/commit/f7180bafc74cb1250c9e9287b68a230f0e1f4645
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/f7180bafc74cb1250c9e9287b68a230f0e1f4645
19
reference_url https://lists.apache.org/thread.html/r089dc67c0358a1556dd279c762c74f32d7a254a54836b7ee2d839d8e@%3Cdev.tomee.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r089dc67c0358a1556dd279c762c74f32d7a254a54836b7ee2d839d8e@%3Cdev.tomee.apache.org%3E
20
reference_url https://lists.apache.org/thread.html/r1125f3044a0946d1e7e6f125a6170b58d413ebd4a95157e4608041c7@%3Cannounce.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r1125f3044a0946d1e7e6f125a6170b58d413ebd4a95157e4608041c7@%3Cannounce.apache.org%3E
21
reference_url https://lists.apache.org/thread.html/r17aaa3a05b5b7fe9075613dd0c681efa60a4f8c8fbad152c61371b6e@%3Cusers.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r17aaa3a05b5b7fe9075613dd0c681efa60a4f8c8fbad152c61371b6e@%3Cusers.tomcat.apache.org%3E
22
reference_url https://lists.apache.org/thread.html/r38a5b7943b9a62ecb853acc22ef08ff586a7b3c66e08f949f0396ab1@%3Cusers.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r38a5b7943b9a62ecb853acc22ef08ff586a7b3c66e08f949f0396ab1@%3Cusers.tomcat.apache.org%3E
23
reference_url https://lists.apache.org/thread.html/r43faacf64570b1d9a4bada407a5af3b2738b0c007b905f1b6b608c65@%3Cusers.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r43faacf64570b1d9a4bada407a5af3b2738b0c007b905f1b6b608c65@%3Cusers.tomcat.apache.org%3E
24
reference_url https://lists.apache.org/thread.html/r47caef01f663106c2bb81d116b8380d62beac9e543dd3f3bc2c2beda@%3Ccommits.tomee.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r47caef01f663106c2bb81d116b8380d62beac9e543dd3f3bc2c2beda@%3Ccommits.tomee.apache.org%3E
25
reference_url https://lists.apache.org/thread.html/r4afa11e0464408e68f0e9560e90b185749363a66398b1491254f7864@%3Cusers.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r4afa11e0464408e68f0e9560e90b185749363a66398b1491254f7864@%3Cusers.tomcat.apache.org%3E
26
reference_url https://lists.apache.org/thread.html/r4f86cb260196e5cfcbbe782822c225ddcc70f54560f14a8f11c6926f@%3Cusers.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r4f86cb260196e5cfcbbe782822c225ddcc70f54560f14a8f11c6926f@%3Cusers.tomcat.apache.org%3E
27
reference_url https://lists.apache.org/thread.html/r549b43509e387a42656f0641fa311bf27c127c244fe02007d5b8d6f6@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r549b43509e387a42656f0641fa311bf27c127c244fe02007d5b8d6f6@%3Cdev.tomcat.apache.org%3E
28
reference_url https://lists.apache.org/thread.html/r57f5e4ced436ace518a9e222fabe27fb785f09f5bf974814cc48ca97@%3Ccommits.tomee.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r57f5e4ced436ace518a9e222fabe27fb785f09f5bf974814cc48ca97@%3Ccommits.tomee.apache.org%3E
29
reference_url https://lists.apache.org/thread.html/r5e2f1201b92ee05a0527cfc076a81ea0c270be299b87895c0ddbe02b@%3Cusers.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r5e2f1201b92ee05a0527cfc076a81ea0c270be299b87895c0ddbe02b@%3Cusers.tomcat.apache.org%3E
30
reference_url https://lists.apache.org/thread.html/r61f280a76902b594692f0b24a1dbf647bb5a4c197b9395e9a6796e7c@%3Cusers.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r61f280a76902b594692f0b24a1dbf647bb5a4c197b9395e9a6796e7c@%3Cusers.tomcat.apache.org%3E
31
reference_url https://lists.apache.org/thread.html/r6a5633cad1b560a1e51f5b425f02918bdf30e090fdf18c5f7c2617eb@%3Ccommits.tomee.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r6a5633cad1b560a1e51f5b425f02918bdf30e090fdf18c5f7c2617eb@%3Ccommits.tomee.apache.org%3E
32
reference_url https://lists.apache.org/thread.html/r74328b178f9f37fe759dffbc9c1f2793e66d79d7a8a20d3836551794@%3Cnotifications.ofbiz.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r74328b178f9f37fe759dffbc9c1f2793e66d79d7a8a20d3836551794@%3Cnotifications.ofbiz.apache.org%3E
33
reference_url https://lists.apache.org/thread.html/r75113652e46c4dee687236510649acfb70d2c63e074152049c3f399d@%3Cnotifications.ofbiz.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r75113652e46c4dee687236510649acfb70d2c63e074152049c3f399d@%3Cnotifications.ofbiz.apache.org%3E
34
reference_url https://lists.apache.org/thread.html/r772335e6851ad33ddb076218fa4ff70de1bf398d5b43e2ddf0130e5d@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r772335e6851ad33ddb076218fa4ff70de1bf398d5b43e2ddf0130e5d@%3Cdev.tomcat.apache.org%3E
35
reference_url https://lists.apache.org/thread.html/r856cdd87eda7af40b50278d6de80ee4b42d63adeb433a34a7bdaf9db@%3Cnotifications.ofbiz.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r856cdd87eda7af40b50278d6de80ee4b42d63adeb433a34a7bdaf9db@%3Cnotifications.ofbiz.apache.org%3E
