Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/org.apache.tomcat/tomcat@8.5.50
Typemaven
Namespaceorg.apache.tomcat
Nametomcat
Version8.5.50
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version9.0.0.M12
Latest_non_vulnerable_version11.0.22
Affected_by_vulnerabilities
0
url VCID-2hmq-5245-jyaf
vulnerability_id VCID-2hmq-5245-jyaf
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34305.json
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34305.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-34305
reference_id
reference_type
scores
0
value 0.17371
scoring_system epss
scoring_elements 0.95209
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-34305
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/apache/tomcat/commit/1a7e95d9c3ef18c4efb5eb997fd1553a71dc6c80
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/1a7e95d9c3ef18c4efb5eb997fd1553a71dc6c80
4
reference_url https://github.com/apache/tomcat/commit/5f6c88b054b0e4fbccff8b7f15974ed55d59a9f7
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/5f6c88b054b0e4fbccff8b7f15974ed55d59a9f7
5
reference_url https://github.com/apache/tomcat/commit/8b60af90b99945379c2d1003277e0cabc6776bac
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/8b60af90b99945379c2d1003277e0cabc6776bac
6
reference_url https://github.com/apache/tomcat/commit/d6251d1cfb683f1bdd00ed022ac8e9b9a7e7792c
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/d6251d1cfb683f1bdd00ed022ac8e9b9a7e7792c
7
reference_url https://lists.apache.org/thread/k04zk0nq6w57m72w5gb0r6z9ryhmvr4k
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread/k04zk0nq6w57m72w5gb0r6z9ryhmvr4k
8
reference_url https://security.netapp.com/advisory/ntap-20220729-0006
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20220729-0006
9
reference_url https://security.netapp.com/advisory/ntap-20220729-0006/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20220729-0006/
10
reference_url http://www.openwall.com/lists/oss-security/2022/06/23/1
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2022/06/23/1
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2102817
reference_id 2102817
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2102817
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34305
reference_id CVE-2022-34305
reference_type
scores
0
value Low
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34305
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-34305
reference_id CVE-2022-34305
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-34305
14
reference_url https://github.com/advisories/GHSA-6j88-6whg-x687
reference_id GHSA-6j88-6whg-x687
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-6j88-6whg-x687
15
reference_url https://security.gentoo.org/glsa/202208-34
reference_id GLSA-202208-34
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202208-34
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@8.5.82
purl pkg:maven/org.apache.tomcat/tomcat@8.5.82
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2n2k-sh22-fkfw
1
vulnerability VCID-3kn9-yxww-ryh4
2
vulnerability VCID-63vc-sc11-8kf1
3
vulnerability VCID-697g-gcg9-zyaa
4
vulnerability VCID-6wqu-jupw-tyhu
5
vulnerability VCID-7wr9-uez1-8bdg
6
vulnerability VCID-97et-ubnp-wqcy
7
vulnerability VCID-9xyf-k9wq-g7b9
8
vulnerability VCID-dhxd-kknv-9qb7
9
vulnerability VCID-dj7q-4map-ebg4
10
vulnerability VCID-hv33-kv9q-gugf
11
vulnerability VCID-keh1-ycs9-ybdd
12
vulnerability VCID-qxfb-yg6b-nfda
13
vulnerability VCID-s2kf-jwgc-pfas
14
vulnerability VCID-t8tc-zb3w-57gv
15
vulnerability VCID-uyc3-3cnp-wqf3
16
vulnerability VCID-v5zf-qfdq-kbbp
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@8.5.82
1
url pkg:maven/org.apache.tomcat/tomcat@9.0.65
purl pkg:maven/org.apache.tomcat/tomcat@9.0.65
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2n2k-sh22-fkfw
1
vulnerability VCID-3kn9-yxww-ryh4
2
vulnerability VCID-63vc-sc11-8kf1
3
vulnerability VCID-697g-gcg9-zyaa
4
vulnerability VCID-6wqu-jupw-tyhu
5
vulnerability VCID-7wr9-uez1-8bdg
6
vulnerability VCID-97et-ubnp-wqcy
7
vulnerability VCID-9xyf-k9wq-g7b9
8
vulnerability VCID-dhxd-kknv-9qb7
9
vulnerability VCID-dj7q-4map-ebg4
10
vulnerability VCID-hv33-kv9q-gugf
11
vulnerability VCID-hvgr-azs4-qqac
12
vulnerability VCID-keh1-ycs9-ybdd
13
vulnerability VCID-ngy5-k9cv-rkbn
14
vulnerability VCID-s2kf-jwgc-pfas
15
vulnerability VCID-t8tc-zb3w-57gv
16
vulnerability VCID-uyc3-3cnp-wqf3
17
vulnerability VCID-v5zf-qfdq-kbbp
18
vulnerability VCID-vnfg-9em7-u7ee
19
vulnerability VCID-x7wn-uamc-6bg5
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.65
2
url pkg:maven/org.apache.tomcat/tomcat@10.0.22
purl pkg:maven/org.apache.tomcat/tomcat@10.0.22
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2hmq-5245-jyaf
1
vulnerability VCID-3kn9-yxww-ryh4
2
vulnerability VCID-bbye-dcrb-t3ev
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.0.22
3
url pkg:maven/org.apache.tomcat/tomcat@10.0.23
purl pkg:maven/org.apache.tomcat/tomcat@10.0.23
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3kn9-yxww-ryh4
1
vulnerability VCID-bbye-dcrb-t3ev
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.0.23
4
url pkg:maven/org.apache.tomcat/tomcat@10.1.0-M17
purl pkg:maven/org.apache.tomcat/tomcat@10.1.0-M17
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2n2k-sh22-fkfw
1
vulnerability VCID-63vc-sc11-8kf1
2
vulnerability VCID-697g-gcg9-zyaa
3
vulnerability VCID-6wqu-jupw-tyhu
4
vulnerability VCID-7wr9-uez1-8bdg
5
vulnerability VCID-97et-ubnp-wqcy
6
vulnerability VCID-9xyf-k9wq-g7b9
7
vulnerability VCID-bbye-dcrb-t3ev
8
vulnerability VCID-bwh8-tmf1-8uac
9
vulnerability VCID-dj7q-4map-ebg4
10
vulnerability VCID-hv33-kv9q-gugf
11
vulnerability VCID-hvgr-azs4-qqac
12
vulnerability VCID-keh1-ycs9-ybdd
13
vulnerability VCID-n4qq-m1x3-qkbz
14
vulnerability VCID-ngy5-k9cv-rkbn
15
vulnerability VCID-s2kf-jwgc-pfas
16
vulnerability VCID-t8tc-zb3w-57gv
17
vulnerability VCID-uyc3-3cnp-wqf3
18
vulnerability VCID-vnfg-9em7-u7ee
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.0-M17
aliases CVE-2022-34305, GHSA-6j88-6whg-x687
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2hmq-5245-jyaf
1
url VCID-2n2k-sh22-fkfw
vulnerability_id VCID-2n2k-sh22-fkfw
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-41284
reference_id
reference_type
scores
0
value 0.00069
scoring_system epss
scoring_elements 0.21313
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-41284
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
3
reference_url https://github.com/apache/tomcat/commit/17dacd9aa48628da2eba37a9ab743c0b6c71685c
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/17dacd9aa48628da2eba37a9ab743c0b6c71685c
4
reference_url https://github.com/apache/tomcat/commit/a96fffd18487a29c0a30d36f00cb2b2d91f6d42c
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/a96fffd18487a29c0a30d36f00cb2b2d91f6d42c
5
reference_url https://github.com/apache/tomcat/commit/b3d1c1c239142e806be0b7329d304b94a58913ed
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/b3d1c1c239142e806be0b7329d304b94a58913ed
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-41284
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-41284
7
reference_url https://tomcat.apache.org/security-10.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-10.html
8
reference_url https://tomcat.apache.org/security-11.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-11.html
9
reference_url https://tomcat.apache.org/security-9.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-9.html
10
reference_url http://www.openwall.com/lists/oss-security/2026/05/12/12
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2026/05/12/12
11
reference_url https://lists.apache.org/thread/2nvqjr7ovjmvx2vbhb7s61ycd5msc8qc
reference_id 2nvqjr7ovjmvx2vbhb7s61ycd5msc8qc
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-13T15:57:41Z/
url https://lists.apache.org/thread/2nvqjr7ovjmvx2vbhb7s61ycd5msc8qc
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-41284
reference_id CVE-2026-41284
reference_type
scores
0
value Low
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-41284
13
reference_url https://github.com/advisories/GHSA-gx5v-xp9w-j4cg
reference_id GHSA-gx5v-xp9w-j4cg
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-gx5v-xp9w-j4cg
14
reference_url https://usn.ubuntu.com/8417-1/
reference_id USN-8417-1
reference_type
scores
url https://usn.ubuntu.com/8417-1/
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@9.0.118
purl pkg:maven/org.apache.tomcat/tomcat@9.0.118
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.118
1
url pkg:maven/org.apache.tomcat/tomcat@10.1.55
purl pkg:maven/org.apache.tomcat/tomcat@10.1.55
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.55
2
url pkg:maven/org.apache.tomcat/tomcat@11.0.22
purl pkg:maven/org.apache.tomcat/tomcat@11.0.22
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@11.0.22
aliases CVE-2026-41284, GHSA-gx5v-xp9w-j4cg
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2n2k-sh22-fkfw
2
url VCID-3kn9-yxww-ryh4
vulnerability_id VCID-3kn9-yxww-ryh4
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-42252.json
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-42252.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-42252
reference_id
reference_type
scores
0
value 0.0029
scoring_system epss
scoring_elements 0.52751
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-42252
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
4
reference_url https://github.com/apache/tomcat/commit/0d089a15047faf9cb3c82f80f4d28febd4798920
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/0d089a15047faf9cb3c82f80f4d28febd4798920
5
reference_url https://github.com/apache/tomcat/commit/4c7f4fd09d2cc1692112ef70b8ee23a7a037ae77
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/4c7f4fd09d2cc1692112ef70b8ee23a7a037ae77
6
reference_url https://github.com/apache/tomcat/commit/a1c07906d8dcaf7957e5cc97f5cdbac7d18a205a
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/a1c07906d8dcaf7957e5cc97f5cdbac7d18a205a
7
reference_url https://github.com/apache/tomcat/commit/c9fe754e5d17e262dfbd3eab2a03ca96ff372dc3
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/c9fe754e5d17e262dfbd3eab2a03ca96ff372dc3
8
reference_url https://tomcat.apache.org/security-10.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-10.html
9
reference_url https://tomcat.apache.org/security-8.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-8.html
10
reference_url https://tomcat.apache.org/security-9.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-9.html
11
reference_url https://security.gentoo.org/glsa/202305-37
reference_id 202305-37
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-06T15:08:43Z/
url https://security.gentoo.org/glsa/202305-37
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2141329
reference_id 2141329
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2141329
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42252
reference_id CVE-2022-42252
reference_type
scores
0
value Low
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42252
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-42252
reference_id CVE-2022-42252
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-42252
15
reference_url https://github.com/advisories/GHSA-p22x-g9px-3945
reference_id GHSA-p22x-g9px-3945
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-p22x-g9px-3945
16
reference_url https://access.redhat.com/errata/RHSA-2023:1663
reference_id RHSA-2023:1663
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1663
17
reference_url https://access.redhat.com/errata/RHSA-2023:1664
reference_id RHSA-2023:1664
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1664
18
reference_url https://usn.ubuntu.com/6880-1/
reference_id USN-6880-1
reference_type
scores
url https://usn.ubuntu.com/6880-1/
19
reference_url https://lists.apache.org/thread/zzcxzvqfdqn515zfs3dxb7n8gty589sq
reference_id zzcxzvqfdqn515zfs3dxb7n8gty589sq
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-06T15:08:43Z/
url https://lists.apache.org/thread/zzcxzvqfdqn515zfs3dxb7n8gty589sq
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@8.5.83
purl pkg:maven/org.apache.tomcat/tomcat@8.5.83
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2n2k-sh22-fkfw
1
vulnerability VCID-63vc-sc11-8kf1
2
vulnerability VCID-697g-gcg9-zyaa
3
vulnerability VCID-6wqu-jupw-tyhu
4
vulnerability VCID-7wr9-uez1-8bdg
5
vulnerability VCID-97et-ubnp-wqcy
6
vulnerability VCID-9xyf-k9wq-g7b9
7
vulnerability VCID-dhxd-kknv-9qb7
8
vulnerability VCID-dj7q-4map-ebg4
9
vulnerability VCID-hv33-kv9q-gugf
10
vulnerability VCID-keh1-ycs9-ybdd
11
vulnerability VCID-qxfb-yg6b-nfda
12
vulnerability VCID-s2kf-jwgc-pfas
13
vulnerability VCID-t8tc-zb3w-57gv
14
vulnerability VCID-uyc3-3cnp-wqf3
15
vulnerability VCID-v5zf-qfdq-kbbp
16
vulnerability VCID-x7wn-uamc-6bg5
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@8.5.83
1
url pkg:maven/org.apache.tomcat/tomcat@9.0.68
purl pkg:maven/org.apache.tomcat/tomcat@9.0.68
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2n2k-sh22-fkfw
1
vulnerability VCID-63vc-sc11-8kf1
2
vulnerability VCID-697g-gcg9-zyaa
3
vulnerability VCID-6wqu-jupw-tyhu
4
vulnerability VCID-7wr9-uez1-8bdg
5
vulnerability VCID-97et-ubnp-wqcy
6
vulnerability VCID-9xyf-k9wq-g7b9
7
vulnerability VCID-dhxd-kknv-9qb7
8
vulnerability VCID-dj7q-4map-ebg4
9
vulnerability VCID-hv33-kv9q-gugf
10
vulnerability VCID-hvgr-azs4-qqac
11
vulnerability VCID-keh1-ycs9-ybdd
12
vulnerability VCID-ngy5-k9cv-rkbn
13
vulnerability VCID-s2kf-jwgc-pfas
14
vulnerability VCID-t8tc-zb3w-57gv
15
vulnerability VCID-uyc3-3cnp-wqf3
16
vulnerability VCID-v5zf-qfdq-kbbp
17
vulnerability VCID-vnfg-9em7-u7ee
18
vulnerability VCID-x7wn-uamc-6bg5
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.68
2
url pkg:maven/org.apache.tomcat/tomcat@10.0.27
purl pkg:maven/org.apache.tomcat/tomcat@10.0.27
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bbye-dcrb-t3ev
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.0.27
3
url pkg:maven/org.apache.tomcat/tomcat@10.1.1
purl pkg:maven/org.apache.tomcat/tomcat@10.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2n2k-sh22-fkfw
1
vulnerability VCID-63vc-sc11-8kf1
2
vulnerability VCID-697g-gcg9-zyaa
3
vulnerability VCID-6wqu-jupw-tyhu
4
vulnerability VCID-7wr9-uez1-8bdg
5
vulnerability VCID-97et-ubnp-wqcy
6
vulnerability VCID-9xyf-k9wq-g7b9
7
vulnerability VCID-bwh8-tmf1-8uac
8
vulnerability VCID-dj7q-4map-ebg4
9
vulnerability VCID-hv33-kv9q-gugf
10
vulnerability VCID-hvgr-azs4-qqac
11
vulnerability VCID-keh1-ycs9-ybdd
12
vulnerability VCID-n4qq-m1x3-qkbz
13
vulnerability VCID-ngy5-k9cv-rkbn
14
vulnerability VCID-s2kf-jwgc-pfas
15
vulnerability VCID-t8tc-zb3w-57gv
16
vulnerability VCID-uyc3-3cnp-wqf3
17
vulnerability VCID-v5zf-qfdq-kbbp
18
vulnerability VCID-vnfg-9em7-u7ee
19
vulnerability VCID-x7wn-uamc-6bg5
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.1
aliases CVE-2022-42252, GHSA-p22x-g9px-3945
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3kn9-yxww-ryh4
3
url VCID-697g-gcg9-zyaa
vulnerability_id VCID-697g-gcg9-zyaa
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-41293.json
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-41293.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-41293
reference_id
reference_type
scores
0
value 0.00073
scoring_system epss
scoring_elements 0.22276
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-41293
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
4
reference_url https://github.com/apache/tomcat/commit/19f17a257797e8d139b33ff9c88d362a273be148
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/19f17a257797e8d139b33ff9c88d362a273be148
5
reference_url https://github.com/apache/tomcat/commit/1c70480466572c9192ed412ebefcd43fc63137fd
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/1c70480466572c9192ed412ebefcd43fc63137fd
6
reference_url https://github.com/apache/tomcat/commit/2a2476460e823789f530a22207873ea8cd6eff3b
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/2a2476460e823789f530a22207873ea8cd6eff3b
7
reference_url https://github.com/apache/tomcat/commit/3915fd27e6810b14ccd21e3d900bd8faef44d3df
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/3915fd27e6810b14ccd21e3d900bd8faef44d3df
8
reference_url https://github.com/apache/tomcat/commit/57c2b3bfd62792631e1df24cf4237b990a0b36fa
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/57c2b3bfd62792631e1df24cf4237b990a0b36fa
9
reference_url https://github.com/apache/tomcat/commit/c2925554c677da57390f940d856871e18daaacab
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/c2925554c677da57390f940d856871e18daaacab
10
reference_url https://github.com/apache/tomcat/commit/cf9452443bcbf3b1a4b435ef7d624364f1b65ca3
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/cf9452443bcbf3b1a4b435ef7d624364f1b65ca3
11
reference_url https://github.com/apache/tomcat/commit/e5cef9618c3f4fd31bd6fb1e83f0f18022280dac
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/e5cef9618c3f4fd31bd6fb1e83f0f18022280dac
12
reference_url https://github.com/apache/tomcat/commit/f72a6174ab1f0f5a053435f80448b4f6837fe6d7
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/f72a6174ab1f0f5a053435f80448b4f6837fe6d7
13
reference_url https://lists.apache.org/thread/qwg0q16z7xkb2qrr853wdll5531mvl1r
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread/qwg0q16z7xkb2qrr853wdll5531mvl1r
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-41293
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-41293
15
reference_url https://tomcat.apache.org/security-10.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-10.html
16
reference_url https://tomcat.apache.org/security-11.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-11.html
17
reference_url https://tomcat.apache.org/security-9.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-9.html
18
reference_url http://www.openwall.com/lists/oss-security/2026/05/12/13
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2026/05/12/13
19
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2476513
reference_id 2476513
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2476513
20
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-41293
reference_id CVE-2026-41293
reference_type
scores
0
value Low
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-41293
21
reference_url https://github.com/advisories/GHSA-r29c-68gh-xp6x
reference_id GHSA-r29c-68gh-xp6x
