Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.63
Typemaven
Namespaceorg.apache.tomcat.embed
Nametomcat-embed-core
Version9.0.63
Qualifiers
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version9.0.72
Latest_non_vulnerable_version11.0.18
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-9awt-9zjq-yucn
vulnerability_id VCID-9awt-9zjq-yucn
summary 
Uncontrolled Resource Consumption
The documentation of Apache Tomcat 10.1.0-M1 to 10.1.0-M14, 10.0.0-M1 to 10.0.20, 9.0.13 to 9.0.62 and 8.5.38 to 8.5.78 for the EncryptInterceptor incorrectly stated it enabled Tomcat clustering to run over an untrusted network. This was not correct. While the EncryptInterceptor does provide confidentiality and integrity protection, it does not protect against all risks associated with running over any untrusted network, particularly DoS risks.
references
0
reference_url https://lists.apache.org/thread/2b4qmhbcyqvc7dyfpjyx54c03x65vhcv
reference_id
reference_type
scores
url https://lists.apache.org/thread/2b4qmhbcyqvc7dyfpjyx54c03x65vhcv
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-29885
reference_id CVE-2022-29885
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-29885
fixed_packages
0
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.79
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.79
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.79
1
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.63
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.63
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.63
2
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.0.21
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.0.21
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.0.21
3
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.1
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.1
aliases CVE-2022-29885
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9awt-9zjq-yucn
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.63