36
reference_url https://lists.apache.org/thread.html/r8f7484589454638af527182ae55ef5b628ba00c05c5b11887c922fb1@%3Cnotifications.ofbiz.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r8f7484589454638af527182ae55ef5b628ba00c05c5b11887c922fb1@%3Cnotifications.ofbiz.apache.org%3E
37
reference_url https://lists.apache.org/thread.html/r90890afea72a9571d666820b2fe5942a0a5f86be406fa31da3dd0922@%3Cannounce.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r90890afea72a9571d666820b2fe5942a0a5f86be406fa31da3dd0922@%3Cannounce.apache.org%3E
38
reference_url https://lists.apache.org/thread.html/r92d78655c068d0bc991d1edbdfb24f9c5134603e647cade1113d4e0a@%3Cusers.tomee.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r92d78655c068d0bc991d1edbdfb24f9c5134603e647cade1113d4e0a@%3Cusers.tomee.apache.org%3E
39
reference_url https://lists.apache.org/thread.html/r9f119d9ce9239114022e13dbfe385b3de7c972f24f05d6dbd35c1a2f@%3Cusers.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r9f119d9ce9239114022e13dbfe385b3de7c972f24f05d6dbd35c1a2f@%3Cusers.tomcat.apache.org%3E
40
reference_url https://lists.apache.org/thread.html/ra7092f7492569b39b04ec0decf52628ba86c51f15efb38f5853e2760@%3Cnotifications.ofbiz.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/ra7092f7492569b39b04ec0decf52628ba86c51f15efb38f5853e2760@%3Cnotifications.ofbiz.apache.org%3E
41
reference_url https://lists.apache.org/thread.html/rad36ec6a1ffc9e43266b030c22ceeea569243555d34fb4187ff08522@%3Cnotifications.ofbiz.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rad36ec6a1ffc9e43266b030c22ceeea569243555d34fb4187ff08522@%3Cnotifications.ofbiz.apache.org%3E
42
reference_url https://lists.apache.org/thread.html/rb1c0fb105ce2b93b7ec6fc1b77dd208022621a91c12d1f580813cfed@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb1c0fb105ce2b93b7ec6fc1b77dd208022621a91c12d1f580813cfed@%3Cdev.tomcat.apache.org%3E
43
reference_url https://lists.apache.org/thread.html/rb2fc890bef23cbc7f343900005fe1edd3b091cf18dada455580258f9@%3Cusers.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb2fc890bef23cbc7f343900005fe1edd3b091cf18dada455580258f9@%3Cusers.tomcat.apache.org%3E
44
reference_url https://lists.apache.org/thread.html/rbdb1d2b651a3728f0ceba9e0853575b6f90296a94a71836a15f7364a@%3Cdev.tomee.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rbdb1d2b651a3728f0ceba9e0853575b6f90296a94a71836a15f7364a@%3Cdev.tomee.apache.org%3E
45
reference_url https://lists.apache.org/thread.html/rc068e824654c4b8bd4f2490bec869e29edbfcd5dfe02d47cbf7433b2@%3Cdev.tomee.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rc068e824654c4b8bd4f2490bec869e29edbfcd5dfe02d47cbf7433b2@%3Cdev.tomee.apache.org%3E
46
reference_url https://lists.apache.org/thread.html/rcd5cd301e9e7e39f939baf2f5d58704750be07a5e2d3393e40ca7194@%3Ccommits.tomee.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rcd5cd301e9e7e39f939baf2f5d58704750be07a5e2d3393e40ca7194@%3Ccommits.tomee.apache.org%3E
47
reference_url https://lists.apache.org/thread.html/rce2af55f6e144ffcdc025f997eddceb315dfbc0b230e3d750a7f7425@%3Cnotifications.ofbiz.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rce2af55f6e144ffcdc025f997eddceb315dfbc0b230e3d750a7f7425@%3Cnotifications.ofbiz.apache.org%3E
48
reference_url https://lists.apache.org/thread.html/rd0774c95699d5aeb5e16e9a600fb2ea296e81175e30a62094e27e3e7@%3Ccommits.ofbiz.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rd0774c95699d5aeb5e16e9a600fb2ea296e81175e30a62094e27e3e7@%3Ccommits.ofbiz.apache.org%3E
49
reference_url https://lists.apache.org/thread.html/rd50baccd1bbb96c2327d5a8caa25a49692b3d68d96915bd1cfbb9f8b@%3Cusers.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rd50baccd1bbb96c2327d5a8caa25a49692b3d68d96915bd1cfbb9f8b@%3Cusers.tomcat.apache.org%3E
50
reference_url https://lists.apache.org/thread.html/re5eecbe5bf967439bafeeaa85987b3a43f0e6efe06b6976ee768cde2@%3Cusers.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/re5eecbe5bf967439bafeeaa85987b3a43f0e6efe06b6976ee768cde2@%3Cusers.tomcat.apache.org%3E
51
reference_url https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E
52
reference_url https://lists.apache.org/thread.html/rf26663f42e7f1a1d1cac732469fb5e92c89908a48b61ec546dbb79ca@%3Cbugs.httpd.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rf26663f42e7f1a1d1cac732469fb5e92c89908a48b61ec546dbb79ca@%3Cbugs.httpd.apache.org%3E
53
reference_url https://lists.apache.org/thread.html/rf992c5adf376294af31378a70aa8a158388a41d7039668821be28df3@%3Ccommits.tomee.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rf992c5adf376294af31378a70aa8a158388a41d7039668821be28df3@%3Ccommits.tomee.apache.org%3E