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-r29c-68gh-xp6x
22
reference_url https://usn.ubuntu.com/8417-1/
reference_id USN-8417-1
reference_type
scores
url https://usn.ubuntu.com/8417-1/
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@9.0.118
purl pkg:maven/org.apache.tomcat/tomcat@9.0.118
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.118
1
url pkg:maven/org.apache.tomcat/tomcat@10.1.55
purl pkg:maven/org.apache.tomcat/tomcat@10.1.55
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.55
2
url pkg:maven/org.apache.tomcat/tomcat@11.0.22
purl pkg:maven/org.apache.tomcat/tomcat@11.0.22
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@11.0.22
aliases CVE-2026-41293, GHSA-r29c-68gh-xp6x
risk_score 1.9
exploitability 0.5
weighted_severity 3.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-697g-gcg9-zyaa
4
url VCID-6wqu-jupw-tyhu
vulnerability_id VCID-6wqu-jupw-tyhu
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-55752.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-55752.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-55752
reference_id
reference_type
scores
0
value 0.00274
scoring_system epss
scoring_elements 0.51126
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-55752
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
4
reference_url https://github.com/apache/tomcat/commit/130d36d8492ef9e4eb22952c17c92423cb35fd06
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/130d36d8492ef9e4eb22952c17c92423cb35fd06
5
reference_url https://github.com/apache/tomcat/commit/b5042622b8b78340ae65403c55dcb9c7416924df
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/b5042622b8b78340ae65403c55dcb9c7416924df
6
reference_url https://github.com/apache/tomcat/commit/fec06c610ed7466b401e29cc567a58aee5ed826a
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/fec06c610ed7466b401e29cc567a58aee5ed826a
7
reference_url https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.45
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.45
8
reference_url https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.11
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.11
9
reference_url https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.109
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.109
10
reference_url http://www.openwall.com/lists/oss-security/2025/10/27/4
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2025/10/27/4
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2406591
reference_id 2406591
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2406591
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-55752
reference_id CVE-2025-55752
reference_type
scores
0
value Important
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-55752
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-55752
reference_id CVE-2025-55752
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-55752
14
reference_url https://www.vicarius.io/vsociety/posts/cve-2025-55752-detect-apache-tomcat-vulnerability
reference_id CVE-2025-55752-DETECT-APACHE-TOMCAT-VULNERABILITY
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.vicarius.io/vsociety/posts/cve-2025-55752-detect-apache-tomcat-vulnerability
15
reference_url https://www.vicarius.io/vsociety/posts/cve-2025-55752-mitigate-apache-tomcat-vulnerability
reference_id CVE-2025-55752-MITIGATE-APACHE-TOMCAT-VULNERABILITY
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.vicarius.io/vsociety/posts/cve-2025-55752-mitigate-apache-tomcat-vulnerability
16
reference_url https://github.com/advisories/GHSA-wmwf-9ccg-fff5
reference_id GHSA-wmwf-9ccg-fff5
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-wmwf-9ccg-fff5
17
reference_url https://lists.apache.org/thread/n05kjcwyj1s45ovs8ll1qrrojhfb1tog
reference_id n05kjcwyj1s45ovs8ll1qrrojhfb1tog
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-28T03:56:06Z/
url https://lists.apache.org/thread/n05kjcwyj1s45ovs8ll1qrrojhfb1tog
18
reference_url https://access.redhat.com/errata/RHSA-2025:19809
reference_id RHSA-2025:19809
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:19809
19
reference_url https://access.redhat.com/errata/RHSA-2025:19810
reference_id RHSA-2025:19810
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:19810
20
reference_url https://access.redhat.com/errata/RHSA-2025:22924
reference_id RHSA-2025:22924
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:22924
21
reference_url https://access.redhat.com/errata/RHSA-2025:22925
reference_id RHSA-2025:22925
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:22925
22
reference_url https://access.redhat.com/errata/RHSA-2025:23044
reference_id RHSA-2025:23044
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23044
23
reference_url https://access.redhat.com/errata/RHSA-2025:23045
reference_id RHSA-2025:23045
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23045
24
reference_url https://access.redhat.com/errata/RHSA-2025:23046
reference_id RHSA-2025:23046
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23046
25
reference_url https://access.redhat.com/errata/RHSA-2025:23047
reference_id RHSA-2025:23047
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23047
26
reference_url https://access.redhat.com/errata/RHSA-2025:23048
reference_id RHSA-2025:23048
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23048
27
reference_url https://access.redhat.com/errata/RHSA-2025:23049
reference_id RHSA-2025:23049
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23049
28
reference_url https://access.redhat.com/errata/RHSA-2025:23050
reference_id RHSA-2025:23050
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23050
29
reference_url https://access.redhat.com/errata/RHSA-2025:23051
reference_id RHSA-2025:23051
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23051
30
reference_url https://access.redhat.com/errata/RHSA-2025:23052
reference_id RHSA-2025:23052
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23052
31
reference_url https://access.redhat.com/errata/RHSA-2025:23053
reference_id RHSA-2025:23053
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23053
32
reference_url https://access.redhat.com/errata/RHSA-2025:23225
reference_id RHSA-2025:23225
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23225
33
reference_url https://access.redhat.com/errata/RHSA-2026:0292
reference_id RHSA-2026:0292
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0292
34
reference_url https://access.redhat.com/errata/RHSA-2026:0293
reference_id RHSA-2026:0293
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0293
35
reference_url https://access.redhat.com/errata/RHSA-2026:2724
reference_id RHSA-2026:2724
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2724
36
reference_url https://access.redhat.com/errata/RHSA-2026:2725
reference_id RHSA-2026:2725
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2725
37
reference_url https://access.redhat.com/errata/RHSA-2026:2726
reference_id RHSA-2026:2726
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2726
38
reference_url https://access.redhat.com/errata/RHSA-2026:6569
reference_id RHSA-2026:6569
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6569
39
reference_url https://access.redhat.com/errata/RHSA-2026:8334
reference_id RHSA-2026:8334
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8334
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@9.0.109
purl pkg:maven/org.apache.tomcat/tomcat@9.0.109
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2n2k-sh22-fkfw
1
vulnerability VCID-697g-gcg9-zyaa
2
vulnerability VCID-7wr9-uez1-8bdg
3
vulnerability VCID-97et-ubnp-wqcy
4
vulnerability VCID-9xyf-k9wq-g7b9
5
vulnerability VCID-bwh8-tmf1-8uac
6
vulnerability VCID-dhxd-kknv-9qb7
7
vulnerability VCID-dj7q-4map-ebg4
8
vulnerability VCID-hv33-kv9q-gugf
9
vulnerability VCID-hvgr-azs4-qqac
10
vulnerability VCID-keh1-ycs9-ybdd
11
vulnerability VCID-n4qq-m1x3-qkbz
12
vulnerability VCID-nctp-shgj-sfgh
13
vulnerability VCID-s2kf-jwgc-pfas
14
vulnerability VCID-t8tc-zb3w-57gv
15
vulnerability VCID-vnfg-9em7-u7ee
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.109
1
url pkg:maven/org.apache.tomcat/tomcat@10.1.45
purl pkg:maven/org.apache.tomcat/tomcat@10.1.45
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2n2k-sh22-fkfw
1
vulnerability VCID-697g-gcg9-zyaa
2
vulnerability VCID-7wr9-uez1-8bdg
3
vulnerability VCID-97et-ubnp-wqcy
4
vulnerability VCID-9xyf-k9wq-g7b9
5
vulnerability VCID-bwh8-tmf1-8uac
6
vulnerability VCID-dj7q-4map-ebg4
7
vulnerability VCID-hv33-kv9q-gugf
8
vulnerability VCID-hvgr-azs4-qqac
9
vulnerability VCID-keh1-ycs9-ybdd
10
vulnerability VCID-n4qq-m1x3-qkbz
11
vulnerability VCID-nctp-shgj-sfgh
12
vulnerability VCID-s2kf-jwgc-pfas
13
vulnerability VCID-t8tc-zb3w-57gv
14
vulnerability VCID-vnfg-9em7-u7ee
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.45
2
url pkg:maven/org.apache.tomcat/tomcat@11.0.11
purl pkg:maven/org.apache.tomcat/tomcat@11.0.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2n2k-sh22-fkfw
1
vulnerability VCID-697g-gcg9-zyaa
2
vulnerability VCID-7wr9-uez1-8bdg
3
vulnerability VCID-97et-ubnp-wqcy
4
vulnerability VCID-9xyf-k9wq-g7b9
5
vulnerability VCID-bwh8-tmf1-8uac
6
vulnerability VCID-dhxd-kknv-9qb7
7
vulnerability VCID-dj7q-4map-ebg4
8
vulnerability VCID-hv33-kv9q-gugf
9
vulnerability VCID-hvgr-azs4-qqac
10
vulnerability VCID-keh1-ycs9-ybdd
11
vulnerability VCID-n4qq-m1x3-qkbz
12
vulnerability VCID-nctp-shgj-sfgh
13
vulnerability VCID-s2kf-jwgc-pfas
14
vulnerability VCID-t8tc-zb3w-57gv
15
vulnerability VCID-vnfg-9em7-u7ee
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@11.0.11
aliases CVE-2025-55752, GHSA-wmwf-9ccg-fff5
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6wqu-jupw-tyhu
5
url VCID-7wr9-uez1-8bdg
vulnerability_id VCID-7wr9-uez1-8bdg
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25854.json
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25854.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-25854
reference_id
reference_type
scores
0
value 0.00033
scoring_system epss
scoring_elements 0.10241
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-25854
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
4
reference_url https://github.com/apache/tomcat/commit/4c5d306001b780c9316aea5ff6502c524fb20695
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/4c5d306001b780c9316aea5ff6502c524fb20695
5
reference_url https://github.com/apache/tomcat/commit/5fb910f9a9dafa37a0c0965a1bd62a21dcf437f2
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/5fb910f9a9dafa37a0c0965a1bd62a21dcf437f2
6
reference_url https://github.com/apache/tomcat/commit/c5a45ae68d07f7a07be2a875e5b6772d66c4e5d0
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/c5a45ae68d07f7a07be2a875e5b6772d66c4e5d0
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-25854
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-25854
8
reference_url http://www.openwall.com/lists/oss-security/2026/04/09/21
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2026/04/09/21
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133356
reference_id 1133356
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133356
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133357
reference_id 1133357
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133357
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2457039
reference_id 2457039
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2457039
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25854
reference_id CVE-2026-25854
reference_type
scores
0
value Low
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25854
13
reference_url https://lists.apache.org/thread/ghct3b6o74bp2vm7q875s1zh0dqrz3h0
reference_id ghct3b6o74bp2vm7q875s1zh0dqrz3h0
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-10T18:21:57Z/
url https://lists.apache.org/thread/ghct3b6o74bp2vm7q875s1zh0dqrz3h0
14
reference_url https://github.com/advisories/GHSA-9m3c-qcxr-9x87
reference_id GHSA-9m3c-qcxr-9x87
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-9m3c-qcxr-9x87
15
reference_url https://access.redhat.com/errata/RHSA-2026:20405
reference_id RHSA-2026:20405
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:20405
16
reference_url https://access.redhat.com/errata/RHSA-2026:20406
reference_id RHSA-2026:20406
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:20406
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@9.0.116
purl pkg:maven/org.apache.tomcat/tomcat@9.0.116
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2n2k-sh22-fkfw
1
vulnerability VCID-697g-gcg9-zyaa
2
vulnerability VCID-97et-ubnp-wqcy
3
vulnerability VCID-9xyf-k9wq-g7b9
4
vulnerability VCID-dhxd-kknv-9qb7
5
vulnerability VCID-dj7q-4map-ebg4
6
vulnerability VCID-hv33-kv9q-gugf
7
vulnerability VCID-hvgr-azs4-qqac
8
vulnerability VCID-nctp-shgj-sfgh
9
vulnerability VCID-nfmu-1t27-e3fu
10
vulnerability VCID-s2kf-jwgc-pfas
11
vulnerability VCID-vnfg-9em7-u7ee
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.116
1
url pkg:maven/org.apache.tomcat/tomcat@10.1.53
purl pkg:maven/org.apache.tomcat/tomcat@10.1.53
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2n2k-sh22-fkfw
1
vulnerability VCID-697g-gcg9-zyaa
2
vulnerability VCID-97et-ubnp-wqcy
3
vulnerability VCID-9xyf-k9wq-g7b9
4
vulnerability VCID-dhxd-kknv-9qb7
5
vulnerability VCID-dj7q-4map-ebg4
6
vulnerability VCID-hv33-kv9q-gugf
7
vulnerability VCID-hvgr-azs4-qqac
8
vulnerability VCID-nctp-shgj-sfgh
9
vulnerability VCID-nfmu-1t27-e3fu
10
vulnerability VCID-s2kf-jwgc-pfas
11
vulnerability VCID-vnfg-9em7-u7ee
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.53
2
url pkg:maven/org.apache.tomcat/tomcat@11.0.20
purl pkg:maven/org.apache.tomcat/tomcat@11.0.20
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2n2k-sh22-fkfw
1
vulnerability VCID-697g-gcg9-zyaa
2
vulnerability VCID-97et-ubnp-wqcy
3
vulnerability VCID-9xyf-k9wq-g7b9
4
vulnerability VCID-dhxd-kknv-9qb7
5
vulnerability VCID-dj7q-4map-ebg4
6
vulnerability VCID-hv33-kv9q-gugf
7
vulnerability VCID-hvgr-azs4-qqac
8
vulnerability VCID-nctp-shgj-sfgh
9
vulnerability VCID-nfmu-1t27-e3fu
10
vulnerability VCID-s2kf-jwgc-pfas
11
vulnerability VCID-vnfg-9em7-u7ee
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@11.0.20
aliases CVE-2026-25854, GHSA-9m3c-qcxr-9x87
risk_score 2.8
exploitability 0.5
weighted_severity 5.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7wr9-uez1-8bdg
6
url VCID-824z-m36f-87ea
vulnerability_id VCID-824z-m36f-87ea
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1935.json
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1935.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-1935
reference_id
reference_type
scores
0
value 0.01382
scoring_system epss
scoring_elements 0.80716
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-1935
2
reference_url https://github.com/apache/tomcat/commit/702bf15bea292915684d931526d95d4990b2e73d
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/702bf15bea292915684d931526d95d4990b2e73d
3
reference_url https://github.com/apache/tomcat/commit/8bfb0ff7f25fe7555a5eb2f7984f73546c11aa26
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/8bfb0ff7f25fe7555a5eb2f7984f73546c11aa26
4
reference_url https://github.com/apache/tomcat/commit/8fbe2e962f0ea138d92361921643fe5abe0c4f56
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/8fbe2e962f0ea138d92361921643fe5abe0c4f56
5
reference_url https://lists.apache.org/thread.html/r127f76181aceffea2bd4711b03c595d0f115f63e020348fe925a916c%40%3Cannounce.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r127f76181aceffea2bd4711b03c595d0f115f63e020348fe925a916c%40%3Cannounce.tomcat.apache.org%3E
6
reference_url https://lists.apache.org/thread.html/r441c1f30a252bf14b07396286f6abd8089ce4240e91323211f1a2d75@%3Cusers.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r441c1f30a252bf14b07396286f6abd8089ce4240e91323211f1a2d75@%3Cusers.tomcat.apache.org%3E
7
reference_url https://lists.apache.org/thread.html/r660cd379afe346f10d72c0eaa8459ccc95d83aff181671b7e9076919@%3Cusers.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r660cd379afe346f10d72c0eaa8459ccc95d83aff181671b7e9076919@%3Cusers.tomcat.apache.org%3E
8
reference_url https://lists.apache.org/thread.html/r7bc994c965a34876bd94d5ff15b4e1e30b6220a15eb9b47c81915b78@%3Ccommits.tomee.apache.org%3E
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r7bc994c965a34876bd94d5ff15b4e1e30b6220a15eb9b47c81915b78@%3Ccommits.tomee.apache.org%3E
9
reference_url https://lists.apache.org/thread.html/r80e9c8417c77d52c62809168b96912bda70ddf7748f19f8210f745b1@%3Cusers.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r80e9c8417c77d52c62809168b96912bda70ddf7748f19f8210f745b1@%3Cusers.tomcat.apache.org%3E
10
reference_url https://lists.apache.org/thread.html/r9ce7918faf347e7aac32be930bf26c233b0b140fe37af0bb294158b6@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r9ce7918faf347e7aac32be930bf26c233b0b140fe37af0bb294158b6@%3Cdev.tomcat.apache.org%3E
11
reference_url https://lists.apache.org/thread.html/ra5dee390ad2d60307b8362505c059cd6a726de4d146d63dfce1e05e7@%3Cusers.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/ra5dee390ad2d60307b8362505c059cd6a726de4d146d63dfce1e05e7@%3Cusers.tomcat.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/rc31cbabb46cdc58bbdd8519a8f64b6236b2635a3922bbeba0f0e3743@%3Ccommits.tomee.apache.org%3E
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rc31cbabb46cdc58bbdd8519a8f64b6236b2635a3922bbeba0f0e3743@%3Ccommits.tomee.apache.org%3E
13
reference_url https://lists.apache.org/thread.html/rd547be0c9d821b4b1000a694b8e58ef9f5e2d66db03a31dfe77c4b18@%3Cusers.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rd547be0c9d821b4b1000a694b8e58ef9f5e2d66db03a31dfe77c4b18@%3Cusers.tomcat.apache.org%3E
14
reference_url https://security.netapp.com/advisory/ntap-20200327-0005
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20200327-0005
15
reference_url https://security.netapp.com/advisory/ntap-20200327-0005/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20200327-0005/
16
reference_url https://usn.ubuntu.com/4448-1
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/4448-1
17
reference_url https://usn.ubuntu.com/4448-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/4448-1/
18
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1806835
reference_id 1806835
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1806835
19
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1935
reference_id CVE-2020-1935
