Package Instance

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/59583245639d8c42ae0009f4a4a70464d3ea70a0

reference_url

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/59583245639d8c42ae0009f4a4a70464d3ea70a0

reference_url

https://github.com/apache/tomcat/commit/8ecff306507be8e4fd3adee1ae5de1ea6661a8f4

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/8ecff306507be8e4fd3adee1ae5de1ea6661a8f4

reference_url

https://github.com/apache/tomcat/commit/c83fe47725f7ae9ae213568d9039171124fb7ec6

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/c83fe47725f7ae9ae213568d9039171124fb7ec6

reference_url

https://github.com/apache/tomcat/commit/eb5c094e5560764cda436362254997511a3ca1f6

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/eb5c094e5560764cda436362254997511a3ca1f6

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2023-45648

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2023-45648

reference_url

https://security.netapp.com/advisory/ntap-20231103-0007

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20231103-0007

reference_url

http://www.openwall.com/lists/oss-security/2023/10/10/10

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2023/10/10/10

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2243749
reference_id	2243749
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2243749

reference_url

https://lists.apache.org/thread/2pv8yz1pyp088tsxfb7ogltk9msk0jdp

reference_id

2pv8yz1pyp088tsxfb7ogltk9msk0jdp

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T16:59:12Z/

url

https://lists.apache.org/thread/2pv8yz1pyp088tsxfb7ogltk9msk0jdp

reference_url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45648

reference_id

CVE-2023-45648

reference_type

scores

value	Important
scoring_system	apache_tomcat
scoring_elements

url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45648

reference_url

https://github.com/advisories/GHSA-r6j3-px5g-cq3x

reference_id

GHSA-r6j3-px5g-cq3x

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-r6j3-px5g-cq3x

reference_url	https://access.redhat.com/errata/RHSA-2023:6206
reference_id	RHSA-2023:6206
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6206

reference_url	https://access.redhat.com/errata/RHSA-2023:6207
reference_id	RHSA-2023:6207
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6207

reference_url	https://access.redhat.com/errata/RHSA-2023:7247
reference_id	RHSA-2023:7247
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7247

reference_url	https://access.redhat.com/errata/RHSA-2024:0125
reference_id	RHSA-2024:0125
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0125

reference_url	https://access.redhat.com/errata/RHSA-2024:0474
reference_id	RHSA-2024:0474
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0474

reference_url	https://access.redhat.com/errata/RHSA-2024:4631
reference_id	RHSA-2024:4631
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:4631

reference_url	https://usn.ubuntu.com/7106-1/
reference_id	USN-7106-1
reference_type
scores
url	https://usn.ubuntu.com/7106-1/

reference_url	https://usn.ubuntu.com/7562-1/
reference_id	USN-7562-1
reference_type
scores
url	https://usn.ubuntu.com/7562-1/

fixed_packages

url pkg:maven/org.apache.tomcat/tomcat@9.0.81

purl pkg:maven/org.apache.tomcat/tomcat@9.0.81

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2n2k-sh22-fkfw

vulnerability	VCID-63vc-sc11-8kf1

vulnerability	VCID-697g-gcg9-zyaa

vulnerability	VCID-6wqu-jupw-tyhu

vulnerability	VCID-7wr9-uez1-8bdg

vulnerability	VCID-97et-ubnp-wqcy

vulnerability	VCID-9xyf-k9wq-g7b9

vulnerability	VCID-dhxd-kknv-9qb7

vulnerability	VCID-dj7q-4map-ebg4

vulnerability	VCID-hv33-kv9q-gugf

vulnerability	VCID-hvgr-azs4-qqac

vulnerability	VCID-keh1-ycs9-ybdd

vulnerability	VCID-ngy5-k9cv-rkbn

vulnerability	VCID-p4j1-xp15-t3b8

vulnerability	VCID-s2kf-jwgc-pfas

vulnerability	VCID-t8tc-zb3w-57gv

vulnerability	VCID-v5zf-qfdq-kbbp

vulnerability	VCID-vnfg-9em7-u7ee

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.81

url pkg:maven/org.apache.tomcat/tomcat@10.1.14

purl pkg:maven/org.apache.tomcat/tomcat@10.1.14

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2n2k-sh22-fkfw

vulnerability	VCID-63vc-sc11-8kf1

vulnerability	VCID-697g-gcg9-zyaa

vulnerability	VCID-6wqu-jupw-tyhu

vulnerability	VCID-7wr9-uez1-8bdg

vulnerability	VCID-97et-ubnp-wqcy

vulnerability	VCID-9xyf-k9wq-g7b9

vulnerability	VCID-bwh8-tmf1-8uac

vulnerability	VCID-dj7q-4map-ebg4

vulnerability	VCID-hv33-kv9q-gugf

vulnerability	VCID-hvgr-azs4-qqac

vulnerability	VCID-keh1-ycs9-ybdd

vulnerability	VCID-n4qq-m1x3-qkbz

vulnerability	VCID-ngy5-k9cv-rkbn

vulnerability	VCID-p4j1-xp15-t3b8

vulnerability	VCID-s2kf-jwgc-pfas

vulnerability	VCID-t8tc-zb3w-57gv

vulnerability	VCID-v5zf-qfdq-kbbp

vulnerability	VCID-vnfg-9em7-u7ee

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.14

url pkg:maven/org.apache.tomcat/tomcat@11.0.0-M12

purl pkg:maven/org.apache.tomcat/tomcat@11.0.0-M12

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2n2k-sh22-fkfw

vulnerability	VCID-63vc-sc11-8kf1

vulnerability	VCID-697g-gcg9-zyaa

vulnerability	VCID-6wqu-jupw-tyhu

vulnerability	VCID-7wr9-uez1-8bdg

vulnerability	VCID-97et-ubnp-wqcy

vulnerability	VCID-9xyf-k9wq-g7b9

vulnerability	VCID-bwh8-tmf1-8uac

vulnerability	VCID-dhxd-kknv-9qb7

vulnerability	VCID-dj7q-4map-ebg4

vulnerability	VCID-hv33-kv9q-gugf

vulnerability	VCID-hvgr-azs4-qqac

vulnerability	VCID-keh1-ycs9-ybdd

vulnerability	VCID-n4qq-m1x3-qkbz

vulnerability	VCID-ngy5-k9cv-rkbn

vulnerability	VCID-p4j1-xp15-t3b8

vulnerability	VCID-s2kf-jwgc-pfas

vulnerability	VCID-t8tc-zb3w-57gv

vulnerability	VCID-vnfg-9em7-u7ee

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@11.0.0-M12

aliases CVE-2023-45648, GHSA-r6j3-px5g-cq3x

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-16sq-3qm1-kqb2

url VCID-2n2k-sh22-fkfw

vulnerability_id VCID-2n2k-sh22-fkfw

summary

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-41284

reference_id

reference_type

scores

value	0.00069
scoring_system	epss
scoring_elements	0.21313
published_at	2026-06-11T12:55:00Z

value	0.00069
scoring_system	epss
scoring_elements	0.21497
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-41284

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/17dacd9aa48628da2eba37a9ab743c0b6c71685c

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/17dacd9aa48628da2eba37a9ab743c0b6c71685c

reference_url

https://github.com/apache/tomcat/commit/a96fffd18487a29c0a30d36f00cb2b2d91f6d42c

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/a96fffd18487a29c0a30d36f00cb2b2d91f6d42c

reference_url

https://github.com/apache/tomcat/commit/b3d1c1c239142e806be0b7329d304b94a58913ed

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/b3d1c1c239142e806be0b7329d304b94a58913ed

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2026-41284

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2026-41284

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2026/05/12/12

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2026/05/12/12

reference_url

https://lists.apache.org/thread/2nvqjr7ovjmvx2vbhb7s61ycd5msc8qc

reference_id

2nvqjr7ovjmvx2vbhb7s61ycd5msc8qc

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-13T15:57:41Z/

url

https://lists.apache.org/thread/2nvqjr7ovjmvx2vbhb7s61ycd5msc8qc

reference_url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-41284

reference_id

CVE-2026-41284

reference_type

scores

value	Low
scoring_system	apache_tomcat
scoring_elements

url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-41284

reference_url

https://github.com/advisories/GHSA-gx5v-xp9w-j4cg

reference_id

GHSA-gx5v-xp9w-j4cg

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-gx5v-xp9w-j4cg

reference_url	https://usn.ubuntu.com/8417-1/
reference_id	USN-8417-1
reference_type
scores
url	https://usn.ubuntu.com/8417-1/

fixed_packages

url	pkg:maven/org.apache.tomcat/tomcat@9.0.118
purl	pkg:maven/org.apache.tomcat/tomcat@9.0.118
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.118

url	pkg:maven/org.apache.tomcat/tomcat@10.1.55
purl	pkg:maven/org.apache.tomcat/tomcat@10.1.55
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.55

url	pkg:maven/org.apache.tomcat/tomcat@11.0.22
purl	pkg:maven/org.apache.tomcat/tomcat@11.0.22
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@11.0.22

aliases CVE-2026-41284, GHSA-gx5v-xp9w-j4cg

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2n2k-sh22-fkfw

url VCID-3nvd-d9qm-13ew

vulnerability_id VCID-3nvd-d9qm-13ew

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8747.json

reference_id

reference_type

scores

value	4.7
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8747.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-8747

reference_id

reference_type

scores

value	0.02945
scoring_system	epss
scoring_elements	0.86798
published_at	2026-06-12T12:55:00Z

value	0.02945
scoring_system	epss
scoring_elements	0.86749
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-8747

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/452c8094a665ef6375530e81c033da4eeb2e4865

reference_url	https://github.com/apache/tomcat85/commit/9601a937ff3b7ef5d04b2a0e950d0e44e1bb4cbd
reference_id
reference_type
scores
url	https://github.com/apache/tomcat85/commit/9601a937ff3b7ef5d04b2a0e950d0e44e1bb4cbd

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/452c8094a665ef6375530e81c033da4eeb2e4865

reference_url

https://github.com/apache/tomcat/commit/9601a937ff3b7ef5d04b2a0e950d0e44e1bb4cbd

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/9601a937ff3b7ef5d04b2a0e950d0e44e1bb4cbd

reference_url

https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-8747

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2016-8747

reference_url

https://security.netapp.com/advisory/ntap-20180614-0002

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20180614-0002

reference_url	https://svn.apache.org/viewvc?view=rev&rev=1774161
reference_id
reference_type
scores
url	https://svn.apache.org/viewvc?view=rev&rev=1774161

reference_url	https://svn.apache.org/viewvc?view=rev&rev=1774166
reference_id
reference_type
scores
url	https://svn.apache.org/viewvc?view=rev&rev=1774166

reference_url

https://web.archive.org/web/20200227183332/http://www.securityfocus.com/bid/96895

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20200227183332/http://www.securityfocus.com/bid/96895

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1432006
reference_id	1432006
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1432006

reference_url

https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E

reference_id

343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:30:18Z/

url

https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3E

reference_id

6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3E

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:30:18Z/

url

https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a%40%3Cdev.tomcat.apache.org%3E

reference_id

88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a%40%3Cdev.tomcat.apache.org%3E

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:30:18Z/

url

https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a%40%3Cdev.tomcat.apache.org%3E

reference_url

http://www.securityfocus.com/bid/96895

reference_id

96895

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:30:18Z/

url

http://www.securityfocus.com/bid/96895

reference_url

https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E

reference_id

b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:30:18Z/

url

https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E

reference_url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8747

reference_id

CVE-2016-8747

reference_type

scores

value	Moderate
scoring_system	apache_tomcat
scoring_elements

url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8747

reference_url

https://github.com/advisories/GHSA-fjwp-r6fm-q6qw

reference_id

GHSA-fjwp-r6fm-q6qw

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-fjwp-r6fm-q6qw

reference_url

https://security.netapp.com/advisory/ntap-20180614-0002/

reference_id

ntap-20180614-0002

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:30:18Z/

url

https://security.netapp.com/advisory/ntap-20180614-0002/

reference_url

https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d%40%3Cdev.tomcat.apache.org%3E

reference_id

r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d%40%3Cdev.tomcat.apache.org%3E

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:30:18Z/

url

https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d%40%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0%40%3Cdev.tomcat.apache.org%3E

reference_id

r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0%40%3Cdev.tomcat.apache.org%3E

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:30:18Z/

url

https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0%40%3Cdev.tomcat.apache.org%3E

reference_url

reference_id

security-8.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:30:18Z/

url

reference_url

reference_id

security-9.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:30:18Z/

url

http://svn.apache.org/viewvc?view=revision&revision=1774161

reference_url

reference_id

viewvc?view=revision&revision=1774161

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:30:18Z/

url

http://svn.apache.org/viewvc?view=revision&revision=1774161

reference_url

http://svn.apache.org/viewvc?view=revision&revision=1774166

reference_id

viewvc?view=revision&revision=1774166

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:30:18Z/

url

http://svn.apache.org/viewvc?view=revision&revision=1774166

fixed_packages

url	pkg:maven/org.apache.tomcat/tomcat@9.0.0.M16
purl	pkg:maven/org.apache.tomcat/tomcat@9.0.0.M16
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.0.M16

url pkg:maven/org.apache.tomcat/tomcat@9.0.0.M17

purl pkg:maven/org.apache.tomcat/tomcat@9.0.0.M17

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16sq-3qm1-kqb2

vulnerability	VCID-2n2k-sh22-fkfw

vulnerability	VCID-4tdx-52h3-bkfj

vulnerability	VCID-5nu4-5ude-4yhc

vulnerability	VCID-697g-gcg9-zyaa

vulnerability	VCID-6kab-xsqw-37ed

vulnerability	VCID-6wqu-jupw-tyhu

vulnerability	VCID-7wr9-uez1-8bdg

vulnerability	VCID-97et-ubnp-wqcy

vulnerability	VCID-9xyf-k9wq-g7b9

vulnerability	VCID-dj7q-4map-ebg4

vulnerability	VCID-euv9-huaz-y3d1

vulnerability	VCID-fwgq-vmfm-j7bh

vulnerability	VCID-fy3t-qn64-bkhn

vulnerability	VCID-gecz-htub-27gx

vulnerability	VCID-hv33-kv9q-gugf

vulnerability	VCID-keh1-ycs9-ybdd

vulnerability	VCID-m3py-3ba2-jkg7

vulnerability	VCID-ngy5-k9cv-rkbn

vulnerability	VCID-p4j1-xp15-t3b8

vulnerability	VCID-p65m-6crd-bufr

vulnerability	VCID-qxbw-zvw5-ckdp

vulnerability	VCID-qxfb-yg6b-nfda

vulnerability	VCID-s2kf-jwgc-pfas

vulnerability	VCID-t8tc-zb3w-57gv

vulnerability	VCID-urhx-sw6q-cqce

vulnerability	VCID-uyc3-3cnp-wqf3

vulnerability	VCID-v9zx-5ppt-qfbb

vulnerability	VCID-vvc7-62tw-2bhh

vulnerability	VCID-w35j-v3r4-tqhu

vulnerability	VCID-yjb8-hdqu-4fe5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.0.M17

aliases CVE-2016-8747, GHSA-fjwp-r6fm-q6qw

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3nvd-d9qm-13ew

url VCID-4tdx-52h3-bkfj

vulnerability_id VCID-4tdx-52h3-bkfj

summary

references

reference_url

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5648.json

reference_url

reference_id

reference_type

scores

value	3.6
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5648.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-5648

reference_id

reference_type

scores

value	0.21758
scoring_system	epss
scoring_elements	0.95873
published_at	2026-06-11T12:55:00Z

value	0.21758
scoring_system	epss
scoring_elements	0.95886
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-5648

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	1.5
scoring_system	cvssv2
scoring_elements	AV:L/AC:M/Au:S/C:P/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat80/commit/6d73b079c55ee25dea1bbd0556bb568a4247dacd

reference_url	https://github.com/apache/tomcat70/commit/6bb36dfdf6444efda074893dff493b9eb3648808
reference_id
reference_type
scores
url	https://github.com/apache/tomcat70/commit/6bb36dfdf6444efda074893dff493b9eb3648808

reference_url

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat80/commit/6d73b079c55ee25dea1bbd0556bb568a4247dacd

reference_url	https://github.com/apache/tomcat85/commit/0f7b9465d594b9814e1853d1e3a6e3aa51a21610
reference_id
reference_type
scores
url	https://github.com/apache/tomcat85/commit/0f7b9465d594b9814e1853d1e3a6e3aa51a21610

reference_url

https://github.com/apache/tomcat/commit/0f7b9465d594b9814e1853d1e3a6e3aa51a21610

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/0f7b9465d594b9814e1853d1e3a6e3aa51a21610

reference_url

https://github.com/apache/tomcat/commit/6bb36dfdf6444efda074893dff493b9eb3648808

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/6bb36dfdf6444efda074893dff493b9eb3648808

reference_url

https://github.com/apache/tomcat/commit/dfa40863421d7681fed893b4256666491887e38c

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/dfa40863421d7681fed893b4256666491887e38c

reference_url

https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/d0e00f2e147a9e9b13a6829133092f349b2882bf6860397368a52600@%3Cannounce.tomcat.apache.org%3E

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/d0e00f2e147a9e9b13a6829133092f349b2882bf6860397368a52600@%3Cannounce.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/d0e00f2e147a9e9b13a6829133092f349b2882bf6860397368a52600%40%3Cannounce.tomcat.apache.org%3E

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/d0e00f2e147a9e9b13a6829133092f349b2882bf6860397368a52600%40%3Cannounce.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E

reference_url

https://security.netapp.com/advisory/ntap-20180614-0001

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20180614-0001

reference_url	https://security.netapp.com/advisory/ntap-20180614-0001/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20180614-0001/

reference_url	https://svn.apache.org/viewvc?view=rev&rev=1785774
reference_id
reference_type
scores
url	https://svn.apache.org/viewvc?view=rev&rev=1785774

reference_url	https://svn.apache.org/viewvc?view=rev&rev=1785775
reference_id
reference_type
scores
url	https://svn.apache.org/viewvc?view=rev&rev=1785775

reference_url	https://svn.apache.org/viewvc?view=rev&rev=1785776
reference_id
reference_type
scores
url	https://svn.apache.org/viewvc?view=rev&rev=1785776

reference_url	https://svn.apache.org/viewvc?view=rev&rev=1785777
reference_id
reference_type
scores
url	https://svn.apache.org/viewvc?view=rev&rev=1785777

reference_url

https://web.archive.org/web/20170417124117/http://www.securityfocus.com/bid/97530

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20170417124117/http://www.securityfocus.com/bid/97530

reference_url

https://web.archive.org/web/20170420115120/http://www.securitytracker.com/id/1038220

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20170420115120/http://www.securitytracker.com/id/1038220

reference_url

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2020/07/20/8

reference_url

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2020/07/20/8

reference_url	http://www.securityfocus.com/bid/97530
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/97530

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1441223
reference_id	1441223
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1441223

reference_url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5648

reference_id

CVE-2017-5648

reference_type

scores

value	Low
scoring_system	apache_tomcat
scoring_elements

url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5648

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-5648

reference_id

CVE-2017-5648

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2017-5648

reference_url

https://github.com/advisories/GHSA-3vx3-xf6q-r5xp

reference_id

GHSA-3vx3-xf6q-r5xp

reference_type

scores

value	CRITICAL
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-3vx3-xf6q-r5xp

reference_url	https://usn.ubuntu.com/3519-1/
reference_id	USN-3519-1
reference_type
scores
url	https://usn.ubuntu.com/3519-1/

fixed_packages

url pkg:maven/org.apache.tomcat/tomcat@9.0.0.M18

purl pkg:maven/org.apache.tomcat/tomcat@9.0.0.M18

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16sq-3qm1-kqb2

vulnerability	VCID-2n2k-sh22-fkfw

vulnerability	VCID-5nu4-5ude-4yhc

vulnerability	VCID-697g-gcg9-zyaa

vulnerability	VCID-6kab-xsqw-37ed

vulnerability	VCID-6wqu-jupw-tyhu

vulnerability	VCID-7wr9-uez1-8bdg

vulnerability	VCID-97et-ubnp-wqcy

vulnerability	VCID-9xyf-k9wq-g7b9

vulnerability	VCID-dj7q-4map-ebg4

vulnerability	VCID-euv9-huaz-y3d1

vulnerability	VCID-fwgq-vmfm-j7bh

vulnerability	VCID-fy3t-qn64-bkhn

vulnerability	VCID-gecz-htub-27gx

vulnerability	VCID-hv33-kv9q-gugf

vulnerability	VCID-keh1-ycs9-ybdd

vulnerability	VCID-m3py-3ba2-jkg7

vulnerability	VCID-ngy5-k9cv-rkbn

vulnerability	VCID-p4j1-xp15-t3b8

vulnerability	VCID-p65m-6crd-bufr

vulnerability	VCID-qxbw-zvw5-ckdp

vulnerability	VCID-qxfb-yg6b-nfda

vulnerability	VCID-s2kf-jwgc-pfas

vulnerability	VCID-t8tc-zb3w-57gv

vulnerability	VCID-urhx-sw6q-cqce

vulnerability	VCID-uyc3-3cnp-wqf3

vulnerability	VCID-v9zx-5ppt-qfbb

vulnerability	VCID-vvc7-62tw-2bhh

vulnerability	VCID-w35j-v3r4-tqhu

vulnerability	VCID-yjb8-hdqu-4fe5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.0.M18

aliases CVE-2017-5648, GHSA-3vx3-xf6q-r5xp

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4tdx-52h3-bkfj

url VCID-5hp9-mbcu-2bdt

vulnerability_id VCID-5hp9-mbcu-2bdt

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8745.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8745.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-8745

reference_id

reference_type

scores

value	0.1091
scoring_system	epss
scoring_elements	0.93561
published_at	2026-06-11T12:55:00Z

value	0.1091
scoring_system	epss
scoring_elements	0.93581
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-8745

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	2.6
scoring_system	cvssv2
scoring_elements	AV:N/AC:H/Au:N/C:P/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat80/commit/3dd2fec73e0de1edc1d3eb1c52a01255fdfc84e7

reference_url	https://github.com/apache/tomcat70/commit/143bb466cf96a89e791b7db5626055ea819dad89
reference_id
reference_type
scores
url	https://github.com/apache/tomcat70/commit/143bb466cf96a89e791b7db5626055ea819dad89

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat80/commit/3dd2fec73e0de1edc1d3eb1c52a01255fdfc84e7

reference_url	https://github.com/apache/tomcat85/commit/16a57bc885e212839f1d717b94b01d154a36943a
reference_id
reference_type
scores
url	https://github.com/apache/tomcat85/commit/16a57bc885e212839f1d717b94b01d154a36943a

reference_url

https://github.com/apache/tomcat/commit/143bb466cf96a89e791b7db5626055ea819dad89

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/143bb466cf96a89e791b7db5626055ea819dad89

reference_url

https://github.com/apache/tomcat/commit/16a57bc885e212839f1d717b94b01d154a36943a

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/16a57bc885e212839f1d717b94b01d154a36943a

reference_url

https://github.com/apache/tomcat/commit/cbc9b18a845d3c8c053ac293dffda6c6c19dd92b

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/cbc9b18a845d3c8c053ac293dffda6c6c19dd92b

reference_url

https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/4113c05d37f37c12b8033205684f04033c5f7a9bae117d4af23b32b4@%3Cannounce.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/4113c05d37f37c12b8033205684f04033c5f7a9bae117d4af23b32b4@%3Cannounce.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-8745

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2016-8745

reference_url

https://security.netapp.com/advisory/ntap-20180607-0002

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20180607-0002

reference_url	https://svn.apache.org/viewvc?view=rev&rev=1771853
reference_id
reference_type
scores
url	https://svn.apache.org/viewvc?view=rev&rev=1771853

reference_url	https://svn.apache.org/viewvc?view=rev&rev=1771857
reference_id
reference_type
scores
url	https://svn.apache.org/viewvc?view=rev&rev=1771857

reference_url	https://svn.apache.org/viewvc?view=rev&rev=1777469
reference_id
reference_type
scores
url	https://svn.apache.org/viewvc?view=rev&rev=1777469

reference_url	https://svn.apache.org/viewvc?view=rev&rev=1777471
reference_id
reference_type
scores
url	https://svn.apache.org/viewvc?view=rev&rev=1777471

reference_url	https://svn.apache.org/viewvc?view=rev&rev=1777472
reference_id
reference_type
scores
url	https://svn.apache.org/viewvc?view=rev&rev=1777472

reference_url

https://web.archive.org/web/20200227165932/http://www.securityfocus.com/bid/94828

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20200227165932/http://www.securityfocus.com/bid/94828

reference_url

https://web.archive.org/web/20200517114357/http://www.securitytracker.com/id/1037432

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20200517114357/http://www.securitytracker.com/id/1037432

reference_url

http://www.securitytracker.com/id/1037432

reference_id

1037432

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:20:42Z/

url

http://www.securitytracker.com/id/1037432

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1403824
reference_id	1403824
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1403824

reference_url

https://security.gentoo.org/glsa/201705-09

reference_id

201705-09

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:20:42Z/

url

https://security.gentoo.org/glsa/201705-09

reference_url

https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E

reference_id

343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:20:42Z/

url

https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E

reference_id

37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:20:42Z/

url

https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E

reference_id

388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:20:42Z/

url

https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E

reference_id

39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:20:42Z/

url

https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E

reference_id

3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:20:42Z/

url

https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/4113c05d37f37c12b8033205684f04033c5f7a9bae117d4af23b32b4%40%3Cannounce.tomcat.apache.org%3E

reference_id

4113c05d37f37c12b8033205684f04033c5f7a9bae117d4af23b32b4%40%3Cannounce.tomcat.apache.org%3E

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:20:42Z/

url

https://lists.apache.org/thread.html/4113c05d37f37c12b8033205684f04033c5f7a9bae117d4af23b32b4%40%3Cannounce.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3E

reference_id

6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3E

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:20:42Z/

url

https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E

reference_id

845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:20:42Z/

url

https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a%40%3Cdev.tomcat.apache.org%3E

reference_id

88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a%40%3Cdev.tomcat.apache.org%3E

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:20:42Z/

url

https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a%40%3Cdev.tomcat.apache.org%3E

reference_url

http://www.securityfocus.com/bid/94828

reference_id

94828

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:20:42Z/

url

http://www.securityfocus.com/bid/94828

reference_url

https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E

reference_id

b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:20:42Z/

url

https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E

reference_id

b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:20:42Z/

url

https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E

reference_id

b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:20:42Z/

url

https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E

reference_url

http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html

reference_id

cpuapr2018-3678067.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:20:42Z/

url

http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html

reference_url

http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html

reference_id

cpuoct2017-3236626.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:20:42Z/

url

http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html

reference_url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8745

reference_id

CVE-2016-8745

reference_type

scores

value	Important
scoring_system	apache_tomcat
scoring_elements

url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8745

reference_url

http://www.debian.org/security/2017/dsa-3754

reference_id

dsa-3754

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:20:42Z/

url

http://www.debian.org/security/2017/dsa-3754

reference_url

http://www.debian.org/security/2017/dsa-3755

reference_id

dsa-3755

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:20:42Z/

url

http://www.debian.org/security/2017/dsa-3755

reference_url

https://github.com/advisories/GHSA-w3j5-q8f2-3cqq

reference_id

GHSA-w3j5-q8f2-3cqq

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-w3j5-q8f2-3cqq

reference_url

https://security.netapp.com/advisory/ntap-20180607-0002/

reference_id

ntap-20180607-0002

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:20:42Z/

url

https://security.netapp.com/advisory/ntap-20180607-0002/

reference_url

https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E

reference_id

r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:20:42Z/

url

https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d%40%3Cdev.tomcat.apache.org%3E

reference_id

r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d%40%3Cdev.tomcat.apache.org%3E

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:20:42Z/

url

https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d%40%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0%40%3Cdev.tomcat.apache.org%3E

reference_id

r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0%40%3Cdev.tomcat.apache.org%3E

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:20:42Z/

url

https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0%40%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E

reference_id

r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:20:42Z/

url

https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E

reference_id

r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:20:42Z/

url

https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E

reference_url

reference_id

RHSA-2017:0455

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:20:42Z/

url

reference_url

reference_id

RHSA-2017:0456

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:20:42Z/

url

reference_url	https://access.redhat.com/errata/RHSA-2017:0457
reference_id	RHSA-2017:0457
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0457

reference_url

reference_id

RHSA-2017-0457.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:20:42Z/

url

reference_url	https://access.redhat.com/errata/RHSA-2017:0527
reference_id	RHSA-2017:0527
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0527

reference_url

reference_id

RHSA-2017-0527.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:20:42Z/

url

reference_url

reference_id

RHSA-2017:0935

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:20:42Z/

url

http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00013.html

reference_url	https://usn.ubuntu.com/3177-1/
reference_id	USN-3177-1
reference_type
scores
url	https://usn.ubuntu.com/3177-1/

fixed_packages

url pkg:maven/org.apache.tomcat/tomcat@9.0.0.M15

purl pkg:maven/org.apache.tomcat/tomcat@9.0.0.M15

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16sq-3qm1-kqb2

vulnerability	VCID-2n2k-sh22-fkfw

vulnerability	VCID-3nvd-d9qm-13ew

vulnerability	VCID-4tdx-52h3-bkfj

vulnerability	VCID-5nu4-5ude-4yhc

vulnerability	VCID-697g-gcg9-zyaa

vulnerability	VCID-6kab-xsqw-37ed

vulnerability	VCID-6wqu-jupw-tyhu

vulnerability	VCID-7wr9-uez1-8bdg

vulnerability	VCID-97et-ubnp-wqcy

vulnerability	VCID-9xyf-k9wq-g7b9

vulnerability	VCID-dj7q-4map-ebg4

vulnerability	VCID-euv9-huaz-y3d1

vulnerability	VCID-fwgq-vmfm-j7bh

vulnerability	VCID-fy3t-qn64-bkhn

vulnerability	VCID-gecz-htub-27gx

vulnerability	VCID-hv33-kv9q-gugf

vulnerability	VCID-keh1-ycs9-ybdd

vulnerability	VCID-m3py-3ba2-jkg7

vulnerability	VCID-ngy5-k9cv-rkbn

vulnerability	VCID-p4j1-xp15-t3b8

vulnerability	VCID-p65m-6crd-bufr

vulnerability	VCID-qxbw-zvw5-ckdp

vulnerability	VCID-qxfb-yg6b-nfda

vulnerability	VCID-s2kf-jwgc-pfas

vulnerability	VCID-t8tc-zb3w-57gv

vulnerability	VCID-urhx-sw6q-cqce

vulnerability	VCID-uyc3-3cnp-wqf3

vulnerability	VCID-v9zx-5ppt-qfbb

vulnerability	VCID-vvc7-62tw-2bhh

vulnerability	VCID-w35j-v3r4-tqhu

vulnerability	VCID-yjb8-hdqu-4fe5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.0.M15

aliases CVE-2016-8745, GHSA-w3j5-q8f2-3cqq

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5hp9-mbcu-2bdt

url VCID-5nu4-5ude-4yhc

vulnerability_id VCID-5nu4-5ude-4yhc

summary

references

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00013.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17563.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17563.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-17563

reference_id

reference_type

scores

value	0.04359
scoring_system	epss
scoring_elements	0.8919
published_at	2026-06-11T12:55:00Z

value	0.04359
scoring_system	epss
scoring_elements	0.89228
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-17563