54
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2XFLQB3O5QVP4ZBIPVIXBEZV7F2R7ZMS
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2XFLQB3O5QVP4ZBIPVIXBEZV7F2R7ZMS
55
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K3IPNHCKFVUKSHDTM45UL4Q765EHHTFG
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K3IPNHCKFVUKSHDTM45UL4Q765EHHTFG
56
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L46WJIV6UV3FWA5O5YEY6XLA73RYD53B
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L46WJIV6UV3FWA5O5YEY6XLA73RYD53B
57
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2XFLQB3O5QVP4ZBIPVIXBEZV7F2R7ZMS
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2XFLQB3O5QVP4ZBIPVIXBEZV7F2R7ZMS
58
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2XFLQB3O5QVP4ZBIPVIXBEZV7F2R7ZMS/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2XFLQB3O5QVP4ZBIPVIXBEZV7F2R7ZMS/
59
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/K3IPNHCKFVUKSHDTM45UL4Q765EHHTFG
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/K3IPNHCKFVUKSHDTM45UL4Q765EHHTFG
60
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/K3IPNHCKFVUKSHDTM45UL4Q765EHHTFG/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/K3IPNHCKFVUKSHDTM45UL4Q765EHHTFG/
61
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L46WJIV6UV3FWA5O5YEY6XLA73RYD53B
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L46WJIV6UV3FWA5O5YEY6XLA73RYD53B
62
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L46WJIV6UV3FWA5O5YEY6XLA73RYD53B/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L46WJIV6UV3FWA5O5YEY6XLA73RYD53B/
63
reference_url https://security.netapp.com/advisory/ntap-20200226-0002
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20200226-0002
64
reference_url https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-1938
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-1938
65
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1806398
reference_id 1806398
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1806398
66
reference_url https://security.gentoo.org/glsa/202003-43
reference_id 202003-43
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://security.gentoo.org/glsa/202003-43
67
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2XFLQB3O5QVP4ZBIPVIXBEZV7F2R7ZMS/
reference_id 2XFLQB3O5QVP4ZBIPVIXBEZV7F2R7ZMS
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2XFLQB3O5QVP4ZBIPVIXBEZV7F2R7ZMS/
68
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=952437
reference_id 952437
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=952437
69
reference_url http://support.blackberry.com/kb/articleDetail?articleNumber=000062739
reference_id articleDetail?articleNumber=000062739
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url http://support.blackberry.com/kb/articleDetail?articleNumber=000062739
70
reference_url https://www.oracle.com/security-alerts/cpujan2021.html
reference_id cpujan2021.html
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://www.oracle.com/security-alerts/cpujan2021.html
71
reference_url https://www.oracle.com/security-alerts/cpujul2020.html
reference_id cpujul2020.html
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://www.oracle.com/security-alerts/cpujul2020.html
72
reference_url https://www.oracle.com/security-alerts/cpuoct2020.html
reference_id cpuoct2020.html
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://www.oracle.com/security-alerts/cpuoct2020.html
73
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1938
reference_id CVE-2020-1938
reference_type
scores
0
value High
scoring_system apache_tomcat
scoring_elements
1
value Important
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1938
74
reference_url https://github.com/YDHCUI/CNVD-2020-10487-Tomcat-Ajp-lfi/blob/8bd38f4cf22331ecf4e48096a78c5931509c26be/CNVD-2020-10487-Tomcat-Ajp-lfi.py
reference_id CVE-2020-1938
reference_type exploit
scores
url https://github.com/YDHCUI/CNVD-2020-10487-Tomcat-Ajp-lfi/blob/8bd38f4cf22331ecf4e48096a78c5931509c26be/CNVD-2020-10487-Tomcat-Ajp-lfi.py
75
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/48143.py
reference_id CVE-2020-1938
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/48143.py
76
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/49039.rb
reference_id CVE-2020-1938
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/49039.rb
77
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-1938
reference_id CVE-2020-1938
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-1938
78
reference_url https://www.debian.org/security/2020/dsa-4673