reference_type
scores
0
value Low
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1935
20
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-1935
reference_id CVE-2020-1935
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-1935
21
reference_url https://github.com/advisories/GHSA-qxf4-chvg-4r8r
reference_id GHSA-qxf4-chvg-4r8r
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-qxf4-chvg-4r8r
22
reference_url https://access.redhat.com/errata/RHSA-2020:1520
reference_id RHSA-2020:1520
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1520
23
reference_url https://access.redhat.com/errata/RHSA-2020:1521
reference_id RHSA-2020:1521
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1521
24
reference_url https://access.redhat.com/errata/RHSA-2020:2367
reference_id RHSA-2020:2367
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2367
25
reference_url https://access.redhat.com/errata/RHSA-2020:3303
reference_id RHSA-2020:3303
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3303
26
reference_url https://access.redhat.com/errata/RHSA-2020:3305
reference_id RHSA-2020:3305
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3305
27
reference_url https://access.redhat.com/errata/RHSA-2020:4847
reference_id RHSA-2020:4847
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4847
28
reference_url https://access.redhat.com/errata/RHSA-2020:5020
reference_id RHSA-2020:5020
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:5020
29
reference_url https://access.redhat.com/errata/RHSA-2021:0882
reference_id RHSA-2021:0882
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0882
30
reference_url https://access.redhat.com/errata/RHSA-2021:1030
reference_id RHSA-2021:1030
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:1030
31
reference_url https://access.redhat.com/errata/RHSA-2021:3140
reference_id RHSA-2021:3140
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3140
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@8.5.51
purl pkg:maven/org.apache.tomcat/tomcat@8.5.51
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2hmq-5245-jyaf
1
vulnerability VCID-2n2k-sh22-fkfw
2
vulnerability VCID-3kn9-yxww-ryh4
3
vulnerability VCID-697g-gcg9-zyaa
4
vulnerability VCID-6wqu-jupw-tyhu
5
vulnerability VCID-7wr9-uez1-8bdg
6
vulnerability VCID-97et-ubnp-wqcy
7
vulnerability VCID-9xyf-k9wq-g7b9
8
vulnerability VCID-dhxd-kknv-9qb7
9
vulnerability VCID-dj7q-4map-ebg4
10
vulnerability VCID-dx14-ejnx-37ad
11
vulnerability VCID-euv9-huaz-y3d1
12
vulnerability VCID-gecz-htub-27gx
13
vulnerability VCID-hv33-kv9q-gugf
14
vulnerability VCID-keh1-ycs9-ybdd
15
vulnerability VCID-m3py-3ba2-jkg7
16
vulnerability VCID-nj9t-gdm3-6ycn
17
vulnerability VCID-p65m-6crd-bufr
18
vulnerability VCID-qvgx-r4rr-xugp
19
vulnerability VCID-qxfb-yg6b-nfda
20
vulnerability VCID-r9fd-ndvw-ekfa
21
vulnerability VCID-s2kf-jwgc-pfas
22
vulnerability VCID-t8tc-zb3w-57gv
23
vulnerability VCID-tvrz-n2kd-pba4
24
vulnerability VCID-uyc3-3cnp-wqf3
25
vulnerability VCID-v5zf-qfdq-kbbp
26
vulnerability VCID-vfh6-rc99-e3bf
27
vulnerability VCID-yjb8-hdqu-4fe5
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@8.5.51
1
url pkg:maven/org.apache.tomcat/tomcat@9.0.31
purl pkg:maven/org.apache.tomcat/tomcat@9.0.31
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2hmq-5245-jyaf
1
vulnerability VCID-2n2k-sh22-fkfw
2
vulnerability VCID-3kn9-yxww-ryh4
3
vulnerability VCID-697g-gcg9-zyaa
4
vulnerability VCID-6wqu-jupw-tyhu
5
vulnerability VCID-7wr9-uez1-8bdg
6
vulnerability VCID-97et-ubnp-wqcy
7
vulnerability VCID-9xyf-k9wq-g7b9
8
vulnerability VCID-dhxd-kknv-9qb7
9
vulnerability VCID-dj7q-4map-ebg4
10
vulnerability VCID-dx14-ejnx-37ad
11
vulnerability VCID-euv9-huaz-y3d1
12
vulnerability VCID-gecz-htub-27gx
13
vulnerability VCID-hv33-kv9q-gugf
14
vulnerability VCID-keh1-ycs9-ybdd
15
vulnerability VCID-ngy5-k9cv-rkbn
16
vulnerability VCID-nj9t-gdm3-6ycn
17
vulnerability VCID-p65m-6crd-bufr
18
vulnerability VCID-qvgx-r4rr-xugp
19
vulnerability VCID-r9fd-ndvw-ekfa
20
vulnerability VCID-s2kf-jwgc-pfas
21
vulnerability VCID-t8tc-zb3w-57gv
22
vulnerability VCID-tvrz-n2kd-pba4
23
vulnerability VCID-uyc3-3cnp-wqf3
24
vulnerability VCID-v5zf-qfdq-kbbp
25
vulnerability VCID-vfh6-rc99-e3bf
26
vulnerability VCID-vnfg-9em7-u7ee
27
vulnerability VCID-yg5s-2fsb-gub2
28
vulnerability VCID-yjb8-hdqu-4fe5
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.31
aliases CVE-2020-1935, GHSA-qxf4-chvg-4r8r
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-824z-m36f-87ea
7
url VCID-97et-ubnp-wqcy
vulnerability_id VCID-97et-ubnp-wqcy
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43512.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43512.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-43512
reference_id
reference_type
scores
0
value 0.00139
scoring_system epss
scoring_elements 0.33696
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-43512
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/apache/tomcat/commit/3d4d3fae07a6cd9c2eb193c5491001740ec64448
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/3d4d3fae07a6cd9c2eb193c5491001740ec64448
4
reference_url https://github.com/apache/tomcat/commit/6565a6cb6499e56fe2f34457cec99f9d1c4f39e9
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/6565a6cb6499e56fe2f34457cec99f9d1c4f39e9
5
reference_url https://github.com/apache/tomcat/commit/a99c355e8199adbfd67c9a1fffbd85b810b196cd
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/a99c355e8199adbfd67c9a1fffbd85b810b196cd
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-43512
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-43512
7
reference_url https://tomcat.apache.org/security-10.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-10.html
8
reference_url https://tomcat.apache.org/security-11.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-11.html
9
reference_url https://tomcat.apache.org/security-9.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-9.html
10
reference_url http://www.openwall.com/lists/oss-security/2026/05/12/8
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2026/05/12/8
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2476511
reference_id 2476511
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2476511
12
reference_url https://lists.apache.org/thread/7x09x7o12solvclslw3sz0288xc8wx73
reference_id 7x09x7o12solvclslw3sz0288xc8wx73
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-14T16:38:42Z/
url https://lists.apache.org/thread/7x09x7o12solvclslw3sz0288xc8wx73
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-43512
reference_id CVE-2026-43512
reference_type
scores
0
value Moderate
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-43512
14
reference_url https://github.com/advisories/GHSA-h6fc-48rj-7qqh
reference_id GHSA-h6fc-48rj-7qqh
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-h6fc-48rj-7qqh
15
reference_url https://access.redhat.com/errata/RHSA-2026:13745
reference_id RHSA-2026:13745
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:13745
16
reference_url https://access.redhat.com/errata/RHSA-2026:16528
reference_id RHSA-2026:16528
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:16528
17
reference_url https://access.redhat.com/errata/RHSA-2026:25123
reference_id RHSA-2026:25123
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:25123
18
reference_url https://usn.ubuntu.com/8383-1/
reference_id USN-8383-1
reference_type
scores
url https://usn.ubuntu.com/8383-1/
19
reference_url https://usn.ubuntu.com/8417-1/
reference_id USN-8417-1
reference_type
scores
url https://usn.ubuntu.com/8417-1/
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@9.0.118
purl pkg:maven/org.apache.tomcat/tomcat@9.0.118
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.118
1
url pkg:maven/org.apache.tomcat/tomcat@10.1.55
purl pkg:maven/org.apache.tomcat/tomcat@10.1.55
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.55
2
url pkg:maven/org.apache.tomcat/tomcat@11.0.22
purl pkg:maven/org.apache.tomcat/tomcat@11.0.22
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@11.0.22
aliases CVE-2026-43512, GHSA-h6fc-48rj-7qqh
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-97et-ubnp-wqcy
8
url VCID-9xyf-k9wq-g7b9
vulnerability_id VCID-9xyf-k9wq-g7b9
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-42498
reference_id
reference_type
scores
0
value 0.0005
scoring_system epss
scoring_elements 0.15929
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-42498
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
3
reference_url https://github.com/apache/tomcat/commit/169d725788ea6aec217ecac70fe4161c837ba423
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/169d725788ea6aec217ecac70fe4161c837ba423
4
reference_url https://github.com/apache/tomcat/commit/6cbe274592ef2d11607b5b188e1df649de52f8d5
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/6cbe274592ef2d11607b5b188e1df649de52f8d5
5
reference_url https://github.com/apache/tomcat/commit/b7b173694d588ddcfa432f079baf763cbbbaa5c4
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/b7b173694d588ddcfa432f079baf763cbbbaa5c4
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-42498
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-42498
7
reference_url https://tomcat.apache.org/security-10.html
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-10.html
8
reference_url https://tomcat.apache.org/security-11.html
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-11.html
9
reference_url https://tomcat.apache.org/security-9.html
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-9.html
10
reference_url http://www.openwall.com/lists/oss-security/2026/05/12/14
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2026/05/12/14
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42498
reference_id CVE-2026-42498
reference_type
scores
0
value Low
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42498
12
reference_url https://github.com/advisories/GHSA-fv25-8xcx-gqjc
reference_id GHSA-fv25-8xcx-gqjc
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-fv25-8xcx-gqjc
13
reference_url https://lists.apache.org/thread/n61zwf75jrv09rz90j4jssncm244bwdb
reference_id n61zwf75jrv09rz90j4jssncm244bwdb
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-13T15:58:45Z/
url https://lists.apache.org/thread/n61zwf75jrv09rz90j4jssncm244bwdb
14
reference_url https://usn.ubuntu.com/8417-1/
reference_id USN-8417-1
reference_type
scores
url https://usn.ubuntu.com/8417-1/
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@9.0.118
purl pkg:maven/org.apache.tomcat/tomcat@9.0.118
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.118
1
url pkg:maven/org.apache.tomcat/tomcat@10.1.55
purl pkg:maven/org.apache.tomcat/tomcat@10.1.55
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.55
2
url pkg:maven/org.apache.tomcat/tomcat@11.0.22
purl pkg:maven/org.apache.tomcat/tomcat@11.0.22
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@11.0.22
aliases CVE-2026-42498, GHSA-fv25-8xcx-gqjc
risk_score 3.3
exploitability 0.5
weighted_severity 6.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9xyf-k9wq-g7b9
9
url VCID-bv5e-eycn-n7e2
vulnerability_id VCID-bv5e-eycn-n7e2
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17569.json
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17569.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-17569
reference_id
reference_type
scores
0
value 0.06163
scoring_system epss
scoring_elements 0.91024
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-17569
2
reference_url https://github.com/apache/tomcat/commit/060ecc5eb839208687b7fcc9e35287ac8eb46998
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/060ecc5eb839208687b7fcc9e35287ac8eb46998
3
reference_url https://github.com/apache/tomcat/commit/959f1dfd767bf3cb64776b44f7395d1d8d8f7ab3
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/959f1dfd767bf3cb64776b44f7395d1d8d8f7ab3
4
reference_url https://github.com/apache/tomcat/commit/b191a0d9cf06f4e04257c221bfe41d2b108a9cc8
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/b191a0d9cf06f4e04257c221bfe41d2b108a9cc8
5
reference_url https://lists.apache.org/thread.html/r7bc994c965a34876bd94d5ff15b4e1e30b6220a15eb9b47c81915b78@%3Ccommits.tomee.apache.org%3E
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r7bc994c965a34876bd94d5ff15b4e1e30b6220a15eb9b47c81915b78@%3Ccommits.tomee.apache.org%3E
6
reference_url https://lists.apache.org/thread.html/r88def002c5c78534674ca67472e035099fbe088813d50062094a1390%40%3Cannounce.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r88def002c5c78534674ca67472e035099fbe088813d50062094a1390%40%3Cannounce.tomcat.apache.org%3E
7
reference_url https://lists.apache.org/thread.html/rc31cbabb46cdc58bbdd8519a8f64b6236b2635a3922bbeba0f0e3743@%3Ccommits.tomee.apache.org%3E
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rc31cbabb46cdc58bbdd8519a8f64b6236b2635a3922bbeba0f0e3743@%3Ccommits.tomee.apache.org%3E
8
reference_url https://security.netapp.com/advisory/ntap-20200327-0005
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20200327-0005
9
reference_url https://security.netapp.com/advisory/ntap-20200327-0005/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20200327-0005/
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1806849
reference_id 1806849
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1806849
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17569
reference_id CVE-2019-17569
reference_type
scores
0
value Low
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17569
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-17569
reference_id CVE-2019-17569
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-17569
13
reference_url https://github.com/advisories/GHSA-767j-jfh2-jvrc
reference_id GHSA-767j-jfh2-jvrc
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-767j-jfh2-jvrc
14
reference_url https://access.redhat.com/errata/RHSA-2020:1520
reference_id RHSA-2020:1520
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1520
15
reference_url https://access.redhat.com/errata/RHSA-2020:1521
reference_id RHSA-2020:1521
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1521
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@8.5.51
purl pkg:maven/org.apache.tomcat/tomcat@8.5.51
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2hmq-5245-jyaf
1
vulnerability VCID-2n2k-sh22-fkfw
2
vulnerability VCID-3kn9-yxww-ryh4
3
vulnerability VCID-697g-gcg9-zyaa
4
vulnerability VCID-6wqu-jupw-tyhu
5
vulnerability VCID-7wr9-uez1-8bdg
6
vulnerability VCID-97et-ubnp-wqcy
7
vulnerability VCID-9xyf-k9wq-g7b9
8
vulnerability VCID-dhxd-kknv-9qb7
9
vulnerability VCID-dj7q-4map-ebg4
10
vulnerability VCID-dx14-ejnx-37ad
11
vulnerability VCID-euv9-huaz-y3d1
12
vulnerability VCID-gecz-htub-27gx
13
vulnerability VCID-hv33-kv9q-gugf
14
vulnerability VCID-keh1-ycs9-ybdd
15
vulnerability VCID-m3py-3ba2-jkg7
16
vulnerability VCID-nj9t-gdm3-6ycn
17
vulnerability VCID-p65m-6crd-bufr
18
vulnerability VCID-qvgx-r4rr-xugp
19
vulnerability VCID-qxfb-yg6b-nfda
20
vulnerability VCID-r9fd-ndvw-ekfa
21
vulnerability VCID-s2kf-jwgc-pfas
22
vulnerability VCID-t8tc-zb3w-57gv
23
vulnerability VCID-tvrz-n2kd-pba4
24
vulnerability VCID-uyc3-3cnp-wqf3
25
vulnerability VCID-v5zf-qfdq-kbbp
26
vulnerability VCID-vfh6-rc99-e3bf
27
vulnerability VCID-yjb8-hdqu-4fe5
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@8.5.51
1
url pkg:maven/org.apache.tomcat/tomcat@9.0.31
purl pkg:maven/org.apache.tomcat/tomcat@9.0.31
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2hmq-5245-jyaf
1
vulnerability VCID-2n2k-sh22-fkfw
2
vulnerability VCID-3kn9-yxww-ryh4
3
vulnerability VCID-697g-gcg9-zyaa
4
vulnerability VCID-6wqu-jupw-tyhu
5
vulnerability VCID-7wr9-uez1-8bdg
6
vulnerability VCID-97et-ubnp-wqcy
7
vulnerability VCID-9xyf-k9wq-g7b9
8
vulnerability VCID-dhxd-kknv-9qb7
9
vulnerability VCID-dj7q-4map-ebg4
10
vulnerability VCID-dx14-ejnx-37ad
11
vulnerability VCID-euv9-huaz-y3d1
12
vulnerability VCID-gecz-htub-27gx
13
vulnerability VCID-hv33-kv9q-gugf
14
vulnerability VCID-keh1-ycs9-ybdd
15
vulnerability VCID-ngy5-k9cv-rkbn
16
vulnerability VCID-nj9t-gdm3-6ycn
17
vulnerability VCID-p65m-6crd-bufr
18
vulnerability VCID-qvgx-r4rr-xugp
19
vulnerability VCID-r9fd-ndvw-ekfa
20
vulnerability VCID-s2kf-jwgc-pfas
21
vulnerability VCID-t8tc-zb3w-57gv
22
vulnerability VCID-tvrz-n2kd-pba4
23
vulnerability VCID-uyc3-3cnp-wqf3
24
vulnerability VCID-v5zf-qfdq-kbbp
25
vulnerability VCID-vfh6-rc99-e3bf
26
vulnerability VCID-vnfg-9em7-u7ee
27
vulnerability VCID-yg5s-2fsb-gub2
28
vulnerability VCID-yjb8-hdqu-4fe5
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.31
aliases CVE-2019-17569, GHSA-767j-jfh2-jvrc
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bv5e-eycn-n7e2
10
url VCID-dhxd-kknv-9qb7
vulnerability_id VCID-dhxd-kknv-9qb7
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-29146.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-29146.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-29146
reference_id
reference_type
scores
0
value 0.12919
scoring_system epss
scoring_elements 0.94218
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-29146
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
4
reference_url https://github.com/apache/tomcat/commit/0112ed22abfccc3d54e44d91eb08804d0886acd1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/0112ed22abfccc3d54e44d91eb08804d0886acd1
5
reference_url https://github.com/apache/tomcat/commit/1fab40ccc752e22639eccfe290d5624afad7eccd
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/1fab40ccc752e22639eccfe290d5624afad7eccd
6
reference_url https://github.com/apache/tomcat/commit/55f3eb9148233054fccfdf761141c6894a050be1
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/55f3eb9148233054fccfdf761141c6894a050be1
7
reference_url https://github.com/apache/tomcat/commit/607ebc0fa522bd9e8c05517baa2d179bbd1e659c
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/607ebc0fa522bd9e8c05517baa2d179bbd1e659c
8
reference_url https://github.com/apache/tomcat/commit/6d955cceca841f2eabf2d6c46b59a8c7e1cd6eaa
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/6d955cceca841f2eabf2d6c46b59a8c7e1cd6eaa
9
reference_url https://github.com/apache/tomcat/commit/776e12b3e2b0b4507b8a3b62c187ceb0b74bf418
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/776e12b3e2b0b4507b8a3b62c187ceb0b74bf418
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-29146
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-29146
11