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/8b4c1db8300117b28a0f3f743c0b9e3f964687a690cdf9662a884bbd%40%3Cannounce.tomcat.apache.org%3E

reference_url	https://github.com/apache/tomcat/commit/1ecba14e690cf5f3f143eef6ae7037a6d3c16652
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/1ecba14e690cf5f3f143eef6ae7037a6d3c16652

reference_url	https://github.com/apache/tomcat/commit/e19a202ee43b6e2a538be5515ae0ab32d8ef112c
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/e19a202ee43b6e2a538be5515ae0ab32d8ef112c

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/8b4c1db8300117b28a0f3f743c0b9e3f964687a690cdf9662a884bbd%40%3Cannounce.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/reb9a66f176df29b9a832caa95ebd9ffa3284e8f4922ec4fa3ad8eb2e@%3Cissues.cxf.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/reb9a66f176df29b9a832caa95ebd9ffa3284e8f4922ec4fa3ad8eb2e@%3Cissues.cxf.apache.org%3E

reference_url

https://lists.debian.org/debian-lts-announce/2020/01/msg00024.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2020/01/msg00024.html

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20200107-0001

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20200107-0001

reference_url	https://security.netapp.com/advisory/ntap-20200107-0001/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20200107-0001/

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url	https://usn.ubuntu.com/4251-1/
reference_id
reference_type
scores
url	https://usn.ubuntu.com/4251-1/

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17563

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1785711
reference_id	1785711
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1785711

reference_url

reference_id

CVE-2019-17563

reference_type

scores

value	Low
scoring_system	apache_tomcat
scoring_elements

url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17563

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-17563

reference_id

CVE-2019-17563

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2019-17563

reference_url

https://github.com/advisories/GHSA-9xcj-c8cr-8c3c

reference_id

GHSA-9xcj-c8cr-8c3c

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-9xcj-c8cr-8c3c

reference_url	https://access.redhat.com/errata/RHSA-2020:0860
reference_id	RHSA-2020:0860
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0860

reference_url	https://access.redhat.com/errata/RHSA-2020:0861
reference_id	RHSA-2020:0861
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0861

reference_url	https://access.redhat.com/errata/RHSA-2020:1520
reference_id	RHSA-2020:1520
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1520

reference_url	https://access.redhat.com/errata/RHSA-2020:1521
reference_id	RHSA-2020:1521
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1521

reference_url	https://access.redhat.com/errata/RHSA-2020:4004
reference_id	RHSA-2020:4004
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4004

reference_url	https://access.redhat.com/errata/RHSA-2021:0882
reference_id	RHSA-2021:0882
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0882

reference_url	https://access.redhat.com/errata/RHSA-2021:1030
reference_id	RHSA-2021:1030
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1030

fixed_packages

url pkg:maven/org.apache.tomcat/tomcat@9.0.30

purl pkg:maven/org.apache.tomcat/tomcat@9.0.30

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16sq-3qm1-kqb2

vulnerability	VCID-2hmq-5245-jyaf

vulnerability	VCID-2n2k-sh22-fkfw

vulnerability	VCID-3kn9-yxww-ryh4

vulnerability	VCID-697g-gcg9-zyaa

vulnerability	VCID-6kab-xsqw-37ed

vulnerability	VCID-6wqu-jupw-tyhu

vulnerability	VCID-7wr9-uez1-8bdg

vulnerability	VCID-824z-m36f-87ea

vulnerability	VCID-97et-ubnp-wqcy

vulnerability	VCID-9xyf-k9wq-g7b9

vulnerability	VCID-bv5e-eycn-n7e2

vulnerability	VCID-dhxd-kknv-9qb7

vulnerability	VCID-dj7q-4map-ebg4

vulnerability	VCID-dx14-ejnx-37ad

vulnerability	VCID-euv9-huaz-y3d1

vulnerability	VCID-gecz-htub-27gx

vulnerability	VCID-hv33-kv9q-gugf

vulnerability	VCID-keh1-ycs9-ybdd

vulnerability	VCID-ngy5-k9cv-rkbn

vulnerability	VCID-nj9t-gdm3-6ycn

vulnerability	VCID-p4j1-xp15-t3b8

vulnerability	VCID-p65m-6crd-bufr

vulnerability	VCID-qvgx-r4rr-xugp

vulnerability	VCID-r9fd-ndvw-ekfa

vulnerability	VCID-s2kf-jwgc-pfas

vulnerability	VCID-t7xw-r7rz-u3g5

vulnerability	VCID-t8tc-zb3w-57gv

vulnerability	VCID-tvrz-n2kd-pba4

vulnerability	VCID-uyc3-3cnp-wqf3

vulnerability	VCID-v5zf-qfdq-kbbp

vulnerability	VCID-vfh6-rc99-e3bf

vulnerability	VCID-vnfg-9em7-u7ee

vulnerability	VCID-yg5s-2fsb-gub2

vulnerability	VCID-yjb8-hdqu-4fe5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.30

aliases CVE-2019-17563, GHSA-9xcj-c8cr-8c3c

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5nu4-5ude-4yhc

url VCID-697g-gcg9-zyaa

vulnerability_id VCID-697g-gcg9-zyaa

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-41293.json

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-41293.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-41293

reference_id

reference_type

scores

value	0.00073
scoring_system	epss
scoring_elements	0.2247
published_at	2026-06-12T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.22276
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-41293

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/19f17a257797e8d139b33ff9c88d362a273be148

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/19f17a257797e8d139b33ff9c88d362a273be148

reference_url

https://github.com/apache/tomcat/commit/1c70480466572c9192ed412ebefcd43fc63137fd

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/1c70480466572c9192ed412ebefcd43fc63137fd

reference_url

https://github.com/apache/tomcat/commit/2a2476460e823789f530a22207873ea8cd6eff3b

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/2a2476460e823789f530a22207873ea8cd6eff3b

reference_url

https://github.com/apache/tomcat/commit/3915fd27e6810b14ccd21e3d900bd8faef44d3df

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/3915fd27e6810b14ccd21e3d900bd8faef44d3df

reference_url

https://github.com/apache/tomcat/commit/57c2b3bfd62792631e1df24cf4237b990a0b36fa

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/57c2b3bfd62792631e1df24cf4237b990a0b36fa

reference_url

https://github.com/apache/tomcat/commit/c2925554c677da57390f940d856871e18daaacab

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/c2925554c677da57390f940d856871e18daaacab

reference_url

https://github.com/apache/tomcat/commit/cf9452443bcbf3b1a4b435ef7d624364f1b65ca3

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/cf9452443bcbf3b1a4b435ef7d624364f1b65ca3

reference_url

https://github.com/apache/tomcat/commit/e5cef9618c3f4fd31bd6fb1e83f0f18022280dac

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/e5cef9618c3f4fd31bd6fb1e83f0f18022280dac

reference_url

https://github.com/apache/tomcat/commit/f72a6174ab1f0f5a053435f80448b4f6837fe6d7

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/f72a6174ab1f0f5a053435f80448b4f6837fe6d7

reference_url

https://lists.apache.org/thread/qwg0q16z7xkb2qrr853wdll5531mvl1r

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread/qwg0q16z7xkb2qrr853wdll5531mvl1r

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2026-41293

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2026-41293

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2026/05/12/13

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2026/05/12/13

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2476513
reference_id	2476513
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2476513

reference_url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-41293

reference_id

CVE-2026-41293

reference_type

scores

value	Low
scoring_system	apache_tomcat
scoring_elements

url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-41293

reference_url

https://github.com/advisories/GHSA-r29c-68gh-xp6x

reference_id

GHSA-r29c-68gh-xp6x

reference_type

scores

value	CRITICAL
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-r29c-68gh-xp6x

reference_url	https://usn.ubuntu.com/8417-1/
reference_id	USN-8417-1
reference_type
scores
url	https://usn.ubuntu.com/8417-1/

fixed_packages

url	pkg:maven/org.apache.tomcat/tomcat@9.0.118
purl	pkg:maven/org.apache.tomcat/tomcat@9.0.118
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.118

url	pkg:maven/org.apache.tomcat/tomcat@10.1.55
purl	pkg:maven/org.apache.tomcat/tomcat@10.1.55
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.55

url	pkg:maven/org.apache.tomcat/tomcat@11.0.22
purl	pkg:maven/org.apache.tomcat/tomcat@11.0.22
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@11.0.22

aliases CVE-2026-41293, GHSA-r29c-68gh-xp6x

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-697g-gcg9-zyaa

url VCID-6kab-xsqw-37ed

vulnerability_id VCID-6kab-xsqw-37ed

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-42795.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-42795.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-42795

reference_id

reference_type

scores

value	0.00692
scoring_system	epss
scoring_elements	0.7232
published_at	2026-06-11T12:55:00Z

value	0.00692
scoring_system	epss
scoring_elements	0.72403
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-42795

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/30f8063d7a9b4c43ae4722f5e382a76af1d7a6bf

reference_url

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/30f8063d7a9b4c43ae4722f5e382a76af1d7a6bf

reference_url

https://github.com/apache/tomcat/commit/44d05d75d696ca10ce251e4e370511e38f20ae75

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/44d05d75d696ca10ce251e4e370511e38f20ae75

reference_url

https://github.com/apache/tomcat/commit/9375d67106f8df9eb9d7b360b2bef052fe67d3d4

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/9375d67106f8df9eb9d7b360b2bef052fe67d3d4

reference_url

https://github.com/apache/tomcat/commit/d6db22e411307c97ddf78315c15d5889356eca38

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/d6db22e411307c97ddf78315c15d5889356eca38

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2023-42795

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2023-42795

reference_url

https://security.netapp.com/advisory/ntap-20231103-0007

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20231103-0007

reference_url

http://www.openwall.com/lists/oss-security/2023/10/10/9

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2023/10/10/9

reference_url

https://lists.apache.org/thread/065jfyo583490r9j2v73nhpyxdob56lw

reference_id

065jfyo583490r9j2v73nhpyxdob56lw

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-18T16:23:53Z/

url

https://lists.apache.org/thread/065jfyo583490r9j2v73nhpyxdob56lw

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2243752
reference_id	2243752
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2243752

reference_url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42795

reference_id

CVE-2023-42795

reference_type

scores

value	Important
scoring_system	apache_tomcat
scoring_elements

url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42795

reference_url

https://github.com/advisories/GHSA-g8pj-r55q-5c2v

reference_id

GHSA-g8pj-r55q-5c2v

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-g8pj-r55q-5c2v

reference_url	https://access.redhat.com/errata/RHSA-2023:6206
reference_id	RHSA-2023:6206
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6206

reference_url	https://access.redhat.com/errata/RHSA-2023:6207
reference_id	RHSA-2023:6207
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6207

reference_url	https://access.redhat.com/errata/RHSA-2023:7247
reference_id	RHSA-2023:7247
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7247

reference_url	https://access.redhat.com/errata/RHSA-2024:0125
reference_id	RHSA-2024:0125
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0125

reference_url	https://access.redhat.com/errata/RHSA-2024:0474
reference_id	RHSA-2024:0474
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0474

reference_url	https://usn.ubuntu.com/7106-1/
reference_id	USN-7106-1
reference_type
scores
url	https://usn.ubuntu.com/7106-1/

reference_url	https://usn.ubuntu.com/7562-1/
reference_id	USN-7562-1
reference_type
scores
url	https://usn.ubuntu.com/7562-1/

fixed_packages

url pkg:maven/org.apache.tomcat/tomcat@9.0.81

purl pkg:maven/org.apache.tomcat/tomcat@9.0.81

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2n2k-sh22-fkfw

vulnerability	VCID-63vc-sc11-8kf1

vulnerability	VCID-697g-gcg9-zyaa

vulnerability	VCID-6wqu-jupw-tyhu

vulnerability	VCID-7wr9-uez1-8bdg

vulnerability	VCID-97et-ubnp-wqcy

vulnerability	VCID-9xyf-k9wq-g7b9

vulnerability	VCID-dhxd-kknv-9qb7

vulnerability	VCID-dj7q-4map-ebg4

vulnerability	VCID-hv33-kv9q-gugf

vulnerability	VCID-hvgr-azs4-qqac

vulnerability	VCID-keh1-ycs9-ybdd

vulnerability	VCID-ngy5-k9cv-rkbn

vulnerability	VCID-p4j1-xp15-t3b8

vulnerability	VCID-s2kf-jwgc-pfas

vulnerability	VCID-t8tc-zb3w-57gv

vulnerability	VCID-v5zf-qfdq-kbbp

vulnerability	VCID-vnfg-9em7-u7ee

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.81

url pkg:maven/org.apache.tomcat/tomcat@10.1.14

purl pkg:maven/org.apache.tomcat/tomcat@10.1.14

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2n2k-sh22-fkfw

vulnerability	VCID-63vc-sc11-8kf1

vulnerability	VCID-697g-gcg9-zyaa

vulnerability	VCID-6wqu-jupw-tyhu

vulnerability	VCID-7wr9-uez1-8bdg

vulnerability	VCID-97et-ubnp-wqcy

vulnerability	VCID-9xyf-k9wq-g7b9

vulnerability	VCID-bwh8-tmf1-8uac

vulnerability	VCID-dj7q-4map-ebg4

vulnerability	VCID-hv33-kv9q-gugf

vulnerability	VCID-hvgr-azs4-qqac

vulnerability	VCID-keh1-ycs9-ybdd

vulnerability	VCID-n4qq-m1x3-qkbz

vulnerability	VCID-ngy5-k9cv-rkbn

vulnerability	VCID-p4j1-xp15-t3b8

vulnerability	VCID-s2kf-jwgc-pfas

vulnerability	VCID-t8tc-zb3w-57gv

vulnerability	VCID-v5zf-qfdq-kbbp

vulnerability	VCID-vnfg-9em7-u7ee

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.14

url pkg:maven/org.apache.tomcat/tomcat@11.0.0-M12

purl pkg:maven/org.apache.tomcat/tomcat@11.0.0-M12

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2n2k-sh22-fkfw

vulnerability	VCID-63vc-sc11-8kf1

vulnerability	VCID-697g-gcg9-zyaa

vulnerability	VCID-6wqu-jupw-tyhu

vulnerability	VCID-7wr9-uez1-8bdg

vulnerability	VCID-97et-ubnp-wqcy

vulnerability	VCID-9xyf-k9wq-g7b9

vulnerability	VCID-bwh8-tmf1-8uac

vulnerability	VCID-dhxd-kknv-9qb7

vulnerability	VCID-dj7q-4map-ebg4

vulnerability	VCID-hv33-kv9q-gugf

vulnerability	VCID-hvgr-azs4-qqac

vulnerability	VCID-keh1-ycs9-ybdd

vulnerability	VCID-n4qq-m1x3-qkbz

vulnerability	VCID-ngy5-k9cv-rkbn

vulnerability	VCID-p4j1-xp15-t3b8

vulnerability	VCID-s2kf-jwgc-pfas

vulnerability	VCID-t8tc-zb3w-57gv

vulnerability	VCID-vnfg-9em7-u7ee

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@11.0.0-M12

aliases CVE-2023-42795, GHSA-g8pj-r55q-5c2v

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6kab-xsqw-37ed

url VCID-6wqu-jupw-tyhu

vulnerability_id VCID-6wqu-jupw-tyhu

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-55752.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-55752.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-55752

reference_id

reference_type

scores

value	0.00274
scoring_system	epss
scoring_elements	0.51126
published_at	2026-06-11T12:55:00Z

value	0.00274
scoring_system	epss
scoring_elements	0.51257
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-55752

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	7.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/130d36d8492ef9e4eb22952c17c92423cb35fd06

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	7.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/130d36d8492ef9e4eb22952c17c92423cb35fd06

reference_url

https://github.com/apache/tomcat/commit/b5042622b8b78340ae65403c55dcb9c7416924df

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	7.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/b5042622b8b78340ae65403c55dcb9c7416924df

reference_url

https://github.com/apache/tomcat/commit/fec06c610ed7466b401e29cc567a58aee5ed826a

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	7.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/fec06c610ed7466b401e29cc567a58aee5ed826a

reference_url

https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.45

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	7.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.45

reference_url

https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.11

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	7.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.11

reference_url

https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.109

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	7.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.109

reference_url

http://www.openwall.com/lists/oss-security/2025/10/27/4

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	7.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2025/10/27/4

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2406591
reference_id	2406591
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2406591

reference_url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-55752

reference_id

CVE-2025-55752

reference_type

scores

value	Important
scoring_system	apache_tomcat
scoring_elements

url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-55752

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2025-55752

reference_id

CVE-2025-55752

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	7.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2025-55752

reference_url

https://www.vicarius.io/vsociety/posts/cve-2025-55752-detect-apache-tomcat-vulnerability

reference_id

CVE-2025-55752-DETECT-APACHE-TOMCAT-VULNERABILITY

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	7.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.vicarius.io/vsociety/posts/cve-2025-55752-detect-apache-tomcat-vulnerability

reference_url

https://www.vicarius.io/vsociety/posts/cve-2025-55752-mitigate-apache-tomcat-vulnerability

reference_id

CVE-2025-55752-MITIGATE-APACHE-TOMCAT-VULNERABILITY

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	7.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.vicarius.io/vsociety/posts/cve-2025-55752-mitigate-apache-tomcat-vulnerability

reference_url

https://github.com/advisories/GHSA-wmwf-9ccg-fff5

reference_id

GHSA-wmwf-9ccg-fff5

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-wmwf-9ccg-fff5

reference_url

https://lists.apache.org/thread/n05kjcwyj1s45ovs8ll1qrrojhfb1tog

reference_id

n05kjcwyj1s45ovs8ll1qrrojhfb1tog

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	7.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-28T03:56:06Z/

url

https://lists.apache.org/thread/n05kjcwyj1s45ovs8ll1qrrojhfb1tog

reference_url	https://access.redhat.com/errata/RHSA-2025:19809
reference_id	RHSA-2025:19809
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:19809

reference_url	https://access.redhat.com/errata/RHSA-2025:19810
reference_id	RHSA-2025:19810
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:19810

reference_url	https://access.redhat.com/errata/RHSA-2025:22924
reference_id	RHSA-2025:22924
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:22924

reference_url	https://access.redhat.com/errata/RHSA-2025:22925
reference_id	RHSA-2025:22925
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:22925

reference_url	https://access.redhat.com/errata/RHSA-2025:23044
reference_id	RHSA-2025:23044
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:23044

reference_url	https://access.redhat.com/errata/RHSA-2025:23045
reference_id	RHSA-2025:23045
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:23045

reference_url	https://access.redhat.com/errata/RHSA-2025:23046
reference_id	RHSA-2025:23046
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:23046

reference_url	https://access.redhat.com/errata/RHSA-2025:23047
reference_id	RHSA-2025:23047
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:23047

reference_url	https://access.redhat.com/errata/RHSA-2025:23048
reference_id	RHSA-2025:23048
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:23048

reference_url	https://access.redhat.com/errata/RHSA-2025:23049
reference_id	RHSA-2025:23049
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:23049

reference_url	https://access.redhat.com/errata/RHSA-2025:23050
reference_id	RHSA-2025:23050
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:23050

reference_url	https://access.redhat.com/errata/RHSA-2025:23051
reference_id	RHSA-2025:23051
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:23051

reference_url	https://access.redhat.com/errata/RHSA-2025:23052
reference_id	RHSA-2025:23052
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:23052

reference_url	https://access.redhat.com/errata/RHSA-2025:23053
reference_id	RHSA-2025:23053
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:23053

reference_url	https://access.redhat.com/errata/RHSA-2025:23225
reference_id	RHSA-2025:23225
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:23225

reference_url	https://access.redhat.com/errata/RHSA-2026:0292
reference_id	RHSA-2026:0292
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:0292

reference_url	https://access.redhat.com/errata/RHSA-2026:0293
reference_id	RHSA-2026:0293
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:0293

reference_url	https://access.redhat.com/errata/RHSA-2026:2724
reference_id	RHSA-2026:2724
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2724

reference_url	https://access.redhat.com/errata/RHSA-2026:2725
reference_id	RHSA-2026:2725
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2725

reference_url	https://access.redhat.com/errata/RHSA-2026:2726
reference_id	RHSA-2026:2726
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2726

reference_url	https://access.redhat.com/errata/RHSA-2026:6569
reference_id	RHSA-2026:6569
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6569

reference_url	https://access.redhat.com/errata/RHSA-2026:8334
reference_id	RHSA-2026:8334
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8334

fixed_packages

url pkg:maven/org.apache.tomcat/tomcat@9.0.109

purl pkg:maven/org.apache.tomcat/tomcat@9.0.109

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2n2k-sh22-fkfw

vulnerability	VCID-697g-gcg9-zyaa

vulnerability	VCID-7wr9-uez1-8bdg

vulnerability	VCID-97et-ubnp-wqcy

vulnerability	VCID-9xyf-k9wq-g7b9

vulnerability	VCID-bwh8-tmf1-8uac

vulnerability	VCID-dhxd-kknv-9qb7

vulnerability	VCID-dj7q-4map-ebg4

vulnerability	VCID-hv33-kv9q-gugf

vulnerability	VCID-hvgr-azs4-qqac

vulnerability	VCID-keh1-ycs9-ybdd

vulnerability	VCID-n4qq-m1x3-qkbz

vulnerability	VCID-nctp-shgj-sfgh

vulnerability	VCID-p4j1-xp15-t3b8

vulnerability	VCID-s2kf-jwgc-pfas

vulnerability	VCID-t8tc-zb3w-57gv

vulnerability	VCID-vnfg-9em7-u7ee

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.109

url pkg:maven/org.apache.tomcat/tomcat@10.1.45

purl pkg:maven/org.apache.tomcat/tomcat@10.1.45

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2n2k-sh22-fkfw

vulnerability	VCID-697g-gcg9-zyaa

vulnerability	VCID-7wr9-uez1-8bdg

vulnerability	VCID-97et-ubnp-wqcy

vulnerability	VCID-9xyf-k9wq-g7b9

vulnerability	VCID-bwh8-tmf1-8uac

vulnerability	VCID-dj7q-4map-ebg4

vulnerability	VCID-hv33-kv9q-gugf

vulnerability	VCID-hvgr-azs4-qqac

vulnerability	VCID-keh1-ycs9-ybdd

vulnerability	VCID-n4qq-m1x3-qkbz

vulnerability	VCID-nctp-shgj-sfgh

vulnerability	VCID-p4j1-xp15-t3b8

vulnerability	VCID-s2kf-jwgc-pfas

vulnerability	VCID-t8tc-zb3w-57gv

vulnerability	VCID-vnfg-9em7-u7ee

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.45

url pkg:maven/org.apache.tomcat/tomcat@11.0.11

purl pkg:maven/org.apache.tomcat/tomcat@11.0.11

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2n2k-sh22-fkfw

vulnerability	VCID-697g-gcg9-zyaa

vulnerability	VCID-7wr9-uez1-8bdg

vulnerability	VCID-97et-ubnp-wqcy

vulnerability	VCID-9xyf-k9wq-g7b9

vulnerability	VCID-bwh8-tmf1-8uac

vulnerability	VCID-dhxd-kknv-9qb7

vulnerability	VCID-dj7q-4map-ebg4

vulnerability	VCID-hv33-kv9q-gugf

vulnerability	VCID-hvgr-azs4-qqac

vulnerability	VCID-keh1-ycs9-ybdd

vulnerability	VCID-n4qq-m1x3-qkbz

vulnerability	VCID-nctp-shgj-sfgh

vulnerability	VCID-p4j1-xp15-t3b8

vulnerability	VCID-s2kf-jwgc-pfas

vulnerability	VCID-t8tc-zb3w-57gv

vulnerability	VCID-vnfg-9em7-u7ee

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@11.0.11

aliases CVE-2025-55752, GHSA-wmwf-9ccg-fff5

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6wqu-jupw-tyhu

url VCID-7wr9-uez1-8bdg

vulnerability_id VCID-7wr9-uez1-8bdg

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25854.json

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25854.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-25854

reference_id

reference_type

scores

value	0.00033
scoring_system	epss
scoring_elements	0.10241
published_at	2026-06-11T12:55:00Z

value	0.00033
scoring_system	epss
scoring_elements	0.1029
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-25854

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2026-25854

reference_url	https://github.com/apache/tomcat/commit/4c5d306001b780c9316aea5ff6502c524fb20695
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/4c5d306001b780c9316aea5ff6502c524fb20695

reference_url	https://github.com/apache/tomcat/commit/5fb910f9a9dafa37a0c0965a1bd62a21dcf437f2
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/5fb910f9a9dafa37a0c0965a1bd62a21dcf437f2

reference_url	https://github.com/apache/tomcat/commit/c5a45ae68d07f7a07be2a875e5b6772d66c4e5d0
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/c5a45ae68d07f7a07be2a875e5b6772d66c4e5d0

reference_url

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2026-25854

reference_url

http://www.openwall.com/lists/oss-security/2026/04/09/21

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2026/04/09/21

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133356
reference_id	1133356
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133356

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133357
reference_id	1133357
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133357

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2457039
reference_id	2457039
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2457039

reference_url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25854

reference_id

CVE-2026-25854

reference_type

scores

value	Low
scoring_system	apache_tomcat
scoring_elements

url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25854

reference_url

https://lists.apache.org/thread/ghct3b6o74bp2vm7q875s1zh0dqrz3h0

reference_id

ghct3b6o74bp2vm7q875s1zh0dqrz3h0

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-10T18:21:57Z/

url

https://lists.apache.org/thread/ghct3b6o74bp2vm7q875s1zh0dqrz3h0

reference_url

https://github.com/advisories/GHSA-9m3c-qcxr-9x87

reference_id

GHSA-9m3c-qcxr-9x87

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-9m3c-qcxr-9x87

reference_url	https://access.redhat.com/errata/RHSA-2026:20405
reference_id	RHSA-2026:20405
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:20405

reference_url	https://access.redhat.com/errata/RHSA-2026:20406
reference_id	RHSA-2026:20406
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:20406

fixed_packages

url pkg:maven/org.apache.tomcat/tomcat@9.0.116

purl pkg:maven/org.apache.tomcat/tomcat@9.0.116

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2n2k-sh22-fkfw

vulnerability	VCID-697g-gcg9-zyaa

vulnerability	VCID-97et-ubnp-wqcy

vulnerability	VCID-9xyf-k9wq-g7b9

vulnerability	VCID-dhxd-kknv-9qb7

vulnerability	VCID-dj7q-4map-ebg4

vulnerability	VCID-hv33-kv9q-gugf

vulnerability	VCID-hvgr-azs4-qqac

vulnerability	VCID-nctp-shgj-sfgh

vulnerability	VCID-nfmu-1t27-e3fu

vulnerability	VCID-s2kf-jwgc-pfas

vulnerability	VCID-vnfg-9em7-u7ee

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.116

url pkg:maven/org.apache.tomcat/tomcat@10.1.53

purl pkg:maven/org.apache.tomcat/tomcat@10.1.53

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2n2k-sh22-fkfw

vulnerability	VCID-697g-gcg9-zyaa

vulnerability	VCID-97et-ubnp-wqcy

vulnerability	VCID-9xyf-k9wq-g7b9

vulnerability	VCID-dhxd-kknv-9qb7

vulnerability	VCID-dj7q-4map-ebg4

vulnerability	VCID-hv33-kv9q-gugf

vulnerability	VCID-hvgr-azs4-qqac

vulnerability	VCID-nctp-shgj-sfgh

vulnerability	VCID-nfmu-1t27-e3fu

vulnerability	VCID-s2kf-jwgc-pfas

vulnerability	VCID-vnfg-9em7-u7ee

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.53

url pkg:maven/org.apache.tomcat/tomcat@11.0.20

purl pkg:maven/org.apache.tomcat/tomcat@11.0.20

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2n2k-sh22-fkfw

vulnerability	VCID-697g-gcg9-zyaa

vulnerability	VCID-97et-ubnp-wqcy

vulnerability	VCID-9xyf-k9wq-g7b9

vulnerability	VCID-dhxd-kknv-9qb7

vulnerability	VCID-dj7q-4map-ebg4

vulnerability	VCID-hv33-kv9q-gugf

vulnerability	VCID-hvgr-azs4-qqac

vulnerability	VCID-nctp-shgj-sfgh

vulnerability	VCID-nfmu-1t27-e3fu

vulnerability	VCID-s2kf-jwgc-pfas

vulnerability	VCID-vnfg-9em7-u7ee

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@11.0.20

aliases CVE-2026-25854, GHSA-9m3c-qcxr-9x87

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7wr9-uez1-8bdg

url VCID-97et-ubnp-wqcy

vulnerability_id VCID-97et-ubnp-wqcy

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43512.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43512.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-43512

reference_id

reference_type

scores

value	0.00139
scoring_system	epss
scoring_elements	0.33696
published_at	2026-06-11T12:55:00Z

value	0.00139
scoring_system	epss
scoring_elements	0.33874
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-43512

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/apache/tomcat/commit/3d4d3fae07a6cd9c2eb193c5491001740ec64448

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/3d4d3fae07a6cd9c2eb193c5491001740ec64448

reference_url

https://github.com/apache/tomcat/commit/6565a6cb6499e56fe2f34457cec99f9d1c4f39e9

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/6565a6cb6499e56fe2f34457cec99f9d1c4f39e9

reference_url

https://github.com/apache/tomcat/commit/a99c355e8199adbfd67c9a1fffbd85b810b196cd

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/a99c355e8199adbfd67c9a1fffbd85b810b196cd