reference_id dsa-4673
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://www.debian.org/security/2020/dsa-4673
79
reference_url https://www.debian.org/security/2020/dsa-4680
reference_id dsa-4680
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://www.debian.org/security/2020/dsa-4680
80
reference_url https://github.com/advisories/GHSA-c9hw-wf7x-jp9j
reference_id GHSA-c9hw-wf7x-jp9j
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-c9hw-wf7x-jp9j
81
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K3IPNHCKFVUKSHDTM45UL4Q765EHHTFG/
reference_id K3IPNHCKFVUKSHDTM45UL4Q765EHHTFG
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K3IPNHCKFVUKSHDTM45UL4Q765EHHTFG/
82
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L46WJIV6UV3FWA5O5YEY6XLA73RYD53B/
reference_id L46WJIV6UV3FWA5O5YEY6XLA73RYD53B
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L46WJIV6UV3FWA5O5YEY6XLA73RYD53B/
83
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00002.html
reference_id msg00002.html
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00002.html
84
reference_url https://lists.debian.org/debian-lts-announce/2020/03/msg00006.html
reference_id msg00006.html
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://lists.debian.org/debian-lts-announce/2020/03/msg00006.html
85
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00025.html
reference_id msg00025.html
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00025.html
86
reference_url https://lists.debian.org/debian-lts-announce/2020/05/msg00026.html
reference_id msg00026.html
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://lists.debian.org/debian-lts-announce/2020/05/msg00026.html
87
reference_url https://security.netapp.com/advisory/ntap-20200226-0002/
reference_id ntap-20200226-0002
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://security.netapp.com/advisory/ntap-20200226-0002/
88
reference_url https://lists.apache.org/thread.html/r089dc67c0358a1556dd279c762c74f32d7a254a54836b7ee2d839d8e%40%3Cdev.tomee.apache.org%3E
reference_id r089dc67c0358a1556dd279c762c74f32d7a254a54836b7ee2d839d8e%40%3Cdev.tomee.apache.org%3E
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://lists.apache.org/thread.html/r089dc67c0358a1556dd279c762c74f32d7a254a54836b7ee2d839d8e%40%3Cdev.tomee.apache.org%3E
89
reference_url https://lists.apache.org/thread.html/r1125f3044a0946d1e7e6f125a6170b58d413ebd4a95157e4608041c7%40%3Cannounce.apache.org%3E
reference_id r1125f3044a0946d1e7e6f125a6170b58d413ebd4a95157e4608041c7%40%3Cannounce.apache.org%3E
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://lists.apache.org/thread.html/r1125f3044a0946d1e7e6f125a6170b58d413ebd4a95157e4608041c7%40%3Cannounce.apache.org%3E
90
reference_url https://lists.apache.org/thread.html/r17aaa3a05b5b7fe9075613dd0c681efa60a4f8c8fbad152c61371b6e%40%3Cusers.tomcat.apache.org%3E
reference_id r17aaa3a05b5b7fe9075613dd0c681efa60a4f8c8fbad152c61371b6e%40%3Cusers.tomcat.apache.org%3E
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://lists.apache.org/thread.html/r17aaa3a05b5b7fe9075613dd0c681efa60a4f8c8fbad152c61371b6e%40%3Cusers.tomcat.apache.org%3E
91
reference_url https://lists.apache.org/thread.html/r38a5b7943b9a62ecb853acc22ef08ff586a7b3c66e08f949f0396ab1%40%3Cusers.tomcat.apache.org%3E
reference_id r38a5b7943b9a62ecb853acc22ef08ff586a7b3c66e08f949f0396ab1%40%3Cusers.tomcat.apache.org%3E
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://lists.apache.org/thread.html/r38a5b7943b9a62ecb853acc22ef08ff586a7b3c66e08f949f0396ab1%40%3Cusers.tomcat.apache.org%3E
92
reference_url https://lists.apache.org/thread.html/r43faacf64570b1d9a4bada407a5af3b2738b0c007b905f1b6b608c65%40%3Cusers.tomcat.apache.org%3E
reference_id r43faacf64570b1d9a4bada407a5af3b2738b0c007b905f1b6b608c65%40%3Cusers.tomcat.apache.org%3E
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://lists.apache.org/thread.html/r43faacf64570b1d9a4bada407a5af3b2738b0c007b905f1b6b608c65%40%3Cusers.tomcat.apache.org%3E
93
reference_url https://lists.apache.org/thread.html/r47caef01f663106c2bb81d116b8380d62beac9e543dd3f3bc2c2beda%40%3Ccommits.tomee.apache.org%3E
reference_id r47caef01f663106c2bb81d116b8380d62beac9e543dd3f3bc2c2beda%40%3Ccommits.tomee.apache.org%3E
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://lists.apache.org/thread.html/r47caef01f663106c2bb81d116b8380d62beac9e543dd3f3bc2c2beda%40%3Ccommits.tomee.apache.org%3E
94
reference_url https://lists.apache.org/thread.html/r4afa11e0464408e68f0e9560e90b185749363a66398b1491254f7864%40%3Cusers.tomcat.apache.org%3E
reference_id r4afa11e0464408e68f0e9560e90b185749363a66398b1491254f7864%40%3Cusers.tomcat.apache.org%3E