reference_url https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.53
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.53
12
reference_url https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.20
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.20
13
reference_url https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.116
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.116
14
reference_url https://www.herodevs.com/vulnerability-directory/cve-2026-29146
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.herodevs.com/vulnerability-directory/cve-2026-29146
15
reference_url http://www.openwall.com/lists/oss-security/2026/04/09/24
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2026/04/09/24
16
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133356
reference_id 1133356
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133356
17
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133357
reference_id 1133357
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133357
18
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2457020
reference_id 2457020
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2457020
19
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-29146
reference_id CVE-2026-29146
reference_type
scores
0
value Important
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-29146
20
reference_url https://github.com/advisories/GHSA-h468-7pvh-8vr8
reference_id GHSA-h468-7pvh-8vr8
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-h468-7pvh-8vr8
21
reference_url https://lists.apache.org/thread/lzt04z2pb3dc5tk85obn80xygw3z1p0w
reference_id lzt04z2pb3dc5tk85obn80xygw3z1p0w
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T18:17:02Z/
url https://lists.apache.org/thread/lzt04z2pb3dc5tk85obn80xygw3z1p0w
22
reference_url https://access.redhat.com/errata/RHSA-2026:20405
reference_id RHSA-2026:20405
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:20405
23
reference_url https://access.redhat.com/errata/RHSA-2026:20406
reference_id RHSA-2026:20406
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:20406
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@9.0.0.M1
purl pkg:maven/org.apache.tomcat/tomcat@9.0.0.M1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1fr1-b1h1-zqcz
1
vulnerability VCID-2n2k-sh22-fkfw
2
vulnerability VCID-395x-2jej-4ubj
3
vulnerability VCID-3977-sdws-euh4
4
vulnerability VCID-4c8y-tn9d-v3d5
5
vulnerability VCID-4md2-vchu-3bgx
6
vulnerability VCID-4tdx-52h3-bkfj
7
vulnerability VCID-5hp9-mbcu-2bdt
8
vulnerability VCID-5nu4-5ude-4yhc
9
vulnerability VCID-64zy-xgrf-eba1
10
vulnerability VCID-65td-2enz-63hf
11
vulnerability VCID-697g-gcg9-zyaa
12
vulnerability VCID-6tzd-v653-9bdq
13
vulnerability VCID-6wqu-jupw-tyhu
14
vulnerability VCID-7wr9-uez1-8bdg
15
vulnerability VCID-824z-m36f-87ea
16
vulnerability VCID-8zsm-8skx-dfha
17
vulnerability VCID-97et-ubnp-wqcy
18
vulnerability VCID-9gs9-4vzf-uqbu
19
vulnerability VCID-9xyf-k9wq-g7b9
20
vulnerability VCID-a463-td75-3bhf
21
vulnerability VCID-a7e6-gxvv-pub9
22
vulnerability VCID-b25a-4gka-5yhr
23
vulnerability VCID-d1px-uadx-vqdx
24
vulnerability VCID-d4m6-nran-5ydj
25
vulnerability VCID-dj7q-4map-ebg4
26
vulnerability VCID-euv9-huaz-y3d1
27
vulnerability VCID-evws-hrsq-ybfw
28
vulnerability VCID-ftu2-phtp-bqad
29
vulnerability VCID-fwgq-vmfm-j7bh
30
vulnerability VCID-fy3t-qn64-bkhn
31
vulnerability VCID-gecz-htub-27gx
32
vulnerability VCID-hv33-kv9q-gugf
33
vulnerability VCID-k11z-qhvd-9ugj
34
vulnerability VCID-keh1-ycs9-ybdd
35
vulnerability VCID-kehq-gcjx-17e4
36
vulnerability VCID-m3py-3ba2-jkg7
37
vulnerability VCID-m7b3-kxzn-t7hj
38
vulnerability VCID-mdsb-pema-d3ds
39
vulnerability VCID-mr66-8myw-1bc9
40
vulnerability VCID-n5t6-xtd3-hfa7
41
vulnerability VCID-ngy5-k9cv-rkbn
42
vulnerability VCID-nstu-jfc5-3kgd
43
vulnerability VCID-nz4k-nfug-tufw
44
vulnerability VCID-p4j1-xp15-t3b8
45
vulnerability VCID-p65m-6crd-bufr
46
vulnerability VCID-q1pv-h34q-7ufy
47
vulnerability VCID-q4zv-r7va-nfc3
48
vulnerability VCID-qvgx-r4rr-xugp
49
vulnerability VCID-qxbw-zvw5-ckdp
50
vulnerability VCID-qxfb-yg6b-nfda
51
vulnerability VCID-rfbc-9e8h-gfhr
52
vulnerability VCID-rwqs-mabh-17c9
53
vulnerability VCID-rxdf-fjd8-6yhk
54
vulnerability VCID-s2kf-jwgc-pfas
55
vulnerability VCID-s4fd-atmc-qkcz
56
vulnerability VCID-swxs-3ua6-3yfn
57
vulnerability VCID-t5hs-wb5y-tfgw
58
vulnerability VCID-t7xw-r7rz-u3g5
59
vulnerability VCID-t8tc-zb3w-57gv
60
vulnerability VCID-uqgg-5gr8-sfgg
61
vulnerability VCID-urhx-sw6q-cqce
62
vulnerability VCID-uyc3-3cnp-wqf3
63
vulnerability VCID-v9zx-5ppt-qfbb
64
vulnerability VCID-vfh6-rc99-e3bf
65
vulnerability VCID-vvc7-62tw-2bhh
66
vulnerability VCID-vwn1-fgjk-p7bz
67
vulnerability VCID-vz4c-rt19-pbaf
68
vulnerability VCID-w35j-v3r4-tqhu
69
vulnerability VCID-wgfy-cxth-fkas
70
vulnerability VCID-wu55-n9ff-sbbf
71
vulnerability VCID-x57v-g2md-7bbq
72
vulnerability VCID-xjen-b9ss-33by
73
vulnerability VCID-xvbv-9ztw-mfcn
74
vulnerability VCID-yjb8-hdqu-4fe5
75
vulnerability VCID-yqd8-3j9e-cken
76
vulnerability VCID-zgcn-hta4-xfb2
77
vulnerability VCID-znw1-bajd-7yfp
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.0.M1
1
url pkg:maven/org.apache.tomcat/tomcat@9.0.116
purl pkg:maven/org.apache.tomcat/tomcat@9.0.116
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2n2k-sh22-fkfw
1
vulnerability VCID-697g-gcg9-zyaa
2
vulnerability VCID-97et-ubnp-wqcy
3
vulnerability VCID-9xyf-k9wq-g7b9
4
vulnerability VCID-dhxd-kknv-9qb7
5
vulnerability VCID-dj7q-4map-ebg4
6
vulnerability VCID-hv33-kv9q-gugf
7
vulnerability VCID-hvgr-azs4-qqac
8
vulnerability VCID-nctp-shgj-sfgh
9
vulnerability VCID-nfmu-1t27-e3fu
10
vulnerability VCID-s2kf-jwgc-pfas
11
vulnerability VCID-vnfg-9em7-u7ee
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.116
2
url pkg:maven/org.apache.tomcat/tomcat@9.0.117
purl pkg:maven/org.apache.tomcat/tomcat@9.0.117
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2n2k-sh22-fkfw
1
vulnerability VCID-697g-gcg9-zyaa
2
vulnerability VCID-97et-ubnp-wqcy
3
vulnerability VCID-9xyf-k9wq-g7b9
4
vulnerability VCID-dj7q-4map-ebg4
5
vulnerability VCID-hv33-kv9q-gugf
6
vulnerability VCID-s2kf-jwgc-pfas
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.117
3
url pkg:maven/org.apache.tomcat/tomcat@10.1.53
purl pkg:maven/org.apache.tomcat/tomcat@10.1.53
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2n2k-sh22-fkfw
1
vulnerability VCID-697g-gcg9-zyaa
2
vulnerability VCID-97et-ubnp-wqcy
3
vulnerability VCID-9xyf-k9wq-g7b9
4
vulnerability VCID-dhxd-kknv-9qb7
5
vulnerability VCID-dj7q-4map-ebg4
6
vulnerability VCID-hv33-kv9q-gugf
7
vulnerability VCID-hvgr-azs4-qqac
8
vulnerability VCID-nctp-shgj-sfgh
9
vulnerability VCID-nfmu-1t27-e3fu
10
vulnerability VCID-s2kf-jwgc-pfas
11
vulnerability VCID-vnfg-9em7-u7ee
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.53
4
url pkg:maven/org.apache.tomcat/tomcat@10.1.54
purl pkg:maven/org.apache.tomcat/tomcat@10.1.54
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2n2k-sh22-fkfw
1
vulnerability VCID-697g-gcg9-zyaa
2
vulnerability VCID-97et-ubnp-wqcy
3
vulnerability VCID-9xyf-k9wq-g7b9
4
vulnerability VCID-dj7q-4map-ebg4
5
vulnerability VCID-hv33-kv9q-gugf
6
vulnerability VCID-s2kf-jwgc-pfas
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.54
5
url pkg:maven/org.apache.tomcat/tomcat@11.0.20
purl pkg:maven/org.apache.tomcat/tomcat@11.0.20
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2n2k-sh22-fkfw
1
vulnerability VCID-697g-gcg9-zyaa
2
vulnerability VCID-97et-ubnp-wqcy
3
vulnerability VCID-9xyf-k9wq-g7b9
4
vulnerability VCID-dhxd-kknv-9qb7
5
vulnerability VCID-dj7q-4map-ebg4
6
vulnerability VCID-hv33-kv9q-gugf
7
vulnerability VCID-hvgr-azs4-qqac
8
vulnerability VCID-nctp-shgj-sfgh
9
vulnerability VCID-nfmu-1t27-e3fu
10
vulnerability VCID-s2kf-jwgc-pfas
11
vulnerability VCID-vnfg-9em7-u7ee
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@11.0.20
6
url pkg:maven/org.apache.tomcat/tomcat@11.0.21
purl pkg:maven/org.apache.tomcat/tomcat@11.0.21
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2n2k-sh22-fkfw
1
vulnerability VCID-697g-gcg9-zyaa
2
vulnerability VCID-97et-ubnp-wqcy
3
vulnerability VCID-9xyf-k9wq-g7b9
4
vulnerability VCID-dj7q-4map-ebg4
5
vulnerability VCID-hv33-kv9q-gugf
6
vulnerability VCID-s2kf-jwgc-pfas
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@11.0.21
aliases CVE-2026-29146, GHSA-h468-7pvh-8vr8
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dhxd-kknv-9qb7
11
url VCID-dj7q-4map-ebg4
vulnerability_id VCID-dj7q-4map-ebg4
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-43515
reference_id
reference_type
scores
0
value 0.00095
scoring_system epss
scoring_elements 0.26417
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-43515
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
3
reference_url https://github.com/apache/tomcat/commit/0659748659ec75253fea5aac72cab6f94e79c419
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/0659748659ec75253fea5aac72cab6f94e79c419
4
reference_url https://github.com/apache/tomcat/commit/276087d9c7abbcecc6c4fb4e4b08cf64780c6e36
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/276087d9c7abbcecc6c4fb4e4b08cf64780c6e36
5
reference_url https://github.com/apache/tomcat/commit/c621317382682206fb58ab92ebd3e1b6fdd10ce9
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/c621317382682206fb58ab92ebd3e1b6fdd10ce9
6
reference_url https://github.com/apache/tomcat/commit/db919ff9912b4d61d1b702a1342b8bde39270031
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/db919ff9912b4d61d1b702a1342b8bde39270031
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-43515
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-43515
8
reference_url https://tomcat.apache.org/security-10.html
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-10.html
9
reference_url https://tomcat.apache.org/security-11.html
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-11.html
10
reference_url https://tomcat.apache.org/security-9.html
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-9.html
11
reference_url http://www.openwall.com/lists/oss-security/2026/05/12/11
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2026/05/12/11
12
reference_url https://lists.apache.org/thread/746nxfxod0wsocxtmv8pb8nkgmwpc6bb
reference_id 746nxfxod0wsocxtmv8pb8nkgmwpc6bb
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-14T16:33:57Z/
url https://lists.apache.org/thread/746nxfxod0wsocxtmv8pb8nkgmwpc6bb
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-43515
reference_id CVE-2026-43515
reference_type
scores
0
value Moderate
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-43515
14
reference_url https://github.com/advisories/GHSA-5m62-pw8w-7w9f
reference_id GHSA-5m62-pw8w-7w9f
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-5m62-pw8w-7w9f
15
reference_url https://usn.ubuntu.com/8383-1/
reference_id USN-8383-1
reference_type
scores
url https://usn.ubuntu.com/8383-1/
16
reference_url https://usn.ubuntu.com/8417-1/
reference_id USN-8417-1
reference_type
scores
url https://usn.ubuntu.com/8417-1/
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@9.0.118
purl pkg:maven/org.apache.tomcat/tomcat@9.0.118
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.118
1
url pkg:maven/org.apache.tomcat/tomcat@10.1.55
purl pkg:maven/org.apache.tomcat/tomcat@10.1.55
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.55
2
url pkg:maven/org.apache.tomcat/tomcat@11.0.22
purl pkg:maven/org.apache.tomcat/tomcat@11.0.22
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@11.0.22
aliases CVE-2026-43515, GHSA-5m62-pw8w-7w9f
risk_score 4.1
exploitability 0.5
weighted_severity 8.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dj7q-4map-ebg4
12
url VCID-dx14-ejnx-37ad
vulnerability_id VCID-dx14-ejnx-37ad
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29885.json
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29885.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-29885
reference_id
reference_type
scores
0
value 0.55532
scoring_system epss
scoring_elements 0.98121
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-29885
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
4
reference_url https://github.com/apache/tomcat/commit/0fa7721f11d565a2cd2e44366c388ad6a3e6357d
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/0fa7721f11d565a2cd2e44366c388ad6a3e6357d
5
reference_url https://github.com/apache/tomcat/commit/36826ea638457d7e17876a70f89cb435b6db0d91
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/36826ea638457d7e17876a70f89cb435b6db0d91
6
reference_url https://github.com/apache/tomcat/commit/b679bc627f5a4ea6510af95adfb7476b07eba890
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/b679bc627f5a4ea6510af95adfb7476b07eba890
7
reference_url https://github.com/apache/tomcat/commit/eaafd28296c54d983e28a47953c1f5cb2c334f48
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/eaafd28296c54d983e28a47953c1f5cb2c334f48
8
reference_url https://lists.apache.org/thread/2b4qmhbcyqvc7dyfpjyx54c03x65vhcv
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread/2b4qmhbcyqvc7dyfpjyx54c03x65vhcv
9
reference_url https://security.netapp.com/advisory/ntap-20220629-0002
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20220629-0002
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2093014
reference_id 2093014
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2093014
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29885
reference_id CVE-2022-29885
reference_type
scores
0
value Low
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29885
12
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/51262.py
reference_id CVE-2022-29885
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/51262.py
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-29885
reference_id CVE-2022-29885
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-29885
14
reference_url https://github.com/advisories/GHSA-r84p-88g2-2vx2
reference_id GHSA-r84p-88g2-2vx2
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-r84p-88g2-2vx2
15
reference_url https://usn.ubuntu.com/6943-1/
reference_id USN-6943-1
reference_type
scores
url https://usn.ubuntu.com/6943-1/
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@8.5.79
purl pkg:maven/org.apache.tomcat/tomcat@8.5.79
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2hmq-5245-jyaf
1
vulnerability VCID-2n2k-sh22-fkfw
2
vulnerability VCID-3kn9-yxww-ryh4
3
vulnerability VCID-63vc-sc11-8kf1
4
vulnerability VCID-697g-gcg9-zyaa
5
vulnerability VCID-6wqu-jupw-tyhu
6
vulnerability VCID-7wr9-uez1-8bdg
7
vulnerability VCID-97et-ubnp-wqcy
8
vulnerability VCID-9xyf-k9wq-g7b9
9
vulnerability VCID-dhxd-kknv-9qb7
10
vulnerability VCID-dj7q-4map-ebg4
11
vulnerability VCID-hv33-kv9q-gugf
12
vulnerability VCID-keh1-ycs9-ybdd
13
vulnerability VCID-qxfb-yg6b-nfda
14
vulnerability VCID-s2kf-jwgc-pfas
15
vulnerability VCID-t8tc-zb3w-57gv
16
vulnerability VCID-uyc3-3cnp-wqf3
17
vulnerability VCID-v5zf-qfdq-kbbp
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@8.5.79
1
url pkg:maven/org.apache.tomcat/tomcat@9.0.63
purl pkg:maven/org.apache.tomcat/tomcat@9.0.63
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2hmq-5245-jyaf
1
vulnerability VCID-2n2k-sh22-fkfw
2
vulnerability VCID-3kn9-yxww-ryh4
3
vulnerability VCID-63vc-sc11-8kf1
4
vulnerability VCID-697g-gcg9-zyaa
5
vulnerability VCID-6wqu-jupw-tyhu
6
vulnerability VCID-7wr9-uez1-8bdg
7
vulnerability VCID-97et-ubnp-wqcy
8
vulnerability VCID-9xyf-k9wq-g7b9
9
vulnerability VCID-dhxd-kknv-9qb7
10
vulnerability VCID-dj7q-4map-ebg4
11
vulnerability VCID-hv33-kv9q-gugf
12
vulnerability VCID-hvgr-azs4-qqac
13
vulnerability VCID-keh1-ycs9-ybdd
14
vulnerability VCID-ngy5-k9cv-rkbn
15
vulnerability VCID-s2kf-jwgc-pfas
16
vulnerability VCID-t8tc-zb3w-57gv
17
vulnerability VCID-uyc3-3cnp-wqf3
18
vulnerability VCID-v5zf-qfdq-kbbp
19
vulnerability VCID-vnfg-9em7-u7ee
20
vulnerability VCID-x7wn-uamc-6bg5
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.63
2
url pkg:maven/org.apache.tomcat/tomcat@10.0.21
purl pkg:maven/org.apache.tomcat/tomcat@10.0.21
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2hmq-5245-jyaf
1
vulnerability VCID-3kn9-yxww-ryh4
2
vulnerability VCID-bbye-dcrb-t3ev
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.0.21
3
url pkg:maven/org.apache.tomcat/tomcat@10.1.0-M15
purl pkg:maven/org.apache.tomcat/tomcat@10.1.0-M15
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2n2k-sh22-fkfw
1
vulnerability VCID-63vc-sc11-8kf1
2
vulnerability VCID-697g-gcg9-zyaa
3
vulnerability VCID-6wqu-jupw-tyhu
4
vulnerability VCID-7wr9-uez1-8bdg
5
vulnerability VCID-97et-ubnp-wqcy
6
vulnerability VCID-9xyf-k9wq-g7b9
7
vulnerability VCID-bbye-dcrb-t3ev
8
vulnerability VCID-bwh8-tmf1-8uac
9
vulnerability VCID-dj7q-4map-ebg4
10
vulnerability VCID-hv33-kv9q-gugf
11
vulnerability VCID-hvgr-azs4-qqac
12
vulnerability VCID-keh1-ycs9-ybdd
13
vulnerability VCID-n4qq-m1x3-qkbz
14
vulnerability VCID-ngy5-k9cv-rkbn
15
vulnerability VCID-s2kf-jwgc-pfas
16
vulnerability VCID-t8tc-zb3w-57gv
17
vulnerability VCID-uyc3-3cnp-wqf3
18
vulnerability VCID-vnfg-9em7-u7ee
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.0-M15
4
url pkg:maven/org.apache.tomcat/tomcat@10.1.1
purl pkg:maven/org.apache.tomcat/tomcat@10.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2n2k-sh22-fkfw
1
vulnerability VCID-63vc-sc11-8kf1
2
vulnerability VCID-697g-gcg9-zyaa
3
vulnerability VCID-6wqu-jupw-tyhu
4
vulnerability VCID-7wr9-uez1-8bdg
5
vulnerability VCID-97et-ubnp-wqcy
6
vulnerability VCID-9xyf-k9wq-g7b9
7
vulnerability VCID-bwh8-tmf1-8uac
8
vulnerability VCID-dj7q-4map-ebg4
9
vulnerability VCID-hv33-kv9q-gugf
10
vulnerability VCID-hvgr-azs4-qqac
11
vulnerability VCID-keh1-ycs9-ybdd
12
vulnerability VCID-n4qq-m1x3-qkbz
13
vulnerability VCID-ngy5-k9cv-rkbn
14
vulnerability VCID-s2kf-jwgc-pfas
15
vulnerability VCID-t8tc-zb3w-57gv
16
vulnerability VCID-uyc3-3cnp-wqf3
17
vulnerability VCID-v5zf-qfdq-kbbp
18
vulnerability VCID-vnfg-9em7-u7ee
19
vulnerability VCID-x7wn-uamc-6bg5
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.1
aliases CVE-2022-29885, GHSA-r84p-88g2-2vx2
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dx14-ejnx-37ad
13
url VCID-euv9-huaz-y3d1
vulnerability_id VCID-euv9-huaz-y3d1
summary