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2026-43512

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2026-43512

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2026/05/12/8

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2026/05/12/8

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2476511
reference_id	2476511
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2476511

reference_url

https://lists.apache.org/thread/7x09x7o12solvclslw3sz0288xc8wx73

reference_id

7x09x7o12solvclslw3sz0288xc8wx73

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-14T16:38:42Z/

url

https://lists.apache.org/thread/7x09x7o12solvclslw3sz0288xc8wx73

reference_url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-43512

reference_id

CVE-2026-43512

reference_type

scores

value	Moderate
scoring_system	apache_tomcat
scoring_elements

url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-43512

reference_url

https://github.com/advisories/GHSA-h6fc-48rj-7qqh

reference_id

GHSA-h6fc-48rj-7qqh

reference_type

scores

value	CRITICAL
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-h6fc-48rj-7qqh

reference_url	https://access.redhat.com/errata/RHSA-2026:13745
reference_id	RHSA-2026:13745
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:13745

reference_url	https://access.redhat.com/errata/RHSA-2026:16528
reference_id	RHSA-2026:16528
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:16528

reference_url	https://access.redhat.com/errata/RHSA-2026:25123
reference_id	RHSA-2026:25123
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:25123

reference_url	https://usn.ubuntu.com/8383-1/
reference_id	USN-8383-1
reference_type
scores
url	https://usn.ubuntu.com/8383-1/

reference_url	https://usn.ubuntu.com/8417-1/
reference_id	USN-8417-1
reference_type
scores
url	https://usn.ubuntu.com/8417-1/

fixed_packages

url	pkg:maven/org.apache.tomcat/tomcat@9.0.118
purl	pkg:maven/org.apache.tomcat/tomcat@9.0.118
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.118

url	pkg:maven/org.apache.tomcat/tomcat@10.1.55
purl	pkg:maven/org.apache.tomcat/tomcat@10.1.55
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.55

url	pkg:maven/org.apache.tomcat/tomcat@11.0.22
purl	pkg:maven/org.apache.tomcat/tomcat@11.0.22
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@11.0.22

aliases CVE-2026-43512, GHSA-h6fc-48rj-7qqh

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-97et-ubnp-wqcy

url VCID-9xyf-k9wq-g7b9

vulnerability_id VCID-9xyf-k9wq-g7b9

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42498.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42498.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-42498

reference_id

reference_type

scores

value	0.0005
scoring_system	epss
scoring_elements	0.15929
published_at	2026-06-11T12:55:00Z

value	0.0005
scoring_system	epss
scoring_elements	0.16071
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-42498

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/169d725788ea6aec217ecac70fe4161c837ba423

reference_url

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/169d725788ea6aec217ecac70fe4161c837ba423

reference_url

https://github.com/apache/tomcat/commit/6cbe274592ef2d11607b5b188e1df649de52f8d5

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/6cbe274592ef2d11607b5b188e1df649de52f8d5

reference_url

https://github.com/apache/tomcat/commit/b7b173694d588ddcfa432f079baf763cbbbaa5c4

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/b7b173694d588ddcfa432f079baf763cbbbaa5c4

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2026-42498

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2026-42498

reference_url

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2026/05/12/14

reference_url

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2026/05/12/14

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2476516
reference_id	2476516
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2476516

reference_url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42498

reference_id

CVE-2026-42498

reference_type

scores

value	Low
scoring_system	apache_tomcat
scoring_elements

url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42498

reference_url

https://github.com/advisories/GHSA-fv25-8xcx-gqjc

reference_id

GHSA-fv25-8xcx-gqjc

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-fv25-8xcx-gqjc

reference_url

https://lists.apache.org/thread/n61zwf75jrv09rz90j4jssncm244bwdb

reference_id

n61zwf75jrv09rz90j4jssncm244bwdb

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-13T15:58:45Z/

url

https://lists.apache.org/thread/n61zwf75jrv09rz90j4jssncm244bwdb

reference_url	https://usn.ubuntu.com/8417-1/
reference_id	USN-8417-1
reference_type
scores
url	https://usn.ubuntu.com/8417-1/

fixed_packages

url	pkg:maven/org.apache.tomcat/tomcat@9.0.118
purl	pkg:maven/org.apache.tomcat/tomcat@9.0.118
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.118

url	pkg:maven/org.apache.tomcat/tomcat@10.1.55
purl	pkg:maven/org.apache.tomcat/tomcat@10.1.55
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.55

url	pkg:maven/org.apache.tomcat/tomcat@11.0.22
purl	pkg:maven/org.apache.tomcat/tomcat@11.0.22
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@11.0.22

aliases CVE-2026-42498, GHSA-fv25-8xcx-gqjc

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9xyf-k9wq-g7b9

url VCID-dj7q-4map-ebg4

vulnerability_id VCID-dj7q-4map-ebg4

summary

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-43515

reference_id

reference_type

scores

value	0.00095
scoring_system	epss
scoring_elements	0.26417
published_at	2026-06-11T12:55:00Z

value	0.00095
scoring_system	epss
scoring_elements	0.26619
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-43515

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/276087d9c7abbcecc6c4fb4e4b08cf64780c6e36

reference_url	https://github.com/apache/tomcat/commit/0659748659ec75253fea5aac72cab6f94e79c419
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/0659748659ec75253fea5aac72cab6f94e79c419

reference_url

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/276087d9c7abbcecc6c4fb4e4b08cf64780c6e36

reference_url

https://github.com/apache/tomcat/commit/c621317382682206fb58ab92ebd3e1b6fdd10ce9

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/c621317382682206fb58ab92ebd3e1b6fdd10ce9

reference_url

https://github.com/apache/tomcat/commit/db919ff9912b4d61d1b702a1342b8bde39270031

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/db919ff9912b4d61d1b702a1342b8bde39270031

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2026-43515

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2026-43515

reference_url

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2026/05/12/11

reference_url

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2026/05/12/11

reference_url

https://lists.apache.org/thread/746nxfxod0wsocxtmv8pb8nkgmwpc6bb

reference_id

746nxfxod0wsocxtmv8pb8nkgmwpc6bb

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-14T16:33:57Z/

url

https://lists.apache.org/thread/746nxfxod0wsocxtmv8pb8nkgmwpc6bb

reference_url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-43515

reference_id

CVE-2026-43515

reference_type

scores

value	Moderate
scoring_system	apache_tomcat
scoring_elements

url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-43515

reference_url

https://github.com/advisories/GHSA-5m62-pw8w-7w9f

reference_id

GHSA-5m62-pw8w-7w9f

reference_type

scores

value	CRITICAL
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-5m62-pw8w-7w9f

reference_url	https://usn.ubuntu.com/8383-1/
reference_id	USN-8383-1
reference_type
scores
url	https://usn.ubuntu.com/8383-1/

reference_url	https://usn.ubuntu.com/8417-1/
reference_id	USN-8417-1
reference_type
scores
url	https://usn.ubuntu.com/8417-1/

fixed_packages

url	pkg:maven/org.apache.tomcat/tomcat@9.0.118
purl	pkg:maven/org.apache.tomcat/tomcat@9.0.118
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.118

url	pkg:maven/org.apache.tomcat/tomcat@10.1.55
purl	pkg:maven/org.apache.tomcat/tomcat@10.1.55
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.55

url	pkg:maven/org.apache.tomcat/tomcat@11.0.22
purl	pkg:maven/org.apache.tomcat/tomcat@11.0.22
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@11.0.22

aliases CVE-2026-43515, GHSA-5m62-pw8w-7w9f

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dj7q-4map-ebg4

url VCID-euv9-huaz-y3d1

vulnerability_id VCID-euv9-huaz-y3d1

summary

references

reference_url

http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00084.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00084.html

reference_url

http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00088.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00088.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13934.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13934.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-13934

reference_id

reference_type

scores

value	0.2338
scoring_system	epss
scoring_elements	0.96093
published_at	2026-06-12T12:55:00Z

value	0.2338
scoring_system	epss
scoring_elements	0.96081
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-13934

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r61f411cf82488d6ec213063fc15feeeb88e31b0ca9c29652ee4f962e%40%3Cannounce.tomcat.apache.org%3E

reference_url	https://github.com/apache/tomcat/commit/172977f04a5215128f1e278a688983dcd230f399
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/172977f04a5215128f1e278a688983dcd230f399

reference_url	https://github.com/apache/tomcat/commit/923d834500802a61779318911d7898bd85fc950e
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/923d834500802a61779318911d7898bd85fc950e

reference_url	https://github.com/apache/tomcat/commit/c9167ae30f3b03b112f3d81772e3450b7d0e6a25
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/c9167ae30f3b03b112f3d81772e3450b7d0e6a25

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r61f411cf82488d6ec213063fc15feeeb88e31b0ca9c29652ee4f962e%40%3Cannounce.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/ra072b1f786e7d139e86f1d1145572e0ff71cef38a96d9c6f5362aac8@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/ra072b1f786e7d139e86f1d1145572e0ff71cef38a96d9c6f5362aac8@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.debian.org/debian-lts-announce/2020/07/msg00017.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2020/07/msg00017.html

reference_url

https://security.netapp.com/advisory/ntap-20200724-0003

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20200724-0003

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1857040
reference_id	1857040
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1857040

reference_url

reference_id

AVG-1205

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13934

reference_url

reference_id

CVE-2020-13934

reference_type

scores

value	Moderate
scoring_system	apache_tomcat
scoring_elements

url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13934

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-13934

reference_id

CVE-2020-13934

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2020-13934

reference_url

https://github.com/advisories/GHSA-vf77-8h7g-gghp

reference_id

GHSA-vf77-8h7g-gghp

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-vf77-8h7g-gghp

reference_url	https://access.redhat.com/errata/RHSA-2020:3306
reference_id	RHSA-2020:3306
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3306

reference_url	https://access.redhat.com/errata/RHSA-2020:3308
reference_id	RHSA-2020:3308
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3308

reference_url	https://access.redhat.com/errata/RHSA-2020:3806
reference_id	RHSA-2020:3806
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3806

reference_url	https://access.redhat.com/errata/RHSA-2021:3140
reference_id	RHSA-2021:3140
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:3140

reference_url	https://usn.ubuntu.com/4596-1/
reference_id	USN-4596-1
reference_type
scores
url	https://usn.ubuntu.com/4596-1/

fixed_packages

url pkg:maven/org.apache.tomcat/tomcat@9.0.36

purl pkg:maven/org.apache.tomcat/tomcat@9.0.36

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16sq-3qm1-kqb2

vulnerability	VCID-2hmq-5245-jyaf

vulnerability	VCID-2n2k-sh22-fkfw

vulnerability	VCID-3kn9-yxww-ryh4

vulnerability	VCID-697g-gcg9-zyaa

vulnerability	VCID-6kab-xsqw-37ed

vulnerability	VCID-6wqu-jupw-tyhu

vulnerability	VCID-7wr9-uez1-8bdg

vulnerability	VCID-97et-ubnp-wqcy

vulnerability	VCID-9xyf-k9wq-g7b9

vulnerability	VCID-dhxd-kknv-9qb7

vulnerability	VCID-dj7q-4map-ebg4

vulnerability	VCID-dx14-ejnx-37ad

vulnerability	VCID-euv9-huaz-y3d1

vulnerability	VCID-hv33-kv9q-gugf

vulnerability	VCID-keh1-ycs9-ybdd

vulnerability	VCID-ngy5-k9cv-rkbn

vulnerability	VCID-nj9t-gdm3-6ycn

vulnerability	VCID-p4j1-xp15-t3b8

vulnerability	VCID-p65m-6crd-bufr

vulnerability	VCID-qvgx-r4rr-xugp

vulnerability	VCID-r9fd-ndvw-ekfa

vulnerability	VCID-s2kf-jwgc-pfas

vulnerability	VCID-t8tc-zb3w-57gv

vulnerability	VCID-tvrz-n2kd-pba4

vulnerability	VCID-uyc3-3cnp-wqf3

vulnerability	VCID-v5zf-qfdq-kbbp

vulnerability	VCID-vfh6-rc99-e3bf

vulnerability	VCID-vnfg-9em7-u7ee

vulnerability	VCID-yjb8-hdqu-4fe5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.36

url pkg:maven/org.apache.tomcat/tomcat@9.0.37

purl pkg:maven/org.apache.tomcat/tomcat@9.0.37

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16sq-3qm1-kqb2

vulnerability	VCID-2hmq-5245-jyaf

vulnerability	VCID-2n2k-sh22-fkfw

vulnerability	VCID-3kn9-yxww-ryh4

vulnerability	VCID-697g-gcg9-zyaa

vulnerability	VCID-6kab-xsqw-37ed

vulnerability	VCID-6wqu-jupw-tyhu

vulnerability	VCID-7wr9-uez1-8bdg

vulnerability	VCID-97et-ubnp-wqcy

vulnerability	VCID-9xyf-k9wq-g7b9

vulnerability	VCID-dhxd-kknv-9qb7

vulnerability	VCID-dj7q-4map-ebg4

vulnerability	VCID-dx14-ejnx-37ad

vulnerability	VCID-hv33-kv9q-gugf

vulnerability	VCID-keh1-ycs9-ybdd

vulnerability	VCID-ngy5-k9cv-rkbn

vulnerability	VCID-nj9t-gdm3-6ycn

vulnerability	VCID-nstu-jfc5-3kgd

vulnerability	VCID-p4j1-xp15-t3b8

vulnerability	VCID-qvgx-r4rr-xugp

vulnerability	VCID-r9fd-ndvw-ekfa

vulnerability	VCID-s2kf-jwgc-pfas

vulnerability	VCID-t8tc-zb3w-57gv

vulnerability	VCID-tvrz-n2kd-pba4

vulnerability	VCID-uyc3-3cnp-wqf3

vulnerability	VCID-v5zf-qfdq-kbbp

vulnerability	VCID-vfh6-rc99-e3bf

vulnerability	VCID-vnfg-9em7-u7ee

vulnerability	VCID-yjb8-hdqu-4fe5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.37

url pkg:maven/org.apache.tomcat/tomcat@10.0.0-M6

purl pkg:maven/org.apache.tomcat/tomcat@10.0.0-M6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-euv9-huaz-y3d1

vulnerability	VCID-p65m-6crd-bufr

vulnerability	VCID-qvgx-r4rr-xugp

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.0.0-M6

url pkg:maven/org.apache.tomcat/tomcat@10.0.0-M7

purl pkg:maven/org.apache.tomcat/tomcat@10.0.0-M7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-nstu-jfc5-3kgd

vulnerability	VCID-qvgx-r4rr-xugp

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.0.0-M7

aliases CVE-2020-13934, GHSA-vf77-8h7g-gghp

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-euv9-huaz-y3d1

url VCID-fwgq-vmfm-j7bh

vulnerability_id VCID-fwgq-vmfm-j7bh

summary

references

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2017:2633

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2017:2633

reference_url

https://access.redhat.com/errata/RHSA-2017:2635

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2017:2635

reference_url

https://access.redhat.com/errata/RHSA-2017:2636

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2017:2636

reference_url

https://access.redhat.com/errata/RHSA-2017:2637

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2017:2637

reference_url

https://access.redhat.com/errata/RHSA-2017:2638

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2017:2638

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5664.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5664.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-5664

reference_id

reference_type

scores

value	0.10802
scoring_system	epss
scoring_elements	0.93519
published_at	2026-06-11T12:55:00Z

value	0.10802
scoring_system	epss
scoring_elements	0.9354
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-5664

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:P/A:N

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat80/commit/25d3c0d93190ef165ecd6c744bc15b5059abfa8f

reference_url	https://github.com/apache/tomcat70/commit/3bfe9fb886598c4d8ecbe674216152006bbce456
reference_id
reference_type
scores
url	https://github.com/apache/tomcat70/commit/3bfe9fb886598c4d8ecbe674216152006bbce456

reference_url	https://github.com/apache/tomcat70/commit/58b32048ce25cb812ae394dafb0cd57254c68155
reference_id
reference_type
scores
url	https://github.com/apache/tomcat70/commit/58b32048ce25cb812ae394dafb0cd57254c68155

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat80/commit/25d3c0d93190ef165ecd6c744bc15b5059abfa8f

reference_url

https://github.com/apache/tomcat80/commit/e070a31ec81b56377822e44883c64abb41f36a3b

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat80/commit/e070a31ec81b56377822e44883c64abb41f36a3b

reference_url	https://github.com/apache/tomcat85/commit/29893e66111d33cfe99dd01cb146317c0c262ef4
reference_id
reference_type
scores
url	https://github.com/apache/tomcat85/commit/29893e66111d33cfe99dd01cb146317c0c262ef4

reference_url	https://github.com/apache/tomcat85/commit/3242efea525df01d15da6e90ea69a9a21b10b454
reference_id
reference_type
scores
url	https://github.com/apache/tomcat85/commit/3242efea525df01d15da6e90ea69a9a21b10b454

reference_url

https://github.com/apache/tomcat/commit/29893e66111d33cfe99dd01cb146317c0c262ef4

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/29893e66111d33cfe99dd01cb146317c0c262ef4

reference_url

https://github.com/apache/tomcat/commit/3242efea525df01d15da6e90ea69a9a21b10b454

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/3242efea525df01d15da6e90ea69a9a21b10b454

reference_url

https://github.com/apache/tomcat/commit/3bfe9fb886598c4d8ecbe674216152006bbce456

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/3bfe9fb886598c4d8ecbe674216152006bbce456

reference_url

https://github.com/apache/tomcat/commit/4545dcce444aa619374a659cb450dbbd0be3c921

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/4545dcce444aa619374a659cb450dbbd0be3c921

reference_url

https://github.com/apache/tomcat/commit/58b32048ce25cb812ae394dafb0cd57254c68155

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/58b32048ce25cb812ae394dafb0cd57254c68155

reference_url

https://github.com/apache/tomcat/commit/7d93527254d9e9371b342800617f20d13c8b85ad

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/7d93527254d9e9371b342800617f20d13c8b85ad

reference_url

https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/a42c48e37398d76334e17089e43ccab945238b8b7896538478d76066@%3Cannounce.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/a42c48e37398d76334e17089e43ccab945238b8b7896538478d76066@%3Cannounce.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/a42c48e37398d76334e17089e43ccab945238b8b7896538478d76066%40%3Cannounce.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/a42c48e37398d76334e17089e43ccab945238b8b7896538478d76066%40%3Cannounce.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/e85e83e9954f169bbb77b44baae5a33d8de878df557bb32b7f793661@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/e85e83e9954f169bbb77b44baae5a33d8de878df557bb32b7f793661@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/eb6efa8d59c45a7a9eff94c4b925467d3b3fec8ba7697f3daa314b04@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/eb6efa8d59c45a7a9eff94c4b925467d3b3fec8ba7697f3daa314b04@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-5664

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2017-5664

reference_url

https://security.netapp.com/advisory/ntap-20171019-0002

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20171019-0002

reference_url	https://svn.apache.org/viewvc?view=rev&rev=1793468
reference_id
reference_type
scores
url	https://svn.apache.org/viewvc?view=rev&rev=1793468

reference_url	https://svn.apache.org/viewvc?view=rev&rev=1793469
reference_id
reference_type
scores
url	https://svn.apache.org/viewvc?view=rev&rev=1793469

reference_url	https://svn.apache.org/viewvc?view=rev&rev=1793470
reference_id
reference_type
scores
url	https://svn.apache.org/viewvc?view=rev&rev=1793470

reference_url	https://svn.apache.org/viewvc?view=rev&rev=1793471
reference_id
reference_type
scores
url	https://svn.apache.org/viewvc?view=rev&rev=1793471

reference_url	https://svn.apache.org/viewvc?view=rev&rev=1793487
reference_id
reference_type
scores
url	https://svn.apache.org/viewvc?view=rev&rev=1793487

reference_url	https://svn.apache.org/viewvc?view=rev&rev=1793488
reference_id
reference_type
scores
url	https://svn.apache.org/viewvc?view=rev&rev=1793488

reference_url	https://svn.apache.org/viewvc?view=rev&rev=1793489
reference_id
reference_type
scores
url	https://svn.apache.org/viewvc?view=rev&rev=1793489

reference_url	https://svn.apache.org/viewvc?view=rev&rev=1793491
reference_id
reference_type
scores
url	https://svn.apache.org/viewvc?view=rev&rev=1793491

reference_url

https://web.archive.org/web/20170801120345/http://www.securitytracker.com/id/1038641

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20170801120345/http://www.securitytracker.com/id/1038641

reference_url

https://web.archive.org/web/20170805032345/http://www.securityfocus.com/bid/98888

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20170805032345/http://www.securityfocus.com/bid/98888

reference_url

http://www.debian.org/security/2017/dsa-3891

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www.debian.org/security/2017/dsa-3891

reference_url

http://www.debian.org/security/2017/dsa-3892

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www.debian.org/security/2017/dsa-3892

reference_url	http://www.securityfocus.com/bid/98888
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/98888

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1459158
reference_id	1459158
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1459158

reference_url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5664

reference_id

CVE-2017-5664

reference_type

scores

value	Important
scoring_system	apache_tomcat
scoring_elements

url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5664

reference_url

https://github.com/advisories/GHSA-jmvv-524f-hj5j

reference_id

GHSA-jmvv-524f-hj5j

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-jmvv-524f-hj5j

reference_url

reference_id

RHSA-2017:2493

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

RHSA-2017:2494

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

RHSA-2017:3080

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url	https://usn.ubuntu.com/3519-1/
reference_id	USN-3519-1
reference_type
scores
url	https://usn.ubuntu.com/3519-1/

fixed_packages

url pkg:maven/org.apache.tomcat/tomcat@9.0.0.M21

purl pkg:maven/org.apache.tomcat/tomcat@9.0.0.M21

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16sq-3qm1-kqb2

vulnerability	VCID-2n2k-sh22-fkfw

vulnerability	VCID-5nu4-5ude-4yhc

vulnerability	VCID-697g-gcg9-zyaa

vulnerability	VCID-6kab-xsqw-37ed

vulnerability	VCID-6wqu-jupw-tyhu

vulnerability	VCID-7wr9-uez1-8bdg

vulnerability	VCID-97et-ubnp-wqcy

vulnerability	VCID-9xyf-k9wq-g7b9

vulnerability	VCID-d1px-uadx-vqdx

vulnerability	VCID-dj7q-4map-ebg4

vulnerability	VCID-euv9-huaz-y3d1

vulnerability	VCID-gecz-htub-27gx

vulnerability	VCID-hv33-kv9q-gugf

vulnerability	VCID-keh1-ycs9-ybdd

vulnerability	VCID-m3py-3ba2-jkg7

vulnerability	VCID-ngy5-k9cv-rkbn

vulnerability	VCID-p4j1-xp15-t3b8

vulnerability	VCID-p65m-6crd-bufr

vulnerability	VCID-qxbw-zvw5-ckdp

vulnerability	VCID-qxfb-yg6b-nfda

vulnerability	VCID-s2kf-jwgc-pfas

vulnerability	VCID-t8tc-zb3w-57gv

vulnerability	VCID-uyc3-3cnp-wqf3

vulnerability	VCID-v9zx-5ppt-qfbb

vulnerability	VCID-w35j-v3r4-tqhu

vulnerability	VCID-yjb8-hdqu-4fe5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.0.M21

aliases CVE-2017-5664, GHSA-jmvv-524f-hj5j

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fwgq-vmfm-j7bh

url VCID-fy3t-qn64-bkhn

vulnerability_id VCID-fy3t-qn64-bkhn

summary

references

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5647.json

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5647.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-5647

reference_id

reference_type

scores

value	0.02275
scoring_system	epss
scoring_elements	0.8502
published_at	2026-06-11T12:55:00Z

value	0.02275
scoring_system	epss
scoring_elements	0.85072
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-5647

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.9
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:S/C:P/I:P/A:N

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat80/commit/ec10b8c785d1db91fe58946436f854dde04410fd

reference_url	https://github.com/apache/tomcat70/commit/a4efd3ca1ccbdfc398136d76c0d8b7ad5a1e4905
reference_id
reference_type
scores
url	https://github.com/apache/tomcat70/commit/a4efd3ca1ccbdfc398136d76c0d8b7ad5a1e4905

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat80/commit/ec10b8c785d1db91fe58946436f854dde04410fd

reference_url	https://github.com/apache/tomcat85/commit/f5e06b8c743b1daa9eb5e817863958b6b320e044
reference_id
reference_type
scores
url	https://github.com/apache/tomcat85/commit/f5e06b8c743b1daa9eb5e817863958b6b320e044

reference_url

https://github.com/apache/tomcat/commit/864aa1199ad2cccc9a7e7c6b977f7d7f812c9910

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/864aa1199ad2cccc9a7e7c6b977f7d7f812c9910

reference_url

https://github.com/apache/tomcat/commit/a4efd3ca1ccbdfc398136d76c0d8b7ad5a1e4905

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/a4efd3ca1ccbdfc398136d76c0d8b7ad5a1e4905

reference_url

https://github.com/apache/tomcat/commit/f5e06b8c743b1daa9eb5e817863958b6b320e044

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/f5e06b8c743b1daa9eb5e817863958b6b320e044

reference_url

https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03730en_us

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03730en_us

reference_url

https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/5796678c5a773c6f3ff57c178ac247d85ceca0dee9190ba48171451a@%3Cusers.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/5796678c5a773c6f3ff57c178ac247d85ceca0dee9190ba48171451a@%3Cusers.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/5796678c5a773c6f3ff57c178ac247d85ceca0dee9190ba48171451a%40%3Cusers.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/5796678c5a773c6f3ff57c178ac247d85ceca0dee9190ba48171451a%40%3Cusers.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/eb6efa8d59c45a7a9eff94c4b925467d3b3fec8ba7697f3daa314b04@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/eb6efa8d59c45a7a9eff94c4b925467d3b3fec8ba7697f3daa314b04@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-5647

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2017-5647

reference_url

https://security.netapp.com/advisory/ntap-20180614-0001

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20180614-0001

reference_url	https://security.netapp.com/advisory/ntap-20180614-0001/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20180614-0001/

reference_url	https://svn.apache.org/viewvc?view=rev&rev=1788890
reference_id
reference_type
scores
url	https://svn.apache.org/viewvc?view=rev&rev=1788890

reference_url	https://svn.apache.org/viewvc?view=rev&rev=1788932
reference_id
reference_type
scores
url	https://svn.apache.org/viewvc?view=rev&rev=1788932

reference_url	https://svn.apache.org/viewvc?view=rev&rev=1788999
reference_id
reference_type
scores
url	https://svn.apache.org/viewvc?view=rev&rev=1788999

reference_url	https://svn.apache.org/viewvc?view=rev&rev=1789008
reference_id
reference_type
scores
url	https://svn.apache.org/viewvc?view=rev&rev=1789008

reference_url	https://svn.apache.org/viewvc?view=rev&rev=1789024
reference_id
reference_type
scores
url	https://svn.apache.org/viewvc?view=rev&rev=1789024

reference_url	https://svn.apache.org/viewvc?view=rev&rev=1789155
reference_id
reference_type
scores
url	https://svn.apache.org/viewvc?view=rev&rev=1789155

reference_url	https://svn.apache.org/viewvc?view=rev&rev=1789856
reference_id
reference_type
scores
url	https://svn.apache.org/viewvc?view=rev&rev=1789856

reference_url

https://web.archive.org/web/20170420114447/http://www.securitytracker.com/id/1038218

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20170420114447/http://www.securitytracker.com/id/1038218

reference_url

http://www.arubanetworks.com/assets/alert/HPESBHF03730.txt

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www.arubanetworks.com/assets/alert/HPESBHF03730.txt

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5647

reference_url	http://www.securitytracker.com/id/1038218
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1038218

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1441205
reference_id	1441205
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1441205

reference_url

reference_id

CVE-2017-5647

reference_type

scores

value	Important
scoring_system	apache_tomcat
scoring_elements

url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5647

reference_url

https://github.com/advisories/GHSA-3gv7-3h64-78cm

reference_id

GHSA-3gv7-3h64-78cm

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-3gv7-3h64-78cm

reference_url

reference_id

RHSA-2017:2493

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

RHSA-2017:2494

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

RHSA-2017:3080

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2017:3081

reference_url

reference_id

RHSA-2017:3081

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2017:3081

reference_url	https://usn.ubuntu.com/3519-1/
reference_id	USN-3519-1
reference_type
scores
url	https://usn.ubuntu.com/3519-1/

fixed_packages

url pkg:maven/org.apache.tomcat/tomcat@9.0.0.M19

purl pkg:maven/org.apache.tomcat/tomcat@9.0.0.M19

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16sq-3qm1-kqb2

vulnerability	VCID-2n2k-sh22-fkfw

vulnerability	VCID-5nu4-5ude-4yhc

vulnerability	VCID-697g-gcg9-zyaa

vulnerability	VCID-6kab-xsqw-37ed

vulnerability	VCID-6wqu-jupw-tyhu

vulnerability	VCID-7wr9-uez1-8bdg

vulnerability	VCID-97et-ubnp-wqcy

vulnerability	VCID-9xyf-k9wq-g7b9

vulnerability	VCID-dj7q-4map-ebg4

vulnerability	VCID-euv9-huaz-y3d1

vulnerability	VCID-fwgq-vmfm-j7bh

vulnerability	VCID-gecz-htub-27gx

vulnerability	VCID-hv33-kv9q-gugf

vulnerability	VCID-keh1-ycs9-ybdd

vulnerability	VCID-m3py-3ba2-jkg7

vulnerability	VCID-ngy5-k9cv-rkbn

vulnerability	VCID-p4j1-xp15-t3b8

vulnerability	VCID-p65m-6crd-bufr

vulnerability	VCID-qxbw-zvw5-ckdp

vulnerability	VCID-qxfb-yg6b-nfda

vulnerability	VCID-s2kf-jwgc-pfas

vulnerability	VCID-t8tc-zb3w-57gv

vulnerability	VCID-uyc3-3cnp-wqf3

vulnerability	VCID-v9zx-5ppt-qfbb

vulnerability	VCID-w35j-v3r4-tqhu

vulnerability	VCID-yjb8-hdqu-4fe5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.0.M19

aliases CVE-2017-5647, GHSA-3gv7-3h64-78cm

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fy3t-qn64-bkhn

url VCID-gecz-htub-27gx

vulnerability_id VCID-gecz-htub-27gx

summary

references

reference_url

http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00064.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00064.html

reference_url

http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00072.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00072.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11996.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11996.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-11996

reference_id

reference_type

scores

value	0.45121
scoring_system	epss
scoring_elements	0.97677
published_at	2026-06-11T12:55:00Z

value	0.45121
scoring_system	epss
scoring_elements	0.97687
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-11996

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/9434a44d3449d620b1be70206819f8275b4a7509