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://lists.apache.org/thread.html/r4afa11e0464408e68f0e9560e90b185749363a66398b1491254f7864%40%3Cusers.tomcat.apache.org%3E
95
reference_url https://lists.apache.org/thread.html/r4f86cb260196e5cfcbbe782822c225ddcc70f54560f14a8f11c6926f%40%3Cusers.tomcat.apache.org%3E
reference_id r4f86cb260196e5cfcbbe782822c225ddcc70f54560f14a8f11c6926f%40%3Cusers.tomcat.apache.org%3E
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://lists.apache.org/thread.html/r4f86cb260196e5cfcbbe782822c225ddcc70f54560f14a8f11c6926f%40%3Cusers.tomcat.apache.org%3E
96
reference_url https://lists.apache.org/thread.html/r549b43509e387a42656f0641fa311bf27c127c244fe02007d5b8d6f6%40%3Cdev.tomcat.apache.org%3E
reference_id r549b43509e387a42656f0641fa311bf27c127c244fe02007d5b8d6f6%40%3Cdev.tomcat.apache.org%3E
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://lists.apache.org/thread.html/r549b43509e387a42656f0641fa311bf27c127c244fe02007d5b8d6f6%40%3Cdev.tomcat.apache.org%3E
97
reference_url https://lists.apache.org/thread.html/r57f5e4ced436ace518a9e222fabe27fb785f09f5bf974814cc48ca97%40%3Ccommits.tomee.apache.org%3E
reference_id r57f5e4ced436ace518a9e222fabe27fb785f09f5bf974814cc48ca97%40%3Ccommits.tomee.apache.org%3E
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://lists.apache.org/thread.html/r57f5e4ced436ace518a9e222fabe27fb785f09f5bf974814cc48ca97%40%3Ccommits.tomee.apache.org%3E
98
reference_url https://lists.apache.org/thread.html/r5e2f1201b92ee05a0527cfc076a81ea0c270be299b87895c0ddbe02b%40%3Cusers.tomcat.apache.org%3E
reference_id r5e2f1201b92ee05a0527cfc076a81ea0c270be299b87895c0ddbe02b%40%3Cusers.tomcat.apache.org%3E
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://lists.apache.org/thread.html/r5e2f1201b92ee05a0527cfc076a81ea0c270be299b87895c0ddbe02b%40%3Cusers.tomcat.apache.org%3E
99
reference_url https://lists.apache.org/thread.html/r61f280a76902b594692f0b24a1dbf647bb5a4c197b9395e9a6796e7c%40%3Cusers.tomcat.apache.org%3E
reference_id r61f280a76902b594692f0b24a1dbf647bb5a4c197b9395e9a6796e7c%40%3Cusers.tomcat.apache.org%3E
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://lists.apache.org/thread.html/r61f280a76902b594692f0b24a1dbf647bb5a4c197b9395e9a6796e7c%40%3Cusers.tomcat.apache.org%3E
100
reference_url https://lists.apache.org/thread.html/r6a5633cad1b560a1e51f5b425f02918bdf30e090fdf18c5f7c2617eb%40%3Ccommits.tomee.apache.org%3E
reference_id r6a5633cad1b560a1e51f5b425f02918bdf30e090fdf18c5f7c2617eb%40%3Ccommits.tomee.apache.org%3E
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://lists.apache.org/thread.html/r6a5633cad1b560a1e51f5b425f02918bdf30e090fdf18c5f7c2617eb%40%3Ccommits.tomee.apache.org%3E
101
reference_url https://lists.apache.org/thread.html/r74328b178f9f37fe759dffbc9c1f2793e66d79d7a8a20d3836551794%40%3Cnotifications.ofbiz.apache.org%3E
reference_id r74328b178f9f37fe759dffbc9c1f2793e66d79d7a8a20d3836551794%40%3Cnotifications.ofbiz.apache.org%3E
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://lists.apache.org/thread.html/r74328b178f9f37fe759dffbc9c1f2793e66d79d7a8a20d3836551794%40%3Cnotifications.ofbiz.apache.org%3E
102
reference_url https://lists.apache.org/thread.html/r75113652e46c4dee687236510649acfb70d2c63e074152049c3f399d%40%3Cnotifications.ofbiz.apache.org%3E
reference_id r75113652e46c4dee687236510649acfb70d2c63e074152049c3f399d%40%3Cnotifications.ofbiz.apache.org%3E
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://lists.apache.org/thread.html/r75113652e46c4dee687236510649acfb70d2c63e074152049c3f399d%40%3Cnotifications.ofbiz.apache.org%3E
103
reference_url https://lists.apache.org/thread.html/r772335e6851ad33ddb076218fa4ff70de1bf398d5b43e2ddf0130e5d%40%3Cdev.tomcat.apache.org%3E
reference_id r772335e6851ad33ddb076218fa4ff70de1bf398d5b43e2ddf0130e5d%40%3Cdev.tomcat.apache.org%3E
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://lists.apache.org/thread.html/r772335e6851ad33ddb076218fa4ff70de1bf398d5b43e2ddf0130e5d%40%3Cdev.tomcat.apache.org%3E
104
reference_url https://lists.apache.org/thread.html/r7c6f492fbd39af34a68681dbbba0468490ff1a97a1bd79c6a53610ef%40%3Cannounce.tomcat.apache.org%3E
reference_id r7c6f492fbd39af34a68681dbbba0468490ff1a97a1bd79c6a53610ef%40%3Cannounce.tomcat.apache.org%3E
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://lists.apache.org/thread.html/r7c6f492fbd39af34a68681dbbba0468490ff1a97a1bd79c6a53610ef%40%3Cannounce.tomcat.apache.org%3E
105
reference_url https://lists.apache.org/thread.html/r856cdd87eda7af40b50278d6de80ee4b42d63adeb433a34a7bdaf9db%40%3Cnotifications.ofbiz.apache.org%3E