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00084.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00084.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00088.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00088.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13934.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13934.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-13934
reference_id
reference_type
scores
0
value 0.2338
scoring_system epss
scoring_elements 0.96081
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-13934
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
6
reference_url https://github.com/apache/tomcat/commit/172977f04a5215128f1e278a688983dcd230f399
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/172977f04a5215128f1e278a688983dcd230f399
7
reference_url https://github.com/apache/tomcat/commit/923d834500802a61779318911d7898bd85fc950e
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/923d834500802a61779318911d7898bd85fc950e
8
reference_url https://github.com/apache/tomcat/commit/c9167ae30f3b03b112f3d81772e3450b7d0e6a25
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/c9167ae30f3b03b112f3d81772e3450b7d0e6a25
9
reference_url https://lists.apache.org/thread.html/r61f411cf82488d6ec213063fc15feeeb88e31b0ca9c29652ee4f962e%40%3Cannounce.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r61f411cf82488d6ec213063fc15feeeb88e31b0ca9c29652ee4f962e%40%3Cannounce.tomcat.apache.org%3E
10
reference_url https://lists.apache.org/thread.html/ra072b1f786e7d139e86f1d1145572e0ff71cef38a96d9c6f5362aac8@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/ra072b1f786e7d139e86f1d1145572e0ff71cef38a96d9c6f5362aac8@%3Cdev.tomcat.apache.org%3E
11
reference_url https://lists.debian.org/debian-lts-announce/2020/07/msg00017.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2020/07/msg00017.html
12
reference_url https://security.netapp.com/advisory/ntap-20200724-0003
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20200724-0003
13
reference_url https://usn.ubuntu.com/4596-1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/4596-1
14
reference_url https://www.debian.org/security/2020/dsa-4727
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2020/dsa-4727
15
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1857040
reference_id 1857040
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1857040
16
reference_url https://security.archlinux.org/AVG-1205
reference_id AVG-1205
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1205
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13934
reference_id CVE-2020-13934
reference_type
scores
0
value Moderate
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13934
18
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-13934
reference_id CVE-2020-13934
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-13934
19
reference_url https://github.com/advisories/GHSA-vf77-8h7g-gghp
reference_id GHSA-vf77-8h7g-gghp
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-vf77-8h7g-gghp
20
reference_url https://access.redhat.com/errata/RHSA-2020:3306
reference_id RHSA-2020:3306
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3306
21
reference_url https://access.redhat.com/errata/RHSA-2020:3308
reference_id RHSA-2020:3308
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3308
22
reference_url https://access.redhat.com/errata/RHSA-2020:3806
reference_id RHSA-2020:3806
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3806
23
reference_url https://access.redhat.com/errata/RHSA-2021:3140
reference_id RHSA-2021:3140
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3140
24
reference_url https://usn.ubuntu.com/4596-1/
reference_id USN-4596-1
reference_type
scores
url https://usn.ubuntu.com/4596-1/
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@8.5.56
purl pkg:maven/org.apache.tomcat/tomcat@8.5.56
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2hmq-5245-jyaf
1
vulnerability VCID-2n2k-sh22-fkfw
2
vulnerability VCID-3kn9-yxww-ryh4
3
vulnerability VCID-697g-gcg9-zyaa
4
vulnerability VCID-6wqu-jupw-tyhu
5
vulnerability VCID-7wr9-uez1-8bdg
6
vulnerability VCID-97et-ubnp-wqcy
7
vulnerability VCID-9xyf-k9wq-g7b9
8
vulnerability VCID-dhxd-kknv-9qb7
9
vulnerability VCID-dj7q-4map-ebg4
10
vulnerability VCID-dx14-ejnx-37ad
11
vulnerability VCID-euv9-huaz-y3d1
12
vulnerability VCID-hv33-kv9q-gugf
13
vulnerability VCID-keh1-ycs9-ybdd
14
vulnerability VCID-m3py-3ba2-jkg7
15
vulnerability VCID-nj9t-gdm3-6ycn
16
vulnerability VCID-p65m-6crd-bufr
17
vulnerability VCID-qvgx-r4rr-xugp
18
vulnerability VCID-qxfb-yg6b-nfda
19
vulnerability VCID-r9fd-ndvw-ekfa
20
vulnerability VCID-s2kf-jwgc-pfas
21
vulnerability VCID-t8tc-zb3w-57gv
22
vulnerability VCID-tvrz-n2kd-pba4
23
vulnerability VCID-uyc3-3cnp-wqf3
24
vulnerability VCID-v5zf-qfdq-kbbp
25
vulnerability VCID-vfh6-rc99-e3bf
26
vulnerability VCID-yjb8-hdqu-4fe5
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@8.5.56
1
url pkg:maven/org.apache.tomcat/tomcat@8.5.57
purl pkg:maven/org.apache.tomcat/tomcat@8.5.57
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2hmq-5245-jyaf
1
vulnerability VCID-2n2k-sh22-fkfw
2
vulnerability VCID-3kn9-yxww-ryh4
3
vulnerability VCID-697g-gcg9-zyaa
4
vulnerability VCID-6wqu-jupw-tyhu
5
vulnerability VCID-7wr9-uez1-8bdg
6
vulnerability VCID-97et-ubnp-wqcy
7
vulnerability VCID-9xyf-k9wq-g7b9
8
vulnerability VCID-dhxd-kknv-9qb7
9
vulnerability VCID-dj7q-4map-ebg4
10
vulnerability VCID-dx14-ejnx-37ad
11
vulnerability VCID-hv33-kv9q-gugf
12
vulnerability VCID-keh1-ycs9-ybdd
13
vulnerability VCID-m3py-3ba2-jkg7
14
vulnerability VCID-nj9t-gdm3-6ycn
15
vulnerability VCID-nstu-jfc5-3kgd
16
vulnerability VCID-qvgx-r4rr-xugp
17
vulnerability VCID-qxfb-yg6b-nfda
18
vulnerability VCID-r9fd-ndvw-ekfa
19
vulnerability VCID-s2kf-jwgc-pfas
20
vulnerability VCID-t8tc-zb3w-57gv
21
vulnerability VCID-tvrz-n2kd-pba4
22
vulnerability VCID-uyc3-3cnp-wqf3
23
vulnerability VCID-v5zf-qfdq-kbbp
24
vulnerability VCID-vfh6-rc99-e3bf
25
vulnerability VCID-yjb8-hdqu-4fe5
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@8.5.57
2
url pkg:maven/org.apache.tomcat/tomcat@9.0.36
purl pkg:maven/org.apache.tomcat/tomcat@9.0.36
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2hmq-5245-jyaf
1
vulnerability VCID-2n2k-sh22-fkfw
2
vulnerability VCID-3kn9-yxww-ryh4
3
vulnerability VCID-697g-gcg9-zyaa
4
vulnerability VCID-6wqu-jupw-tyhu
5
vulnerability VCID-7wr9-uez1-8bdg
6
vulnerability VCID-97et-ubnp-wqcy
7
vulnerability VCID-9xyf-k9wq-g7b9
8
vulnerability VCID-dhxd-kknv-9qb7
9
vulnerability VCID-dj7q-4map-ebg4
10
vulnerability VCID-dx14-ejnx-37ad
11
vulnerability VCID-euv9-huaz-y3d1
12
vulnerability VCID-hv33-kv9q-gugf
13
vulnerability VCID-keh1-ycs9-ybdd
14
vulnerability VCID-ngy5-k9cv-rkbn
15
vulnerability VCID-nj9t-gdm3-6ycn
16
vulnerability VCID-p65m-6crd-bufr
17
vulnerability VCID-qvgx-r4rr-xugp
18
vulnerability VCID-r9fd-ndvw-ekfa
19
vulnerability VCID-s2kf-jwgc-pfas
20
vulnerability VCID-t8tc-zb3w-57gv
21
vulnerability VCID-tvrz-n2kd-pba4
22
vulnerability VCID-uyc3-3cnp-wqf3
23
vulnerability VCID-v5zf-qfdq-kbbp
24
vulnerability VCID-vfh6-rc99-e3bf
25
vulnerability VCID-vnfg-9em7-u7ee
26
vulnerability VCID-yjb8-hdqu-4fe5
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.36
3
url pkg:maven/org.apache.tomcat/tomcat@9.0.37
purl pkg:maven/org.apache.tomcat/tomcat@9.0.37
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2hmq-5245-jyaf
1
vulnerability VCID-2n2k-sh22-fkfw
2
vulnerability VCID-3kn9-yxww-ryh4
3
vulnerability VCID-697g-gcg9-zyaa
4
vulnerability VCID-6wqu-jupw-tyhu
5
vulnerability VCID-7wr9-uez1-8bdg
6
vulnerability VCID-97et-ubnp-wqcy
7
vulnerability VCID-9xyf-k9wq-g7b9
8
vulnerability VCID-dhxd-kknv-9qb7
9
vulnerability VCID-dj7q-4map-ebg4
10
vulnerability VCID-dx14-ejnx-37ad
11
vulnerability VCID-hv33-kv9q-gugf
12
vulnerability VCID-keh1-ycs9-ybdd
13
vulnerability VCID-ngy5-k9cv-rkbn
14
vulnerability VCID-nj9t-gdm3-6ycn
15
vulnerability VCID-nstu-jfc5-3kgd
16
vulnerability VCID-qvgx-r4rr-xugp
17
vulnerability VCID-r9fd-ndvw-ekfa
18
vulnerability VCID-s2kf-jwgc-pfas
19
vulnerability VCID-t8tc-zb3w-57gv
20
vulnerability VCID-tvrz-n2kd-pba4
21
vulnerability VCID-uyc3-3cnp-wqf3
22
vulnerability VCID-v5zf-qfdq-kbbp
23
vulnerability VCID-vfh6-rc99-e3bf
24
vulnerability VCID-vnfg-9em7-u7ee
25
vulnerability VCID-yjb8-hdqu-4fe5
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.37
4
url pkg:maven/org.apache.tomcat/tomcat@10.0.0-M6
purl pkg:maven/org.apache.tomcat/tomcat@10.0.0-M6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-euv9-huaz-y3d1
1
vulnerability VCID-p65m-6crd-bufr
2
vulnerability VCID-qvgx-r4rr-xugp
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.0.0-M6
5
url pkg:maven/org.apache.tomcat/tomcat@10.0.0-M7
purl pkg:maven/org.apache.tomcat/tomcat@10.0.0-M7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-nstu-jfc5-3kgd
1
vulnerability VCID-qvgx-r4rr-xugp
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.0.0-M7
aliases CVE-2020-13934, GHSA-vf77-8h7g-gghp
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-euv9-huaz-y3d1
14
url VCID-gecz-htub-27gx
vulnerability_id VCID-gecz-htub-27gx
summary
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00064.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00064.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00072.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00072.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11996.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11996.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-11996
reference_id
reference_type
scores
0
value 0.45121
scoring_system epss
scoring_elements 0.97677
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-11996
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
6
reference_url https://github.com/apache/tomcat/commit/9434a44d3449d620b1be70206819f8275b4a7509
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/9434a44d3449d620b1be70206819f8275b4a7509
7
reference_url https://github.com/apache/tomcat/commit/9a0231683a77e2957cea0fdee88b193b30b0c976
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/9a0231683a77e2957cea0fdee88b193b30b0c976
8
reference_url https://github.com/apache/tomcat/commit/c8acd2ab7371e39aeca7c306f3b5380f00afe552
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/c8acd2ab7371e39aeca7c306f3b5380f00afe552
9
reference_url https://lists.apache.org/thread.html/r2529016c311ce9485e6f173446d469600fdfbb94dccadfcd9dfdac79@%3Cusers.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r2529016c311ce9485e6f173446d469600fdfbb94dccadfcd9dfdac79@%3Cusers.tomcat.apache.org%3E
10
reference_url https://lists.apache.org/thread.html/r3ea96d8f36dd404acce83df8aeb22a9e807d6c13ca9c5dec72f872cd@%3Cnotifications.ofbiz.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r3ea96d8f36dd404acce83df8aeb22a9e807d6c13ca9c5dec72f872cd@%3Cnotifications.ofbiz.apache.org%3E
11
reference_url https://lists.apache.org/thread.html/r5541ef6b6b68b49f76fc4c45695940116da2bcbe0312ef204a00a2e0%40%3Cannounce.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r5541ef6b6b68b49f76fc4c45695940116da2bcbe0312ef204a00a2e0%40%3Cannounce.tomcat.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/r5a4f80a6acc6607d61dae424b643b594c6188dd4e1eff04705c10db2@%3Cnotifications.ofbiz.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r5a4f80a6acc6607d61dae424b643b594c6188dd4e1eff04705c10db2@%3Cnotifications.ofbiz.apache.org%3E
13
reference_url https://lists.apache.org/thread.html/r6c29801370a36c1a5159679269777ad0c73276d3015b8bbefea66e5c@%3Cnotifications.ofbiz.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r6c29801370a36c1a5159679269777ad0c73276d3015b8bbefea66e5c@%3Cnotifications.ofbiz.apache.org%3E
14
reference_url https://lists.apache.org/thread.html/r74f5a8204efe574cbfcd95b2a16236fe95beb45c4d9fee3dc789dca9@%3Ccommits.ofbiz.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r74f5a8204efe574cbfcd95b2a16236fe95beb45c4d9fee3dc789dca9@%3Ccommits.ofbiz.apache.org%3E
15
reference_url https://lists.apache.org/thread.html/r8f3d416c193bc9384a8a7dd368623d441f5fcaff1057115008100561@%3Ccommits.ofbiz.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r8f3d416c193bc9384a8a7dd368623d441f5fcaff1057115008100561@%3Ccommits.ofbiz.apache.org%3E
16
reference_url https://lists.apache.org/thread.html/r8f7484589454638af527182ae55ef5b628ba00c05c5b11887c922fb1@%3Cnotifications.ofbiz.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r8f7484589454638af527182ae55ef5b628ba00c05c5b11887c922fb1@%3Cnotifications.ofbiz.apache.org%3E
17
reference_url https://lists.apache.org/thread.html/r93ca628ef3a4530dfe5ac49fddc795f0920a4b2a408b57a30926a42b@%3Ccommits.ofbiz.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r93ca628ef3a4530dfe5ac49fddc795f0920a4b2a408b57a30926a42b@%3Ccommits.ofbiz.apache.org%3E
18
reference_url https://lists.apache.org/thread.html/r9ad911fe49450ed9405827af0e7a74104041081ff91864b1f2546bbd@%3Cnotifications.ofbiz.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r9ad911fe49450ed9405827af0e7a74104041081ff91864b1f2546bbd@%3Cnotifications.ofbiz.apache.org%3E
19
reference_url https://lists.apache.org/thread.html/ra7092f7492569b39b04ec0decf52628ba86c51f15efb38f5853e2760@%3Cnotifications.ofbiz.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/ra7092f7492569b39b04ec0decf52628ba86c51f15efb38f5853e2760@%3Cnotifications.ofbiz.apache.org%3E
20
reference_url https://lists.apache.org/thread.html/rb4ee49ecc4c59620ffd5e66e84a17e526c2c3cfa95d0cd682d90d338@%3Cnotifications.ofbiz.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb4ee49ecc4c59620ffd5e66e84a17e526c2c3cfa95d0cd682d90d338@%3Cnotifications.ofbiz.apache.org%3E
21
reference_url https://lists.apache.org/thread.html/rb820f1a2a02bf07414be12c653c2ab5321fd87b9bf6c5e635c53ff4b@%3Cnotifications.ofbiz.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb820f1a2a02bf07414be12c653c2ab5321fd87b9bf6c5e635c53ff4b@%3Cnotifications.ofbiz.apache.org%3E
22
reference_url https://lists.apache.org/thread.html/rc80b96b4b96618b2b7461cb90664a428cfd6605eea9f74e51b792542@%3Cnotifications.ofbiz.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rc80b96b4b96618b2b7461cb90664a428cfd6605eea9f74e51b792542@%3Cnotifications.ofbiz.apache.org%3E
23
reference_url https://lists.apache.org/thread.html/rea65d6ef2e45dd1c45faae83922042732866c7b88fa109b76c83db52@%3Cnotifications.ofbiz.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rea65d6ef2e45dd1c45faae83922042732866c7b88fa109b76c83db52@%3Cnotifications.ofbiz.apache.org%3E
24
reference_url https://lists.apache.org/thread.html/ref0339792ac6dac1dba83c071a727ad72380899bde60f6aaad4031b9@%3Cnotifications.ofbiz.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/ref0339792ac6dac1dba83c071a727ad72380899bde60f6aaad4031b9@%3Cnotifications.ofbiz.apache.org%3E
25
reference_url https://lists.debian.org/debian-lts-announce/2020/07/msg00010.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2020/07/msg00010.html
26
reference_url https://security.netapp.com/advisory/ntap-20200709-0002
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20200709-0002
27
reference_url https://tomcat.apache.org/security-10.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-10.html
28
reference_url https://tomcat.apache.org/security-8.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-8.html
29
reference_url https://tomcat.apache.org/security-9.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-9.html
30
reference_url https://usn.ubuntu.com/4596-1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/4596-1
31
reference_url https://www.debian.org/security/2020/dsa-4727
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2020/dsa-4727
32
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1851420
reference_id 1851420
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1851420
33
reference_url https://security.archlinux.org/AVG-1196
reference_id AVG-1196
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1196
34
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11996
reference_id CVE-2020-11996
reference_type
scores
0
value Important
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11996
35
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-11996
reference_id CVE-2020-11996
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-11996
36
reference_url https://github.com/advisories/GHSA-53hp-jpwq-2jgq
reference_id GHSA-53hp-jpwq-2jgq
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-53hp-jpwq-2jgq
37
reference_url https://access.redhat.com/errata/RHSA-2020:5170
reference_id RHSA-2020:5170
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:5170
38
reference_url https://access.redhat.com/errata/RHSA-2020:5173
reference_id RHSA-2020:5173
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:5173
39
reference_url https://access.redhat.com/errata/RHSA-2020:5388
reference_id RHSA-2020:5388
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:5388
40
reference_url https://access.redhat.com/errata/RHSA-2021:0292
reference_id RHSA-2021:0292
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0292
41
reference_url https://access.redhat.com/errata/RHSA-2021:3140
reference_id RHSA-2021:3140
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3140
42
reference_url https://usn.ubuntu.com/4596-1/
reference_id USN-4596-1
reference_type
scores
url https://usn.ubuntu.com/4596-1/
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@8.5.55
purl pkg:maven/org.apache.tomcat/tomcat@8.5.55
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2hmq-5245-jyaf
1
vulnerability VCID-2n2k-sh22-fkfw
2
vulnerability VCID-3kn9-yxww-ryh4
3
vulnerability VCID-697g-gcg9-zyaa
4
vulnerability VCID-6wqu-jupw-tyhu
5
vulnerability VCID-7wr9-uez1-8bdg
6
vulnerability VCID-97et-ubnp-wqcy
7
vulnerability VCID-9xyf-k9wq-g7b9
8
vulnerability VCID-dhxd-kknv-9qb7
9
vulnerability VCID-dj7q-4map-ebg4
10
vulnerability VCID-dx14-ejnx-37ad
11
vulnerability VCID-euv9-huaz-y3d1
12
vulnerability VCID-fbxk-sjfu-eyf1
13
vulnerability VCID-gecz-htub-27gx
14
vulnerability VCID-hv33-kv9q-gugf
15
vulnerability VCID-keh1-ycs9-ybdd
16
vulnerability VCID-m3py-3ba2-jkg7
17
vulnerability VCID-nj9t-gdm3-6ycn
18
vulnerability VCID-p65m-6crd-bufr
19
vulnerability VCID-qvgx-r4rr-xugp
20
vulnerability VCID-qxfb-yg6b-nfda
21
vulnerability VCID-r9fd-ndvw-ekfa
22
vulnerability VCID-s2kf-jwgc-pfas
23
vulnerability VCID-t8tc-zb3w-57gv
24
vulnerability VCID-tvrz-n2kd-pba4
25
vulnerability VCID-uyc3-3cnp-wqf3
26
vulnerability VCID-v5zf-qfdq-kbbp
27
vulnerability VCID-vfh6-rc99-e3bf
28
vulnerability VCID-yjb8-hdqu-4fe5
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@8.5.55
1
url pkg:maven/org.apache.tomcat/tomcat@8.5.56