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/9434a44d3449d620b1be70206819f8275b4a7509

reference_url

https://github.com/apache/tomcat/commit/9a0231683a77e2957cea0fdee88b193b30b0c976

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/9a0231683a77e2957cea0fdee88b193b30b0c976

reference_url

https://github.com/apache/tomcat/commit/c8acd2ab7371e39aeca7c306f3b5380f00afe552

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/c8acd2ab7371e39aeca7c306f3b5380f00afe552

reference_url

https://lists.apache.org/thread.html/r2529016c311ce9485e6f173446d469600fdfbb94dccadfcd9dfdac79@%3Cusers.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r2529016c311ce9485e6f173446d469600fdfbb94dccadfcd9dfdac79@%3Cusers.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r3ea96d8f36dd404acce83df8aeb22a9e807d6c13ca9c5dec72f872cd@%3Cnotifications.ofbiz.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r3ea96d8f36dd404acce83df8aeb22a9e807d6c13ca9c5dec72f872cd@%3Cnotifications.ofbiz.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r5541ef6b6b68b49f76fc4c45695940116da2bcbe0312ef204a00a2e0%40%3Cannounce.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r5541ef6b6b68b49f76fc4c45695940116da2bcbe0312ef204a00a2e0%40%3Cannounce.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r5a4f80a6acc6607d61dae424b643b594c6188dd4e1eff04705c10db2@%3Cnotifications.ofbiz.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r5a4f80a6acc6607d61dae424b643b594c6188dd4e1eff04705c10db2@%3Cnotifications.ofbiz.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r6c29801370a36c1a5159679269777ad0c73276d3015b8bbefea66e5c@%3Cnotifications.ofbiz.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r6c29801370a36c1a5159679269777ad0c73276d3015b8bbefea66e5c@%3Cnotifications.ofbiz.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r74f5a8204efe574cbfcd95b2a16236fe95beb45c4d9fee3dc789dca9@%3Ccommits.ofbiz.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r74f5a8204efe574cbfcd95b2a16236fe95beb45c4d9fee3dc789dca9@%3Ccommits.ofbiz.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r8f3d416c193bc9384a8a7dd368623d441f5fcaff1057115008100561@%3Ccommits.ofbiz.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r8f3d416c193bc9384a8a7dd368623d441f5fcaff1057115008100561@%3Ccommits.ofbiz.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r8f7484589454638af527182ae55ef5b628ba00c05c5b11887c922fb1@%3Cnotifications.ofbiz.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r8f7484589454638af527182ae55ef5b628ba00c05c5b11887c922fb1@%3Cnotifications.ofbiz.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r93ca628ef3a4530dfe5ac49fddc795f0920a4b2a408b57a30926a42b@%3Ccommits.ofbiz.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r93ca628ef3a4530dfe5ac49fddc795f0920a4b2a408b57a30926a42b@%3Ccommits.ofbiz.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r9ad911fe49450ed9405827af0e7a74104041081ff91864b1f2546bbd@%3Cnotifications.ofbiz.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r9ad911fe49450ed9405827af0e7a74104041081ff91864b1f2546bbd@%3Cnotifications.ofbiz.apache.org%3E

reference_url

https://lists.apache.org/thread.html/ra7092f7492569b39b04ec0decf52628ba86c51f15efb38f5853e2760@%3Cnotifications.ofbiz.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/ra7092f7492569b39b04ec0decf52628ba86c51f15efb38f5853e2760@%3Cnotifications.ofbiz.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rb4ee49ecc4c59620ffd5e66e84a17e526c2c3cfa95d0cd682d90d338@%3Cnotifications.ofbiz.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rb4ee49ecc4c59620ffd5e66e84a17e526c2c3cfa95d0cd682d90d338@%3Cnotifications.ofbiz.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rb820f1a2a02bf07414be12c653c2ab5321fd87b9bf6c5e635c53ff4b@%3Cnotifications.ofbiz.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rb820f1a2a02bf07414be12c653c2ab5321fd87b9bf6c5e635c53ff4b@%3Cnotifications.ofbiz.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rc80b96b4b96618b2b7461cb90664a428cfd6605eea9f74e51b792542@%3Cnotifications.ofbiz.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rc80b96b4b96618b2b7461cb90664a428cfd6605eea9f74e51b792542@%3Cnotifications.ofbiz.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rea65d6ef2e45dd1c45faae83922042732866c7b88fa109b76c83db52@%3Cnotifications.ofbiz.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rea65d6ef2e45dd1c45faae83922042732866c7b88fa109b76c83db52@%3Cnotifications.ofbiz.apache.org%3E

reference_url

https://lists.apache.org/thread.html/ref0339792ac6dac1dba83c071a727ad72380899bde60f6aaad4031b9@%3Cnotifications.ofbiz.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/ref0339792ac6dac1dba83c071a727ad72380899bde60f6aaad4031b9@%3Cnotifications.ofbiz.apache.org%3E

reference_url

https://lists.debian.org/debian-lts-announce/2020/07/msg00010.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2020/07/msg00010.html

reference_url

https://security.netapp.com/advisory/ntap-20200709-0002

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20200709-0002

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.archlinux.org/AVG-1196

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1851420
reference_id	1851420
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1851420

reference_url

reference_id

AVG-1196

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1196

reference_url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11996

reference_id

CVE-2020-11996

reference_type

scores

value	Important
scoring_system	apache_tomcat
scoring_elements

url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11996

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-11996

reference_id

CVE-2020-11996

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2020-11996

reference_url

https://github.com/advisories/GHSA-53hp-jpwq-2jgq

reference_id

GHSA-53hp-jpwq-2jgq

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-53hp-jpwq-2jgq

reference_url	https://access.redhat.com/errata/RHSA-2020:5170
reference_id	RHSA-2020:5170
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:5170

reference_url	https://access.redhat.com/errata/RHSA-2020:5173
reference_id	RHSA-2020:5173
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:5173

reference_url	https://access.redhat.com/errata/RHSA-2020:5388
reference_id	RHSA-2020:5388
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:5388

reference_url	https://access.redhat.com/errata/RHSA-2021:0292
reference_id	RHSA-2021:0292
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0292

reference_url	https://access.redhat.com/errata/RHSA-2021:3140
reference_id	RHSA-2021:3140
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:3140

reference_url	https://usn.ubuntu.com/4596-1/
reference_id	USN-4596-1
reference_type
scores
url	https://usn.ubuntu.com/4596-1/

fixed_packages

url pkg:maven/org.apache.tomcat/tomcat@9.0.35

purl pkg:maven/org.apache.tomcat/tomcat@9.0.35

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16sq-3qm1-kqb2

vulnerability	VCID-2hmq-5245-jyaf

vulnerability	VCID-2n2k-sh22-fkfw

vulnerability	VCID-3kn9-yxww-ryh4

vulnerability	VCID-697g-gcg9-zyaa

vulnerability	VCID-6kab-xsqw-37ed

vulnerability	VCID-6wqu-jupw-tyhu

vulnerability	VCID-7wr9-uez1-8bdg

vulnerability	VCID-97et-ubnp-wqcy

vulnerability	VCID-9xyf-k9wq-g7b9

vulnerability	VCID-dhxd-kknv-9qb7

vulnerability	VCID-dj7q-4map-ebg4

vulnerability	VCID-dx14-ejnx-37ad

vulnerability	VCID-euv9-huaz-y3d1

vulnerability	VCID-fbxk-sjfu-eyf1

vulnerability	VCID-gecz-htub-27gx

vulnerability	VCID-hv33-kv9q-gugf

vulnerability	VCID-keh1-ycs9-ybdd

vulnerability	VCID-ngy5-k9cv-rkbn

vulnerability	VCID-nj9t-gdm3-6ycn

vulnerability	VCID-p4j1-xp15-t3b8

vulnerability	VCID-p65m-6crd-bufr

vulnerability	VCID-qvgx-r4rr-xugp

vulnerability	VCID-r9fd-ndvw-ekfa

vulnerability	VCID-s2kf-jwgc-pfas

vulnerability	VCID-t8tc-zb3w-57gv

vulnerability	VCID-tvrz-n2kd-pba4

vulnerability	VCID-uyc3-3cnp-wqf3

vulnerability	VCID-v5zf-qfdq-kbbp

vulnerability	VCID-vfh6-rc99-e3bf

vulnerability	VCID-vnfg-9em7-u7ee

vulnerability	VCID-yjb8-hdqu-4fe5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.35

url pkg:maven/org.apache.tomcat/tomcat@9.0.36

purl pkg:maven/org.apache.tomcat/tomcat@9.0.36

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16sq-3qm1-kqb2

vulnerability	VCID-2hmq-5245-jyaf

vulnerability	VCID-2n2k-sh22-fkfw

vulnerability	VCID-3kn9-yxww-ryh4

vulnerability	VCID-697g-gcg9-zyaa

vulnerability	VCID-6kab-xsqw-37ed

vulnerability	VCID-6wqu-jupw-tyhu

vulnerability	VCID-7wr9-uez1-8bdg

vulnerability	VCID-97et-ubnp-wqcy

vulnerability	VCID-9xyf-k9wq-g7b9

vulnerability	VCID-dhxd-kknv-9qb7

vulnerability	VCID-dj7q-4map-ebg4

vulnerability	VCID-dx14-ejnx-37ad

vulnerability	VCID-euv9-huaz-y3d1

vulnerability	VCID-hv33-kv9q-gugf

vulnerability	VCID-keh1-ycs9-ybdd

vulnerability	VCID-ngy5-k9cv-rkbn

vulnerability	VCID-nj9t-gdm3-6ycn

vulnerability	VCID-p4j1-xp15-t3b8

vulnerability	VCID-p65m-6crd-bufr

vulnerability	VCID-qvgx-r4rr-xugp

vulnerability	VCID-r9fd-ndvw-ekfa

vulnerability	VCID-s2kf-jwgc-pfas

vulnerability	VCID-t8tc-zb3w-57gv

vulnerability	VCID-tvrz-n2kd-pba4

vulnerability	VCID-uyc3-3cnp-wqf3

vulnerability	VCID-v5zf-qfdq-kbbp

vulnerability	VCID-vfh6-rc99-e3bf

vulnerability	VCID-vnfg-9em7-u7ee

vulnerability	VCID-yjb8-hdqu-4fe5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.36

url pkg:maven/org.apache.tomcat/tomcat@10.0.0-M5

purl pkg:maven/org.apache.tomcat/tomcat@10.0.0-M5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-euv9-huaz-y3d1

vulnerability	VCID-fbxk-sjfu-eyf1

vulnerability	VCID-gecz-htub-27gx

vulnerability	VCID-p65m-6crd-bufr

vulnerability	VCID-qvgx-r4rr-xugp

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.0.0-M5

url pkg:maven/org.apache.tomcat/tomcat@10.0.0-M6

purl pkg:maven/org.apache.tomcat/tomcat@10.0.0-M6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-euv9-huaz-y3d1

vulnerability	VCID-p65m-6crd-bufr

vulnerability	VCID-qvgx-r4rr-xugp

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.0.0-M6

aliases CVE-2020-11996, GHSA-53hp-jpwq-2jgq

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gecz-htub-27gx

url VCID-hv33-kv9q-gugf

vulnerability_id VCID-hv33-kv9q-gugf

summary

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-43513

reference_id

reference_type

scores

value	0.00082
scoring_system	epss
scoring_elements	0.24017
published_at	2026-06-11T12:55:00Z

value	0.00082
scoring_system	epss
scoring_elements	0.24213
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-43513

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/4a90d3fa93988c447cd5bb7482f76ff70d7f15c2

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/4a90d3fa93988c447cd5bb7482f76ff70d7f15c2

reference_url

https://github.com/apache/tomcat/commit/6dd75beb55bd42fc5f78e929596b25018cd17717

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/6dd75beb55bd42fc5f78e929596b25018cd17717

reference_url

https://github.com/apache/tomcat/commit/83f3e51df7b87f5f6e626951c575ded1a512e8ef

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/83f3e51df7b87f5f6e626951c575ded1a512e8ef

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2026-43513

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2026-43513

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2026/05/12/9

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2026/05/12/9

reference_url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-43513

reference_id

CVE-2026-43513

reference_type

scores

value	Low
scoring_system	apache_tomcat
scoring_elements

url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-43513

reference_url

https://github.com/advisories/GHSA-5mp6-jrq3-r938

reference_id

GHSA-5mp6-jrq3-r938

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-5mp6-jrq3-r938

reference_url	https://usn.ubuntu.com/8383-1/
reference_id	USN-8383-1
reference_type
scores
url	https://usn.ubuntu.com/8383-1/

reference_url	https://usn.ubuntu.com/8417-1/
reference_id	USN-8417-1
reference_type
scores
url	https://usn.ubuntu.com/8417-1/

reference_url

https://lists.apache.org/thread/ytjcgldshj73lcnd1sh95od5hrghwogp

reference_id

ytjcgldshj73lcnd1sh95od5hrghwogp

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-14T16:34:43Z/

url

https://lists.apache.org/thread/ytjcgldshj73lcnd1sh95od5hrghwogp

fixed_packages

url	pkg:maven/org.apache.tomcat/tomcat@9.0.118
purl	pkg:maven/org.apache.tomcat/tomcat@9.0.118
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.118

url	pkg:maven/org.apache.tomcat/tomcat@10.1.55
purl	pkg:maven/org.apache.tomcat/tomcat@10.1.55
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.55

url	pkg:maven/org.apache.tomcat/tomcat@11.0.22
purl	pkg:maven/org.apache.tomcat/tomcat@11.0.22
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@11.0.22

aliases CVE-2026-43513, GHSA-5mp6-jrq3-r938

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hv33-kv9q-gugf

url VCID-keh1-ycs9-ybdd

vulnerability_id VCID-keh1-ycs9-ybdd

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61795.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61795.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-61795

reference_id

reference_type

scores

value	0.00129
scoring_system	epss
scoring_elements	0.31943
published_at	2026-06-11T12:55:00Z

value	0.00129
scoring_system	epss
scoring_elements	0.32128
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-61795

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

value	2.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/1cdf5f730ede75a0759492f179ac21ca4ff68e06

reference_url

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

value	2.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/1cdf5f730ede75a0759492f179ac21ca4ff68e06

reference_url

https://github.com/apache/tomcat/commit/af6e9181620304c0d818121c29c074e1330610d0

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

value	2.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/af6e9181620304c0d818121c29c074e1330610d0

reference_url

https://github.com/apache/tomcat/commit/afa422bd7ca1eef0f507259c682fd876494d9c3b

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

value	2.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/afa422bd7ca1eef0f507259c682fd876494d9c3b

reference_url

https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.47

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

value	2.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.47

reference_url

https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.12

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

value	2.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.12

reference_url

https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.110

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

value	2.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.110

reference_url

http://www.openwall.com/lists/oss-security/2025/10/27/6

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

value	2.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U

value	LOW
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2025/10/27/6

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1119293
reference_id	1119293
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1119293

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1119294
reference_id	1119294
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1119294

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2406588
reference_id	2406588
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2406588

reference_url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61795

reference_id

CVE-2025-61795

reference_type

scores

value	Low
scoring_system	apache_tomcat
scoring_elements

url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61795

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2025-61795

reference_id

CVE-2025-61795

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

value	2.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2025-61795

reference_url

https://github.com/advisories/GHSA-hgrr-935x-pq79

reference_id

GHSA-hgrr-935x-pq79

reference_type

scores

value	LOW
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-hgrr-935x-pq79

reference_url	https://access.redhat.com/errata/RHSA-2025:19809
reference_id	RHSA-2025:19809
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:19809

reference_url	https://access.redhat.com/errata/RHSA-2025:19810
reference_id	RHSA-2025:19810
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:19810

reference_url	https://access.redhat.com/errata/RHSA-2025:23050
reference_id	RHSA-2025:23050
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:23050

reference_url	https://access.redhat.com/errata/RHSA-2025:23051
reference_id	RHSA-2025:23051
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:23051

reference_url	https://access.redhat.com/errata/RHSA-2026:6569
reference_id	RHSA-2026:6569
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6569

reference_url	https://access.redhat.com/errata/RHSA-2026:8334
reference_id	RHSA-2026:8334
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8334

reference_url

https://lists.apache.org/thread/wm9mx8brmx9g4zpywm06ryrtvd3160pp

reference_id

wm9mx8brmx9g4zpywm06ryrtvd3160pp

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

value	2.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U

value	LOW
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-27T18:48:52Z/

url

https://lists.apache.org/thread/wm9mx8brmx9g4zpywm06ryrtvd3160pp

fixed_packages

url pkg:maven/org.apache.tomcat/tomcat@9.0.110

purl pkg:maven/org.apache.tomcat/tomcat@9.0.110

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2n2k-sh22-fkfw

vulnerability	VCID-697g-gcg9-zyaa

vulnerability	VCID-7wr9-uez1-8bdg

vulnerability	VCID-97et-ubnp-wqcy

vulnerability	VCID-9xyf-k9wq-g7b9

vulnerability	VCID-bwh8-tmf1-8uac

vulnerability	VCID-dhxd-kknv-9qb7

vulnerability	VCID-dj7q-4map-ebg4

vulnerability	VCID-hv33-kv9q-gugf

vulnerability	VCID-hvgr-azs4-qqac

vulnerability	VCID-n4qq-m1x3-qkbz

vulnerability	VCID-nctp-shgj-sfgh

vulnerability	VCID-p4j1-xp15-t3b8

vulnerability	VCID-s2kf-jwgc-pfas

vulnerability	VCID-t8tc-zb3w-57gv

vulnerability	VCID-vnfg-9em7-u7ee

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.110

url pkg:maven/org.apache.tomcat/tomcat@10.1.47

purl pkg:maven/org.apache.tomcat/tomcat@10.1.47

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2n2k-sh22-fkfw

vulnerability	VCID-697g-gcg9-zyaa

vulnerability	VCID-7wr9-uez1-8bdg

vulnerability	VCID-97et-ubnp-wqcy

vulnerability	VCID-9xyf-k9wq-g7b9

vulnerability	VCID-bwh8-tmf1-8uac

vulnerability	VCID-dj7q-4map-ebg4

vulnerability	VCID-hv33-kv9q-gugf

vulnerability	VCID-hvgr-azs4-qqac

vulnerability	VCID-n4qq-m1x3-qkbz

vulnerability	VCID-nctp-shgj-sfgh

vulnerability	VCID-p4j1-xp15-t3b8

vulnerability	VCID-s2kf-jwgc-pfas

vulnerability	VCID-t8tc-zb3w-57gv

vulnerability	VCID-vnfg-9em7-u7ee

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.47

url pkg:maven/org.apache.tomcat/tomcat@11.0.12

purl pkg:maven/org.apache.tomcat/tomcat@11.0.12

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2n2k-sh22-fkfw

vulnerability	VCID-697g-gcg9-zyaa

vulnerability	VCID-7wr9-uez1-8bdg

vulnerability	VCID-97et-ubnp-wqcy

vulnerability	VCID-9xyf-k9wq-g7b9

vulnerability	VCID-bwh8-tmf1-8uac

vulnerability	VCID-dhxd-kknv-9qb7

vulnerability	VCID-dj7q-4map-ebg4

vulnerability	VCID-hv33-kv9q-gugf

vulnerability	VCID-hvgr-azs4-qqac

vulnerability	VCID-n4qq-m1x3-qkbz

vulnerability	VCID-nctp-shgj-sfgh

vulnerability	VCID-p4j1-xp15-t3b8

vulnerability	VCID-s2kf-jwgc-pfas

vulnerability	VCID-t8tc-zb3w-57gv

vulnerability	VCID-vnfg-9em7-u7ee

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@11.0.12

aliases CVE-2025-61795, GHSA-hgrr-935x-pq79

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-keh1-ycs9-ybdd

url VCID-m3py-3ba2-jkg7

vulnerability_id VCID-m3py-3ba2-jkg7

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-25762.json

reference_id

reference_type

scores

value	8.6
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-25762.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-25762

reference_id

reference_type

scores

value	0.00646
scoring_system	epss
scoring_elements	0.71284
published_at	2026-06-12T12:55:00Z

value	0.00646
scoring_system	epss
scoring_elements	0.71195
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-25762

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

reference_type

scores

value	8.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread/6ckmjfb1k61dyzkto9vm2k5jvt4o7w7c

reference_url	https://github.com/apache/tomcat/commit/01f2cf25b270a84d0daeefc4f215aa2f56e1df99
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/01f2cf25b270a84d0daeefc4f215aa2f56e1df99

reference_url	https://github.com/apache/tomcat/commit/339b40bc07bdba9ded565929b9a3448c5a78f015
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/339b40bc07bdba9ded565929b9a3448c5a78f015

reference_url	https://github.com/apache/tomcat/commit/65fb1ee548111021edde247f3b3c409ec95a5183
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/65fb1ee548111021edde247f3b3c409ec95a5183

reference_url	https://github.com/apache/tomcat/commit/7046644bf361b89afc246b6643e24ce2ae60cacc
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/7046644bf361b89afc246b6643e24ce2ae60cacc

reference_url	https://github.com/apache/tomcat/commit/e2d5a040b962a904db5264b3cb3282c6b05f823c
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/e2d5a040b962a904db5264b3cb3282c6b05f823c

reference_url

reference_id

reference_type

scores

value	8.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread/6ckmjfb1k61dyzkto9vm2k5jvt4o7w7c

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2022-25762

reference_id

reference_type

scores

value	8.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2022-25762

reference_url

https://security.netapp.com/advisory/ntap-20220629-0003

reference_id

reference_type

scores

value	8.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20220629-0003

reference_url	https://security.netapp.com/advisory/ntap-20220629-0003/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20220629-0003/

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2085304
reference_id	2085304
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2085304

reference_url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25762

reference_id

CVE-2022-25762

reference_type

scores

value	Important
scoring_system	apache_tomcat
scoring_elements

url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25762

reference_url

https://github.com/advisories/GHSA-h3ch-5pp2-vh6w

reference_id

GHSA-h3ch-5pp2-vh6w

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-h3ch-5pp2-vh6w

reference_url	https://access.redhat.com/errata/RHSA-2020:4847
reference_id	RHSA-2020:4847
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4847

fixed_packages

url pkg:maven/org.apache.tomcat/tomcat@9.0.20

purl pkg:maven/org.apache.tomcat/tomcat@9.0.20

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16sq-3qm1-kqb2

vulnerability	VCID-2n2k-sh22-fkfw

vulnerability	VCID-3kn9-yxww-ryh4

vulnerability	VCID-5nu4-5ude-4yhc

vulnerability	VCID-697g-gcg9-zyaa

vulnerability	VCID-6kab-xsqw-37ed

vulnerability	VCID-6wqu-jupw-tyhu

vulnerability	VCID-7wr9-uez1-8bdg

vulnerability	VCID-824z-m36f-87ea

vulnerability	VCID-97et-ubnp-wqcy

vulnerability	VCID-9xyf-k9wq-g7b9

vulnerability	VCID-dhxd-kknv-9qb7

vulnerability	VCID-dj7q-4map-ebg4

vulnerability	VCID-dx14-ejnx-37ad

vulnerability	VCID-euv9-huaz-y3d1

vulnerability	VCID-gecz-htub-27gx

vulnerability	VCID-hv33-kv9q-gugf

vulnerability	VCID-keh1-ycs9-ybdd

vulnerability	VCID-m3py-3ba2-jkg7

vulnerability	VCID-ngy5-k9cv-rkbn

vulnerability	VCID-nj9t-gdm3-6ycn

vulnerability	VCID-p4j1-xp15-t3b8

vulnerability	VCID-p65m-6crd-bufr

vulnerability	VCID-qvgx-r4rr-xugp

vulnerability	VCID-qxbw-zvw5-ckdp

vulnerability	VCID-r9fd-ndvw-ekfa

vulnerability	VCID-s2kf-jwgc-pfas

vulnerability	VCID-t7xw-r7rz-u3g5

vulnerability	VCID-t8tc-zb3w-57gv

vulnerability	VCID-tvrz-n2kd-pba4

vulnerability	VCID-uyc3-3cnp-wqf3

vulnerability	VCID-v5zf-qfdq-kbbp

vulnerability	VCID-vfh6-rc99-e3bf

vulnerability	VCID-vnfg-9em7-u7ee

vulnerability	VCID-yg5s-2fsb-gub2

vulnerability	VCID-yjb8-hdqu-4fe5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.20

url pkg:maven/org.apache.tomcat/tomcat@9.0.21

purl pkg:maven/org.apache.tomcat/tomcat@9.0.21

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16sq-3qm1-kqb2

vulnerability	VCID-2n2k-sh22-fkfw

vulnerability	VCID-3kn9-yxww-ryh4

vulnerability	VCID-5nu4-5ude-4yhc

vulnerability	VCID-697g-gcg9-zyaa

vulnerability	VCID-6kab-xsqw-37ed

vulnerability	VCID-6wqu-jupw-tyhu

vulnerability	VCID-7wr9-uez1-8bdg

vulnerability	VCID-824z-m36f-87ea

vulnerability	VCID-97et-ubnp-wqcy

vulnerability	VCID-9xyf-k9wq-g7b9

vulnerability	VCID-dhxd-kknv-9qb7

vulnerability	VCID-dj7q-4map-ebg4

vulnerability	VCID-dx14-ejnx-37ad

vulnerability	VCID-euv9-huaz-y3d1

vulnerability	VCID-gecz-htub-27gx

vulnerability	VCID-hv33-kv9q-gugf

vulnerability	VCID-keh1-ycs9-ybdd

vulnerability	VCID-ngy5-k9cv-rkbn

vulnerability	VCID-nj9t-gdm3-6ycn

vulnerability	VCID-p4j1-xp15-t3b8

vulnerability	VCID-p65m-6crd-bufr

vulnerability	VCID-qvgx-r4rr-xugp

vulnerability	VCID-qxbw-zvw5-ckdp

vulnerability	VCID-r9fd-ndvw-ekfa

vulnerability	VCID-s2kf-jwgc-pfas

vulnerability	VCID-t7xw-r7rz-u3g5

vulnerability	VCID-t8tc-zb3w-57gv

vulnerability	VCID-tvrz-n2kd-pba4

vulnerability	VCID-uyc3-3cnp-wqf3

vulnerability	VCID-v5zf-qfdq-kbbp

vulnerability	VCID-vfh6-rc99-e3bf

vulnerability	VCID-vnfg-9em7-u7ee

vulnerability	VCID-yg5s-2fsb-gub2

vulnerability	VCID-yjb8-hdqu-4fe5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.21

aliases CVE-2022-25762, GHSA-h3ch-5pp2-vh6w

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m3py-3ba2-jkg7

url VCID-ngy5-k9cv-rkbn

vulnerability_id VCID-ngy5-k9cv-rkbn

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-54677.json

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-54677.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-54677

reference_id

reference_type

scores

value	0.01228
scoring_system	epss
scoring_elements	0.79627
published_at	2026-06-12T12:55:00Z

value	0.01228
scoring_system	epss
scoring_elements	0.79562
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-54677

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	2.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/1d88dd3ffaed76188dd4ee32ce77709ce6e153cd

reference_url

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	2.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/1d88dd3ffaed76188dd4ee32ce77709ce6e153cd

reference_url

https://github.com/apache/tomcat/commit/3315a9027a7eaab18f42625b97b569940ff1365d

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	2.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/3315a9027a7eaab18f42625b97b569940ff1365d

reference_url

https://github.com/apache/tomcat/commit/4a335c6dcba8d6f8a54629eda392a50da267bdf4

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	2.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/4a335c6dcba8d6f8a54629eda392a50da267bdf4

reference_url

https://github.com/apache/tomcat/commit/4d5cc6538d91386f950373ac8120e98c2c78ed3a

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	2.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/4d5cc6538d91386f950373ac8120e98c2c78ed3a

reference_url

https://github.com/apache/tomcat/commit/4f0236606961176257b883213e1621b1859ed746

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	2.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/4f0236606961176257b883213e1621b1859ed746

reference_url

https://github.com/apache/tomcat/commit/54e56495e9a106218efe9fc9c79d976c0032bbfd

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	2.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/54e56495e9a106218efe9fc9c79d976c0032bbfd

reference_url

https://github.com/apache/tomcat/commit/721544ea28e92549824b106be954a9f411867a1c

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	2.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/721544ea28e92549824b106be954a9f411867a1c

reference_url

https://github.com/apache/tomcat/commit/722814668708c42a61b0c1e340b15bc2b785c0d1

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	2.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/722814668708c42a61b0c1e340b15bc2b785c0d1

reference_url

https://github.com/apache/tomcat/commit/75ff7e8622edcc024b268677aa789ee8f0880ecc

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	2.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/75ff7e8622edcc024b268677aa789ee8f0880ecc

reference_url

https://github.com/apache/tomcat/commit/84065e26ca4555e63a922bb29b13b0a1c86b7654

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	2.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/84065e26ca4555e63a922bb29b13b0a1c86b7654

reference_url

https://github.com/apache/tomcat/commit/84c4af76e7a10fc7f8630ce62e6a46632ea4a90e

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	2.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/84c4af76e7a10fc7f8630ce62e6a46632ea4a90e

reference_url

https://github.com/apache/tomcat/commit/9ffd23fc27f5d1fc95bf97e5cea175c8968f4533

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	2.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/9ffd23fc27f5d1fc95bf97e5cea175c8968f4533

reference_url

https://github.com/apache/tomcat/commit/a95bf2b0303442a2c9a1ac364b0e63b56049e33a

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	2.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/a95bf2b0303442a2c9a1ac364b0e63b56049e33a

reference_url

https://github.com/apache/tomcat/commit/aa5b4d0043289cf054f531ec55126c980d3572e1

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	2.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/aa5b4d0043289cf054f531ec55126c980d3572e1

reference_url	https://github.com/apache/tomcat/commit/b1f65728b37d7d227a0764344473b7e261a13408
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/b1f65728b37d7d227a0764344473b7e261a13408

reference_url

https://github.com/apache/tomcat/commit/bbd82e9593314ade4cfd57248f9285fbad686f66

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	2.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/bbd82e9593314ade4cfd57248f9285fbad686f66

reference_url

https://github.com/apache/tomcat/commit/c0a23927ea5e061ca3fdff695138464179fe674a

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	2.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/c0a23927ea5e061ca3fdff695138464179fe674a

reference_url

https://github.com/apache/tomcat/commit/c2f7ce21c3fb12caefee87c517a8bb4f80700044

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	2.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/c2f7ce21c3fb12caefee87c517a8bb4f80700044

reference_url

https://github.com/apache/tomcat/commit/cb1707685472994e9d924746f8c91cb116fa5213

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	2.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/cb1707685472994e9d924746f8c91cb116fa5213

reference_url

https://github.com/apache/tomcat/commit/d63a10afc142b12f462a15f7d10f79fd80ff94eb

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	2.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/d63a10afc142b12f462a15f7d10f79fd80ff94eb

reference_url

https://github.com/apache/tomcat/commit/dbec927859d9484cb8bd680a7c67b1a560f48444

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	2.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/dbec927859d9484cb8bd680a7c67b1a560f48444

reference_url

https://github.com/apache/tomcat/commit/e8c16cdba833884e1bd49fff1f1cb699da177585

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	2.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/e8c16cdba833884e1bd49fff1f1cb699da177585

reference_url

https://github.com/apache/tomcat/commit/f57a9d9847c1038be61f5818d73b8be907c460d4

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	2.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/f57a9d9847c1038be61f5818d73b8be907c460d4

reference_url

https://lists.debian.org/debian-lts-announce/2025/07/msg00009.html

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	2.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2025/07/msg00009.html

