Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/org.apache.tomcat/tomcat@6.0.48
Typemaven
Namespaceorg.apache.tomcat
Nametomcat
Version6.0.48
Qualifiers
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version6.0.53
Latest_non_vulnerable_version11.0.18
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-6umz-z8db-kqcy
vulnerability_id VCID-6umz-z8db-kqcy
summary 
Improper Access Control
Remote code execution is possible with Apache Tomcat before 6.0.48, 7.x before 7.0.73, 8.x before 8.0.39, 8.5.x before 8.5.7, and 9.x before 9.0.0.M12 if JmxRemoteLifecycleListener is used and an attacker can reach JMX ports. The issue exists because this listener wasn't updated for consistency with the CVE-2016-3427 Oracle patch that affected credential types.
references
0
reference_url https://access.redhat.com/errata/RHSA-2017:0455
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0455
1
reference_url https://access.redhat.com/errata/RHSA-2017:0456
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0456
2
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
url https://github.com/apache/tomcat
3
reference_url https://github.com/apache/tomcat80/commit/0f76016a4ec45635e450ada9c84ff7ee0c5f3799
reference_id
reference_type
scores
url https://github.com/apache/tomcat80/commit/0f76016a4ec45635e450ada9c84ff7ee0c5f3799
4
reference_url https://github.com/apache/tomcat/commit/0e83ad3e547fc9a75a258799ef581249b40a82a6
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/0e83ad3e547fc9a75a258799ef581249b40a82a6
5
reference_url https://github.com/apache/tomcat/commit/292d6ccdc9edbf80859929b0af070b2ea99fa688
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/292d6ccdc9edbf80859929b0af070b2ea99fa688
6
reference_url https://github.com/apache/tomcat/commit/7e3a037055cca4a17e90b49399fb1bab4dd7c821
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/7e3a037055cca4a17e90b49399fb1bab4dd7c821
7
reference_url https://github.com/search?q=repo%3Aapache%2Ftomcat+catalina.mbeans+path%3A%2F%5Eres%5C%2Fbnd%5C%2F%2F&type=code
reference_id
reference_type
scores
url https://github.com/search?q=repo%3Aapache%2Ftomcat+catalina.mbeans+path%3A%2F%5Eres%5C%2Fbnd%5C%2F%2F&type=code
8
reference_url https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E
9
reference_url https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E
10
reference_url https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E
11
reference_url https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E
13
reference_url https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E
14
reference_url https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E
15
reference_url https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E
16
reference_url https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E
17
reference_url https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E
18
reference_url https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E
19
reference_url https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3E
20
reference_url https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424@%3Cdev.tomcat.apache.org%3E
21
reference_url https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E
22
reference_url https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E
23
reference_url https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a%40%3Cdev.tomcat.apache.org%3E
24
reference_url https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E
25
reference_url https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E
26
reference_url https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E
27
reference_url https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E
28
reference_url https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E
29
reference_url https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E
30
reference_url https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E
31
reference_url https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E
32
reference_url https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E
33
reference_url https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E
34
reference_url https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E
35
reference_url https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E
36
reference_url https://security.netapp.com/advisory/ntap-20180607-0001
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20180607-0001
37
reference_url https://usn.ubuntu.com/4557-1
reference_id
reference_type
scores
url https://usn.ubuntu.com/4557-1
38
reference_url https://web.archive.org/web/20170423095340/http://www.securityfocus.com/bid/94463
reference_id
reference_type
scores
url https://web.archive.org/web/20170423095340/http://www.securityfocus.com/bid/94463
39
reference_url https://web.archive.org/web/20170928203901/http://www.securitytracker.com/id/1037331
reference_id
reference_type
scores
url https://web.archive.org/web/20170928203901/http://www.securitytracker.com/id/1037331
40
reference_url https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-8735
reference_id
reference_type
scores
url https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-8735
41
reference_url https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
reference_id
reference_type
scores
url https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
42
reference_url https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
reference_id
reference_type
scores
url https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
43
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-8735
reference_id CVE-2016-8735
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2016-8735
44
reference_url https://github.com/advisories/GHSA-cw54-59pw-4g8c
reference_id GHSA-cw54-59pw-4g8c
reference_type
scores
url https://github.com/advisories/GHSA-cw54-59pw-4g8c
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@6.0.48
purl pkg:maven/org.apache.tomcat/tomcat@6.0.48
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@6.0.48
1
url pkg:maven/org.apache.tomcat/tomcat@7.0.73
purl pkg:maven/org.apache.tomcat/tomcat@7.0.73
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@7.0.73
2
url pkg:maven/org.apache.tomcat/tomcat@8.0.39
purl pkg:maven/org.apache.tomcat/tomcat@8.0.39
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@8.0.39
3
url pkg:maven/org.apache.tomcat/tomcat@8.5.7
purl pkg:maven/org.apache.tomcat/tomcat@8.5.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-nndc-pabd-nbgf
1
vulnerability VCID-wyf8-8szf-qbfn
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@8.5.7
4
url pkg:maven/org.apache.tomcat/tomcat@9.0.0.M12
purl pkg:maven/org.apache.tomcat/tomcat@9.0.0.M12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.0.M12