purl pkg:maven/org.apache.tomcat/tomcat@8.5.56
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2hmq-5245-jyaf
1
vulnerability VCID-2n2k-sh22-fkfw
2
vulnerability VCID-3kn9-yxww-ryh4
3
vulnerability VCID-697g-gcg9-zyaa
4
vulnerability VCID-6wqu-jupw-tyhu
5
vulnerability VCID-7wr9-uez1-8bdg
6
vulnerability VCID-97et-ubnp-wqcy
7
vulnerability VCID-9xyf-k9wq-g7b9
8
vulnerability VCID-dhxd-kknv-9qb7
9
vulnerability VCID-dj7q-4map-ebg4
10
vulnerability VCID-dx14-ejnx-37ad
11
vulnerability VCID-euv9-huaz-y3d1
12
vulnerability VCID-hv33-kv9q-gugf
13
vulnerability VCID-keh1-ycs9-ybdd
14
vulnerability VCID-m3py-3ba2-jkg7
15
vulnerability VCID-nj9t-gdm3-6ycn
16
vulnerability VCID-p65m-6crd-bufr
17
vulnerability VCID-qvgx-r4rr-xugp
18
vulnerability VCID-qxfb-yg6b-nfda
19
vulnerability VCID-r9fd-ndvw-ekfa
20
vulnerability VCID-s2kf-jwgc-pfas
21
vulnerability VCID-t8tc-zb3w-57gv
22
vulnerability VCID-tvrz-n2kd-pba4
23
vulnerability VCID-uyc3-3cnp-wqf3
24
vulnerability VCID-v5zf-qfdq-kbbp
25
vulnerability VCID-vfh6-rc99-e3bf
26
vulnerability VCID-yjb8-hdqu-4fe5
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@8.5.56
2
url pkg:maven/org.apache.tomcat/tomcat@9.0.35
purl pkg:maven/org.apache.tomcat/tomcat@9.0.35
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2hmq-5245-jyaf
1
vulnerability VCID-2n2k-sh22-fkfw
2
vulnerability VCID-3kn9-yxww-ryh4
3
vulnerability VCID-697g-gcg9-zyaa
4
vulnerability VCID-6wqu-jupw-tyhu
5
vulnerability VCID-7wr9-uez1-8bdg
6
vulnerability VCID-97et-ubnp-wqcy
7
vulnerability VCID-9xyf-k9wq-g7b9
8
vulnerability VCID-dhxd-kknv-9qb7
9
vulnerability VCID-dj7q-4map-ebg4
10
vulnerability VCID-dx14-ejnx-37ad
11
vulnerability VCID-euv9-huaz-y3d1
12
vulnerability VCID-fbxk-sjfu-eyf1
13
vulnerability VCID-gecz-htub-27gx
14
vulnerability VCID-hv33-kv9q-gugf
15
vulnerability VCID-keh1-ycs9-ybdd
16
vulnerability VCID-ngy5-k9cv-rkbn
17
vulnerability VCID-nj9t-gdm3-6ycn
18
vulnerability VCID-p65m-6crd-bufr
19
vulnerability VCID-qvgx-r4rr-xugp
20
vulnerability VCID-r9fd-ndvw-ekfa
21
vulnerability VCID-s2kf-jwgc-pfas
22
vulnerability VCID-t8tc-zb3w-57gv
23
vulnerability VCID-tvrz-n2kd-pba4
24
vulnerability VCID-uyc3-3cnp-wqf3
25
vulnerability VCID-v5zf-qfdq-kbbp
26
vulnerability VCID-vfh6-rc99-e3bf
27
vulnerability VCID-vnfg-9em7-u7ee
28
vulnerability VCID-yjb8-hdqu-4fe5
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.35
3
url pkg:maven/org.apache.tomcat/tomcat@9.0.36
purl pkg:maven/org.apache.tomcat/tomcat@9.0.36
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2hmq-5245-jyaf
1
vulnerability VCID-2n2k-sh22-fkfw
2
vulnerability VCID-3kn9-yxww-ryh4
3
vulnerability VCID-697g-gcg9-zyaa
4
vulnerability VCID-6wqu-jupw-tyhu
5
vulnerability VCID-7wr9-uez1-8bdg
6
vulnerability VCID-97et-ubnp-wqcy
7
vulnerability VCID-9xyf-k9wq-g7b9
8
vulnerability VCID-dhxd-kknv-9qb7
9
vulnerability VCID-dj7q-4map-ebg4
10
vulnerability VCID-dx14-ejnx-37ad
11
vulnerability VCID-euv9-huaz-y3d1
12
vulnerability VCID-hv33-kv9q-gugf
13
vulnerability VCID-keh1-ycs9-ybdd
14
vulnerability VCID-ngy5-k9cv-rkbn
15
vulnerability VCID-nj9t-gdm3-6ycn
16
vulnerability VCID-p65m-6crd-bufr
17
vulnerability VCID-qvgx-r4rr-xugp
18
vulnerability VCID-r9fd-ndvw-ekfa
19
vulnerability VCID-s2kf-jwgc-pfas
20
vulnerability VCID-t8tc-zb3w-57gv
21
vulnerability VCID-tvrz-n2kd-pba4
22
vulnerability VCID-uyc3-3cnp-wqf3
23
vulnerability VCID-v5zf-qfdq-kbbp
24
vulnerability VCID-vfh6-rc99-e3bf
25
vulnerability VCID-vnfg-9em7-u7ee
26
vulnerability VCID-yjb8-hdqu-4fe5
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.36
4
url pkg:maven/org.apache.tomcat/tomcat@10.0.0-M5
purl pkg:maven/org.apache.tomcat/tomcat@10.0.0-M5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-euv9-huaz-y3d1
1
vulnerability VCID-fbxk-sjfu-eyf1
2
vulnerability VCID-gecz-htub-27gx
3
vulnerability VCID-p65m-6crd-bufr
4
vulnerability VCID-qvgx-r4rr-xugp
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.0.0-M5
5
url pkg:maven/org.apache.tomcat/tomcat@10.0.0-M6
purl pkg:maven/org.apache.tomcat/tomcat@10.0.0-M6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-euv9-huaz-y3d1
1
vulnerability VCID-p65m-6crd-bufr
2
vulnerability VCID-qvgx-r4rr-xugp
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.0.0-M6
aliases CVE-2020-11996, GHSA-53hp-jpwq-2jgq
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gecz-htub-27gx
15
url VCID-hv33-kv9q-gugf
vulnerability_id VCID-hv33-kv9q-gugf
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-43513
reference_id
reference_type
scores
0
value 0.00082
scoring_system epss
scoring_elements 0.24017
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-43513
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
3
reference_url https://github.com/apache/tomcat/commit/4a90d3fa93988c447cd5bb7482f76ff70d7f15c2
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/4a90d3fa93988c447cd5bb7482f76ff70d7f15c2
4
reference_url https://github.com/apache/tomcat/commit/6dd75beb55bd42fc5f78e929596b25018cd17717
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/6dd75beb55bd42fc5f78e929596b25018cd17717
5
reference_url https://github.com/apache/tomcat/commit/83f3e51df7b87f5f6e626951c575ded1a512e8ef
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/83f3e51df7b87f5f6e626951c575ded1a512e8ef
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-43513
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-43513
7
reference_url https://tomcat.apache.org/security-10.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-10.html
8
reference_url https://tomcat.apache.org/security-11.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-11.html
9
reference_url https://tomcat.apache.org/security-9.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-9.html
10
reference_url http://www.openwall.com/lists/oss-security/2026/05/12/9
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2026/05/12/9
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-43513
reference_id CVE-2026-43513
reference_type
scores
0
value Low
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-43513
12
reference_url https://github.com/advisories/GHSA-5mp6-jrq3-r938
reference_id GHSA-5mp6-jrq3-r938
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-5mp6-jrq3-r938
13
reference_url https://usn.ubuntu.com/8383-1/
reference_id USN-8383-1
reference_type
scores
url https://usn.ubuntu.com/8383-1/
14
reference_url https://usn.ubuntu.com/8417-1/
reference_id USN-8417-1
reference_type
scores
url https://usn.ubuntu.com/8417-1/
15
reference_url https://lists.apache.org/thread/ytjcgldshj73lcnd1sh95od5hrghwogp
reference_id ytjcgldshj73lcnd1sh95od5hrghwogp
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-14T16:34:43Z/
url https://lists.apache.org/thread/ytjcgldshj73lcnd1sh95od5hrghwogp
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@9.0.118
purl pkg:maven/org.apache.tomcat/tomcat@9.0.118
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.118
1
url pkg:maven/org.apache.tomcat/tomcat@10.1.55
purl pkg:maven/org.apache.tomcat/tomcat@10.1.55
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.55
2
url pkg:maven/org.apache.tomcat/tomcat@11.0.22
purl pkg:maven/org.apache.tomcat/tomcat@11.0.22
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@11.0.22
aliases CVE-2026-43513, GHSA-5mp6-jrq3-r938
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hv33-kv9q-gugf
16
url VCID-keh1-ycs9-ybdd
vulnerability_id VCID-keh1-ycs9-ybdd
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61795.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61795.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-61795
reference_id
reference_type
scores
0
value 0.00129
scoring_system epss
scoring_elements 0.31943
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-61795
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
4
reference_url https://github.com/apache/tomcat/commit/1cdf5f730ede75a0759492f179ac21ca4ff68e06
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/1cdf5f730ede75a0759492f179ac21ca4ff68e06
5
reference_url https://github.com/apache/tomcat/commit/af6e9181620304c0d818121c29c074e1330610d0
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/af6e9181620304c0d818121c29c074e1330610d0
6
reference_url https://github.com/apache/tomcat/commit/afa422bd7ca1eef0f507259c682fd876494d9c3b
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/afa422bd7ca1eef0f507259c682fd876494d9c3b
7
reference_url https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.47
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value LOW
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.47
8
reference_url https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.12
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value LOW
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.12
9
reference_url https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.110
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value LOW
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.110
10
reference_url http://www.openwall.com/lists/oss-security/2025/10/27/6
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value LOW
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2025/10/27/6
11
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1119293
reference_id 1119293
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1119293
12
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1119294
reference_id 1119294
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1119294
13
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2406588
reference_id 2406588
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2406588
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61795
reference_id CVE-2025-61795
reference_type
scores
0
value Low
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61795
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-61795
reference_id CVE-2025-61795
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-61795
16
reference_url https://github.com/advisories/GHSA-hgrr-935x-pq79
reference_id GHSA-hgrr-935x-pq79
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-hgrr-935x-pq79
17
reference_url https://access.redhat.com/errata/RHSA-2025:19809
reference_id RHSA-2025:19809
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:19809
18
reference_url https://access.redhat.com/errata/RHSA-2025:19810
reference_id RHSA-2025:19810
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:19810
19
reference_url https://access.redhat.com/errata/RHSA-2025:23050
reference_id RHSA-2025:23050
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23050
20
reference_url https://access.redhat.com/errata/RHSA-2025:23051
reference_id RHSA-2025:23051
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23051
21
reference_url https://access.redhat.com/errata/RHSA-2026:6569
reference_id RHSA-2026:6569
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6569
22
reference_url https://access.redhat.com/errata/RHSA-2026:8334
reference_id RHSA-2026:8334
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8334
23
reference_url https://lists.apache.org/thread/wm9mx8brmx9g4zpywm06ryrtvd3160pp
reference_id wm9mx8brmx9g4zpywm06ryrtvd3160pp
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value LOW
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-27T18:48:52Z/
url https://lists.apache.org/thread/wm9mx8brmx9g4zpywm06ryrtvd3160pp
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@9.0.110
purl pkg:maven/org.apache.tomcat/tomcat@9.0.110
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2n2k-sh22-fkfw
1
vulnerability VCID-697g-gcg9-zyaa
2
vulnerability VCID-7wr9-uez1-8bdg
3
vulnerability VCID-97et-ubnp-wqcy
4
vulnerability VCID-9xyf-k9wq-g7b9
5
vulnerability VCID-bwh8-tmf1-8uac
6
vulnerability VCID-dhxd-kknv-9qb7
7
vulnerability VCID-dj7q-4map-ebg4
8
vulnerability VCID-hv33-kv9q-gugf
9
vulnerability VCID-hvgr-azs4-qqac
10
vulnerability VCID-n4qq-m1x3-qkbz
11
vulnerability VCID-nctp-shgj-sfgh
12
vulnerability VCID-s2kf-jwgc-pfas
13
vulnerability VCID-t8tc-zb3w-57gv
14
vulnerability VCID-vnfg-9em7-u7ee
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.110
1
url pkg:maven/org.apache.tomcat/tomcat@10.1.47
purl pkg:maven/org.apache.tomcat/tomcat@10.1.47
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2n2k-sh22-fkfw
1
vulnerability VCID-697g-gcg9-zyaa
2
vulnerability VCID-7wr9-uez1-8bdg
3
vulnerability VCID-97et-ubnp-wqcy
4
vulnerability VCID-9xyf-k9wq-g7b9
5
vulnerability VCID-bwh8-tmf1-8uac
6
vulnerability VCID-dj7q-4map-ebg4
7
vulnerability VCID-hv33-kv9q-gugf
8
vulnerability VCID-hvgr-azs4-qqac
9
vulnerability VCID-n4qq-m1x3-qkbz
10
vulnerability VCID-nctp-shgj-sfgh
11
vulnerability VCID-s2kf-jwgc-pfas
12
vulnerability VCID-t8tc-zb3w-57gv
13
vulnerability VCID-vnfg-9em7-u7ee
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.47
2
url pkg:maven/org.apache.tomcat/tomcat@11.0.12
purl pkg:maven/org.apache.tomcat/tomcat@11.0.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2n2k-sh22-fkfw
1
vulnerability VCID-697g-gcg9-zyaa
2
vulnerability VCID-7wr9-uez1-8bdg
3
vulnerability VCID-97et-ubnp-wqcy
4
vulnerability VCID-9xyf-k9wq-g7b9
5
vulnerability VCID-bwh8-tmf1-8uac
6
vulnerability VCID-dhxd-kknv-9qb7
7
vulnerability VCID-dj7q-4map-ebg4
8
vulnerability VCID-hv33-kv9q-gugf
9
vulnerability VCID-hvgr-azs4-qqac
10
vulnerability VCID-n4qq-m1x3-qkbz
11
vulnerability VCID-nctp-shgj-sfgh
12
vulnerability VCID-s2kf-jwgc-pfas
13
vulnerability VCID-t8tc-zb3w-57gv
14
vulnerability VCID-vnfg-9em7-u7ee
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@11.0.12
aliases CVE-2025-61795, GHSA-hgrr-935x-pq79
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-keh1-ycs9-ybdd
17
url VCID-m3py-3ba2-jkg7
vulnerability_id VCID-m3py-3ba2-jkg7
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-25762.json
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-25762.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-25762
reference_id
reference_type
scores
0
value 0.00646
scoring_system epss
scoring_elements 0.71195
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-25762
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
4
reference_url https://github.com/apache/tomcat/commit/01f2cf25b270a84d0daeefc4f215aa2f56e1df99
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/01f2cf25b270a84d0daeefc4f215aa2f56e1df99
5
reference_url https://github.com/apache/tomcat/commit/339b40bc07bdba9ded565929b9a3448c5a78f015
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/339b40bc07bdba9ded565929b9a3448c5a78f015
6
reference_url https://github.com/apache/tomcat/commit/65fb1ee548111021edde247f3b3c409ec95a5183
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/65fb1ee548111021edde247f3b3c409ec95a5183
7
reference_url https://github.com/apache/tomcat/commit/7046644bf361b89afc246b6643e24ce2ae60cacc
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/7046644bf361b89afc246b6643e24ce2ae60cacc
8
reference_url https://github.com/apache/tomcat/commit/e2d5a040b962a904db5264b3cb3282c6b05f823c
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/e2d5a040b962a904db5264b3cb3282c6b05f823c
9
reference_url https://lists.apache.org/thread/6ckmjfb1k61dyzkto9vm2k5jvt4o7w7c
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread/6ckmjfb1k61dyzkto9vm2k5jvt4o7w7c
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-25762
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-25762
11
reference_url https://security.netapp.com/advisory/ntap-20220629-0003
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20220629-0003
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2085304
reference_id 2085304
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2085304
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25762
reference_id CVE-2022-25762
reference_type
scores
0
value Important
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25762
14
reference_url https://github.com/advisories/GHSA-h3ch-5pp2-vh6w
reference_id GHSA-h3ch-5pp2-vh6w
reference_type
scores
url https://github.com/advisories/GHSA-h3ch-5pp2-vh6w
15
reference_url https://access.redhat.com/errata/RHSA-2020:4847
reference_id RHSA-2020:4847
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4847
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@8.5.75
purl pkg:maven/org.apache.tomcat/tomcat@8.5.75
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2hmq-5245-jyaf
1
vulnerability VCID-2n2k-sh22-fkfw
2
vulnerability VCID-3kn9-yxww-ryh4
3
vulnerability VCID-63vc-sc11-8kf1
4
vulnerability VCID-697g-gcg9-zyaa
5
vulnerability VCID-6wqu-jupw-tyhu
6
vulnerability VCID-7wr9-uez1-8bdg
7
vulnerability VCID-97et-ubnp-wqcy
8
vulnerability VCID-9xyf-k9wq-g7b9
9
vulnerability VCID-dhxd-kknv-9qb7
10
vulnerability VCID-dj7q-4map-ebg4
11
vulnerability VCID-dx14-ejnx-37ad
12
vulnerability VCID-hv33-kv9q-gugf
13
vulnerability VCID-keh1-ycs9-ybdd
14
vulnerability VCID-m3py-3ba2-jkg7
15
vulnerability VCID-qxfb-yg6b-nfda
16
vulnerability VCID-s2kf-jwgc-pfas
17
vulnerability VCID-t8tc-zb3w-57gv
18
vulnerability VCID-tvrz-n2kd-pba4
19
vulnerability VCID-uyc3-3cnp-wqf3
20
vulnerability VCID-v5zf-qfdq-kbbp
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@8.5.75
1
url pkg:maven/org.apache.tomcat/tomcat@8.5.76
purl pkg:maven/org.apache.tomcat/tomcat@8.5.76
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2hmq-5245-jyaf
1
vulnerability VCID-2n2k-sh22-fkfw
2
vulnerability VCID-3kn9-yxww-ryh4
3
vulnerability VCID-63vc-sc11-8kf1
4
vulnerability VCID-697g-gcg9-zyaa
5
vulnerability VCID-6wqu-jupw-tyhu
6
vulnerability VCID-7wr9-uez1-8bdg
7
vulnerability VCID-97et-ubnp-wqcy
8
vulnerability VCID-9xyf-k9wq-g7b9
9
vulnerability VCID-dhxd-kknv-9qb7
10
vulnerability VCID-dj7q-4map-ebg4
11
vulnerability VCID-dx14-ejnx-37ad
12
vulnerability VCID-hv33-kv9q-gugf
13
vulnerability VCID-keh1-ycs9-ybdd
14
vulnerability VCID-qxfb-yg6b-nfda
15
vulnerability VCID-s2kf-jwgc-pfas
16
vulnerability VCID-t8tc-zb3w-57gv
17
vulnerability VCID-tvrz-n2kd-pba4
18
vulnerability VCID-uyc3-3cnp-wqf3
19
vulnerability VCID-v5zf-qfdq-kbbp
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@8.5.76
2
url pkg:maven/org.apache.tomcat/tomcat@9.0.20
purl pkg:maven/org.apache.tomcat/tomcat@9.0.20
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2n2k-sh22-fkfw
1
vulnerability VCID-3kn9-yxww-ryh4
2
vulnerability VCID-5nu4-5ude-4yhc
3
vulnerability VCID-697g-gcg9-zyaa
4
vulnerability VCID-6wqu-jupw-tyhu
5
vulnerability VCID-7wr9-uez1-8bdg
6
vulnerability VCID-824z-m36f-87ea
7
vulnerability VCID-97et-ubnp-wqcy
8
vulnerability VCID-9xyf-k9wq-g7b9