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2024-54677

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	2.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2024-54677

reference_url

https://security.netapp.com/advisory/ntap-20250131-0006

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	2.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20250131-0006

reference_url

https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.34

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	2.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.34

reference_url

https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.2

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	2.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.2

reference_url

https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.98

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	2.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.98

reference_url

http://www.openwall.com/lists/oss-security/2024/12/17/5

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	2.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U

value	LOW
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2024/12/17/5

reference_url

http://www.openwall.com/lists/oss-security/2024/12/17/6

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	2.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U

value	LOW
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2024/12/17/6

reference_url

http://www.openwall.com/lists/oss-security/2024/12/18/1

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	2.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U

value	LOW
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2024/12/18/1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2332815
reference_id	2332815
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2332815

reference_url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54677

reference_id

CVE-2024-54677

reference_type

scores

value	Low
scoring_system	apache_tomcat
scoring_elements

url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54677

reference_url	https://github.com/advisories/GHSA-653p-vg55-5652
reference_id	GHSA-653p-vg55-5652
reference_type
scores
url	https://github.com/advisories/GHSA-653p-vg55-5652

reference_url	https://access.redhat.com/errata/RHSA-2025:7497
reference_id	RHSA-2025:7497
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:7497

reference_url

https://lists.apache.org/thread/tdtbbxpg5trdwc2wnopcth9ccvdftq2n

reference_id

tdtbbxpg5trdwc2wnopcth9ccvdftq2n

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	2.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U

value	LOW
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-12-17T16:41:40Z/

url

https://lists.apache.org/thread/tdtbbxpg5trdwc2wnopcth9ccvdftq2n

reference_url	https://usn.ubuntu.com/7705-1/
reference_id	USN-7705-1
reference_type
scores
url	https://usn.ubuntu.com/7705-1/

fixed_packages

url pkg:maven/org.apache.tomcat/tomcat@9.0.98

purl pkg:maven/org.apache.tomcat/tomcat@9.0.98

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2n2k-sh22-fkfw

vulnerability	VCID-63vc-sc11-8kf1

vulnerability	VCID-697g-gcg9-zyaa

vulnerability	VCID-6wqu-jupw-tyhu

vulnerability	VCID-7wr9-uez1-8bdg

vulnerability	VCID-97et-ubnp-wqcy

vulnerability	VCID-9xyf-k9wq-g7b9

vulnerability	VCID-bwh8-tmf1-8uac

vulnerability	VCID-dhxd-kknv-9qb7

vulnerability	VCID-dj7q-4map-ebg4

vulnerability	VCID-hv33-kv9q-gugf

vulnerability	VCID-hvgr-azs4-qqac

vulnerability	VCID-keh1-ycs9-ybdd

vulnerability	VCID-kehq-gcjx-17e4

vulnerability	VCID-n4qq-m1x3-qkbz

vulnerability	VCID-nctp-shgj-sfgh

vulnerability	VCID-p4j1-xp15-t3b8

vulnerability	VCID-s2kf-jwgc-pfas

vulnerability	VCID-t8tc-zb3w-57gv

vulnerability	VCID-vnfg-9em7-u7ee

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.98

url pkg:maven/org.apache.tomcat/tomcat@10.1.34

purl pkg:maven/org.apache.tomcat/tomcat@10.1.34

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2n2k-sh22-fkfw

vulnerability	VCID-63vc-sc11-8kf1

vulnerability	VCID-697g-gcg9-zyaa

vulnerability	VCID-6wqu-jupw-tyhu

vulnerability	VCID-7wr9-uez1-8bdg

vulnerability	VCID-97et-ubnp-wqcy

vulnerability	VCID-9xyf-k9wq-g7b9

vulnerability	VCID-bwh8-tmf1-8uac

vulnerability	VCID-dj7q-4map-ebg4

vulnerability	VCID-hv33-kv9q-gugf

vulnerability	VCID-hvgr-azs4-qqac

vulnerability	VCID-keh1-ycs9-ybdd

vulnerability	VCID-kehq-gcjx-17e4

vulnerability	VCID-n4qq-m1x3-qkbz

vulnerability	VCID-nctp-shgj-sfgh

vulnerability	VCID-p4j1-xp15-t3b8

vulnerability	VCID-s2kf-jwgc-pfas

vulnerability	VCID-t8tc-zb3w-57gv

vulnerability	VCID-vnfg-9em7-u7ee

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.34

url pkg:maven/org.apache.tomcat/tomcat@11.0.2

purl pkg:maven/org.apache.tomcat/tomcat@11.0.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2n2k-sh22-fkfw

vulnerability	VCID-63vc-sc11-8kf1

vulnerability	VCID-697g-gcg9-zyaa

vulnerability	VCID-6wqu-jupw-tyhu

vulnerability	VCID-7wr9-uez1-8bdg

vulnerability	VCID-97et-ubnp-wqcy

vulnerability	VCID-9xyf-k9wq-g7b9

vulnerability	VCID-bwh8-tmf1-8uac

vulnerability	VCID-dhxd-kknv-9qb7

vulnerability	VCID-dj7q-4map-ebg4

vulnerability	VCID-hv33-kv9q-gugf

vulnerability	VCID-hvgr-azs4-qqac

vulnerability	VCID-keh1-ycs9-ybdd

vulnerability	VCID-kehq-gcjx-17e4

vulnerability	VCID-n4qq-m1x3-qkbz

vulnerability	VCID-nctp-shgj-sfgh

vulnerability	VCID-p4j1-xp15-t3b8

vulnerability	VCID-s2kf-jwgc-pfas

vulnerability	VCID-t8tc-zb3w-57gv

vulnerability	VCID-vnfg-9em7-u7ee

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@11.0.2

aliases CVE-2024-54677, GHSA-653p-vg55-5652

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ngy5-k9cv-rkbn

url VCID-p4j1-xp15-t3b8

vulnerability_id VCID-p4j1-xp15-t3b8

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-66614.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-66614.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-66614

reference_id

reference_type

scores

value	0.00051
scoring_system	epss
scoring_elements	0.16385
published_at	2026-06-11T12:55:00Z

value	0.00051
scoring_system	epss
scoring_elements	0.1653
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-66614

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	6.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/152c14885d45f5e0a8b59bd9f93c289cfe20ce30

reference_url	https://github.com/apache/tomcat/commit/021d1f833e38b683a44688f7b28f1f27e8e37c36
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/021d1f833e38b683a44688f7b28f1f27e8e37c36

reference_url

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	6.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/152c14885d45f5e0a8b59bd9f93c289cfe20ce30

reference_url

https://github.com/apache/tomcat/commit/258a591b61f8cf5c22109e21e5a2a38b63454fd2

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	6.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/258a591b61f8cf5c22109e21e5a2a38b63454fd2

reference_url	https://github.com/apache/tomcat/commit/4d0615a5c718c260d6d4e0b944a050f09a490c02
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/4d0615a5c718c260d6d4e0b944a050f09a490c02

reference_url

https://github.com/apache/tomcat/commit/5053fa82a1b2b52756810601227984a8b71888a4

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	6.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/5053fa82a1b2b52756810601227984a8b71888a4

reference_url

https://github.com/apache/tomcat/commit/9276b5e783c8cd5b3fe2bb716306b65004bdd940

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	6.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/9276b5e783c8cd5b3fe2bb716306b65004bdd940

reference_url	https://github.com/apache/tomcat/commit/95f7778248cac46d03e6af04de9c72a598be3a53
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/95f7778248cac46d03e6af04de9c72a598be3a53

reference_url

https://github.com/apache/tomcat/commit/972f9a5e2a07674d92610c478aac1b205d60724e

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	6.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/972f9a5e2a07674d92610c478aac1b205d60724e

reference_url

https://github.com/apache/tomcat/commit/a4aa74232e826028cd2f7ba0445caf8a8b52c509

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	6.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/a4aa74232e826028cd2f7ba0445caf8a8b52c509

reference_url

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	6.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	6.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	6.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-66614

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2440430
reference_id	2440430
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2440430

reference_url

reference_id

CVE-2025-66614

reference_type

scores

value	Moderate
scoring_system	apache_tomcat
scoring_elements

url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-66614

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2025-66614

reference_id

CVE-2025-66614

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	6.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2025-66614

reference_url

https://github.com/advisories/GHSA-fpj8-gq4v-p354

reference_id

GHSA-fpj8-gq4v-p354

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-fpj8-gq4v-p354

reference_url	https://access.redhat.com/errata/RHSA-2026:12194
reference_id	RHSA-2026:12194
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:12194

reference_url	https://access.redhat.com/errata/RHSA-2026:12195
reference_id	RHSA-2026:12195
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:12195

reference_url	https://access.redhat.com/errata/RHSA-2026:6569
reference_id	RHSA-2026:6569
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6569

reference_url	https://access.redhat.com/errata/RHSA-2026:8334
reference_id	RHSA-2026:8334
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8334

reference_url

https://lists.apache.org/thread/vw6lxtlh2qbqwpb61wd3sv1flm2nttw7

reference_id

vw6lxtlh2qbqwpb61wd3sv1flm2nttw7

reference_type

scores

value	7.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	6.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-21T21:17:26Z/

url

https://lists.apache.org/thread/vw6lxtlh2qbqwpb61wd3sv1flm2nttw7

fixed_packages

url pkg:maven/org.apache.tomcat/tomcat@9.0.113

purl pkg:maven/org.apache.tomcat/tomcat@9.0.113

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2n2k-sh22-fkfw

vulnerability	VCID-697g-gcg9-zyaa

vulnerability	VCID-7wr9-uez1-8bdg

vulnerability	VCID-8sda-scr3-qfex

vulnerability	VCID-97et-ubnp-wqcy

vulnerability	VCID-9xyf-k9wq-g7b9

vulnerability	VCID-bwh8-tmf1-8uac

vulnerability	VCID-dhxd-kknv-9qb7

vulnerability	VCID-dj7q-4map-ebg4

vulnerability	VCID-hv33-kv9q-gugf

vulnerability	VCID-hvgr-azs4-qqac

vulnerability	VCID-n4qq-m1x3-qkbz

vulnerability	VCID-nctp-shgj-sfgh

vulnerability	VCID-p4j1-xp15-t3b8

vulnerability	VCID-s2kf-jwgc-pfas

vulnerability	VCID-t8tc-zb3w-57gv

vulnerability	VCID-vnfg-9em7-u7ee

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.113

url pkg:maven/org.apache.tomcat/tomcat@9.0.116

purl pkg:maven/org.apache.tomcat/tomcat@9.0.116

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2n2k-sh22-fkfw

vulnerability	VCID-697g-gcg9-zyaa

vulnerability	VCID-97et-ubnp-wqcy

vulnerability	VCID-9xyf-k9wq-g7b9

vulnerability	VCID-dhxd-kknv-9qb7

vulnerability	VCID-dj7q-4map-ebg4

vulnerability	VCID-hv33-kv9q-gugf

vulnerability	VCID-hvgr-azs4-qqac

vulnerability	VCID-nctp-shgj-sfgh

vulnerability	VCID-nfmu-1t27-e3fu

vulnerability	VCID-s2kf-jwgc-pfas

vulnerability	VCID-vnfg-9em7-u7ee

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.116

url pkg:maven/org.apache.tomcat/tomcat@10.1.50

purl pkg:maven/org.apache.tomcat/tomcat@10.1.50

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2n2k-sh22-fkfw

vulnerability	VCID-697g-gcg9-zyaa

vulnerability	VCID-7wr9-uez1-8bdg

vulnerability	VCID-8sda-scr3-qfex

vulnerability	VCID-97et-ubnp-wqcy

vulnerability	VCID-9xyf-k9wq-g7b9

vulnerability	VCID-bwh8-tmf1-8uac

vulnerability	VCID-dhxd-kknv-9qb7

vulnerability	VCID-dj7q-4map-ebg4

vulnerability	VCID-hv33-kv9q-gugf

vulnerability	VCID-hvgr-azs4-qqac

vulnerability	VCID-n4qq-m1x3-qkbz

vulnerability	VCID-nctp-shgj-sfgh

vulnerability	VCID-p4j1-xp15-t3b8

vulnerability	VCID-s2kf-jwgc-pfas

vulnerability	VCID-t8tc-zb3w-57gv

vulnerability	VCID-vnfg-9em7-u7ee

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.50

url pkg:maven/org.apache.tomcat/tomcat@10.1.53

purl pkg:maven/org.apache.tomcat/tomcat@10.1.53

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2n2k-sh22-fkfw

vulnerability	VCID-697g-gcg9-zyaa

vulnerability	VCID-97et-ubnp-wqcy

vulnerability	VCID-9xyf-k9wq-g7b9

vulnerability	VCID-dhxd-kknv-9qb7

vulnerability	VCID-dj7q-4map-ebg4

vulnerability	VCID-hv33-kv9q-gugf

vulnerability	VCID-hvgr-azs4-qqac

vulnerability	VCID-nctp-shgj-sfgh

vulnerability	VCID-nfmu-1t27-e3fu

vulnerability	VCID-s2kf-jwgc-pfas

vulnerability	VCID-vnfg-9em7-u7ee

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.53

url pkg:maven/org.apache.tomcat/tomcat@11.0.15

purl pkg:maven/org.apache.tomcat/tomcat@11.0.15

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2n2k-sh22-fkfw

vulnerability	VCID-697g-gcg9-zyaa

vulnerability	VCID-7wr9-uez1-8bdg

vulnerability	VCID-8sda-scr3-qfex

vulnerability	VCID-97et-ubnp-wqcy

vulnerability	VCID-9xyf-k9wq-g7b9

vulnerability	VCID-bwh8-tmf1-8uac

vulnerability	VCID-dhxd-kknv-9qb7

vulnerability	VCID-dj7q-4map-ebg4

vulnerability	VCID-hv33-kv9q-gugf

vulnerability	VCID-hvgr-azs4-qqac

vulnerability	VCID-n4qq-m1x3-qkbz

vulnerability	VCID-nctp-shgj-sfgh

vulnerability	VCID-p4j1-xp15-t3b8

vulnerability	VCID-s2kf-jwgc-pfas

vulnerability	VCID-t8tc-zb3w-57gv

vulnerability	VCID-vnfg-9em7-u7ee

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@11.0.15

url pkg:maven/org.apache.tomcat/tomcat@11.0.20

purl pkg:maven/org.apache.tomcat/tomcat@11.0.20

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2n2k-sh22-fkfw

vulnerability	VCID-697g-gcg9-zyaa

vulnerability	VCID-97et-ubnp-wqcy

vulnerability	VCID-9xyf-k9wq-g7b9

vulnerability	VCID-dhxd-kknv-9qb7

vulnerability	VCID-dj7q-4map-ebg4

vulnerability	VCID-hv33-kv9q-gugf

vulnerability	VCID-hvgr-azs4-qqac

vulnerability	VCID-nctp-shgj-sfgh

vulnerability	VCID-nfmu-1t27-e3fu

vulnerability	VCID-s2kf-jwgc-pfas

vulnerability	VCID-vnfg-9em7-u7ee

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@11.0.20

aliases CVE-2025-66614, GHSA-fpj8-gq4v-p354

risk_score 4.1

exploitability 0.5

weighted_severity 8.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p4j1-xp15-t3b8

url VCID-p65m-6crd-bufr

vulnerability_id VCID-p65m-6crd-bufr

summary

references

reference_url

http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00084.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00084.html

reference_url

http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00088.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00088.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13935.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13935.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-13935

reference_id

reference_type

scores

value	0.92155
scoring_system	epss
scoring_elements	0.99728
published_at	2026-06-12T12:55:00Z

value	0.92155
scoring_system	epss
scoring_elements	0.99726
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-13935

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/12d715676038efbf9c728af10163f8277fc019d5

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/12d715676038efbf9c728af10163f8277fc019d5

reference_url

https://github.com/apache/tomcat/commit/1c1c77b0efb667cea80b532440b44cea1dc427c3

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/1c1c77b0efb667cea80b532440b44cea1dc427c3

reference_url

https://github.com/apache/tomcat/commit/40fa74c74822711ab878079d0a69f7357926723d

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/40fa74c74822711ab878079d0a69f7357926723d

reference_url

https://github.com/apache/tomcat/commit/4c04982870d6e730c38e21e58fb653b7cf723784

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/4c04982870d6e730c38e21e58fb653b7cf723784

reference_url

https://github.com/apache/tomcat/commit/f9f75c14678b68633f79030ddf4ff827f014cc84

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/f9f75c14678b68633f79030ddf4ff827f014cc84

reference_url

https://lists.apache.org/thread.html/r4e5d3c09f4dd2923191e972408b40fb8b42dbff0bc7904d44b651e50@%3Cusers.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r4e5d3c09f4dd2923191e972408b40fb8b42dbff0bc7904d44b651e50@%3Cusers.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rd48c72bd3255bda87564d4da3791517c074d94f8a701f93b85752651%40%3Cannounce.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rd48c72bd3255bda87564d4da3791517c074d94f8a701f93b85752651%40%3Cannounce.tomcat.apache.org%3E

reference_url

https://lists.debian.org/debian-lts-announce/2020/07/msg00017.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2020/07/msg00017.html

reference_url

https://security.netapp.com/advisory/ntap-20200724-0003

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20200724-0003

reference_url	https://security.netapp.com/advisory/ntap-20200724-0003/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20200724-0003/

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://tomcat.apache.org/security-7.html

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://tomcat.apache.org/security-7.html

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://usn.ubuntu.com/4448-1

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://usn.ubuntu.com/4448-1

reference_url	https://usn.ubuntu.com/4448-1/
reference_id
reference_type
scores
url	https://usn.ubuntu.com/4448-1/

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1857024
reference_id	1857024
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1857024

reference_url

reference_id

AVG-1205

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13935

reference_url

reference_id

CVE-2020-13935

reference_type

scores

value	Important
scoring_system	apache_tomcat
scoring_elements

url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13935

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-13935

reference_id

CVE-2020-13935

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2020-13935

reference_url

https://github.com/advisories/GHSA-m7jv-hq7h-mq7c

reference_id

GHSA-m7jv-hq7h-mq7c

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-m7jv-hq7h-mq7c

reference_url	https://access.redhat.com/errata/RHSA-2020:3303
reference_id	RHSA-2020:3303
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3303

reference_url	https://access.redhat.com/errata/RHSA-2020:3305
reference_id	RHSA-2020:3305
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3305

reference_url	https://access.redhat.com/errata/RHSA-2020:3306
reference_id	RHSA-2020:3306
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3306

reference_url	https://access.redhat.com/errata/RHSA-2020:3308
reference_id	RHSA-2020:3308
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3308

reference_url	https://access.redhat.com/errata/RHSA-2020:3382
reference_id	RHSA-2020:3382
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3382

reference_url	https://access.redhat.com/errata/RHSA-2020:3383
reference_id	RHSA-2020:3383
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3383

reference_url	https://access.redhat.com/errata/RHSA-2020:3806
reference_id	RHSA-2020:3806
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3806

reference_url	https://access.redhat.com/errata/RHSA-2020:4004
reference_id	RHSA-2020:4004
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4004

reference_url	https://access.redhat.com/errata/RHSA-2021:3140
reference_id	RHSA-2021:3140
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:3140

reference_url	https://access.redhat.com/errata/RHSA-2022:5458
reference_id	RHSA-2022:5458
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5458

reference_url	https://access.redhat.com/errata/RHSA-2022:5459
reference_id	RHSA-2022:5459
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5459

reference_url	https://access.redhat.com/errata/RHSA-2022:5460
reference_id	RHSA-2022:5460
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5460

reference_url	https://usn.ubuntu.com/4596-1/
reference_id	USN-4596-1
reference_type
scores
url	https://usn.ubuntu.com/4596-1/

fixed_packages

url pkg:maven/org.apache.tomcat/tomcat@9.0.37

purl pkg:maven/org.apache.tomcat/tomcat@9.0.37

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16sq-3qm1-kqb2

vulnerability	VCID-2hmq-5245-jyaf

vulnerability	VCID-2n2k-sh22-fkfw

vulnerability	VCID-3kn9-yxww-ryh4

vulnerability	VCID-697g-gcg9-zyaa

vulnerability	VCID-6kab-xsqw-37ed

vulnerability	VCID-6wqu-jupw-tyhu

vulnerability	VCID-7wr9-uez1-8bdg

vulnerability	VCID-97et-ubnp-wqcy

vulnerability	VCID-9xyf-k9wq-g7b9

vulnerability	VCID-dhxd-kknv-9qb7

vulnerability	VCID-dj7q-4map-ebg4

vulnerability	VCID-dx14-ejnx-37ad

vulnerability	VCID-hv33-kv9q-gugf

vulnerability	VCID-keh1-ycs9-ybdd

vulnerability	VCID-ngy5-k9cv-rkbn

vulnerability	VCID-nj9t-gdm3-6ycn

vulnerability	VCID-nstu-jfc5-3kgd

vulnerability	VCID-p4j1-xp15-t3b8

vulnerability	VCID-qvgx-r4rr-xugp

vulnerability	VCID-r9fd-ndvw-ekfa

vulnerability	VCID-s2kf-jwgc-pfas

vulnerability	VCID-t8tc-zb3w-57gv

vulnerability	VCID-tvrz-n2kd-pba4

vulnerability	VCID-uyc3-3cnp-wqf3

vulnerability	VCID-v5zf-qfdq-kbbp

vulnerability	VCID-vfh6-rc99-e3bf

vulnerability	VCID-vnfg-9em7-u7ee

vulnerability	VCID-yjb8-hdqu-4fe5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.37

url pkg:maven/org.apache.tomcat/tomcat@10.0.0-M7

purl pkg:maven/org.apache.tomcat/tomcat@10.0.0-M7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-nstu-jfc5-3kgd

vulnerability	VCID-qvgx-r4rr-xugp

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.0.0-M7

aliases CVE-2020-13935, GHSA-m7jv-hq7h-mq7c

risk_score 10.0

exploitability 2.0

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p65m-6crd-bufr

url VCID-qxbw-zvw5-ckdp

vulnerability_id VCID-qxbw-zvw5-ckdp

summary

references

reference_url

http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00013.html

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00013.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12418.json

reference_id

reference_type

scores

value	7.4
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12418.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-12418

reference_id

reference_type

scores

value	0.00481
scoring_system	epss
scoring_elements	0.65589
published_at	2026-06-11T12:55:00Z

value	0.00481
scoring_system	epss
scoring_elements	0.65687
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-12418

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://github.com/apache/tomcat/commit/1fc9f589dbdd8295cf313b2667ab041c425f99c3
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/1fc9f589dbdd8295cf313b2667ab041c425f99c3

reference_url	https://github.com/apache/tomcat/commit/a91d7db4047d372b2f12999d3cf2bc3254c20d00
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/a91d7db4047d372b2f12999d3cf2bc3254c20d00

reference_url	https://github.com/apache/tomcat/commit/bef3f40400243348d12f4abfe9b413f43897c02b
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/bef3f40400243348d12f4abfe9b413f43897c02b

reference_url

https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.debian.org/debian-lts-announce/2020/01/msg00024.html

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2020/01/msg00024.html

reference_url

https://lists.debian.org/debian-lts-announce/2020/03/msg00029.html

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2020/03/msg00029.html

reference_url

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20200107-0001

reference_url

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20200107-0001

reference_url	https://security.netapp.com/advisory/ntap-20200107-0001/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20200107-0001/

reference_url

https://support.f5.com/csp/article/K10107360?utm_source=f5support&utm_medium=RSS

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://support.f5.com/csp/article/K10107360?utm_source=f5support&utm_medium=RSS

reference_url

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url	https://usn.ubuntu.com/4251-1/
reference_id
reference_type
scores
url	https://usn.ubuntu.com/4251-1/

reference_url

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12418

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1785699
reference_id	1785699
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1785699

reference_url

reference_id

CVE-2019-12418

reference_type

scores

value	Moderate
scoring_system	apache_tomcat
scoring_elements

url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12418

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-12418

reference_id

CVE-2019-12418

reference_type

scores

value	7.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2019-12418

reference_url

https://github.com/advisories/GHSA-hh3j-x4mc-g48r

reference_id

GHSA-hh3j-x4mc-g48r

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-hh3j-x4mc-g48r

reference_url	https://access.redhat.com/errata/RHSA-2020:0860
reference_id	RHSA-2020:0860
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0860

reference_url	https://access.redhat.com/errata/RHSA-2020:0861
reference_id	RHSA-2020:0861
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0861

reference_url	https://access.redhat.com/errata/RHSA-2020:1520
reference_id	RHSA-2020:1520
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1520

reference_url	https://access.redhat.com/errata/RHSA-2020:1521
reference_id	RHSA-2020:1521
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1521

fixed_packages

url pkg:maven/org.apache.tomcat/tomcat@9.0.29

purl pkg:maven/org.apache.tomcat/tomcat@9.0.29

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16sq-3qm1-kqb2

vulnerability	VCID-2n2k-sh22-fkfw

vulnerability	VCID-3kn9-yxww-ryh4

vulnerability	VCID-5nu4-5ude-4yhc

vulnerability	VCID-697g-gcg9-zyaa

vulnerability	VCID-6kab-xsqw-37ed

vulnerability	VCID-6wqu-jupw-tyhu

vulnerability	VCID-7wr9-uez1-8bdg

vulnerability	VCID-824z-m36f-87ea

vulnerability	VCID-97et-ubnp-wqcy

vulnerability	VCID-9xyf-k9wq-g7b9

vulnerability	VCID-bv5e-eycn-n7e2

vulnerability	VCID-dhxd-kknv-9qb7

vulnerability	VCID-dj7q-4map-ebg4

vulnerability	VCID-dx14-ejnx-37ad

vulnerability	VCID-euv9-huaz-y3d1

vulnerability	VCID-gecz-htub-27gx

vulnerability	VCID-hv33-kv9q-gugf

vulnerability	VCID-keh1-ycs9-ybdd

vulnerability	VCID-ngy5-k9cv-rkbn

vulnerability	VCID-nj9t-gdm3-6ycn

vulnerability	VCID-p4j1-xp15-t3b8

vulnerability	VCID-p65m-6crd-bufr

vulnerability	VCID-qvgx-r4rr-xugp

vulnerability	VCID-r9fd-ndvw-ekfa

vulnerability	VCID-s2kf-jwgc-pfas

vulnerability	VCID-t7xw-r7rz-u3g5

vulnerability	VCID-t8tc-zb3w-57gv

vulnerability	VCID-tvrz-n2kd-pba4

vulnerability	VCID-uyc3-3cnp-wqf3

vulnerability	VCID-v5zf-qfdq-kbbp

vulnerability	VCID-vfh6-rc99-e3bf

vulnerability	VCID-vnfg-9em7-u7ee

vulnerability	VCID-yg5s-2fsb-gub2

vulnerability	VCID-yjb8-hdqu-4fe5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.29

aliases CVE-2019-12418, GHSA-hh3j-x4mc-g48r

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qxbw-zvw5-ckdp

url VCID-qxfb-yg6b-nfda

vulnerability_id VCID-qxfb-yg6b-nfda

summary

references

reference_url

https://access.redhat.com/errata/RHSA-2018:1320

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2018:1320

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1305.json

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1305.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-1305

reference_id

reference_type

scores

value	0.21578
scoring_system	epss
scoring_elements	0.95848
published_at	2026-06-11T12:55:00Z

value	0.21578
scoring_system	epss
scoring_elements	0.95862
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-1305

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/2349801827f09fb6582a8afdeca704294106ad9a

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/2349801827f09fb6582a8afdeca704294106ad9a

reference_url

https://github.com/apache/tomcat/commit/2aac69f694d42d9219eb27018b3da0ae1bdd73ab

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/2aac69f694d42d9219eb27018b3da0ae1bdd73ab

reference_url

https://github.com/apache/tomcat/commit/3e54b2a6314eda11617ff7a7b899c251e222b1a1

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/3e54b2a6314eda11617ff7a7b899c251e222b1a1

reference_url

https://github.com/apache/tomcat/commit/4d637bc3986e5d09b9363e2144b8ba74fa6eac3a

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/4d637bc3986e5d09b9363e2144b8ba74fa6eac3a

reference_url

https://github.com/apache/tomcat/commit/c63b96d72cd39287e17b2ba698f4eee0ba508073

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/c63b96d72cd39287e17b2ba698f4eee0ba508073

reference_url

https://github.com/apache/tomcat/commit/de6b4fd58b64828f374503b9ec76a12017b92895

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/de6b4fd58b64828f374503b9ec76a12017b92895

reference_url

https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/d3354bb0a4eda4acc0a66f3eb24a213fdb75d12c7d16060b23e65781@%3Cannounce.tomcat.apache.org%3E

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/d3354bb0a4eda4acc0a66f3eb24a213fdb75d12c7d16060b23e65781@%3Cannounce.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/d3354bb0a4eda4acc0a66f3eb24a213fdb75d12c7d16060b23e65781%40%3Cannounce.tomcat.apache.org%3E

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/d3354bb0a4eda4acc0a66f3eb24a213fdb75d12c7d16060b23e65781%40%3Cannounce.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/e85e83e9954f169bbb77b44baae5a33d8de878df557bb32b7f793661@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/e85e83e9954f169bbb77b44baae5a33d8de878df557bb32b7f793661@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/eb6efa8d59c45a7a9eff94c4b925467d3b3fec8ba7697f3daa314b04@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/eb6efa8d59c45a7a9eff94c4b925467d3b3fec8ba7697f3daa314b04@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.debian.org/debian-lts-announce/2018/03/msg00004.html