reference_id r856cdd87eda7af40b50278d6de80ee4b42d63adeb433a34a7bdaf9db%40%3Cnotifications.ofbiz.apache.org%3E
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://lists.apache.org/thread.html/r856cdd87eda7af40b50278d6de80ee4b42d63adeb433a34a7bdaf9db%40%3Cnotifications.ofbiz.apache.org%3E
106
reference_url https://lists.apache.org/thread.html/r8f7484589454638af527182ae55ef5b628ba00c05c5b11887c922fb1%40%3Cnotifications.ofbiz.apache.org%3E
reference_id r8f7484589454638af527182ae55ef5b628ba00c05c5b11887c922fb1%40%3Cnotifications.ofbiz.apache.org%3E
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://lists.apache.org/thread.html/r8f7484589454638af527182ae55ef5b628ba00c05c5b11887c922fb1%40%3Cnotifications.ofbiz.apache.org%3E
107
reference_url https://lists.apache.org/thread.html/r90890afea72a9571d666820b2fe5942a0a5f86be406fa31da3dd0922%40%3Cannounce.apache.org%3E
reference_id r90890afea72a9571d666820b2fe5942a0a5f86be406fa31da3dd0922%40%3Cannounce.apache.org%3E
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://lists.apache.org/thread.html/r90890afea72a9571d666820b2fe5942a0a5f86be406fa31da3dd0922%40%3Cannounce.apache.org%3E
108
reference_url https://lists.apache.org/thread.html/r92d78655c068d0bc991d1edbdfb24f9c5134603e647cade1113d4e0a%40%3Cusers.tomee.apache.org%3E
reference_id r92d78655c068d0bc991d1edbdfb24f9c5134603e647cade1113d4e0a%40%3Cusers.tomee.apache.org%3E
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://lists.apache.org/thread.html/r92d78655c068d0bc991d1edbdfb24f9c5134603e647cade1113d4e0a%40%3Cusers.tomee.apache.org%3E
109
reference_url https://lists.apache.org/thread.html/r9f119d9ce9239114022e13dbfe385b3de7c972f24f05d6dbd35c1a2f%40%3Cusers.tomcat.apache.org%3E
reference_id r9f119d9ce9239114022e13dbfe385b3de7c972f24f05d6dbd35c1a2f%40%3Cusers.tomcat.apache.org%3E
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://lists.apache.org/thread.html/r9f119d9ce9239114022e13dbfe385b3de7c972f24f05d6dbd35c1a2f%40%3Cusers.tomcat.apache.org%3E
110
reference_url https://lists.apache.org/thread.html/ra7092f7492569b39b04ec0decf52628ba86c51f15efb38f5853e2760%40%3Cnotifications.ofbiz.apache.org%3E
reference_id ra7092f7492569b39b04ec0decf52628ba86c51f15efb38f5853e2760%40%3Cnotifications.ofbiz.apache.org%3E
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://lists.apache.org/thread.html/ra7092f7492569b39b04ec0decf52628ba86c51f15efb38f5853e2760%40%3Cnotifications.ofbiz.apache.org%3E
111
reference_url https://lists.apache.org/thread.html/rad36ec6a1ffc9e43266b030c22ceeea569243555d34fb4187ff08522%40%3Cnotifications.ofbiz.apache.org%3E
reference_id rad36ec6a1ffc9e43266b030c22ceeea569243555d34fb4187ff08522%40%3Cnotifications.ofbiz.apache.org%3E
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://lists.apache.org/thread.html/rad36ec6a1ffc9e43266b030c22ceeea569243555d34fb4187ff08522%40%3Cnotifications.ofbiz.apache.org%3E
112
reference_url https://lists.apache.org/thread.html/rb1c0fb105ce2b93b7ec6fc1b77dd208022621a91c12d1f580813cfed%40%3Cdev.tomcat.apache.org%3E
reference_id rb1c0fb105ce2b93b7ec6fc1b77dd208022621a91c12d1f580813cfed%40%3Cdev.tomcat.apache.org%3E
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://lists.apache.org/thread.html/rb1c0fb105ce2b93b7ec6fc1b77dd208022621a91c12d1f580813cfed%40%3Cdev.tomcat.apache.org%3E
113
reference_url https://lists.apache.org/thread.html/rb2fc890bef23cbc7f343900005fe1edd3b091cf18dada455580258f9%40%3Cusers.tomcat.apache.org%3E
reference_id rb2fc890bef23cbc7f343900005fe1edd3b091cf18dada455580258f9%40%3Cusers.tomcat.apache.org%3E
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://lists.apache.org/thread.html/rb2fc890bef23cbc7f343900005fe1edd3b091cf18dada455580258f9%40%3Cusers.tomcat.apache.org%3E
114
reference_url https://lists.apache.org/thread.html/rbdb1d2b651a3728f0ceba9e0853575b6f90296a94a71836a15f7364a%40%3Cdev.tomee.apache.org%3E
reference_id rbdb1d2b651a3728f0ceba9e0853575b6f90296a94a71836a15f7364a%40%3Cdev.tomee.apache.org%3E
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://lists.apache.org/thread.html/rbdb1d2b651a3728f0ceba9e0853575b6f90296a94a71836a15f7364a%40%3Cdev.tomee.apache.org%3E
115
reference_url https://lists.apache.org/thread.html/rc068e824654c4b8bd4f2490bec869e29edbfcd5dfe02d47cbf7433b2%40%3Cdev.tomee.apache.org%3E
reference_id rc068e824654c4b8bd4f2490bec869e29edbfcd5dfe02d47cbf7433b2%40%3Cdev.tomee.apache.org%3E
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://lists.apache.org/thread.html/rc068e824654c4b8bd4f2490bec869e29edbfcd5dfe02d47cbf7433b2%40%3Cdev.tomee.apache.org%3E
116
reference_url https://lists.apache.org/thread.html/rcd5cd301e9e7e39f939baf2f5d58704750be07a5e2d3393e40ca7194%40%3Ccommits.tomee.apache.org%3E