9
vulnerability VCID-dhxd-kknv-9qb7
10
vulnerability VCID-dj7q-4map-ebg4
11
vulnerability VCID-dx14-ejnx-37ad
12
vulnerability VCID-euv9-huaz-y3d1
13
vulnerability VCID-gecz-htub-27gx
14
vulnerability VCID-hv33-kv9q-gugf
15
vulnerability VCID-keh1-ycs9-ybdd
16
vulnerability VCID-m3py-3ba2-jkg7
17
vulnerability VCID-ngy5-k9cv-rkbn
18
vulnerability VCID-nj9t-gdm3-6ycn
19
vulnerability VCID-p65m-6crd-bufr
20
vulnerability VCID-qvgx-r4rr-xugp
21
vulnerability VCID-qxbw-zvw5-ckdp
22
vulnerability VCID-r9fd-ndvw-ekfa
23
vulnerability VCID-s2kf-jwgc-pfas
24
vulnerability VCID-t7xw-r7rz-u3g5
25
vulnerability VCID-t8tc-zb3w-57gv
26
vulnerability VCID-tvrz-n2kd-pba4
27
vulnerability VCID-uyc3-3cnp-wqf3
28
vulnerability VCID-v5zf-qfdq-kbbp
29
vulnerability VCID-vfh6-rc99-e3bf
30
vulnerability VCID-vnfg-9em7-u7ee
31
vulnerability VCID-yg5s-2fsb-gub2
32
vulnerability VCID-yjb8-hdqu-4fe5
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.20
3
url pkg:maven/org.apache.tomcat/tomcat@9.0.21
purl pkg:maven/org.apache.tomcat/tomcat@9.0.21
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2n2k-sh22-fkfw
1
vulnerability VCID-3kn9-yxww-ryh4
2
vulnerability VCID-5nu4-5ude-4yhc
3
vulnerability VCID-697g-gcg9-zyaa
4
vulnerability VCID-6wqu-jupw-tyhu
5
vulnerability VCID-7wr9-uez1-8bdg
6
vulnerability VCID-824z-m36f-87ea
7
vulnerability VCID-97et-ubnp-wqcy
8
vulnerability VCID-9xyf-k9wq-g7b9
9
vulnerability VCID-dhxd-kknv-9qb7
10
vulnerability VCID-dj7q-4map-ebg4
11
vulnerability VCID-dx14-ejnx-37ad
12
vulnerability VCID-euv9-huaz-y3d1
13
vulnerability VCID-gecz-htub-27gx
14
vulnerability VCID-hv33-kv9q-gugf
15
vulnerability VCID-keh1-ycs9-ybdd
16
vulnerability VCID-ngy5-k9cv-rkbn
17
vulnerability VCID-nj9t-gdm3-6ycn
18
vulnerability VCID-p65m-6crd-bufr
19
vulnerability VCID-qvgx-r4rr-xugp
20
vulnerability VCID-qxbw-zvw5-ckdp
21
vulnerability VCID-r9fd-ndvw-ekfa
22
vulnerability VCID-s2kf-jwgc-pfas
23
vulnerability VCID-t7xw-r7rz-u3g5
24
vulnerability VCID-t8tc-zb3w-57gv
25
vulnerability VCID-tvrz-n2kd-pba4
26
vulnerability VCID-uyc3-3cnp-wqf3
27
vulnerability VCID-v5zf-qfdq-kbbp
28
vulnerability VCID-vfh6-rc99-e3bf
29
vulnerability VCID-vnfg-9em7-u7ee
30
vulnerability VCID-yg5s-2fsb-gub2
31
vulnerability VCID-yjb8-hdqu-4fe5
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.21
aliases CVE-2022-25762, GHSA-h3ch-5pp2-vh6w
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m3py-3ba2-jkg7
18
url VCID-nj9t-gdm3-6ycn
vulnerability_id VCID-nj9t-gdm3-6ycn
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-17527.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-17527.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-17527
reference_id
reference_type
scores
0
value 0.10506
scoring_system epss
scoring_elements 0.93425
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-17527
2
reference_url https://bz.apache.org/bugzilla/show_bug.cgi?id=64830
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://bz.apache.org/bugzilla/show_bug.cgi?id=64830
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
5
reference_url https://github.com/apache/tomcat/commit/21e3408671aac7e0d7e264e720cac8b1b189eb29
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/21e3408671aac7e0d7e264e720cac8b1b189eb29
6
reference_url https://github.com/apache/tomcat/commit/8d2fe6894d6e258a6d615d7f786acca80e6020cb
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/8d2fe6894d6e258a6d615d7f786acca80e6020cb
7
reference_url https://github.com/apache/tomcat/commit/d56293f816d6dc9e2b47107f208fa9e95db58c65
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/d56293f816d6dc9e2b47107f208fa9e95db58c65
8
reference_url https://lists.apache.org/thread.html/r26a2a66339087fc37db3caf201e446d3e83b5cce314371e235ff1784@%3Ccommits.tomee.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r26a2a66339087fc37db3caf201e446d3e83b5cce314371e235ff1784@%3Ccommits.tomee.apache.org%3E
9
reference_url https://lists.apache.org/thread.html/r2d6e05c5ff96f8068a59dfdb3800e9ee8d4e36ce1971783c6e5f9b20@%3Ccommits.tomee.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r2d6e05c5ff96f8068a59dfdb3800e9ee8d4e36ce1971783c6e5f9b20@%3Ccommits.tomee.apache.org%3E
10
reference_url https://lists.apache.org/thread.html/r5a285242737ddef4d338236328aaaf3237183e1465a5efafd16b99ed@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r5a285242737ddef4d338236328aaaf3237183e1465a5efafd16b99ed@%3Cdev.tomcat.apache.org%3E
11
reference_url https://lists.apache.org/thread.html/r8a227ac6a755a6406c1cc47dd48800e973d4cf13fe7fe68ac59c679c@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r8a227ac6a755a6406c1cc47dd48800e973d4cf13fe7fe68ac59c679c@%3Cdev.tomcat.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/r9fd47f1b03e9b41d16a5cf72659b533887267d3398d963c2fff3abfa@%3Ccommits.tomee.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r9fd47f1b03e9b41d16a5cf72659b533887267d3398d963c2fff3abfa@%3Ccommits.tomee.apache.org%3E
13
reference_url https://lists.apache.org/thread.html/ra35c8d617b17d59f400112cebadec43ad379f98198b4a9726190d7ee@%3Cissues.guacamole.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/ra35c8d617b17d59f400112cebadec43ad379f98198b4a9726190d7ee@%3Cissues.guacamole.apache.org%3E
14
reference_url https://lists.apache.org/thread.html/ra9fcdb904dd2e2256ef90b3e4ced279cd464cb0ab63a6c64df5c010d@%3Cannounce.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/ra9fcdb904dd2e2256ef90b3e4ced279cd464cb0ab63a6c64df5c010d@%3Cannounce.apache.org%3E
15
reference_url https://lists.apache.org/thread.html/ra9fcdb904dd2e2256ef90b3e4ced279cd464cb0ab63a6c64df5c010d@%3Cannounce.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/ra9fcdb904dd2e2256ef90b3e4ced279cd464cb0ab63a6c64df5c010d@%3Cannounce.tomcat.apache.org%3E
16
reference_url https://lists.apache.org/thread.html/raa0e9ad388c1e6fd1e301b5e080f9439f64cb4178119a86a4801cc53@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/raa0e9ad388c1e6fd1e301b5e080f9439f64cb4178119a86a4801cc53@%3Cdev.tomcat.apache.org%3E
17
reference_url https://lists.apache.org/thread.html/rabbe6b3ae6a9795641d7a05c00d2378d5bbbe4240b7e20f09b092cce@%3Cissues.guacamole.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rabbe6b3ae6a9795641d7a05c00d2378d5bbbe4240b7e20f09b092cce@%3Cissues.guacamole.apache.org%3E
18
reference_url https://lists.apache.org/thread.html/rbba08c4dcef3603e36276d49adda8eedbe458c5104314b4038f697e1@%3Cusers.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rbba08c4dcef3603e36276d49adda8eedbe458c5104314b4038f697e1@%3Cusers.tomcat.apache.org%3E
19
reference_url https://lists.apache.org/thread.html/rca833c6d42b7b9ce1563488c0929f29fcc95947d86e5e740258c8937@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rca833c6d42b7b9ce1563488c0929f29fcc95947d86e5e740258c8937@%3Cdev.tomcat.apache.org%3E
20
reference_url https://lists.apache.org/thread.html/rce5ac9a40173651d540babce59f6f3825f12c6d4e886ba00823b11e5@%3Cannounce.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rce5ac9a40173651d540babce59f6f3825f12c6d4e886ba00823b11e5@%3Cannounce.apache.org%3E
21
reference_url https://lists.apache.org/thread.html/rce5ac9a40173651d540babce59f6f3825f12c6d4e886ba00823b11e5@%3Cannounce.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rce5ac9a40173651d540babce59f6f3825f12c6d4e886ba00823b11e5@%3Cannounce.tomcat.apache.org%3E
22
reference_url https://lists.apache.org/thread.html/rce5ac9a40173651d540babce59f6f3825f12c6d4e886ba00823b11e5%40%3Cannounce.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rce5ac9a40173651d540babce59f6f3825f12c6d4e886ba00823b11e5%40%3Cannounce.tomcat.apache.org%3E
23
reference_url https://lists.apache.org/thread.html/rd5babd13d7a350b369b2f647b4dd32ce678af42f9aba5389df1ae6ca@%3Cusers.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rd5babd13d7a350b369b2f647b4dd32ce678af42f9aba5389df1ae6ca@%3Cusers.tomcat.apache.org%3E
24
reference_url https://lists.debian.org/debian-lts-announce/2020/12/msg00022.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2020/12/msg00022.html
25
reference_url https://security.netapp.com/advisory/ntap-20201210-0003
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20201210-0003
26
reference_url https://tomcat.apache.org/security-10.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-10.html
27
reference_url https://tomcat.apache.org/security-8.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-8.html
28
reference_url https://tomcat.apache.org/security-9.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-9.html
29
reference_url https://www.debian.org/security/2021/dsa-4835
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2021/dsa-4835
30
reference_url http://www.openwall.com/lists/oss-security/2020/12/03/3
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2020/12/03/3
31
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1904221
reference_id 1904221
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1904221
32
reference_url https://security.archlinux.org/ASA-202012-3
reference_id ASA-202012-3
reference_type
scores
url https://security.archlinux.org/ASA-202012-3
33
reference_url https://security.archlinux.org/AVG-1317
reference_id AVG-1317
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1317
34
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17527
reference_id CVE-2020-17527
reference_type
scores
0
value Moderate
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17527
35
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-17527
reference_id CVE-2020-17527
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-17527
36
reference_url https://github.com/advisories/GHSA-vvw4-rfwf-p6hx
reference_id GHSA-vvw4-rfwf-p6hx
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-vvw4-rfwf-p6hx
37
reference_url https://security.gentoo.org/glsa/202012-23
reference_id GLSA-202012-23
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202012-23
38
reference_url https://access.redhat.com/errata/RHSA-2021:0494
reference_id RHSA-2021:0494
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0494
39
reference_url https://access.redhat.com/errata/RHSA-2021:0495
reference_id RHSA-2021:0495
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0495
40
reference_url https://access.redhat.com/errata/RHSA-2021:4012
reference_id RHSA-2021:4012
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4012
41
reference_url https://access.redhat.com/errata/RHSA-2021:5134
reference_id RHSA-2021:5134
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5134
42
reference_url https://usn.ubuntu.com/5360-1/
reference_id USN-5360-1
reference_type
scores
url https://usn.ubuntu.com/5360-1/
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@8.5.60
purl pkg:maven/org.apache.tomcat/tomcat@8.5.60
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2hmq-5245-jyaf
1
vulnerability VCID-2n2k-sh22-fkfw
2
vulnerability VCID-3kn9-yxww-ryh4
3
vulnerability VCID-63vc-sc11-8kf1
4
vulnerability VCID-697g-gcg9-zyaa
5
vulnerability VCID-6wqu-jupw-tyhu
6
vulnerability VCID-7wr9-uez1-8bdg
7
vulnerability VCID-97et-ubnp-wqcy
8
vulnerability VCID-9xyf-k9wq-g7b9
9
vulnerability VCID-bbye-dcrb-t3ev
10
vulnerability VCID-dhxd-kknv-9qb7
11
vulnerability VCID-dj7q-4map-ebg4
12
vulnerability VCID-dx14-ejnx-37ad
13
vulnerability VCID-hv33-kv9q-gugf
14
vulnerability VCID-keh1-ycs9-ybdd
15
vulnerability VCID-m3py-3ba2-jkg7
16
vulnerability VCID-qxfb-yg6b-nfda
17
vulnerability VCID-r9fd-ndvw-ekfa
18
vulnerability VCID-s2kf-jwgc-pfas
19
vulnerability VCID-t8tc-zb3w-57gv
20
vulnerability VCID-tvrz-n2kd-pba4
21
vulnerability VCID-uyc3-3cnp-wqf3
22
vulnerability VCID-v5zf-qfdq-kbbp
23
vulnerability VCID-vfh6-rc99-e3bf
24
vulnerability VCID-yjb8-hdqu-4fe5
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@8.5.60
1
url pkg:maven/org.apache.tomcat/tomcat@9.0.40
purl pkg:maven/org.apache.tomcat/tomcat@9.0.40
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2hmq-5245-jyaf
1
vulnerability VCID-2n2k-sh22-fkfw
2
vulnerability VCID-3kn9-yxww-ryh4
3
vulnerability VCID-63vc-sc11-8kf1
4
vulnerability VCID-697g-gcg9-zyaa
5
vulnerability VCID-6wqu-jupw-tyhu
6
vulnerability VCID-7wr9-uez1-8bdg
7
vulnerability VCID-97et-ubnp-wqcy
8
vulnerability VCID-9xyf-k9wq-g7b9
9
vulnerability VCID-bbye-dcrb-t3ev
10
vulnerability VCID-dhxd-kknv-9qb7
11
vulnerability VCID-dj7q-4map-ebg4
12
vulnerability VCID-dx14-ejnx-37ad
13
vulnerability VCID-hv33-kv9q-gugf
14
vulnerability VCID-hvgr-azs4-qqac
15
vulnerability VCID-keh1-ycs9-ybdd
16
vulnerability VCID-ngy5-k9cv-rkbn
17
vulnerability VCID-r9fd-ndvw-ekfa
18
vulnerability VCID-s2kf-jwgc-pfas
19
vulnerability VCID-t8tc-zb3w-57gv
20
vulnerability VCID-tvrz-n2kd-pba4
21
vulnerability VCID-uyc3-3cnp-wqf3
22
vulnerability VCID-v5zf-qfdq-kbbp
23
vulnerability VCID-vfh6-rc99-e3bf
24
vulnerability VCID-vnfg-9em7-u7ee
25
vulnerability VCID-x7wn-uamc-6bg5
26
vulnerability VCID-yjb8-hdqu-4fe5
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.40
2
url pkg:maven/org.apache.tomcat/tomcat@10.0.0-M10
purl pkg:maven/org.apache.tomcat/tomcat@10.0.0-M10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bbye-dcrb-t3ev
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.0.0-M10
3
url pkg:maven/org.apache.tomcat/tomcat@10.0.2
purl pkg:maven/org.apache.tomcat/tomcat@10.0.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2hmq-5245-jyaf
1
vulnerability VCID-3kn9-yxww-ryh4
2
vulnerability VCID-bbye-dcrb-t3ev
3
vulnerability VCID-dx14-ejnx-37ad
4
vulnerability VCID-r9fd-ndvw-ekfa
5
vulnerability VCID-tvrz-n2kd-pba4
6
vulnerability VCID-vfh6-rc99-e3bf
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.0.2
aliases CVE-2020-17527, GHSA-vvw4-rfwf-p6hx
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nj9t-gdm3-6ycn
19
url VCID-p65m-6crd-bufr
vulnerability_id VCID-p65m-6crd-bufr
summary
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00084.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00084.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00088.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00088.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13935.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13935.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-13935
reference_id
reference_type
scores
0
value 0.92155
scoring_system epss
scoring_elements 0.99726
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-13935
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
6
reference_url https://github.com/apache/tomcat/commit/12d715676038efbf9c728af10163f8277fc019d5
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/12d715676038efbf9c728af10163f8277fc019d5
7
reference_url https://github.com/apache/tomcat/commit/1c1c77b0efb667cea80b532440b44cea1dc427c3
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/1c1c77b0efb667cea80b532440b44cea1dc427c3
8
reference_url https://github.com/apache/tomcat/commit/40fa74c74822711ab878079d0a69f7357926723d
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/40fa74c74822711ab878079d0a69f7357926723d
9
reference_url https://github.com/apache/tomcat/commit/4c04982870d6e730c38e21e58fb653b7cf723784
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/4c04982870d6e730c38e21e58fb653b7cf723784
10
reference_url https://github.com/apache/tomcat/commit/f9f75c14678b68633f79030ddf4ff827f014cc84
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/f9f75c14678b68633f79030ddf4ff827f014cc84
11
reference_url https://lists.apache.org/thread.html/r4e5d3c09f4dd2923191e972408b40fb8b42dbff0bc7904d44b651e50@%3Cusers.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r4e5d3c09f4dd2923191e972408b40fb8b42dbff0bc7904d44b651e50@%3Cusers.tomcat.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/rd48c72bd3255bda87564d4da3791517c074d94f8a701f93b85752651%40%3Cannounce.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rd48c72bd3255bda87564d4da3791517c074d94f8a701f93b85752651%40%3Cannounce.tomcat.apache.org%3E
13
reference_url https://lists.debian.org/debian-lts-announce/2020/07/msg00017.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2020/07/msg00017.html
14
reference_url https://security.netapp.com/advisory/ntap-20200724-0003
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20200724-0003
15
reference_url https://security.netapp.com/advisory/ntap-20200724-0003/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20200724-0003/
16
reference_url https://tomcat.apache.org/security-10.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-10.html
17
reference_url https://tomcat.apache.org/security-7.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-7.html
18
reference_url https://tomcat.apache.org/security-8.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-8.html
19
reference_url https://tomcat.apache.org/security-9.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-9.html
20
reference_url https://usn.ubuntu.com/4448-1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/4448-1
21
reference_url https://usn.ubuntu.com/4448-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/4448-1/
22
reference_url https://usn.ubuntu.com/4596-1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/4596-1
23
reference_url https://www.debian.org/security/2020/dsa-4727
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2020/dsa-4727
24
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1857024
reference_id 1857024
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1857024
25
reference_url https://security.archlinux.org/AVG-1205
reference_id AVG-1205
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1205
26
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13935
reference_id CVE-2020-13935
reference_type
scores
0
value Important
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13935
27
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-13935
reference_id CVE-2020-13935
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-13935
28
reference_url https://github.com/advisories/GHSA-m7jv-hq7h-mq7c
reference_id GHSA-m7jv-hq7h-mq7c
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-m7jv-hq7h-mq7c
29
reference_url https://access.redhat.com/errata/RHSA-2020:3303
reference_id RHSA-2020:3303
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3303
30
reference_url https://access.redhat.com/errata/RHSA-2020:3305
reference_id RHSA-2020:3305
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3305
31
reference_url https://access.redhat.com/errata/RHSA-2020:3306
reference_id RHSA-2020:3306
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3306
32
reference_url https://access.redhat.com/errata/RHSA-2020:3308