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2018/03/msg00004.html

reference_url

https://lists.debian.org/debian-lts-announce/2018/06/msg00008.html

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2018/06/msg00008.html

reference_url

https://lists.debian.org/debian-lts-announce/2018/07/msg00044.html

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2018/07/msg00044.html

reference_url

https://security.netapp.com/advisory/ntap-20180706-0001

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20180706-0001

reference_url	https://security.netapp.com/advisory/ntap-20180706-0001/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20180706-0001/

reference_url	https://svn.apache.org/viewvc?view=rev&rev=1823310
reference_id
reference_type
scores
url	https://svn.apache.org/viewvc?view=rev&rev=1823310

reference_url	https://svn.apache.org/viewvc?view=rev&rev=1823314
reference_id
reference_type
scores
url	https://svn.apache.org/viewvc?view=rev&rev=1823314

reference_url	https://svn.apache.org/viewvc?view=rev&rev=1823319
reference_id
reference_type
scores
url	https://svn.apache.org/viewvc?view=rev&rev=1823319

reference_url	https://svn.apache.org/viewvc?view=rev&rev=1823322
reference_id
reference_type
scores
url	https://svn.apache.org/viewvc?view=rev&rev=1823322

reference_url	https://svn.apache.org/viewvc?view=rev&rev=1824323
reference_id
reference_type
scores
url	https://svn.apache.org/viewvc?view=rev&rev=1824323

reference_url	https://svn.apache.org/viewvc?view=rev&rev=1824358
reference_id
reference_type
scores
url	https://svn.apache.org/viewvc?view=rev&rev=1824358

reference_url	https://svn.apache.org/viewvc?view=rev&rev=1824359
reference_id
reference_type
scores
url	https://svn.apache.org/viewvc?view=rev&rev=1824359

reference_url	https://svn.apache.org/viewvc?view=rev&rev=1824360
reference_id
reference_type
scores
url	https://svn.apache.org/viewvc?view=rev&rev=1824360

reference_url

https://usn.ubuntu.com/3665-1

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://usn.ubuntu.com/3665-1

reference_url

https://web.archive.org/web/20200227030042/http://www.securityfocus.com/bid/103144

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20200227030042/http://www.securityfocus.com/bid/103144

reference_url

https://web.archive.org/web/20200516094320/http://www.securitytracker.com/id/1040428

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20200516094320/http://www.securitytracker.com/id/1040428

reference_url	http://www.securityfocus.com/bid/103144
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/103144

reference_url	http://www.securitytracker.com/id/1040428
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1040428

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1548282
reference_id	1548282
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1548282

reference_url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1305

reference_id

CVE-2018-1305

reference_type

scores

value	Important
scoring_system	apache_tomcat
scoring_elements

url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1305

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-1305

reference_id

CVE-2018-1305

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2018-1305

reference_url

https://github.com/advisories/GHSA-jx6h-3fjx-cgv5

reference_id

GHSA-jx6h-3fjx-cgv5

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-jx6h-3fjx-cgv5

reference_url

https://access.redhat.com/errata/RHSA-2018:0465

reference_id

RHSA-2018:0465

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2018:0465

reference_url

https://access.redhat.com/errata/RHSA-2018:0466

reference_id

RHSA-2018:0466

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2018:0466

reference_url

https://access.redhat.com/errata/RHSA-2018:2939

reference_id

RHSA-2018:2939

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2018:2939

reference_url

https://access.redhat.com/errata/RHSA-2019:2205

reference_id

RHSA-2019:2205

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2019:2205

fixed_packages

url pkg:maven/org.apache.tomcat/tomcat@9.0.5

purl pkg:maven/org.apache.tomcat/tomcat@9.0.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16sq-3qm1-kqb2

vulnerability	VCID-2n2k-sh22-fkfw

vulnerability	VCID-3977-sdws-euh4

vulnerability	VCID-3kn9-yxww-ryh4

vulnerability	VCID-4c8y-tn9d-v3d5

vulnerability	VCID-5nu4-5ude-4yhc

vulnerability	VCID-697g-gcg9-zyaa

vulnerability	VCID-6kab-xsqw-37ed

vulnerability	VCID-6wqu-jupw-tyhu

vulnerability	VCID-7wr9-uez1-8bdg

vulnerability	VCID-824z-m36f-87ea

vulnerability	VCID-97et-ubnp-wqcy

vulnerability	VCID-9gs9-4vzf-uqbu

vulnerability	VCID-9xyf-k9wq-g7b9

vulnerability	VCID-dj7q-4map-ebg4

vulnerability	VCID-euv9-huaz-y3d1

vulnerability	VCID-evws-hrsq-ybfw

vulnerability	VCID-ftu2-phtp-bqad

vulnerability	VCID-gecz-htub-27gx

vulnerability	VCID-ht8m-9gxn-mkaa

vulnerability	VCID-hv33-kv9q-gugf

vulnerability	VCID-k11z-qhvd-9ugj

vulnerability	VCID-keh1-ycs9-ybdd

vulnerability	VCID-m3py-3ba2-jkg7

vulnerability	VCID-ngy5-k9cv-rkbn

vulnerability	VCID-nj9t-gdm3-6ycn

vulnerability	VCID-p4j1-xp15-t3b8

vulnerability	VCID-p65m-6crd-bufr

vulnerability	VCID-qvgx-r4rr-xugp

vulnerability	VCID-qxbw-zvw5-ckdp

vulnerability	VCID-r9fd-ndvw-ekfa

vulnerability	VCID-s2kf-jwgc-pfas

vulnerability	VCID-t7xw-r7rz-u3g5

vulnerability	VCID-t8tc-zb3w-57gv

vulnerability	VCID-tvrz-n2kd-pba4

vulnerability	VCID-uyc3-3cnp-wqf3

vulnerability	VCID-v5zf-qfdq-kbbp

vulnerability	VCID-vfh6-rc99-e3bf

vulnerability	VCID-w35j-v3r4-tqhu

vulnerability	VCID-x57v-g2md-7bbq

vulnerability	VCID-yg5s-2fsb-gub2

vulnerability	VCID-yjb8-hdqu-4fe5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.5

aliases CVE-2018-1305, GHSA-jx6h-3fjx-cgv5

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qxfb-yg6b-nfda

url VCID-s2kf-jwgc-pfas

vulnerability_id VCID-s2kf-jwgc-pfas

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43514.json

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43514.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-43514

reference_id

reference_type

scores

value	0.001
scoring_system	epss
scoring_elements	0.27214
published_at	2026-06-11T12:55:00Z

value	0.001
scoring_system	epss
scoring_elements	0.27415
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-43514

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/933dcdbf2515972280002929e7e597dead2e9ffa

reference_url	https://github.com/apache/tomcat/commit/2e676264ce27448a4d4841e42c1238bd10ca3755
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/2e676264ce27448a4d4841e42c1238bd10ca3755

reference_url

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/933dcdbf2515972280002929e7e597dead2e9ffa

reference_url

https://github.com/apache/tomcat/commit/a102a2a157868ca51d83eaf5a119ccd9976a113e

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/a102a2a157868ca51d83eaf5a119ccd9976a113e

reference_url	https://github.com/apache/tomcat/commit/a90c358400c133b6173c6b26591923bf814a8508
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/a90c358400c133b6173c6b26591923bf814a8508

reference_url

https://github.com/apache/tomcat/commit/d35d9d23263c8e4af561f615c960c91697ff200e

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/d35d9d23263c8e4af561f615c960c91697ff200e

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2026-43514

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2026-43514

reference_url

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2026/05/12/10

reference_url

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2026/05/12/10

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2476512
reference_id	2476512
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2476512

reference_url

https://lists.apache.org/thread/2k654v5cq123npfsd1b2kk1y30owqb1m

reference_id

2k654v5cq123npfsd1b2kk1y30owqb1m

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-13T17:22:38Z/

url

https://lists.apache.org/thread/2k654v5cq123npfsd1b2kk1y30owqb1m

reference_url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-43514

reference_id

CVE-2026-43514

reference_type

scores

value	Low
scoring_system	apache_tomcat
scoring_elements

url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-43514

reference_url

https://github.com/advisories/GHSA-9m89-8frq-c98c

reference_id

GHSA-9m89-8frq-c98c

reference_type

scores

value	LOW
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-9m89-8frq-c98c

fixed_packages

url	pkg:maven/org.apache.tomcat/tomcat@9.0.118
purl	pkg:maven/org.apache.tomcat/tomcat@9.0.118
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.118

url	pkg:maven/org.apache.tomcat/tomcat@10.1.55
purl	pkg:maven/org.apache.tomcat/tomcat@10.1.55
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.55

url	pkg:maven/org.apache.tomcat/tomcat@11.0.22
purl	pkg:maven/org.apache.tomcat/tomcat@11.0.22
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@11.0.22

aliases CVE-2026-43514, GHSA-9m89-8frq-c98c

risk_score 1.6

exploitability 0.5

weighted_severity 3.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-s2kf-jwgc-pfas

url VCID-t8tc-zb3w-57gv

vulnerability_id VCID-t8tc-zb3w-57gv

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-24880.json

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-24880.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-24880

reference_id

reference_type

scores

value	0.00176
scoring_system	epss
scoring_elements	0.38954
published_at	2026-06-11T12:55:00Z

value	0.00176
scoring_system	epss
scoring_elements	0.39126
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-24880

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/1b586d6aa8ae65726da5fa8799427b5d4718478a

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/1b586d6aa8ae65726da5fa8799427b5d4718478a

reference_url

https://github.com/apache/tomcat/commit/1e71441a15972f56e661b0b549fb9e5d838b83bb

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/1e71441a15972f56e661b0b549fb9e5d838b83bb

reference_url

https://github.com/apache/tomcat/commit/2cb06c34f661ca42f7570bbcc21e99806184bcc5

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/2cb06c34f661ca42f7570bbcc21e99806184bcc5

reference_url

https://github.com/apache/tomcat/commit/6d478dbe18b7c4bb671c30fedf130309b0dab77c

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/6d478dbe18b7c4bb671c30fedf130309b0dab77c

reference_url

https://github.com/apache/tomcat/commit/f07df938d00f7419b40fa65aa912966d0efac522

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/f07df938d00f7419b40fa65aa912966d0efac522

reference_url

https://github.com/apache/tomcat/commit/fde1a8235fb73125217bd41e162aa0a113f33552

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/fde1a8235fb73125217bd41e162aa0a113f33552

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2026-24880

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2026-24880

reference_url

https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.53

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.53

reference_url

https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.20

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.20

reference_url

https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.116

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.116

reference_url

https://www.herodevs.com/vulnerability-directory/cve-2026-24880

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.herodevs.com/vulnerability-directory/cve-2026-24880

reference_url

http://www.openwall.com/lists/oss-security/2026/04/09/20

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2026/04/09/20

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133356
reference_id	1133356
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133356

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133357
reference_id	1133357
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133357

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2457040
reference_id	2457040
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2457040

reference_url

https://lists.apache.org/thread/2c682qnlg2tv4o5knlggqbl9yc2gb5sn

reference_id

2c682qnlg2tv4o5knlggqbl9yc2gb5sn

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T18:33:19Z/

url

https://lists.apache.org/thread/2c682qnlg2tv4o5knlggqbl9yc2gb5sn

reference_url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-24880

reference_id

CVE-2026-24880

reference_type

scores

value	Low
scoring_system	apache_tomcat
scoring_elements

url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-24880

reference_url

https://github.com/advisories/GHSA-563x-q5rq-57qp

reference_id

GHSA-563x-q5rq-57qp

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-563x-q5rq-57qp

reference_url	https://access.redhat.com/errata/RHSA-2026:20405
reference_id	RHSA-2026:20405
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:20405

reference_url	https://access.redhat.com/errata/RHSA-2026:20406
reference_id	RHSA-2026:20406
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:20406

fixed_packages

url pkg:maven/org.apache.tomcat/tomcat@9.0.116

purl pkg:maven/org.apache.tomcat/tomcat@9.0.116

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2n2k-sh22-fkfw

vulnerability	VCID-697g-gcg9-zyaa

vulnerability	VCID-97et-ubnp-wqcy

vulnerability	VCID-9xyf-k9wq-g7b9

vulnerability	VCID-dhxd-kknv-9qb7

vulnerability	VCID-dj7q-4map-ebg4

vulnerability	VCID-hv33-kv9q-gugf

vulnerability	VCID-hvgr-azs4-qqac

vulnerability	VCID-nctp-shgj-sfgh

vulnerability	VCID-nfmu-1t27-e3fu

vulnerability	VCID-s2kf-jwgc-pfas

vulnerability	VCID-vnfg-9em7-u7ee

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.116

url pkg:maven/org.apache.tomcat/tomcat@10.1.52

purl pkg:maven/org.apache.tomcat/tomcat@10.1.52

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2n2k-sh22-fkfw

vulnerability	VCID-697g-gcg9-zyaa

vulnerability	VCID-7wr9-uez1-8bdg

vulnerability	VCID-8sda-scr3-qfex

vulnerability	VCID-97et-ubnp-wqcy

vulnerability	VCID-9xyf-k9wq-g7b9

vulnerability	VCID-dhxd-kknv-9qb7

vulnerability	VCID-dj7q-4map-ebg4

vulnerability	VCID-hv33-kv9q-gugf

vulnerability	VCID-hvgr-azs4-qqac

vulnerability	VCID-n4qq-m1x3-qkbz

vulnerability	VCID-nctp-shgj-sfgh

vulnerability	VCID-p4j1-xp15-t3b8

vulnerability	VCID-r6yr-45cm-8ucv

vulnerability	VCID-s2kf-jwgc-pfas

vulnerability	VCID-t8tc-zb3w-57gv

vulnerability	VCID-vnfg-9em7-u7ee

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.52

url pkg:maven/org.apache.tomcat/tomcat@10.1.53

purl pkg:maven/org.apache.tomcat/tomcat@10.1.53

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2n2k-sh22-fkfw

vulnerability	VCID-697g-gcg9-zyaa

vulnerability	VCID-97et-ubnp-wqcy

vulnerability	VCID-9xyf-k9wq-g7b9

vulnerability	VCID-dhxd-kknv-9qb7

vulnerability	VCID-dj7q-4map-ebg4

vulnerability	VCID-hv33-kv9q-gugf

vulnerability	VCID-hvgr-azs4-qqac

vulnerability	VCID-nctp-shgj-sfgh

vulnerability	VCID-nfmu-1t27-e3fu

vulnerability	VCID-s2kf-jwgc-pfas

vulnerability	VCID-vnfg-9em7-u7ee

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.53

url pkg:maven/org.apache.tomcat/tomcat@11.0.20

purl pkg:maven/org.apache.tomcat/tomcat@11.0.20

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2n2k-sh22-fkfw

vulnerability	VCID-697g-gcg9-zyaa

vulnerability	VCID-97et-ubnp-wqcy

vulnerability	VCID-9xyf-k9wq-g7b9

vulnerability	VCID-dhxd-kknv-9qb7

vulnerability	VCID-dj7q-4map-ebg4

vulnerability	VCID-hv33-kv9q-gugf

vulnerability	VCID-hvgr-azs4-qqac

vulnerability	VCID-nctp-shgj-sfgh

vulnerability	VCID-nfmu-1t27-e3fu

vulnerability	VCID-s2kf-jwgc-pfas

vulnerability	VCID-vnfg-9em7-u7ee

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@11.0.20

aliases CVE-2026-24880, GHSA-563x-q5rq-57qp

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-t8tc-zb3w-57gv

url VCID-urhx-sw6q-cqce

vulnerability_id VCID-urhx-sw6q-cqce

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5651.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5651.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-5651

reference_id

reference_type

scores

value	0.06144
scoring_system	epss
scoring_elements	0.91041
published_at	2026-06-12T12:55:00Z

value	0.06144
scoring_system	epss
scoring_elements	0.91011
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-5651

reference_url

https://bz.apache.org/bugzilla/show_bug.cgi?id=60918

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://bz.apache.org/bugzilla/show_bug.cgi?id=60918

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.6
scoring_system	cvssv2
scoring_elements	AV:N/AC:H/Au:S/C:P/I:P/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/494429ca210641b6b7affe89a2b0a6c0ff70109b

reference_url	https://github.com/apache/tomcat85/commit/494429ca210641b6b7affe89a2b0a6c0ff70109b
reference_id
reference_type
scores
url	https://github.com/apache/tomcat85/commit/494429ca210641b6b7affe89a2b0a6c0ff70109b

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/494429ca210641b6b7affe89a2b0a6c0ff70109b

reference_url

https://github.com/apache/tomcat/commit/9233d9d6a018be4415d4d7d6cb4fe01176adf1a8

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/9233d9d6a018be4415d4d7d6cb4fe01176adf1a8

reference_url

https://github.com/search?q=repo%3Aapache%2Ftomcat+apache.coyote+path%3A%2F%5Eres%5C%2Fbnd%5C%2F%2F&type=code

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/search?q=repo%3Aapache%2Ftomcat+apache.coyote+path%3A%2F%5Eres%5C%2Fbnd%5C%2F%2F&type=code

reference_url

https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/6694538826b87522fb723d2dcedd537e14ebe0a381d92e5525a531d8@%3Cannounce.tomcat.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/6694538826b87522fb723d2dcedd537e14ebe0a381d92e5525a531d8@%3Cannounce.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/6694538826b87522fb723d2dcedd537e14ebe0a381d92e5525a531d8%40%3Cannounce.tomcat.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/6694538826b87522fb723d2dcedd537e14ebe0a381d92e5525a531d8%40%3Cannounce.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/eb6efa8d59c45a7a9eff94c4b925467d3b3fec8ba7697f3daa314b04@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/eb6efa8d59c45a7a9eff94c4b925467d3b3fec8ba7697f3daa314b04@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-5651

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2017-5651

reference_url

https://security.netapp.com/advisory/ntap-20180614-0001

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20180614-0001

reference_url	https://security.netapp.com/advisory/ntap-20180614-0001/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20180614-0001/

reference_url	https://svn.apache.org/viewvc?view=rev&rev=1788544
reference_id
reference_type
scores
url	https://svn.apache.org/viewvc?view=rev&rev=1788544

reference_url	https://svn.apache.org/viewvc?view=rev&rev=1788546
reference_id
reference_type
scores
url	https://svn.apache.org/viewvc?view=rev&rev=1788546

reference_url

https://web.archive.org/web/20170417124228/http://www.securityfocus.com/bid/97544

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20170417124228/http://www.securityfocus.com/bid/97544

reference_url

https://web.archive.org/web/20170420113605/http://www.securitytracker.com/id/1038219

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20170420113605/http://www.securitytracker.com/id/1038219

reference_url	http://www.securityfocus.com/bid/97544
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/97544

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1441226
reference_id	1441226
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1441226

reference_url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5651

reference_id

CVE-2017-5651

reference_type

scores

value	Important
scoring_system	apache_tomcat
scoring_elements

url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5651

reference_url

https://github.com/advisories/GHSA-9hg2-395j-83rm

reference_id

GHSA-9hg2-395j-83rm

reference_type

scores

value	CRITICAL
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-9hg2-395j-83rm

fixed_packages

url pkg:maven/org.apache.tomcat/tomcat@9.0.0.M19

purl pkg:maven/org.apache.tomcat/tomcat@9.0.0.M19

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16sq-3qm1-kqb2

vulnerability	VCID-2n2k-sh22-fkfw

vulnerability	VCID-5nu4-5ude-4yhc

vulnerability	VCID-697g-gcg9-zyaa

vulnerability	VCID-6kab-xsqw-37ed

vulnerability	VCID-6wqu-jupw-tyhu

vulnerability	VCID-7wr9-uez1-8bdg

vulnerability	VCID-97et-ubnp-wqcy

vulnerability	VCID-9xyf-k9wq-g7b9

vulnerability	VCID-dj7q-4map-ebg4

vulnerability	VCID-euv9-huaz-y3d1

vulnerability	VCID-fwgq-vmfm-j7bh

vulnerability	VCID-gecz-htub-27gx

vulnerability	VCID-hv33-kv9q-gugf

vulnerability	VCID-keh1-ycs9-ybdd

vulnerability	VCID-m3py-3ba2-jkg7

vulnerability	VCID-ngy5-k9cv-rkbn

vulnerability	VCID-p4j1-xp15-t3b8

vulnerability	VCID-p65m-6crd-bufr

vulnerability	VCID-qxbw-zvw5-ckdp

vulnerability	VCID-qxfb-yg6b-nfda

vulnerability	VCID-s2kf-jwgc-pfas

vulnerability	VCID-t8tc-zb3w-57gv

vulnerability	VCID-uyc3-3cnp-wqf3

vulnerability	VCID-v9zx-5ppt-qfbb

vulnerability	VCID-w35j-v3r4-tqhu

vulnerability	VCID-yjb8-hdqu-4fe5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.0.M19

aliases CVE-2017-5651, GHSA-9hg2-395j-83rm

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-urhx-sw6q-cqce

url VCID-uyc3-3cnp-wqf3

vulnerability_id VCID-uyc3-3cnp-wqf3

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-41080.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-41080.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-41080

reference_id

reference_type

scores

value	0.11586
scoring_system	epss
scoring_elements	0.93829
published_at	2026-06-12T12:55:00Z

value	0.11586
scoring_system	epss
scoring_elements	0.93808
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-41080

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/4998ad745b67edeadefe541c94ed029b53933d3b

reference_url

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/4998ad745b67edeadefe541c94ed029b53933d3b

reference_url

https://github.com/apache/tomcat/commit/77c0ce2d169efa248b64b992e547aad549ec906b

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/77c0ce2d169efa248b64b992e547aad549ec906b

reference_url

https://github.com/apache/tomcat/commit/bb4624a9f3e69d495182ebfa68d7983076407a27

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/bb4624a9f3e69d495182ebfa68d7983076407a27

reference_url

https://github.com/apache/tomcat/commit/e3703c9abb8fe0d5602f6ba8a8f11d4b6940815a

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/e3703c9abb8fe0d5602f6ba8a8f11d4b6940815a

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2023-41080

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2023-41080

reference_url

https://security.netapp.com/advisory/ntap-20230921-0006

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20230921-0006

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2235370
reference_id	2235370
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2235370

reference_url

https://lists.apache.org/thread/71wvwprtx2j2m54fovq9zr7gbm2wow2f

reference_id

71wvwprtx2j2m54fovq9zr7gbm2wow2f

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-27T18:42:58Z/

url

https://lists.apache.org/thread/71wvwprtx2j2m54fovq9zr7gbm2wow2f

reference_url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41080

reference_id

CVE-2023-41080

reference_type

scores

value	Moderate
scoring_system	apache_tomcat
scoring_elements

url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41080

reference_url

https://github.com/advisories/GHSA-q3mw-pvr8-9ggc

reference_id

GHSA-q3mw-pvr8-9ggc

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-q3mw-pvr8-9ggc

reference_url	https://access.redhat.com/errata/RHSA-2023:5946
reference_id	RHSA-2023:5946
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5946

reference_url	https://access.redhat.com/errata/RHSA-2023:7622
reference_id	RHSA-2023:7622
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7622

reference_url	https://access.redhat.com/errata/RHSA-2023:7623
reference_id	RHSA-2023:7623
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7623

reference_url	https://access.redhat.com/errata/RHSA-2023:7678
reference_id	RHSA-2023:7678
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7678

reference_url	https://access.redhat.com/errata/RHSA-2024:0125
reference_id	RHSA-2024:0125
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0125

reference_url	https://access.redhat.com/errata/RHSA-2024:0474
reference_id	RHSA-2024:0474
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0474

reference_url	https://access.redhat.com/errata/RHSA-2024:1324
reference_id	RHSA-2024:1324
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1324

reference_url	https://access.redhat.com/errata/RHSA-2024:1325
reference_id	RHSA-2024:1325
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1325

reference_url	https://access.redhat.com/errata/RHSA-2024:4631
reference_id	RHSA-2024:4631
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:4631

reference_url	https://usn.ubuntu.com/7106-1/
reference_id	USN-7106-1
reference_type
scores
url	https://usn.ubuntu.com/7106-1/

fixed_packages

url pkg:maven/org.apache.tomcat/tomcat@9.0.80

purl pkg:maven/org.apache.tomcat/tomcat@9.0.80

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16sq-3qm1-kqb2

vulnerability	VCID-1weg-s38v-nkh9

vulnerability	VCID-2n2k-sh22-fkfw

vulnerability	VCID-63vc-sc11-8kf1

vulnerability	VCID-697g-gcg9-zyaa

vulnerability	VCID-6kab-xsqw-37ed

vulnerability	VCID-6wqu-jupw-tyhu

vulnerability	VCID-7wr9-uez1-8bdg

vulnerability	VCID-97et-ubnp-wqcy

vulnerability	VCID-9xyf-k9wq-g7b9

vulnerability	VCID-dhxd-kknv-9qb7

vulnerability	VCID-dj7q-4map-ebg4

vulnerability	VCID-hv33-kv9q-gugf

vulnerability	VCID-hvgr-azs4-qqac

vulnerability	VCID-keh1-ycs9-ybdd

vulnerability	VCID-ngy5-k9cv-rkbn

vulnerability	VCID-p4j1-xp15-t3b8

vulnerability	VCID-s2kf-jwgc-pfas

vulnerability	VCID-t8tc-zb3w-57gv

vulnerability	VCID-v5zf-qfdq-kbbp

vulnerability	VCID-vnfg-9em7-u7ee

vulnerability	VCID-xuma-qnw9-8bb8

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.80

url pkg:maven/org.apache.tomcat/tomcat@10.1.13

purl pkg:maven/org.apache.tomcat/tomcat@10.1.13

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16sq-3qm1-kqb2

vulnerability	VCID-1weg-s38v-nkh9

vulnerability	VCID-2n2k-sh22-fkfw

vulnerability	VCID-63vc-sc11-8kf1

vulnerability	VCID-697g-gcg9-zyaa

vulnerability	VCID-6kab-xsqw-37ed

vulnerability	VCID-6wqu-jupw-tyhu

vulnerability	VCID-7wr9-uez1-8bdg

vulnerability	VCID-97et-ubnp-wqcy

vulnerability	VCID-9xyf-k9wq-g7b9

vulnerability	VCID-bwh8-tmf1-8uac

vulnerability	VCID-dj7q-4map-ebg4

vulnerability	VCID-hv33-kv9q-gugf

vulnerability	VCID-hvgr-azs4-qqac

vulnerability	VCID-keh1-ycs9-ybdd

vulnerability	VCID-n4qq-m1x3-qkbz

vulnerability	VCID-ngy5-k9cv-rkbn

vulnerability	VCID-p4j1-xp15-t3b8

vulnerability	VCID-s2kf-jwgc-pfas

vulnerability	VCID-t8tc-zb3w-57gv

vulnerability	VCID-v5zf-qfdq-kbbp

vulnerability	VCID-vnfg-9em7-u7ee

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.13

url pkg:maven/org.apache.tomcat/tomcat@11.0.0-M11

purl pkg:maven/org.apache.tomcat/tomcat@11.0.0-M11

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16sq-3qm1-kqb2

vulnerability	VCID-1weg-s38v-nkh9

vulnerability	VCID-2n2k-sh22-fkfw

vulnerability	VCID-63vc-sc11-8kf1

vulnerability	VCID-697g-gcg9-zyaa

vulnerability	VCID-6kab-xsqw-37ed

vulnerability	VCID-6wqu-jupw-tyhu

vulnerability	VCID-7wr9-uez1-8bdg

vulnerability	VCID-97et-ubnp-wqcy

vulnerability	VCID-9xyf-k9wq-g7b9

vulnerability	VCID-bwh8-tmf1-8uac

vulnerability	VCID-dhxd-kknv-9qb7

vulnerability	VCID-dj7q-4map-ebg4

vulnerability	VCID-hv33-kv9q-gugf

vulnerability	VCID-hvgr-azs4-qqac

vulnerability	VCID-keh1-ycs9-ybdd

vulnerability	VCID-n4qq-m1x3-qkbz

vulnerability	VCID-ngy5-k9cv-rkbn

vulnerability	VCID-p4j1-xp15-t3b8

vulnerability	VCID-s2kf-jwgc-pfas

vulnerability	VCID-t8tc-zb3w-57gv

vulnerability	VCID-vnfg-9em7-u7ee

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@11.0.0-M11

aliases CVE-2023-41080, GHSA-q3mw-pvr8-9ggc

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uyc3-3cnp-wqf3

url VCID-v9zx-5ppt-qfbb

vulnerability_id VCID-v9zx-5ppt-qfbb

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7675.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7675.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-7675

reference_id

reference_type

scores

value	0.03529
scoring_system	epss
scoring_elements	0.87969
published_at	2026-06-12T12:55:00Z

value	0.03529
scoring_system	epss
scoring_elements	0.87929
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-7675

reference_url

https://bz.apache.org/bugzilla/show_bug.cgi?id=61120

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://bz.apache.org/bugzilla/show_bug.cgi?id=61120

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:N

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/cf181edc9a8c239cde704cffc3c503425bdcae2b

reference_url	https://github.com/apache/tomcat85/commit/dacb030b85fe0e0b3da87469e23d0f31252fdede
reference_id
reference_type
scores
url	https://github.com/apache/tomcat85/commit/dacb030b85fe0e0b3da87469e23d0f31252fdede

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/cf181edc9a8c239cde704cffc3c503425bdcae2b

reference_url

https://github.com/apache/tomcat/commit/dacb030b85fe0e0b3da87469e23d0f31252fdede

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/dacb030b85fe0e0b3da87469e23d0f31252fdede

reference_url

https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/5f8ab8a02f3610bd56ea2b0d69af25cbde451d79c46276c350e05a15@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/5f8ab8a02f3610bd56ea2b0d69af25cbde451d79c46276c350e05a15@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/5f8ab8a02f3610bd56ea2b0d69af25cbde451d79c46276c350e05a15%40%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/5f8ab8a02f3610bd56ea2b0d69af25cbde451d79c46276c350e05a15%40%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/d3a5818e8af731bde6a05ef031ed3acc093c6dd7c4bfcc4936eafd6c@%3Cannounce.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/d3a5818e8af731bde6a05ef031ed3acc093c6dd7c4bfcc4936eafd6c@%3Cannounce.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/d3a5818e8af731bde6a05ef031ed3acc093c6dd7c4bfcc4936eafd6c%40%3Cannounce.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/d3a5818e8af731bde6a05ef031ed3acc093c6dd7c4bfcc4936eafd6c%40%3Cannounce.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/e85e83e9954f169bbb77b44baae5a33d8de878df557bb32b7f793661@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/e85e83e9954f169bbb77b44baae5a33d8de878df557bb32b7f793661@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/eb6efa8d59c45a7a9eff94c4b925467d3b3fec8ba7697f3daa314b04@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/eb6efa8d59c45a7a9eff94c4b925467d3b3fec8ba7697f3daa314b04@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-7675

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2017-7675

reference_url

https://security.netapp.com/advisory/ntap-20180614-0003

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20180614-0003

reference_url	https://security.netapp.com/advisory/ntap-20180614-0003/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20180614-0003/

reference_url

https://svn.apache.org/viewvc?view=revision&revision=1796090

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://svn.apache.org/viewvc?view=revision&revision=1796090

reference_url	https://svn.apache.org/viewvc?view=rev&rev=1796090
reference_id
reference_type
scores
url	https://svn.apache.org/viewvc?view=rev&rev=1796090

reference_url	https://svn.apache.org/viewvc?view=rev&rev=1796091
reference_id
reference_type
scores
url	https://svn.apache.org/viewvc?view=rev&rev=1796091

reference_url

https://web.archive.org/web/20170929163331/http://www.securityfocus.com/bid/100256