reference_id rcd5cd301e9e7e39f939baf2f5d58704750be07a5e2d3393e40ca7194%40%3Ccommits.tomee.apache.org%3E
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://lists.apache.org/thread.html/rcd5cd301e9e7e39f939baf2f5d58704750be07a5e2d3393e40ca7194%40%3Ccommits.tomee.apache.org%3E
117
reference_url https://lists.apache.org/thread.html/rce2af55f6e144ffcdc025f997eddceb315dfbc0b230e3d750a7f7425%40%3Cnotifications.ofbiz.apache.org%3E
reference_id rce2af55f6e144ffcdc025f997eddceb315dfbc0b230e3d750a7f7425%40%3Cnotifications.ofbiz.apache.org%3E
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://lists.apache.org/thread.html/rce2af55f6e144ffcdc025f997eddceb315dfbc0b230e3d750a7f7425%40%3Cnotifications.ofbiz.apache.org%3E
118
reference_url https://lists.apache.org/thread.html/rd0774c95699d5aeb5e16e9a600fb2ea296e81175e30a62094e27e3e7%40%3Ccommits.ofbiz.apache.org%3E
reference_id rd0774c95699d5aeb5e16e9a600fb2ea296e81175e30a62094e27e3e7%40%3Ccommits.ofbiz.apache.org%3E
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://lists.apache.org/thread.html/rd0774c95699d5aeb5e16e9a600fb2ea296e81175e30a62094e27e3e7%40%3Ccommits.ofbiz.apache.org%3E
119
reference_url https://lists.apache.org/thread.html/rd50baccd1bbb96c2327d5a8caa25a49692b3d68d96915bd1cfbb9f8b%40%3Cusers.tomcat.apache.org%3E
reference_id rd50baccd1bbb96c2327d5a8caa25a49692b3d68d96915bd1cfbb9f8b%40%3Cusers.tomcat.apache.org%3E
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://lists.apache.org/thread.html/rd50baccd1bbb96c2327d5a8caa25a49692b3d68d96915bd1cfbb9f8b%40%3Cusers.tomcat.apache.org%3E
120
reference_url https://lists.apache.org/thread.html/re5eecbe5bf967439bafeeaa85987b3a43f0e6efe06b6976ee768cde2%40%3Cusers.tomcat.apache.org%3E
reference_id re5eecbe5bf967439bafeeaa85987b3a43f0e6efe06b6976ee768cde2%40%3Cusers.tomcat.apache.org%3E
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://lists.apache.org/thread.html/re5eecbe5bf967439bafeeaa85987b3a43f0e6efe06b6976ee768cde2%40%3Cusers.tomcat.apache.org%3E
121
reference_url https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2%40%3Cissues.geode.apache.org%3E
reference_id rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2%40%3Cissues.geode.apache.org%3E
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2%40%3Cissues.geode.apache.org%3E
122
reference_url https://lists.apache.org/thread.html/rf26663f42e7f1a1d1cac732469fb5e92c89908a48b61ec546dbb79ca%40%3Cbugs.httpd.apache.org%3E
reference_id rf26663f42e7f1a1d1cac732469fb5e92c89908a48b61ec546dbb79ca%40%3Cbugs.httpd.apache.org%3E
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://lists.apache.org/thread.html/rf26663f42e7f1a1d1cac732469fb5e92c89908a48b61ec546dbb79ca%40%3Cbugs.httpd.apache.org%3E
123
reference_url https://lists.apache.org/thread.html/rf992c5adf376294af31378a70aa8a158388a41d7039668821be28df3%40%3Ccommits.tomee.apache.org%3E
reference_id rf992c5adf376294af31378a70aa8a158388a41d7039668821be28df3%40%3Ccommits.tomee.apache.org%3E
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://lists.apache.org/thread.html/rf992c5adf376294af31378a70aa8a158388a41d7039668821be28df3%40%3Ccommits.tomee.apache.org%3E
124
reference_url https://access.redhat.com/errata/RHSA-2020:0855
reference_id RHSA-2020:0855
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0855
125
reference_url https://access.redhat.com/errata/RHSA-2020:0860
reference_id RHSA-2020:0860
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0860
126
reference_url https://access.redhat.com/errata/RHSA-2020:0861
reference_id RHSA-2020:0861
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0861
127
reference_url https://access.redhat.com/errata/RHSA-2020:0912
reference_id RHSA-2020:0912
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0912
128
reference_url https://access.redhat.com/errata/RHSA-2020:1478
reference_id RHSA-2020:1478
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1478
129
reference_url https://access.redhat.com/errata/RHSA-2020:1479
reference_id RHSA-2020:1479
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1479
130
reference_url https://access.redhat.com/errata/RHSA-2020:1520
reference_id RHSA-2020:1520
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1520
131
reference_url https://access.redhat.com/errata/RHSA-2020:1521
reference_id RHSA-2020:1521
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1521
132
reference_url https://access.redhat.com/errata/RHSA-2020:2367
reference_id RHSA-2020:2367
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2367
133
reference_url https://access.redhat.com/errata/RHSA-2020:2779