aliases CVE-2016-8735, GHSA-cw54-59pw-4g8c
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6umz-z8db-kqcy
1
url VCID-y9hs-ymcm-3ucx
vulnerability_id VCID-y9hs-ymcm-3ucx
summary 
Improper Input Validation
The code in Apache Tomcat 9.0.0.M1 to 9.0.0.M11, 8.5.0 to 8.5.6, 8.0.0.RC1 to 8.0.38, 7.0.0 to 7.0.72, and 6.0.0 to 6.0.47 that parsed the HTTP request line permitted invalid characters. This could be exploited, in conjunction with a proxy that also permitted the invalid characters but with a different interpretation, to inject data into the HTTP response. By manipulating the HTTP response the attacker could poison a web-cache, perform an XSS attack and/or obtain sensitive information from requests other then their own.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2017-0244.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2017-0244.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2017-0245.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2017-0245.html
2
reference_url http://rhn.redhat.com/errata/RHSA-2017-0246.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2017-0246.html
3
reference_url http://rhn.redhat.com/errata/RHSA-2017-0247.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2017-0247.html
4
reference_url http://rhn.redhat.com/errata/RHSA-2017-0250.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2017-0250.html
5
reference_url http://rhn.redhat.com/errata/RHSA-2017-0457.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2017-0457.html
6
reference_url http://rhn.redhat.com/errata/RHSA-2017-0527.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2017-0527.html
7
reference_url https://access.redhat.com/errata/RHSA-2017:0455
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0455
8
reference_url https://access.redhat.com/errata/RHSA-2017:0456
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0456
9
reference_url https://access.redhat.com/errata/RHSA-2017:0935
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0935
10
reference_url https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E
11
reference_url https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E
13
reference_url https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E
14
reference_url https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E
15
reference_url https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E
16
reference_url https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424@%3Cdev.tomcat.apache.org%3E
17
reference_url https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E
18
reference_url https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E
19
reference_url https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E
20
reference_url https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E
21
reference_url https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E
22
reference_url https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E
23
reference_url https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E
24
reference_url https://security.netapp.com/advisory/ntap-20180607-0001/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20180607-0001/
25
reference_url https://svn.apache.org/viewvc?view=revision&revision=1767641
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=revision&revision=1767641
26
reference_url https://svn.apache.org/viewvc?view=revision&revision=1767645
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=revision&revision=1767645
27
reference_url https://svn.apache.org/viewvc?view=revision&revision=1767653
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=revision&revision=1767653
28
reference_url https://svn.apache.org/viewvc?view=revision&revision=1767675
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=revision&revision=1767675
29
reference_url https://svn.apache.org/viewvc?view=revision&revision=1767683
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=revision&revision=1767683
30
reference_url https://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.48
reference_id
reference_type
scores
url https://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.48
31
reference_url https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.73
reference_id
reference_type
scores
url https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.73
32
reference_url https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.39
reference_id
reference_type
scores
url https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.39
33
reference_url https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.8
reference_id
reference_type
scores
url https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.8
34
reference_url https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.0.M13
reference_id
reference_type
scores
url https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.0.M13
35
reference_url https://usn.ubuntu.com/4557-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/4557-1/
36
reference_url https://www.exploit-db.com/exploits/41783/
reference_id
reference_type
scores
url https://www.exploit-db.com/exploits/41783/
37
reference_url http://www.debian.org/security/2016/dsa-3738
reference_id
reference_type
scores
url http://www.debian.org/security/2016/dsa-3738
38
reference_url http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
reference_id
reference_type
scores
url http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
39
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-6816
reference_id CVE-2016-6816
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2016-6816
40
reference_url https://github.com/advisories/GHSA-jc7p-5r39-9477
reference_id GHSA-jc7p-5r39-9477
reference_type
scores
url https://github.com/advisories/GHSA-jc7p-5r39-9477
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@6.0.48
purl pkg:maven/org.apache.tomcat/tomcat@6.0.48
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@6.0.48
1
url pkg:maven/org.apache.tomcat/tomcat@7.0.73
purl pkg:maven/org.apache.tomcat/tomcat@7.0.73
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@7.0.73
2
url pkg:maven/org.apache.tomcat/tomcat@8.0.39
purl pkg:maven/org.apache.tomcat/tomcat@8.0.39
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@8.0.39
3
url pkg:maven/org.apache.tomcat/tomcat@8.5.8
purl pkg:maven/org.apache.tomcat/tomcat@8.5.8
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@8.5.8
4
url pkg:maven/org.apache.tomcat/tomcat@9.0.0.M12
purl pkg:maven/org.apache.tomcat/tomcat@9.0.0.M12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.0.M12
aliases CVE-2016-6816, GHSA-jc7p-5r39-9477
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y9hs-ymcm-3ucx
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@6.0.48