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20170929163331/http://www.securityfocus.com/bid/100256

reference_url

http://www.debian.org/security/2017/dsa-3974

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www.debian.org/security/2017/dsa-3974

reference_url	http://www.securityfocus.com/bid/100256
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/100256

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1480626
reference_id	1480626
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1480626

reference_url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7675

reference_id

CVE-2017-7675

reference_type

scores

value	Important
scoring_system	apache_tomcat
scoring_elements

url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7675

reference_url

https://github.com/advisories/GHSA-68g5-8q7f-m384

reference_id

GHSA-68g5-8q7f-m384

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-68g5-8q7f-m384

fixed_packages

url pkg:maven/org.apache.tomcat/tomcat@9.0.0.M22

purl pkg:maven/org.apache.tomcat/tomcat@9.0.0.M22

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16sq-3qm1-kqb2

vulnerability	VCID-19jz-k145-3bh6

vulnerability	VCID-2n2k-sh22-fkfw

vulnerability	VCID-5nu4-5ude-4yhc

vulnerability	VCID-697g-gcg9-zyaa

vulnerability	VCID-6kab-xsqw-37ed

vulnerability	VCID-6wqu-jupw-tyhu

vulnerability	VCID-7wr9-uez1-8bdg

vulnerability	VCID-97et-ubnp-wqcy

vulnerability	VCID-9xyf-k9wq-g7b9

vulnerability	VCID-dj7q-4map-ebg4

vulnerability	VCID-euv9-huaz-y3d1

vulnerability	VCID-gecz-htub-27gx

vulnerability	VCID-hv33-kv9q-gugf

vulnerability	VCID-keh1-ycs9-ybdd

vulnerability	VCID-m3py-3ba2-jkg7

vulnerability	VCID-ngy5-k9cv-rkbn

vulnerability	VCID-p4j1-xp15-t3b8

vulnerability	VCID-p65m-6crd-bufr

vulnerability	VCID-qxbw-zvw5-ckdp

vulnerability	VCID-qxfb-yg6b-nfda

vulnerability	VCID-s2kf-jwgc-pfas

vulnerability	VCID-t8tc-zb3w-57gv

vulnerability	VCID-uyc3-3cnp-wqf3

vulnerability	VCID-w35j-v3r4-tqhu

vulnerability	VCID-yjb8-hdqu-4fe5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.0.M22

aliases CVE-2017-7675, GHSA-68g5-8q7f-m384

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v9zx-5ppt-qfbb

url VCID-vvc7-62tw-2bhh

vulnerability_id VCID-vvc7-62tw-2bhh

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5650.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5650.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-5650

reference_id

reference_type

scores

value	0.12669
scoring_system	epss
scoring_elements	0.94138
published_at	2026-06-11T12:55:00Z

value	0.12669
scoring_system	epss
scoring_elements	0.94158
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-5650

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/2cb9c724e6a2d15a5bc909c4bf1ab9dfc26fa362

reference_url	https://github.com/apache/tomcat85/commit/2cb9c724e6a2d15a5bc909c4bf1ab9dfc26fa362
reference_id
reference_type
scores
url	https://github.com/apache/tomcat85/commit/2cb9c724e6a2d15a5bc909c4bf1ab9dfc26fa362

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/2cb9c724e6a2d15a5bc909c4bf1ab9dfc26fa362

reference_url

https://github.com/apache/tomcat/commit/5496e193a89b8b8b3177e516358df2f07ab852b3

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/5496e193a89b8b8b3177e516358df2f07ab852b3

reference_url

https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/d24303fb095db072740d8154b0f0db3f2b8f67bc91a0562dbe89c738@%3Cannounce.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/d24303fb095db072740d8154b0f0db3f2b8f67bc91a0562dbe89c738@%3Cannounce.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/d24303fb095db072740d8154b0f0db3f2b8f67bc91a0562dbe89c738%40%3Cannounce.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/d24303fb095db072740d8154b0f0db3f2b8f67bc91a0562dbe89c738%40%3Cannounce.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/eb6efa8d59c45a7a9eff94c4b925467d3b3fec8ba7697f3daa314b04@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/eb6efa8d59c45a7a9eff94c4b925467d3b3fec8ba7697f3daa314b04@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-5650

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2017-5650

reference_url

https://security.netapp.com/advisory/ntap-20180614-0001

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20180614-0001

reference_url	https://security.netapp.com/advisory/ntap-20180614-0001/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20180614-0001/

reference_url	https://svn.apache.org/viewvc?view=rev&rev=1788460
reference_id
reference_type
scores
url	https://svn.apache.org/viewvc?view=rev&rev=1788460

reference_url	https://svn.apache.org/viewvc?view=rev&rev=1788480
reference_id
reference_type
scores
url	https://svn.apache.org/viewvc?view=rev&rev=1788480

reference_url

https://web.archive.org/web/20170417124144/http://www.securityfocus.com/bid/97531

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20170417124144/http://www.securityfocus.com/bid/97531

reference_url

https://web.archive.org/web/20170906032952/http://www.securitytracker.com/id/1038217

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20170906032952/http://www.securitytracker.com/id/1038217

reference_url	http://www.securityfocus.com/bid/97531
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/97531

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1441230
reference_id	1441230
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1441230

reference_url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5650

reference_id

CVE-2017-5650

reference_type

scores

value	Important
scoring_system	apache_tomcat
scoring_elements

url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5650

reference_url

https://github.com/advisories/GHSA-9785-w233-x6hv

reference_id

GHSA-9785-w233-x6hv

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-9785-w233-x6hv

fixed_packages

url pkg:maven/org.apache.tomcat/tomcat@9.0.0.M19

purl pkg:maven/org.apache.tomcat/tomcat@9.0.0.M19

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16sq-3qm1-kqb2

vulnerability	VCID-2n2k-sh22-fkfw

vulnerability	VCID-5nu4-5ude-4yhc

vulnerability	VCID-697g-gcg9-zyaa

vulnerability	VCID-6kab-xsqw-37ed

vulnerability	VCID-6wqu-jupw-tyhu

vulnerability	VCID-7wr9-uez1-8bdg

vulnerability	VCID-97et-ubnp-wqcy

vulnerability	VCID-9xyf-k9wq-g7b9

vulnerability	VCID-dj7q-4map-ebg4

vulnerability	VCID-euv9-huaz-y3d1

vulnerability	VCID-fwgq-vmfm-j7bh

vulnerability	VCID-gecz-htub-27gx

vulnerability	VCID-hv33-kv9q-gugf

vulnerability	VCID-keh1-ycs9-ybdd

vulnerability	VCID-m3py-3ba2-jkg7

vulnerability	VCID-ngy5-k9cv-rkbn

vulnerability	VCID-p4j1-xp15-t3b8

vulnerability	VCID-p65m-6crd-bufr

vulnerability	VCID-qxbw-zvw5-ckdp

vulnerability	VCID-qxfb-yg6b-nfda

vulnerability	VCID-s2kf-jwgc-pfas

vulnerability	VCID-t8tc-zb3w-57gv

vulnerability	VCID-uyc3-3cnp-wqf3

vulnerability	VCID-v9zx-5ppt-qfbb

vulnerability	VCID-w35j-v3r4-tqhu

vulnerability	VCID-yjb8-hdqu-4fe5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.0.M19

aliases CVE-2017-5650, GHSA-9785-w233-x6hv

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vvc7-62tw-2bhh

url VCID-w35j-v3r4-tqhu

vulnerability_id VCID-w35j-v3r4-tqhu

summary

references

reference_url

http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00090.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00090.html

reference_url

http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00013.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00013.html

reference_url

http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00054.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00054.html

reference_url

https://access.redhat.com/errata/RHSA-2019:3929

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2019:3929

reference_url

https://access.redhat.com/errata/RHSA-2019:3931

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2019:3931

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0199.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0199.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-0199

reference_id

reference_type

scores

value	0.65581
scoring_system	epss
scoring_elements	0.98519
published_at	2026-06-11T12:55:00Z

value	0.65581
scoring_system	epss
scoring_elements	0.98523
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-0199

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/158ab719cf60448ddbb074798f09152fdb572fc8f781e70a56118d1a@%3Cdev.tomcat.apache.org%3E

reference_url	https://github.com/apache/tomcat/commit/60a3af1738879ec06fac1ecb8a149608782f7cc9
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/60a3af1738879ec06fac1ecb8a149608782f7cc9

reference_url	https://github.com/apache/tomcat/commit/a1cb1ac77e3a8fec1b00eb0e944842555da14f7d
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/a1cb1ac77e3a8fec1b00eb0e944842555da14f7d

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/158ab719cf60448ddbb074798f09152fdb572fc8f781e70a56118d1a@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/158ab719cf60448ddbb074798f09152fdb572fc8f781e70a56118d1a%40%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/158ab719cf60448ddbb074798f09152fdb572fc8f781e70a56118d1a%40%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/4c438fa4c78cb1ce8979077f668ab7145baf83e7c59f2faf7eccf094@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/4c438fa4c78cb1ce8979077f668ab7145baf83e7c59f2faf7eccf094@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/4c438fa4c78cb1ce8979077f668ab7145baf83e7c59f2faf7eccf094%40%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/4c438fa4c78cb1ce8979077f668ab7145baf83e7c59f2faf7eccf094%40%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/7bb193bc68b28d21ff1c726fd38bea164deb6333b59eec2eb3661da6@%3Cusers.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/7bb193bc68b28d21ff1c726fd38bea164deb6333b59eec2eb3661da6@%3Cusers.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/7bb193bc68b28d21ff1c726fd38bea164deb6333b59eec2eb3661da6%40%3Cusers.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/7bb193bc68b28d21ff1c726fd38bea164deb6333b59eec2eb3661da6%40%3Cusers.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/9fe25f98bac6d66f8a663a15c37a98bc2d8f8bbed1d408791a3e4067@%3Cusers.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/9fe25f98bac6d66f8a663a15c37a98bc2d8f8bbed1d408791a3e4067@%3Cusers.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/9fe25f98bac6d66f8a663a15c37a98bc2d8f8bbed1d408791a3e4067%40%3Cusers.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/9fe25f98bac6d66f8a663a15c37a98bc2d8f8bbed1d408791a3e4067%40%3Cusers.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/a7a201bd23e67fd3326c9b22b814dd0537d3270b3b54a768e2e7ef50@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/a7a201bd23e67fd3326c9b22b814dd0537d3270b3b54a768e2e7ef50@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/a7a201bd23e67fd3326c9b22b814dd0537d3270b3b54a768e2e7ef50%40%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/a7a201bd23e67fd3326c9b22b814dd0537d3270b3b54a768e2e7ef50%40%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/ac0185ce240a711b542a55bccf9349ab0c2f343d70cf7835e08fabc9@%3Cannounce.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/ac0185ce240a711b542a55bccf9349ab0c2f343d70cf7835e08fabc9@%3Cannounce.apache.org%3E

reference_url

https://lists.apache.org/thread.html/ac0185ce240a711b542a55bccf9349ab0c2f343d70cf7835e08fabc9%40%3Cannounce.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/ac0185ce240a711b542a55bccf9349ab0c2f343d70cf7835e08fabc9%40%3Cannounce.apache.org%3E

reference_url

https://lists.apache.org/thread.html/cf4eb2bd2083cebb3602a293c653f9a7faa96c86f672c876f25b37ef@%3Cannounce.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/cf4eb2bd2083cebb3602a293c653f9a7faa96c86f672c876f25b37ef@%3Cannounce.apache.org%3E

reference_url

https://lists.apache.org/thread.html/cf4eb2bd2083cebb3602a293c653f9a7faa96c86f672c876f25b37ef%40%3Cannounce.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/cf4eb2bd2083cebb3602a293c653f9a7faa96c86f672c876f25b37ef%40%3Cannounce.apache.org%3E

reference_url

https://lists.apache.org/thread.html/dddb3590bac28fbe89f69f5ccbe26283d014ddc691abdd042de14600@%3Cannounce.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/dddb3590bac28fbe89f69f5ccbe26283d014ddc691abdd042de14600@%3Cannounce.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/dddb3590bac28fbe89f69f5ccbe26283d014ddc691abdd042de14600%40%3Cannounce.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/dddb3590bac28fbe89f69f5ccbe26283d014ddc691abdd042de14600%40%3Cannounce.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/df1a2c1b87c8a6c500ecdbbaf134c7f1491c8d79d98b48c6b9f0fa6a@%3Cannounce.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/df1a2c1b87c8a6c500ecdbbaf134c7f1491c8d79d98b48c6b9f0fa6a@%3Cannounce.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/df1a2c1b87c8a6c500ecdbbaf134c7f1491c8d79d98b48c6b9f0fa6a%40%3Cannounce.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/df1a2c1b87c8a6c500ecdbbaf134c7f1491c8d79d98b48c6b9f0fa6a%40%3Cannounce.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/e1b0b273b6e8ddcc72c9023bc2394b1276fc72664144bf21d0a87995@%3Cannounce.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/e1b0b273b6e8ddcc72c9023bc2394b1276fc72664144bf21d0a87995@%3Cannounce.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/e1b0b273b6e8ddcc72c9023bc2394b1276fc72664144bf21d0a87995%40%3Cannounce.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/e1b0b273b6e8ddcc72c9023bc2394b1276fc72664144bf21d0a87995%40%3Cannounce.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/e56886e1bac9319ecce81b3612dd7a1a43174a3a741a1c805e16880e@%3Ccommits.tomee.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/e56886e1bac9319ecce81b3612dd7a1a43174a3a741a1c805e16880e@%3Ccommits.tomee.apache.org%3E

reference_url

https://lists.apache.org/thread.html/e56886e1bac9319ecce81b3612dd7a1a43174a3a741a1c805e16880e%40%3Ccommits.tomee.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/e56886e1bac9319ecce81b3612dd7a1a43174a3a741a1c805e16880e%40%3Ccommits.tomee.apache.org%3E

reference_url

https://lists.apache.org/thread.html/e85e83e9954f169bbb77b44baae5a33d8de878df557bb32b7f793661@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/e85e83e9954f169bbb77b44baae5a33d8de878df557bb32b7f793661@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/e87733036e8c84ea648cdcdca3098f3c8a897e2652c33062b2b1535c@%3Cusers.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/e87733036e8c84ea648cdcdca3098f3c8a897e2652c33062b2b1535c@%3Cusers.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/e87733036e8c84ea648cdcdca3098f3c8a897e2652c33062b2b1535c%40%3Cusers.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/e87733036e8c84ea648cdcdca3098f3c8a897e2652c33062b2b1535c%40%3Cusers.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NPHQEL5AQ6LZSZD2Y6TYZ4RC3WI7NXJ3

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NPHQEL5AQ6LZSZD2Y6TYZ4RC3WI7NXJ3

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQTZ5BJ5F4KV6N53SGNKSW3UY5DBIQ46

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQTZ5BJ5F4KV6N53SGNKSW3UY5DBIQ46

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NPHQEL5AQ6LZSZD2Y6TYZ4RC3WI7NXJ3

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NPHQEL5AQ6LZSZD2Y6TYZ4RC3WI7NXJ3

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQTZ5BJ5F4KV6N53SGNKSW3UY5DBIQ46

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQTZ5BJ5F4KV6N53SGNKSW3UY5DBIQ46

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20190419-0001

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20190419-0001

reference_url

https://support.f5.com/csp/article/K17321505

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://support.f5.com/csp/article/K17321505

reference_url	https://svn.apache.org/viewvc?view=rev&rev=1852698
reference_id
reference_type
scores
url	https://svn.apache.org/viewvc?view=rev&rev=1852698

reference_url	https://svn.apache.org/viewvc?view=rev&rev=1852699
reference_id
reference_type
scores
url	https://svn.apache.org/viewvc?view=rev&rev=1852699

reference_url	https://svn.apache.org/viewvc?view=rev&rev=1852700
reference_id
reference_type
scores
url	https://svn.apache.org/viewvc?view=rev&rev=1852700

reference_url	https://svn.apache.org/viewvc?view=rev&rev=1852701
reference_id
reference_type
scores
url	https://svn.apache.org/viewvc?view=rev&rev=1852701

reference_url	https://svn.apache.org/viewvc?view=rev&rev=1852702
reference_id
reference_type
scores
url	https://svn.apache.org/viewvc?view=rev&rev=1852702

reference_url	https://svn.apache.org/viewvc?view=rev&rev=1852703
reference_id
reference_type
scores
url	https://svn.apache.org/viewvc?view=rev&rev=1852703

reference_url	https://svn.apache.org/viewvc?view=rev&rev=1852704
reference_id
reference_type
scores
url	https://svn.apache.org/viewvc?view=rev&rev=1852704

reference_url	https://svn.apache.org/viewvc?view=rev&rev=1852705
reference_id
reference_type
scores
url	https://svn.apache.org/viewvc?view=rev&rev=1852705

reference_url	https://svn.apache.org/viewvc?view=rev&rev=1852706
reference_id
reference_type
scores
url	https://svn.apache.org/viewvc?view=rev&rev=1852706

reference_url	https://svn.apache.org/viewvc?view=rev&rev=1852707
reference_id
reference_type
scores
url	https://svn.apache.org/viewvc?view=rev&rev=1852707

reference_url	https://svn.apache.org/viewvc?view=rev&rev=1852711
reference_id
reference_type
scores
url	https://svn.apache.org/viewvc?view=rev&rev=1852711

reference_url	https://svn.apache.org/viewvc?view=rev&rev=1852712
reference_id
reference_type
scores
url	https://svn.apache.org/viewvc?view=rev&rev=1852712

reference_url	https://svn.apache.org/viewvc?view=rev&rev=1852713
reference_id
reference_type
scores
url	https://svn.apache.org/viewvc?view=rev&rev=1852713

reference_url	https://svn.apache.org/viewvc?view=rev&rev=1852714
reference_id
reference_type
scores
url	https://svn.apache.org/viewvc?view=rev&rev=1852714

reference_url	https://svn.apache.org/viewvc?view=rev&rev=1852715
reference_id
reference_type
scores
url	https://svn.apache.org/viewvc?view=rev&rev=1852715

reference_url	https://svn.apache.org/viewvc?view=rev&rev=1852717
reference_id
reference_type
scores
url	https://svn.apache.org/viewvc?view=rev&rev=1852717

reference_url	https://svn.apache.org/viewvc?view=rev&rev=1852718
reference_id
reference_type
scores
url	https://svn.apache.org/viewvc?view=rev&rev=1852718

reference_url	https://svn.apache.org/viewvc?view=rev&rev=1852719
reference_id
reference_type
scores
url	https://svn.apache.org/viewvc?view=rev&rev=1852719

reference_url	https://svn.apache.org/viewvc?view=rev&rev=1852722
reference_id
reference_type
scores
url	https://svn.apache.org/viewvc?view=rev&rev=1852722

reference_url	https://svn.apache.org/viewvc?view=rev&rev=1852723
reference_id
reference_type
scores
url	https://svn.apache.org/viewvc?view=rev&rev=1852723

reference_url	https://svn.apache.org/viewvc?view=rev&rev=1852724
reference_id
reference_type
scores
url	https://svn.apache.org/viewvc?view=rev&rev=1852724

reference_url

https://web.archive.org/web/20200227030041/http://www.securityfocus.com/bid/107674

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20200227030041/http://www.securityfocus.com/bid/107674

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0199

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1693325
reference_id	1693325
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1693325

reference_url

reference_id

CVE-2019-0199

reference_type

scores

value	Important
scoring_system	apache_tomcat
scoring_elements

url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0199

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-0199

reference_id

CVE-2019-0199

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2019-0199

reference_url

https://github.com/advisories/GHSA-qcxh-w3j9-58qr

reference_id

GHSA-qcxh-w3j9-58qr

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-qcxh-w3j9-58qr

reference_url	https://access.redhat.com/errata/RHSA-2020:2366
reference_id	RHSA-2020:2366
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2366

fixed_packages

url pkg:maven/org.apache.tomcat/tomcat@9.0.16

purl pkg:maven/org.apache.tomcat/tomcat@9.0.16

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16sq-3qm1-kqb2

vulnerability	VCID-2n2k-sh22-fkfw

vulnerability	VCID-3977-sdws-euh4

vulnerability	VCID-3kn9-yxww-ryh4

vulnerability	VCID-4c8y-tn9d-v3d5

vulnerability	VCID-5nu4-5ude-4yhc

vulnerability	VCID-697g-gcg9-zyaa

vulnerability	VCID-6kab-xsqw-37ed

vulnerability	VCID-6wqu-jupw-tyhu

vulnerability	VCID-7wr9-uez1-8bdg

vulnerability	VCID-824z-m36f-87ea

vulnerability	VCID-97et-ubnp-wqcy

vulnerability	VCID-9gs9-4vzf-uqbu

vulnerability	VCID-9xyf-k9wq-g7b9

vulnerability	VCID-dhxd-kknv-9qb7

vulnerability	VCID-dj7q-4map-ebg4

vulnerability	VCID-dx14-ejnx-37ad

vulnerability	VCID-euv9-huaz-y3d1

vulnerability	VCID-gecz-htub-27gx

vulnerability	VCID-hv33-kv9q-gugf

vulnerability	VCID-keh1-ycs9-ybdd

vulnerability	VCID-m3py-3ba2-jkg7

vulnerability	VCID-ngy5-k9cv-rkbn

vulnerability	VCID-nj9t-gdm3-6ycn

vulnerability	VCID-p4j1-xp15-t3b8

vulnerability	VCID-p65m-6crd-bufr

vulnerability	VCID-qvgx-r4rr-xugp

vulnerability	VCID-qxbw-zvw5-ckdp

vulnerability	VCID-r9fd-ndvw-ekfa

vulnerability	VCID-s2kf-jwgc-pfas

vulnerability	VCID-t7xw-r7rz-u3g5

vulnerability	VCID-t8tc-zb3w-57gv

vulnerability	VCID-tvrz-n2kd-pba4

vulnerability	VCID-uyc3-3cnp-wqf3

vulnerability	VCID-v5zf-qfdq-kbbp

vulnerability	VCID-vfh6-rc99-e3bf

vulnerability	VCID-vnfg-9em7-u7ee

vulnerability	VCID-yg5s-2fsb-gub2

vulnerability	VCID-yjb8-hdqu-4fe5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.16

aliases CVE-2019-0199, GHSA-qcxh-w3j9-58qr

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-w35j-v3r4-tqhu

url VCID-yjb8-hdqu-4fe5

vulnerability_id VCID-yjb8-hdqu-4fe5

summary

references

reference_url

http://packetstormsecurity.com/files/176951/Apache-Tomcat-8.5.63-9.0.43-HTTP-Response-Smuggling.html

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://packetstormsecurity.com/files/176951/Apache-Tomcat-8.5.63-9.0.43-HTTP-Response-Smuggling.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21733.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21733.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-21733

reference_id

reference_type

scores

value	0.70951
scoring_system	epss
scoring_elements	0.98731
published_at	2026-06-12T12:55:00Z

value	0.70951
scoring_system	epss
scoring_elements	0.98726
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-21733

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/86ccc43940861703c2be96a5f35384407522125a

reference_url

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/86ccc43940861703c2be96a5f35384407522125a

reference_url

https://github.com/apache/tomcat/commit/ce4b154e7b48f66bd98858626347747cd2514311

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/ce4b154e7b48f66bd98858626347747cd2514311

reference_url

https://lists.debian.org/debian-lts-announce/2025/01/msg00009.html

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2025/01/msg00009.html

reference_url

https://security.netapp.com/advisory/ntap-20240216-0005

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20240216-0005

reference_url

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2024/01/19/2

reference_url

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2024/01/19/2

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2259204
reference_id	2259204
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2259204

reference_url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21733

reference_id

CVE-2024-21733

reference_type

scores

value	Important
scoring_system	apache_tomcat
scoring_elements

url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21733

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2024-21733

reference_id

CVE-2024-21733

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2024-21733

reference_url

https://github.com/advisories/GHSA-f4qf-m5gf-8jm8

reference_id

GHSA-f4qf-m5gf-8jm8

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-f4qf-m5gf-8jm8

reference_url

https://lists.apache.org/thread/h9bjqdd0odj6lhs2o96qgowcc6hb0cfz

reference_id

h9bjqdd0odj6lhs2o96qgowcc6hb0cfz

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-13T16:09:11Z/

url

https://lists.apache.org/thread/h9bjqdd0odj6lhs2o96qgowcc6hb0cfz

reference_url	https://access.redhat.com/errata/RHSA-2024:2707
reference_id	RHSA-2024:2707
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2707

reference_url	https://access.redhat.com/errata/RHSA-2024:3354
reference_id	RHSA-2024:3354
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3354

reference_url	https://usn.ubuntu.com/7562-1/
reference_id	USN-7562-1
reference_type
scores
url	https://usn.ubuntu.com/7562-1/

fixed_packages

url pkg:maven/org.apache.tomcat/tomcat@9.0.44

purl pkg:maven/org.apache.tomcat/tomcat@9.0.44

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16sq-3qm1-kqb2

vulnerability	VCID-2hmq-5245-jyaf

vulnerability	VCID-2n2k-sh22-fkfw

vulnerability	VCID-3kn9-yxww-ryh4

vulnerability	VCID-63vc-sc11-8kf1

vulnerability	VCID-697g-gcg9-zyaa

vulnerability	VCID-6kab-xsqw-37ed

vulnerability	VCID-6wqu-jupw-tyhu

vulnerability	VCID-7wr9-uez1-8bdg

vulnerability	VCID-97et-ubnp-wqcy

vulnerability	VCID-9xyf-k9wq-g7b9

vulnerability	VCID-bbye-dcrb-t3ev

vulnerability	VCID-dhxd-kknv-9qb7

vulnerability	VCID-dj7q-4map-ebg4

vulnerability	VCID-dx14-ejnx-37ad

vulnerability	VCID-hv33-kv9q-gugf

vulnerability	VCID-hvgr-azs4-qqac

vulnerability	VCID-keh1-ycs9-ybdd

vulnerability	VCID-ndb1-hdsw-v7fq

vulnerability	VCID-ngy5-k9cv-rkbn

vulnerability	VCID-p4j1-xp15-t3b8

vulnerability	VCID-s2kf-jwgc-pfas

vulnerability	VCID-t8tc-zb3w-57gv

vulnerability	VCID-tvrz-n2kd-pba4

vulnerability	VCID-uyc3-3cnp-wqf3

vulnerability	VCID-v5zf-qfdq-kbbp

vulnerability	VCID-vfh6-rc99-e3bf

vulnerability	VCID-vnfg-9em7-u7ee

vulnerability	VCID-x7wn-uamc-6bg5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.44

aliases CVE-2024-21733, GHSA-f4qf-m5gf-8jm8

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yjb8-hdqu-4fe5

Fixing_vulnerabilities

url VCID-6tzd-v653-9bdq

vulnerability_id VCID-6tzd-v653-9bdq

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6816.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6816.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-6816

reference_id

reference_type

scores

value	0.0326
scoring_system	epss
scoring_elements	0.87432
published_at	2026-06-11T12:55:00Z

value	0.0326
scoring_system	epss
scoring_elements	0.87476
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-6816

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9774
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9774

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9775
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9775

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://github.com/apache/tomcat70/commit/cdc0a935c2173aff60039a0b85e57a461381107c
reference_id
reference_type
scores
url	https://github.com/apache/tomcat70/commit/cdc0a935c2173aff60039a0b85e57a461381107c

reference_url

https://github.com/apache/tomcat80/commit/779d5d34e68e50d2f721897050b147106992f566

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat80/commit/779d5d34e68e50d2f721897050b147106992f566

reference_url	https://github.com/apache/tomcat85/commit/f96f5751d418ae5a2f550be040daf9c5f7d99256
reference_id
reference_type
scores
url	https://github.com/apache/tomcat85/commit/f96f5751d418ae5a2f550be040daf9c5f7d99256

reference_url

https://github.com/apache/tomcat/commit/516bda676ac8d0284da3e0295a7df70391315360

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/516bda676ac8d0284da3e0295a7df70391315360

reference_url

https://github.com/apache/tomcat/commit/cdc0a935c2173aff60039a0b85e57a461381107c

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/cdc0a935c2173aff60039a0b85e57a461381107c

reference_url

https://github.com/apache/tomcat/commit/f96f5751d418ae5a2f550be040daf9c5f7d99256

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/f96f5751d418ae5a2f550be040daf9c5f7d99256

reference_url

https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E

reference_url

https://security.netapp.com/advisory/ntap-20180607-0001

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20180607-0001

reference_url

https://svn.apache.org/viewvc?view=revision&revision=1767641

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://svn.apache.org/viewvc?view=revision&revision=1767641

reference_url

https://svn.apache.org/viewvc?view=revision&revision=1767645

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://svn.apache.org/viewvc?view=revision&revision=1767645

reference_url

https://svn.apache.org/viewvc?view=revision&revision=1767653

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://svn.apache.org/viewvc?view=revision&revision=1767653

reference_url

https://svn.apache.org/viewvc?view=revision&revision=1767675

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://svn.apache.org/viewvc?view=revision&revision=1767675

reference_url

https://svn.apache.org/viewvc?view=revision&revision=1767683

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://svn.apache.org/viewvc?view=revision&revision=1767683

reference_url	https://svn.apache.org/viewvc?view=rev&rev=1767641
reference_id
reference_type
scores
url	https://svn.apache.org/viewvc?view=rev&rev=1767641

reference_url	https://svn.apache.org/viewvc?view=rev&rev=1767645
reference_id
reference_type
scores
url	https://svn.apache.org/viewvc?view=rev&rev=1767645

reference_url	https://svn.apache.org/viewvc?view=rev&rev=1767653
reference_id
reference_type
scores
url	https://svn.apache.org/viewvc?view=rev&rev=1767653

reference_url	https://svn.apache.org/viewvc?view=rev&rev=1767675
reference_id
reference_type
scores
url	https://svn.apache.org/viewvc?view=rev&rev=1767675

reference_url	https://svn.apache.org/viewvc?view=rev&rev=1767683
reference_id
reference_type
scores
url	https://svn.apache.org/viewvc?view=rev&rev=1767683

reference_url

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20161204121236/http://www.securityfocus.com/bid/94461

reference_url

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20161204121236/http://www.securityfocus.com/bid/94461

reference_url

https://web.archive.org/web/20170929085438/http://www.securitytracker.com/id/1037332