reference_id RHSA-2020:2779
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2779
134
reference_url https://access.redhat.com/errata/RHSA-2020:2780
reference_id RHSA-2020:2780
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2780
135
reference_url https://access.redhat.com/errata/RHSA-2020:2781
reference_id RHSA-2020:2781
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2781
136
reference_url https://access.redhat.com/errata/RHSA-2020:2783
reference_id RHSA-2020:2783
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2783
137
reference_url https://access.redhat.com/errata/RHSA-2020:2840
reference_id RHSA-2020:2840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2840
138
reference_url https://access.redhat.com/errata/RHSA-2020:4847
reference_id RHSA-2020:4847
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4847
139
reference_url https://access.redhat.com/errata/RHSA-2021:3140
reference_id RHSA-2021:3140
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3140
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@7.0.100
purl pkg:maven/org.apache.tomcat/tomcat@7.0.100
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2n2k-sh22-fkfw
1
vulnerability VCID-697g-gcg9-zyaa
2
vulnerability VCID-97et-ubnp-wqcy
3
vulnerability VCID-9xyf-k9wq-g7b9
4
vulnerability VCID-dhxd-kknv-9qb7
5
vulnerability VCID-dj7q-4map-ebg4
6
vulnerability VCID-hv33-kv9q-gugf
7
vulnerability VCID-p4j1-xp15-t3b8
8
vulnerability VCID-p65m-6crd-bufr
9
vulnerability VCID-qvgx-r4rr-xugp
10
vulnerability VCID-s2kf-jwgc-pfas
11
vulnerability VCID-t8tc-zb3w-57gv
12
vulnerability VCID-vfh6-rc99-e3bf
13
vulnerability VCID-yg5s-2fsb-gub2
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@7.0.100
1
url pkg:maven/org.apache.tomcat/tomcat@8.5.51
purl pkg:maven/org.apache.tomcat/tomcat@8.5.51
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-16sq-3qm1-kqb2
1
vulnerability VCID-2hmq-5245-jyaf
2
vulnerability VCID-2n2k-sh22-fkfw
3
vulnerability VCID-3kn9-yxww-ryh4
4
vulnerability VCID-697g-gcg9-zyaa
5
vulnerability VCID-6kab-xsqw-37ed
6
vulnerability VCID-6wqu-jupw-tyhu
7
vulnerability VCID-7wr9-uez1-8bdg
8
vulnerability VCID-97et-ubnp-wqcy
9
vulnerability VCID-9xyf-k9wq-g7b9
10
vulnerability VCID-dhxd-kknv-9qb7
11
vulnerability VCID-dj7q-4map-ebg4
12
vulnerability VCID-dx14-ejnx-37ad
13
vulnerability VCID-euv9-huaz-y3d1
14
vulnerability VCID-gecz-htub-27gx
15
vulnerability VCID-hv33-kv9q-gugf
16
vulnerability VCID-keh1-ycs9-ybdd
17
vulnerability VCID-m3py-3ba2-jkg7
18
vulnerability VCID-nj9t-gdm3-6ycn
19
vulnerability VCID-p4j1-xp15-t3b8
20
vulnerability VCID-p65m-6crd-bufr
21
vulnerability VCID-qvgx-r4rr-xugp
22
vulnerability VCID-qxfb-yg6b-nfda
23
vulnerability VCID-r9fd-ndvw-ekfa
24
vulnerability VCID-s2kf-jwgc-pfas
25
vulnerability VCID-t8tc-zb3w-57gv
26
vulnerability VCID-tvrz-n2kd-pba4
27
vulnerability VCID-uyc3-3cnp-wqf3
28
vulnerability VCID-v5zf-qfdq-kbbp
29
vulnerability VCID-vfh6-rc99-e3bf
30
vulnerability VCID-yjb8-hdqu-4fe5
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@8.5.51
2
url pkg:maven/org.apache.tomcat/tomcat@9.0.31
purl pkg:maven/org.apache.tomcat/tomcat@9.0.31
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-16sq-3qm1-kqb2
1
vulnerability VCID-2hmq-5245-jyaf
2
vulnerability VCID-2n2k-sh22-fkfw
3
vulnerability VCID-3kn9-yxww-ryh4
4
vulnerability VCID-697g-gcg9-zyaa
5
vulnerability VCID-6kab-xsqw-37ed
6
vulnerability VCID-6wqu-jupw-tyhu
7
vulnerability VCID-7wr9-uez1-8bdg
8
vulnerability VCID-97et-ubnp-wqcy
9
vulnerability VCID-9xyf-k9wq-g7b9
10
vulnerability VCID-dhxd-kknv-9qb7
11
vulnerability VCID-dj7q-4map-ebg4
12
vulnerability VCID-dx14-ejnx-37ad
13
vulnerability VCID-euv9-huaz-y3d1
14
vulnerability VCID-gecz-htub-27gx
15
vulnerability VCID-hv33-kv9q-gugf
16
vulnerability VCID-keh1-ycs9-ybdd
17
vulnerability VCID-ngy5-k9cv-rkbn
18
vulnerability VCID-nj9t-gdm3-6ycn
19
vulnerability VCID-p4j1-xp15-t3b8
20
vulnerability VCID-p65m-6crd-bufr
21
vulnerability VCID-qvgx-r4rr-xugp
22
vulnerability VCID-r9fd-ndvw-ekfa
23
vulnerability VCID-s2kf-jwgc-pfas
24
vulnerability VCID-t8tc-zb3w-57gv
25
vulnerability VCID-tvrz-n2kd-pba4
26
vulnerability VCID-uyc3-3cnp-wqf3
27
vulnerability VCID-v5zf-qfdq-kbbp
28
vulnerability VCID-vfh6-rc99-e3bf
29
vulnerability VCID-vnfg-9em7-u7ee
30
vulnerability VCID-yg5s-2fsb-gub2
31
vulnerability VCID-yjb8-hdqu-4fe5
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.31
aliases CVE-2020-1938, GHSA-c9hw-wf7x-jp9j
risk_score 10.0
exploitability 2.0
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-t7xw-r7rz-u3g5
Risk_score10.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.31