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20170929085438/http://www.securitytracker.com/id/1037332

reference_url

https://www.exploit-db.com/exploits/41783

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.exploit-db.com/exploits/41783

reference_url

http://www.securitytracker.com/id/1037332

reference_id

1037332

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:25:30Z/

url

http://www.securitytracker.com/id/1037332

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1397484
reference_id	1397484
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1397484

reference_url

https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E

reference_id

343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:25:30Z/

url

https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E

reference_id

37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:25:30Z/

url

https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E

reference_id

388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:25:30Z/

url

https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E

reference_id

39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:25:30Z/

url

https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E

reference_id

3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:25:30Z/

url

https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E

reference_url

https://www.exploit-db.com/exploits/41783/

reference_id

41783

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:25:30Z/

url

https://www.exploit-db.com/exploits/41783/

reference_url

reference_id

4557-1

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:25:30Z/

url

https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3E

reference_url

reference_id

6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3E

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:25:30Z/

url

https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E

reference_id

845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:25:30Z/

url

https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a%40%3Cdev.tomcat.apache.org%3E

reference_id

88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a%40%3Cdev.tomcat.apache.org%3E

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:25:30Z/

url

https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a%40%3Cdev.tomcat.apache.org%3E

reference_url

http://www.securityfocus.com/bid/94461

reference_id

94461

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:25:30Z/

url

http://www.securityfocus.com/bid/94461

reference_url

https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E

reference_id

b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:25:30Z/

url

https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E

reference_id

b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:25:30Z/

url

https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E

reference_id

b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:25:30Z/

url

https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E

reference_url

http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html

reference_id

cpuoct2017-3236626.html

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:25:30Z/

url

http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html

reference_url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6816

reference_id

CVE-2016-6816

reference_type

scores

value	Important
scoring_system	apache_tomcat
scoring_elements

url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6816

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/41783.txt
reference_id	CVE-2016-6816
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/41783.txt

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-6816

reference_id

CVE-2016-6816

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2016-6816

reference_url

reference_id

dsa-3738

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:25:30Z/

url

https://github.com/advisories/GHSA-jc7p-5r39-9477

reference_url

reference_id

GHSA-jc7p-5r39-9477

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-jc7p-5r39-9477

reference_url

https://security.netapp.com/advisory/ntap-20180607-0001/

reference_id

ntap-20180607-0001

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:25:30Z/

url

https://security.netapp.com/advisory/ntap-20180607-0001/

reference_url

https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E

reference_id

r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:25:30Z/

url

https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E

reference_id

r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:25:30Z/

url

https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E

reference_id

r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:25:30Z/

url

https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E

reference_url	https://access.redhat.com/errata/RHSA-2017:0244
reference_id	RHSA-2017:0244
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0244

reference_url

http://rhn.redhat.com/errata/RHSA-2017-0244.html

reference_id

RHSA-2017-0244.html

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:25:30Z/

url

http://rhn.redhat.com/errata/RHSA-2017-0244.html

reference_url	https://access.redhat.com/errata/RHSA-2017:0245
reference_id	RHSA-2017:0245
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0245

reference_url

http://rhn.redhat.com/errata/RHSA-2017-0245.html

reference_id

RHSA-2017-0245.html

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:25:30Z/

url

http://rhn.redhat.com/errata/RHSA-2017-0245.html

reference_url	https://access.redhat.com/errata/RHSA-2017:0246
reference_id	RHSA-2017:0246
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0246

reference_url

http://rhn.redhat.com/errata/RHSA-2017-0246.html

reference_id

RHSA-2017-0246.html

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:25:30Z/

url

http://rhn.redhat.com/errata/RHSA-2017-0246.html

reference_url	https://access.redhat.com/errata/RHSA-2017:0247
reference_id	RHSA-2017:0247
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0247

reference_url

http://rhn.redhat.com/errata/RHSA-2017-0247.html

reference_id

RHSA-2017-0247.html

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:25:30Z/

url

http://rhn.redhat.com/errata/RHSA-2017-0247.html

reference_url	https://access.redhat.com/errata/RHSA-2017:0250
reference_id	RHSA-2017:0250
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0250

reference_url

http://rhn.redhat.com/errata/RHSA-2017-0250.html

reference_id

RHSA-2017-0250.html

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:25:30Z/

url

http://rhn.redhat.com/errata/RHSA-2017-0250.html

reference_url

reference_id

RHSA-2017:0455

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:25:30Z/

url

reference_url

reference_id

RHSA-2017:0456

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:25:30Z/

url

reference_url	https://access.redhat.com/errata/RHSA-2017:0457
reference_id	RHSA-2017:0457
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0457

reference_url

reference_id

RHSA-2017-0457.html

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:25:30Z/

url

reference_url	https://access.redhat.com/errata/RHSA-2017:0527
reference_id	RHSA-2017:0527
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0527

reference_url

reference_id

RHSA-2017-0527.html

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:25:30Z/

url

reference_url

reference_id

RHSA-2017:0935

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:25:30Z/

url

https://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.48

reference_url

reference_id

security-6.html#Fixed_in_Apache_Tomcat_6.0.48

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:25:30Z/

url

https://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.48

reference_url

https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.73

reference_id

security-7.html#Fixed_in_Apache_Tomcat_7.0.73

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:25:30Z/

url

https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.73

reference_url

https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.39

reference_id

security-8.html#Fixed_in_Apache_Tomcat_8.0.39

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:25:30Z/

url

https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.39

reference_url

https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.8

reference_id

security-8.html#Fixed_in_Apache_Tomcat_8.5.8

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:25:30Z/

url

https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.8

reference_url

https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.0.M13

reference_id

security-9.html#Fixed_in_Apache_Tomcat_9.0.0.M13

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-12T21:25:30Z/

url

https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.0.M13

reference_url	https://usn.ubuntu.com/3177-1/
reference_id	USN-3177-1
reference_type
scores
url	https://usn.ubuntu.com/3177-1/

fixed_packages

url pkg:maven/org.apache.tomcat/tomcat@6.0.48

purl pkg:maven/org.apache.tomcat/tomcat@6.0.48

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5hp9-mbcu-2bdt

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@6.0.48

url pkg:maven/org.apache.tomcat/tomcat@7.0.73

purl pkg:maven/org.apache.tomcat/tomcat@7.0.73

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2n2k-sh22-fkfw

vulnerability	VCID-4c8y-tn9d-v3d5

vulnerability	VCID-4tdx-52h3-bkfj

vulnerability	VCID-5hp9-mbcu-2bdt

vulnerability	VCID-5nu4-5ude-4yhc

vulnerability	VCID-697g-gcg9-zyaa

vulnerability	VCID-824z-m36f-87ea

vulnerability	VCID-97et-ubnp-wqcy

vulnerability	VCID-9gs9-4vzf-uqbu

vulnerability	VCID-9xyf-k9wq-g7b9

vulnerability	VCID-d1px-uadx-vqdx

vulnerability	VCID-dj7q-4map-ebg4

vulnerability	VCID-evws-hrsq-ybfw

vulnerability	VCID-ftu2-phtp-bqad

vulnerability	VCID-fwgq-vmfm-j7bh

vulnerability	VCID-fy3t-qn64-bkhn

vulnerability	VCID-hv33-kv9q-gugf

vulnerability	VCID-k11z-qhvd-9ugj

vulnerability	VCID-p4j1-xp15-t3b8

vulnerability	VCID-p65m-6crd-bufr

vulnerability	VCID-qvgx-r4rr-xugp

vulnerability	VCID-qxbw-zvw5-ckdp

vulnerability	VCID-qxfb-yg6b-nfda

vulnerability	VCID-rwqs-mabh-17c9

vulnerability	VCID-s2kf-jwgc-pfas

vulnerability	VCID-t7xw-r7rz-u3g5

vulnerability	VCID-t8tc-zb3w-57gv

vulnerability	VCID-vfh6-rc99-e3bf

vulnerability	VCID-x57v-g2md-7bbq

vulnerability	VCID-yg5s-2fsb-gub2

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@7.0.73

url pkg:maven/org.apache.tomcat/tomcat@8.0.39

purl pkg:maven/org.apache.tomcat/tomcat@8.0.39

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2n2k-sh22-fkfw

vulnerability	VCID-4tdx-52h3-bkfj

vulnerability	VCID-5hp9-mbcu-2bdt

vulnerability	VCID-697g-gcg9-zyaa

vulnerability	VCID-97et-ubnp-wqcy

vulnerability	VCID-9xyf-k9wq-g7b9

vulnerability	VCID-d1px-uadx-vqdx

vulnerability	VCID-dj7q-4map-ebg4

vulnerability	VCID-evws-hrsq-ybfw

vulnerability	VCID-ftu2-phtp-bqad

vulnerability	VCID-fwgq-vmfm-j7bh

vulnerability	VCID-fy3t-qn64-bkhn

vulnerability	VCID-hv33-kv9q-gugf

vulnerability	VCID-p4j1-xp15-t3b8

vulnerability	VCID-qxfb-yg6b-nfda

vulnerability	VCID-rwqs-mabh-17c9

vulnerability	VCID-s2kf-jwgc-pfas

vulnerability	VCID-t8tc-zb3w-57gv

vulnerability	VCID-x57v-g2md-7bbq

vulnerability	VCID-yg5s-2fsb-gub2

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@8.0.39

url pkg:maven/org.apache.tomcat/tomcat@8.5.8

purl pkg:maven/org.apache.tomcat/tomcat@8.5.8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16sq-3qm1-kqb2

vulnerability	VCID-2n2k-sh22-fkfw

vulnerability	VCID-3977-sdws-euh4

vulnerability	VCID-3kn9-yxww-ryh4

vulnerability	VCID-3nvd-d9qm-13ew

vulnerability	VCID-4c8y-tn9d-v3d5

vulnerability	VCID-4tdx-52h3-bkfj

vulnerability	VCID-5hp9-mbcu-2bdt

vulnerability	VCID-5nu4-5ude-4yhc

vulnerability	VCID-697g-gcg9-zyaa

vulnerability	VCID-6kab-xsqw-37ed

vulnerability	VCID-6wqu-jupw-tyhu

vulnerability	VCID-824z-m36f-87ea

vulnerability	VCID-97et-ubnp-wqcy

vulnerability	VCID-9gs9-4vzf-uqbu

vulnerability	VCID-9xyf-k9wq-g7b9

vulnerability	VCID-d1px-uadx-vqdx

vulnerability	VCID-dj7q-4map-ebg4

vulnerability	VCID-euv9-huaz-y3d1

vulnerability	VCID-evws-hrsq-ybfw

vulnerability	VCID-ftu2-phtp-bqad

vulnerability	VCID-fwgq-vmfm-j7bh

vulnerability	VCID-fy3t-qn64-bkhn

vulnerability	VCID-gecz-htub-27gx

vulnerability	VCID-ht8m-9gxn-mkaa

vulnerability	VCID-hv33-kv9q-gugf

vulnerability	VCID-k11z-qhvd-9ugj

vulnerability	VCID-keh1-ycs9-ybdd

vulnerability	VCID-m3py-3ba2-jkg7

vulnerability	VCID-nj9t-gdm3-6ycn

vulnerability	VCID-p4j1-xp15-t3b8

vulnerability	VCID-p65m-6crd-bufr

vulnerability	VCID-qvgx-r4rr-xugp

vulnerability	VCID-qxbw-zvw5-ckdp

vulnerability	VCID-qxfb-yg6b-nfda

vulnerability	VCID-r9fd-ndvw-ekfa

vulnerability	VCID-rwqs-mabh-17c9

vulnerability	VCID-s2kf-jwgc-pfas

vulnerability	VCID-t7xw-r7rz-u3g5

vulnerability	VCID-t8tc-zb3w-57gv

vulnerability	VCID-tvrz-n2kd-pba4

vulnerability	VCID-urhx-sw6q-cqce

vulnerability	VCID-uyc3-3cnp-wqf3

vulnerability	VCID-v5zf-qfdq-kbbp

vulnerability	VCID-v9zx-5ppt-qfbb

vulnerability	VCID-vfh6-rc99-e3bf

vulnerability	VCID-vvc7-62tw-2bhh

vulnerability	VCID-w35j-v3r4-tqhu

vulnerability	VCID-x57v-g2md-7bbq

vulnerability	VCID-yjb8-hdqu-4fe5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@8.5.8

url	pkg:maven/org.apache.tomcat/tomcat@9.0.0.M12
purl	pkg:maven/org.apache.tomcat/tomcat@9.0.0.M12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.0.M12

url pkg:maven/org.apache.tomcat/tomcat@9.0.0.M13

purl pkg:maven/org.apache.tomcat/tomcat@9.0.0.M13

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16sq-3qm1-kqb2

vulnerability	VCID-2n2k-sh22-fkfw

vulnerability	VCID-3nvd-d9qm-13ew

vulnerability	VCID-4tdx-52h3-bkfj

vulnerability	VCID-5hp9-mbcu-2bdt

vulnerability	VCID-5nu4-5ude-4yhc

vulnerability	VCID-697g-gcg9-zyaa

vulnerability	VCID-6kab-xsqw-37ed

vulnerability	VCID-6wqu-jupw-tyhu

vulnerability	VCID-7wr9-uez1-8bdg

vulnerability	VCID-97et-ubnp-wqcy

vulnerability	VCID-9xyf-k9wq-g7b9

vulnerability	VCID-dj7q-4map-ebg4

vulnerability	VCID-euv9-huaz-y3d1

vulnerability	VCID-fwgq-vmfm-j7bh

vulnerability	VCID-fy3t-qn64-bkhn

vulnerability	VCID-gecz-htub-27gx

vulnerability	VCID-hv33-kv9q-gugf

vulnerability	VCID-keh1-ycs9-ybdd

vulnerability	VCID-m3py-3ba2-jkg7

vulnerability	VCID-ngy5-k9cv-rkbn

vulnerability	VCID-p4j1-xp15-t3b8

vulnerability	VCID-p65m-6crd-bufr

vulnerability	VCID-qxbw-zvw5-ckdp

vulnerability	VCID-qxfb-yg6b-nfda

vulnerability	VCID-s2kf-jwgc-pfas

vulnerability	VCID-t8tc-zb3w-57gv

vulnerability	VCID-urhx-sw6q-cqce

vulnerability	VCID-uyc3-3cnp-wqf3

vulnerability	VCID-v9zx-5ppt-qfbb

vulnerability	VCID-vvc7-62tw-2bhh

vulnerability	VCID-w35j-v3r4-tqhu

vulnerability	VCID-yjb8-hdqu-4fe5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.0.M13

aliases CVE-2016-6816, GHSA-jc7p-5r39-9477

risk_score 10.0

exploitability 2.0

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6tzd-v653-9bdq

url VCID-mr66-8myw-1bc9

vulnerability_id VCID-mr66-8myw-1bc9

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6817.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6817.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-6817

reference_id

reference_type

scores

value	0.00759
scoring_system	epss
scoring_elements	0.73843
published_at	2026-06-12T12:55:00Z

value	0.00759
scoring_system	epss
scoring_elements	0.73768
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-6817

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/079372fc7bac8e2e378942715c9ce26a4a72c07a

reference_url	https://github.com/apache/tomcat85/commit/85c63227edabbfb4f2f500fc557480a190135d21
reference_id
reference_type
scores
url	https://github.com/apache/tomcat85/commit/85c63227edabbfb4f2f500fc557480a190135d21

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/079372fc7bac8e2e378942715c9ce26a4a72c07a

reference_url

https://github.com/apache/tomcat/commit/85c63227edabbfb4f2f500fc557480a190135d21

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/85c63227edabbfb4f2f500fc557480a190135d21

reference_url

https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/a9f24571460af003071475b75f18cad81ebcc36fa7c876965a75e32a@%3Cannounce.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/a9f24571460af003071475b75f18cad81ebcc36fa7c876965a75e32a@%3Cannounce.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-6817

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2016-6817

reference_url

https://security.netapp.com/advisory/ntap-20180607-0001

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20180607-0001

reference_url	https://svn.apache.org/viewvc?view=rev&rev=1765794
reference_id
reference_type
scores
url	https://svn.apache.org/viewvc?view=rev&rev=1765794

reference_url	https://svn.apache.org/viewvc?view=rev&rev=1765798
reference_id
reference_type
scores
url	https://svn.apache.org/viewvc?view=rev&rev=1765798

reference_url

https://web.archive.org/web/20180115024458/http://www.securitytracker.com/id/1037330

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20180115024458/http://www.securitytracker.com/id/1037330

reference_url

https://web.archive.org/web/20200227174145/http://www.securityfocus.com/bid/94462

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20200227174145/http://www.securityfocus.com/bid/94462

reference_url

http://www.securitytracker.com/id/1037330

reference_id

1037330

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:30:17Z/

url

http://www.securitytracker.com/id/1037330

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1397474
reference_id	1397474
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1397474

reference_url

https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E

reference_id

343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:30:17Z/

url

https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3E

reference_id

6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3E

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:30:17Z/

url

https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a%40%3Cdev.tomcat.apache.org%3E

reference_id

88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a%40%3Cdev.tomcat.apache.org%3E

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:30:17Z/

url

https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a%40%3Cdev.tomcat.apache.org%3E

reference_url

http://www.securityfocus.com/bid/94462

reference_id

94462

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:30:17Z/

url

http://www.securityfocus.com/bid/94462

reference_url

https://lists.apache.org/thread.html/a9f24571460af003071475b75f18cad81ebcc36fa7c876965a75e32a%40%3Cannounce.tomcat.apache.org%3E

reference_id

a9f24571460af003071475b75f18cad81ebcc36fa7c876965a75e32a%40%3Cannounce.tomcat.apache.org%3E

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:30:17Z/

url

https://lists.apache.org/thread.html/a9f24571460af003071475b75f18cad81ebcc36fa7c876965a75e32a%40%3Cannounce.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E

reference_id

b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:30:17Z/

url

https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E

reference_url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6817

reference_id

CVE-2016-6817

reference_type

scores

value	Important
scoring_system	apache_tomcat
scoring_elements

url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6817

reference_url

https://github.com/advisories/GHSA-698c-2x4j-g9gq

reference_id

GHSA-698c-2x4j-g9gq

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-698c-2x4j-g9gq

reference_url

https://security.netapp.com/advisory/ntap-20180607-0001/

reference_id

ntap-20180607-0001

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:30:17Z/

url

https://security.netapp.com/advisory/ntap-20180607-0001/

fixed_packages

url pkg:maven/org.apache.tomcat/tomcat@8.5.8

purl pkg:maven/org.apache.tomcat/tomcat@8.5.8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16sq-3qm1-kqb2

vulnerability	VCID-2n2k-sh22-fkfw

vulnerability	VCID-3977-sdws-euh4

vulnerability	VCID-3kn9-yxww-ryh4

vulnerability	VCID-3nvd-d9qm-13ew

vulnerability	VCID-4c8y-tn9d-v3d5

vulnerability	VCID-4tdx-52h3-bkfj

vulnerability	VCID-5hp9-mbcu-2bdt

vulnerability	VCID-5nu4-5ude-4yhc

vulnerability	VCID-697g-gcg9-zyaa

vulnerability	VCID-6kab-xsqw-37ed

vulnerability	VCID-6wqu-jupw-tyhu

vulnerability	VCID-824z-m36f-87ea

vulnerability	VCID-97et-ubnp-wqcy

vulnerability	VCID-9gs9-4vzf-uqbu

vulnerability	VCID-9xyf-k9wq-g7b9

vulnerability	VCID-d1px-uadx-vqdx

vulnerability	VCID-dj7q-4map-ebg4

vulnerability	VCID-euv9-huaz-y3d1

vulnerability	VCID-evws-hrsq-ybfw

vulnerability	VCID-ftu2-phtp-bqad

vulnerability	VCID-fwgq-vmfm-j7bh

vulnerability	VCID-fy3t-qn64-bkhn

vulnerability	VCID-gecz-htub-27gx

vulnerability	VCID-ht8m-9gxn-mkaa

vulnerability	VCID-hv33-kv9q-gugf

vulnerability	VCID-k11z-qhvd-9ugj

vulnerability	VCID-keh1-ycs9-ybdd

vulnerability	VCID-m3py-3ba2-jkg7

vulnerability	VCID-nj9t-gdm3-6ycn

vulnerability	VCID-p4j1-xp15-t3b8

vulnerability	VCID-p65m-6crd-bufr

vulnerability	VCID-qvgx-r4rr-xugp

vulnerability	VCID-qxbw-zvw5-ckdp

vulnerability	VCID-qxfb-yg6b-nfda

vulnerability	VCID-r9fd-ndvw-ekfa

vulnerability	VCID-rwqs-mabh-17c9

vulnerability	VCID-s2kf-jwgc-pfas

vulnerability	VCID-t7xw-r7rz-u3g5

vulnerability	VCID-t8tc-zb3w-57gv

vulnerability	VCID-tvrz-n2kd-pba4

vulnerability	VCID-urhx-sw6q-cqce

vulnerability	VCID-uyc3-3cnp-wqf3

vulnerability	VCID-v5zf-qfdq-kbbp

vulnerability	VCID-v9zx-5ppt-qfbb

vulnerability	VCID-vfh6-rc99-e3bf

vulnerability	VCID-vvc7-62tw-2bhh

vulnerability	VCID-w35j-v3r4-tqhu

vulnerability	VCID-x57v-g2md-7bbq

vulnerability	VCID-yjb8-hdqu-4fe5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@8.5.8

url	pkg:maven/org.apache.tomcat/tomcat@9.0.0.M12
purl	pkg:maven/org.apache.tomcat/tomcat@9.0.0.M12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.0.M12

url pkg:maven/org.apache.tomcat/tomcat@9.0.0.M13

purl pkg:maven/org.apache.tomcat/tomcat@9.0.0.M13

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16sq-3qm1-kqb2

vulnerability	VCID-2n2k-sh22-fkfw

vulnerability	VCID-3nvd-d9qm-13ew

vulnerability	VCID-4tdx-52h3-bkfj

vulnerability	VCID-5hp9-mbcu-2bdt

vulnerability	VCID-5nu4-5ude-4yhc

vulnerability	VCID-697g-gcg9-zyaa

vulnerability	VCID-6kab-xsqw-37ed

vulnerability	VCID-6wqu-jupw-tyhu

vulnerability	VCID-7wr9-uez1-8bdg

vulnerability	VCID-97et-ubnp-wqcy

vulnerability	VCID-9xyf-k9wq-g7b9

vulnerability	VCID-dj7q-4map-ebg4

vulnerability	VCID-euv9-huaz-y3d1

vulnerability	VCID-fwgq-vmfm-j7bh

vulnerability	VCID-fy3t-qn64-bkhn

vulnerability	VCID-gecz-htub-27gx

vulnerability	VCID-hv33-kv9q-gugf

vulnerability	VCID-keh1-ycs9-ybdd

vulnerability	VCID-m3py-3ba2-jkg7

vulnerability	VCID-ngy5-k9cv-rkbn

vulnerability	VCID-p4j1-xp15-t3b8

vulnerability	VCID-p65m-6crd-bufr

vulnerability	VCID-qxbw-zvw5-ckdp

vulnerability	VCID-qxfb-yg6b-nfda

vulnerability	VCID-s2kf-jwgc-pfas

vulnerability	VCID-t8tc-zb3w-57gv

vulnerability	VCID-urhx-sw6q-cqce

vulnerability	VCID-uyc3-3cnp-wqf3

vulnerability	VCID-v9zx-5ppt-qfbb

vulnerability	VCID-vvc7-62tw-2bhh

vulnerability	VCID-w35j-v3r4-tqhu

vulnerability	VCID-yjb8-hdqu-4fe5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.0.M13

aliases CVE-2016-6817, GHSA-698c-2x4j-g9gq

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mr66-8myw-1bc9

url VCID-znw1-bajd-7yfp

vulnerability_id VCID-znw1-bajd-7yfp

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8735.json

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8735.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-8735

reference_id

reference_type

scores

value	0.93802
scoring_system	epss
scoring_elements	0.99869
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-8735

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9774
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9774

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9775
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9775

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat80/commit/0f76016a4ec45635e450ada9c84ff7ee0c5f3799

reference_url	https://github.com/apache/tomcat70/commit/7e3a037055cca4a17e90b49399fb1bab4dd7c821
reference_id
reference_type
scores
url	https://github.com/apache/tomcat70/commit/7e3a037055cca4a17e90b49399fb1bab4dd7c821

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat80/commit/0f76016a4ec45635e450ada9c84ff7ee0c5f3799

reference_url	https://github.com/apache/tomcat85/commit/292d6ccdc9edbf80859929b0af070b2ea99fa688
reference_id
reference_type
scores
url	https://github.com/apache/tomcat85/commit/292d6ccdc9edbf80859929b0af070b2ea99fa688

reference_url

https://github.com/apache/tomcat/commit/0e83ad3e547fc9a75a258799ef581249b40a82a6

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/0e83ad3e547fc9a75a258799ef581249b40a82a6

reference_url

https://github.com/apache/tomcat/commit/292d6ccdc9edbf80859929b0af070b2ea99fa688

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/292d6ccdc9edbf80859929b0af070b2ea99fa688

reference_url

https://github.com/apache/tomcat/commit/7e3a037055cca4a17e90b49399fb1bab4dd7c821

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/7e3a037055cca4a17e90b49399fb1bab4dd7c821

reference_url

https://github.com/search?q=repo%3Aapache%2Ftomcat+catalina.mbeans+path%3A%2F%5Eres%5C%2Fbnd%5C%2F%2F&type=code

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/search?q=repo%3Aapache%2Ftomcat+catalina.mbeans+path%3A%2F%5Eres%5C%2Fbnd%5C%2F%2F&type=code

reference_url

https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E

reference_url

https://security.netapp.com/advisory/ntap-20180607-0001

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20180607-0001

reference_url	https://svn.apache.org/viewvc?view=rev&rev=1767644
reference_id
reference_type
scores
url	https://svn.apache.org/viewvc?view=rev&rev=1767644

reference_url	https://svn.apache.org/viewvc?view=rev&rev=1767646
reference_id
reference_type
scores
url	https://svn.apache.org/viewvc?view=rev&rev=1767646

reference_url	https://svn.apache.org/viewvc?view=rev&rev=1767656
reference_id
reference_type
scores
url	https://svn.apache.org/viewvc?view=rev&rev=1767656

reference_url	https://svn.apache.org/viewvc?view=rev&rev=1767676
reference_id
reference_type
scores
url	https://svn.apache.org/viewvc?view=rev&rev=1767676

reference_url	https://svn.apache.org/viewvc?view=rev&rev=1767684
reference_id
reference_type
scores
url	https://svn.apache.org/viewvc?view=rev&rev=1767684

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20170423095340/http://www.securityfocus.com/bid/94463

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20170423095340/http://www.securityfocus.com/bid/94463

reference_url

https://web.archive.org/web/20170928203901/http://www.securitytracker.com/id/1037331

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20170928203901/http://www.securitytracker.com/id/1037331

reference_url

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-8735

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-8735

reference_url

http://www.securitytracker.com/id/1037331

reference_id

1037331

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T18:48:04Z/

url

http://www.securitytracker.com/id/1037331

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1397485
reference_id	1397485
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1397485

reference_url

https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E

reference_id

343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T18:48:04Z/

url

https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E

reference_id

37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T18:48:04Z/

url

https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E

reference_id

388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T18:48:04Z/

url

https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E

reference_id

39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T18:48:04Z/

url

https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E

reference_id

3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T18:48:04Z/

url

https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E

reference_url

reference_id

4557-1

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T18:48:04Z/

url

http://seclists.org/oss-sec/2016/q4/502

reference_url

reference_id

502

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T18:48:04Z/

url

http://seclists.org/oss-sec/2016/q4/502

reference_url

https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3E

reference_id

6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3E

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T18:48:04Z/

url

https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E

reference_id

845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T18:48:04Z/

url

https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a%40%3Cdev.tomcat.apache.org%3E

reference_id

88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a%40%3Cdev.tomcat.apache.org%3E

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T18:48:04Z/

url

https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a%40%3Cdev.tomcat.apache.org%3E

reference_url

http://www.securityfocus.com/bid/94463

reference_id

94463

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T18:48:04Z/

url

http://www.securityfocus.com/bid/94463

reference_url

https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E

reference_id

b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T18:48:04Z/

url

https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E

reference_id

b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T18:48:04Z/

url

https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E

reference_id

b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T18:48:04Z/

url

https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E

reference_url

https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html

reference_id

cpuapr2019-5072813.html

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T18:48:04Z/

url

https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html

reference_url

http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html

reference_id

cpujan2018-3236628.html

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T18:48:04Z/

url

http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html

reference_url

http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html

reference_id

cpujul2018-4258247.html

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T18:48:04Z/

url

http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html

reference_url

https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html

reference_id

cpujul2019-5072835.html

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T18:48:04Z/

url

https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html

reference_url

http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html

reference_id

cpuoct2017-3236626.html

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T18:48:04Z/

url

http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html

reference_url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8735

reference_id

CVE-2016-8735

reference_type

scores

value	Important
scoring_system	apache_tomcat
scoring_elements

url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8735

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-8735

reference_id

CVE-2016-8735

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2016-8735

reference_url

reference_id

dsa-3738

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T18:48:04Z/

url

https://github.com/advisories/GHSA-cw54-59pw-4g8c

reference_url

reference_id

GHSA-cw54-59pw-4g8c

reference_type

scores

value	CRITICAL
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-cw54-59pw-4g8c

reference_url

https://security.netapp.com/advisory/ntap-20180607-0001/

reference_id

ntap-20180607-0001

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T18:48:04Z/

url

https://security.netapp.com/advisory/ntap-20180607-0001/

reference_url

https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E

reference_id

r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T18:48:04Z/

url

https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E

reference_id

r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T18:48:04Z/

url

https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E

reference_id

r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T18:48:04Z/

url

https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E

reference_url

reference_id

RHSA-2017:0455

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T18:48:04Z/

url

reference_url

reference_id

RHSA-2017:0456

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T18:48:04Z/

url

reference_url	https://access.redhat.com/errata/RHSA-2017:0457
reference_id	RHSA-2017:0457
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0457

reference_url

reference_id

RHSA-2017-0457.html

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T18:48:04Z/

url

http://tomcat.apache.org/security-6.html

reference_url

reference_id

security-6.html

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T18:48:04Z/

url

http://tomcat.apache.org/security-6.html

reference_url

http://tomcat.apache.org/security-7.html

reference_id

security-7.html

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T18:48:04Z/

url

http://tomcat.apache.org/security-7.html

reference_url

reference_id

security-8.html

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T18:48:04Z/

url

reference_url

reference_id

security-9.html

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T18:48:04Z/

url