reference_id RHSA-2020:3308
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3308
33
reference_url https://access.redhat.com/errata/RHSA-2020:3382
reference_id RHSA-2020:3382
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3382
34
reference_url https://access.redhat.com/errata/RHSA-2020:3383
reference_id RHSA-2020:3383
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3383
35
reference_url https://access.redhat.com/errata/RHSA-2020:3806
reference_id RHSA-2020:3806
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3806
36
reference_url https://access.redhat.com/errata/RHSA-2020:4004
reference_id RHSA-2020:4004
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4004
37
reference_url https://access.redhat.com/errata/RHSA-2021:3140
reference_id RHSA-2021:3140
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3140
38
reference_url https://access.redhat.com/errata/RHSA-2022:5458
reference_id RHSA-2022:5458
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5458
39
reference_url https://access.redhat.com/errata/RHSA-2022:5459
reference_id RHSA-2022:5459
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5459
40
reference_url https://access.redhat.com/errata/RHSA-2022:5460
reference_id RHSA-2022:5460
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5460
41
reference_url https://usn.ubuntu.com/4596-1/
reference_id USN-4596-1
reference_type
scores
url https://usn.ubuntu.com/4596-1/
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@8.5.57
purl pkg:maven/org.apache.tomcat/tomcat@8.5.57
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2hmq-5245-jyaf
1
vulnerability VCID-2n2k-sh22-fkfw
2
vulnerability VCID-3kn9-yxww-ryh4
3
vulnerability VCID-697g-gcg9-zyaa
4
vulnerability VCID-6wqu-jupw-tyhu
5
vulnerability VCID-7wr9-uez1-8bdg
6
vulnerability VCID-97et-ubnp-wqcy
7
vulnerability VCID-9xyf-k9wq-g7b9
8
vulnerability VCID-dhxd-kknv-9qb7
9
vulnerability VCID-dj7q-4map-ebg4
10
vulnerability VCID-dx14-ejnx-37ad
11
vulnerability VCID-hv33-kv9q-gugf
12
vulnerability VCID-keh1-ycs9-ybdd
13
vulnerability VCID-m3py-3ba2-jkg7
14
vulnerability VCID-nj9t-gdm3-6ycn
15
vulnerability VCID-nstu-jfc5-3kgd
16
vulnerability VCID-qvgx-r4rr-xugp
17
vulnerability VCID-qxfb-yg6b-nfda
18
vulnerability VCID-r9fd-ndvw-ekfa
19
vulnerability VCID-s2kf-jwgc-pfas
20
vulnerability VCID-t8tc-zb3w-57gv
21
vulnerability VCID-tvrz-n2kd-pba4
22
vulnerability VCID-uyc3-3cnp-wqf3
23
vulnerability VCID-v5zf-qfdq-kbbp
24
vulnerability VCID-vfh6-rc99-e3bf
25
vulnerability VCID-yjb8-hdqu-4fe5
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@8.5.57
1
url pkg:maven/org.apache.tomcat/tomcat@9.0.37
purl pkg:maven/org.apache.tomcat/tomcat@9.0.37
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2hmq-5245-jyaf
1
vulnerability VCID-2n2k-sh22-fkfw
2
vulnerability VCID-3kn9-yxww-ryh4
3
vulnerability VCID-697g-gcg9-zyaa
4
vulnerability VCID-6wqu-jupw-tyhu
5
vulnerability VCID-7wr9-uez1-8bdg
6
vulnerability VCID-97et-ubnp-wqcy
7
vulnerability VCID-9xyf-k9wq-g7b9
8
vulnerability VCID-dhxd-kknv-9qb7
9
vulnerability VCID-dj7q-4map-ebg4
10
vulnerability VCID-dx14-ejnx-37ad
11
vulnerability VCID-hv33-kv9q-gugf
12
vulnerability VCID-keh1-ycs9-ybdd
13
vulnerability VCID-ngy5-k9cv-rkbn
14
vulnerability VCID-nj9t-gdm3-6ycn
15
vulnerability VCID-nstu-jfc5-3kgd
16
vulnerability VCID-qvgx-r4rr-xugp
17
vulnerability VCID-r9fd-ndvw-ekfa
18
vulnerability VCID-s2kf-jwgc-pfas
19
vulnerability VCID-t8tc-zb3w-57gv
20
vulnerability VCID-tvrz-n2kd-pba4
21
vulnerability VCID-uyc3-3cnp-wqf3
22
vulnerability VCID-v5zf-qfdq-kbbp
23
vulnerability VCID-vfh6-rc99-e3bf
24
vulnerability VCID-vnfg-9em7-u7ee
25
vulnerability VCID-yjb8-hdqu-4fe5
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.37
2
url pkg:maven/org.apache.tomcat/tomcat@10.0.0-M7
purl pkg:maven/org.apache.tomcat/tomcat@10.0.0-M7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-nstu-jfc5-3kgd
1
vulnerability VCID-qvgx-r4rr-xugp
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.0.0-M7
aliases CVE-2020-13935, GHSA-m7jv-hq7h-mq7c
risk_score 10.0
exploitability 2.0
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p65m-6crd-bufr
20
url VCID-qvgx-r4rr-xugp
vulnerability_id VCID-qvgx-r4rr-xugp
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-24122.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-24122.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-24122
reference_id
reference_type
scores
0
value 0.61383
scoring_system epss
scoring_elements 0.98352
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-24122
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
4
reference_url https://github.com/apache/tomcat/commit/7f004ac4531c45f9a2a2d1470561fe135cf27bc2
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/7f004ac4531c45f9a2a2d1470561fe135cf27bc2
5
reference_url https://github.com/apache/tomcat/commit/800b03140e640f8892f27021e681645e8e320177
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/800b03140e640f8892f27021e681645e8e320177
6
reference_url https://github.com/apache/tomcat/commit/920dddbdb981f92e8d5872a4bb126a10af5ca8a9
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/920dddbdb981f92e8d5872a4bb126a10af5ca8a9
7
reference_url https://github.com/apache/tomcat/commit/935fc5582dc25ae10bab6f9d5629ff8d996cb533
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/935fc5582dc25ae10bab6f9d5629ff8d996cb533
8
reference_url https://lists.apache.org/thread.html/r1595889b083e05986f42b944dc43060d6b083022260b6ea64d2cec52@%3Cannounce.apache.org%3E
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r1595889b083e05986f42b944dc43060d6b083022260b6ea64d2cec52@%3Cannounce.apache.org%3E
9
reference_url https://lists.apache.org/thread.html/r1595889b083e05986f42b944dc43060d6b083022260b6ea64d2cec52@%3Cannounce.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r1595889b083e05986f42b944dc43060d6b083022260b6ea64d2cec52@%3Cannounce.tomcat.apache.org%3E
10
reference_url https://lists.apache.org/thread.html/r1595889b083e05986f42b944dc43060d6b083022260b6ea64d2cec52%40%3Cannounce.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r1595889b083e05986f42b944dc43060d6b083022260b6ea64d2cec52%40%3Cannounce.tomcat.apache.org%3E
11
reference_url https://lists.apache.org/thread.html/r7382e1e35b9bc7c8f320b90ad77e74c13172d08034e20c18000fe710@%3Cdev.tomee.apache.org%3E
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r7382e1e35b9bc7c8f320b90ad77e74c13172d08034e20c18000fe710@%3Cdev.tomee.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/r776c64337495bf28b7d5597268114a888e3fad6045c40a0da0c66d4d@%3Cdev.tomee.apache.org%3E
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r776c64337495bf28b7d5597268114a888e3fad6045c40a0da0c66d4d@%3Cdev.tomee.apache.org%3E
13
reference_url https://lists.apache.org/thread.html/r7e0bb9ea415724550e2b325e143b23e269579e54d66fcd7754bd0c20@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r7e0bb9ea415724550e2b325e143b23e269579e54d66fcd7754bd0c20@%3Cdev.tomcat.apache.org%3E
14
reference_url https://lists.apache.org/thread.html/rb32a73b7cb919d4f44a2596b6b951274c0004fc8b0e393d6829a45f9@%3Cusers.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb32a73b7cb919d4f44a2596b6b951274c0004fc8b0e393d6829a45f9@%3Cusers.tomcat.apache.org%3E
15
reference_url https://lists.apache.org/thread.html/rca833c6d42b7b9ce1563488c0929f29fcc95947d86e5e740258c8937@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rca833c6d42b7b9ce1563488c0929f29fcc95947d86e5e740258c8937@%3Cdev.tomcat.apache.org%3E
16
reference_url https://lists.debian.org/debian-lts-announce/2021/03/msg00018.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2021/03/msg00018.html
17
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-24122
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-24122
18
reference_url https://security.netapp.com/advisory/ntap-20210212-0008
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20210212-0008
19
reference_url https://tomcat.apache.org/security-10.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-10.html
20
reference_url https://tomcat.apache.org/security-7.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-7.html
21
reference_url https://tomcat.apache.org/security-8.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-8.html
22
reference_url https://tomcat.apache.org/security-9.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-9.html
23
reference_url http://www.openwall.com/lists/oss-security/2021/01/14/1
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2021/01/14/1
24
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1917209
reference_id 1917209
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1917209
25
reference_url https://security.archlinux.org/AVG-1452
reference_id AVG-1452
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1452
26
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24122
reference_id CVE-2021-24122
reference_type
scores
0
value Important
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24122
27
reference_url https://github.com/advisories/GHSA-2rvv-w9r2-rg7m
reference_id GHSA-2rvv-w9r2-rg7m
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-2rvv-w9r2-rg7m
28
reference_url https://access.redhat.com/errata/RHSA-2021:0494
reference_id RHSA-2021:0494
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0494
29
reference_url https://access.redhat.com/errata/RHSA-2021:0495
reference_id RHSA-2021:0495
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0495
30
reference_url https://access.redhat.com/errata/RHSA-2021:3425
reference_id RHSA-2021:3425
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3425
31
reference_url https://access.redhat.com/errata/RHSA-2022:5532
reference_id RHSA-2022:5532
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5532
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@8.5.60
purl pkg:maven/org.apache.tomcat/tomcat@8.5.60
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2hmq-5245-jyaf
1
vulnerability VCID-2n2k-sh22-fkfw
2
vulnerability VCID-3kn9-yxww-ryh4
3
vulnerability VCID-63vc-sc11-8kf1
4
vulnerability VCID-697g-gcg9-zyaa
5
vulnerability VCID-6wqu-jupw-tyhu
6
vulnerability VCID-7wr9-uez1-8bdg
7
vulnerability VCID-97et-ubnp-wqcy
8
vulnerability VCID-9xyf-k9wq-g7b9
9
vulnerability VCID-bbye-dcrb-t3ev
10
vulnerability VCID-dhxd-kknv-9qb7
11
vulnerability VCID-dj7q-4map-ebg4
12
vulnerability VCID-dx14-ejnx-37ad
13
vulnerability VCID-hv33-kv9q-gugf
14
vulnerability VCID-keh1-ycs9-ybdd
15
vulnerability VCID-m3py-3ba2-jkg7
16
vulnerability VCID-qxfb-yg6b-nfda
17
vulnerability VCID-r9fd-ndvw-ekfa
18
vulnerability VCID-s2kf-jwgc-pfas
19
vulnerability VCID-t8tc-zb3w-57gv
20
vulnerability VCID-tvrz-n2kd-pba4
21
vulnerability VCID-uyc3-3cnp-wqf3
22
vulnerability VCID-v5zf-qfdq-kbbp
23
vulnerability VCID-vfh6-rc99-e3bf
24
vulnerability VCID-yjb8-hdqu-4fe5
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@8.5.60
1
url pkg:maven/org.apache.tomcat/tomcat@9.0.40
purl pkg:maven/org.apache.tomcat/tomcat@9.0.40
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2hmq-5245-jyaf
1
vulnerability VCID-2n2k-sh22-fkfw
2
vulnerability VCID-3kn9-yxww-ryh4
3
vulnerability VCID-63vc-sc11-8kf1
4
vulnerability VCID-697g-gcg9-zyaa
5
vulnerability VCID-6wqu-jupw-tyhu
6
vulnerability VCID-7wr9-uez1-8bdg
7
vulnerability VCID-97et-ubnp-wqcy
8
vulnerability VCID-9xyf-k9wq-g7b9
9
vulnerability VCID-bbye-dcrb-t3ev
10
vulnerability VCID-dhxd-kknv-9qb7
11
vulnerability VCID-dj7q-4map-ebg4
12
vulnerability VCID-dx14-ejnx-37ad
13
vulnerability VCID-hv33-kv9q-gugf
14
vulnerability VCID-hvgr-azs4-qqac
15
vulnerability VCID-keh1-ycs9-ybdd
16
vulnerability VCID-ngy5-k9cv-rkbn
17
vulnerability VCID-r9fd-ndvw-ekfa
18
vulnerability VCID-s2kf-jwgc-pfas
19
vulnerability VCID-t8tc-zb3w-57gv
20
vulnerability VCID-tvrz-n2kd-pba4
21
vulnerability VCID-uyc3-3cnp-wqf3
22
vulnerability VCID-v5zf-qfdq-kbbp
23
vulnerability VCID-vfh6-rc99-e3bf
24
vulnerability VCID-vnfg-9em7-u7ee
25
vulnerability VCID-x7wn-uamc-6bg5
26
vulnerability VCID-yjb8-hdqu-4fe5
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.40
2
url pkg:maven/org.apache.tomcat/tomcat@10.0.0-M10
purl pkg:maven/org.apache.tomcat/tomcat@10.0.0-M10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bbye-dcrb-t3ev
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.0.0-M10
aliases CVE-2021-24122, GHSA-2rvv-w9r2-rg7m
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qvgx-r4rr-xugp
21
url VCID-qxfb-yg6b-nfda
vulnerability_id VCID-qxfb-yg6b-nfda
summary
references
0
reference_url https://access.redhat.com/errata/RHSA-2018:1320
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:1320
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1305.json
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1305.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-1305
reference_id
reference_type
scores
0
value 0.21578
scoring_system epss
scoring_elements 0.95848
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-1305
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
5
reference_url https://github.com/apache/tomcat/commit/2349801827f09fb6582a8afdeca704294106ad9a
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/2349801827f09fb6582a8afdeca704294106ad9a
6
reference_url https://github.com/apache/tomcat/commit/2aac69f694d42d9219eb27018b3da0ae1bdd73ab
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/2aac69f694d42d9219eb27018b3da0ae1bdd73ab
7
reference_url https://github.com/apache/tomcat/commit/3e54b2a6314eda11617ff7a7b899c251e222b1a1
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/3e54b2a6314eda11617ff7a7b899c251e222b1a1
8
reference_url https://github.com/apache/tomcat/commit/4d637bc3986e5d09b9363e2144b8ba74fa6eac3a
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/4d637bc3986e5d09b9363e2144b8ba74fa6eac3a
9
reference_url https://github.com/apache/tomcat/commit/c63b96d72cd39287e17b2ba698f4eee0ba508073
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/c63b96d72cd39287e17b2ba698f4eee0ba508073
10
reference_url https://github.com/apache/tomcat/commit/de6b4fd58b64828f374503b9ec76a12017b92895
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/de6b4fd58b64828f374503b9ec76a12017b92895
11
reference_url https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba@%3Cdev.tomcat.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E
13
reference_url https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E
14
reference_url https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E
15
reference_url https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb@%3Cdev.tomcat.apache.org%3E
16
reference_url https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E
17
reference_url https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424@%3Cdev.tomcat.apache.org%3E
18
reference_url https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E
19
reference_url https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E
20
reference_url https://lists.apache.org/thread.html/d3354bb0a4eda4acc0a66f3eb24a213fdb75d12c7d16060b23e65781@%3Cannounce.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/d3354bb0a4eda4acc0a66f3eb24a213fdb75d12c7d16060b23e65781@%3Cannounce.tomcat.apache.org%3E
21
reference_url https://lists.apache.org/thread.html/d3354bb0a4eda4acc0a66f3eb24a213fdb75d12c7d16060b23e65781%40%3Cannounce.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/d3354bb0a4eda4acc0a66f3eb24a213fdb75d12c7d16060b23e65781%40%3Cannounce.tomcat.apache.org%3E
22
reference_url https://lists.apache.org/thread.html/e85e83e9954f169bbb77b44baae5a33d8de878df557bb32b7f793661@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/e85e83e9954f169bbb77b44baae5a33d8de878df557bb32b7f793661@%3Cdev.tomcat.apache.org%3E
23
reference_url https://lists.apache.org/thread.html/eb6efa8d59c45a7a9eff94c4b925467d3b3fec8ba7697f3daa314b04@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/eb6efa8d59c45a7a9eff94c4b925467d3b3fec8ba7697f3daa314b04@%3Cdev.tomcat.apache.org%3E
24
reference_url https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E
25
reference_url https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E
26
reference_url https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9@%3Cdev.tomcat.apache.org%3E
27
reference_url https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E
28
reference_url https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a@%3Cdev.tomcat.apache.org%3E
29
reference_url https://lists.debian.org/debian-lts-announce/2018/03/msg00004.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2018/03/msg00004.html
30
reference_url https://lists.debian.org/debian-lts-announce/2018/06/msg00008.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2018/06/msg00008.html
31
reference_url https://lists.debian.org/debian-lts-announce/2018/07/msg00044.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2018/07/msg00044.html
32
reference_url https://security.netapp.com/advisory/ntap-20180706-0001
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20180706-0001
33
reference_url https://security.netapp.com/advisory/ntap-20180706-0001/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20180706-0001/
34
reference_url https://svn.apache.org/viewvc?view=rev&rev=1823310
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1823310
35
reference_url https://svn.apache.org/viewvc?view=rev&rev=1823314
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1823314
36
reference_url https://svn.apache.org/viewvc?view=rev&rev=1823319
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1823319
37
reference_url https://svn.apache.org/viewvc?view=rev&rev=1823322
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1823322
38
reference_url https://svn.apache.org/viewvc?view=rev&rev=1824323
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1824323
39
reference_url https://svn.apache.org/viewvc?view=rev&rev=1824358
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1824358
40
reference_url https://svn.apache.org/viewvc?view=rev&rev=1824359
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1824359
41
reference_url https://svn.apache.org/viewvc?view=rev&rev=1824360
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=1824360
42
reference_url https://usn.ubuntu.com/3665-1
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/3665-1
43
reference_url https://web.archive.org/web/20200227030042/http://www.securityfocus.com/bid/103144
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200227030042/http://www.securityfocus.com/bid/103144
44
reference_url https://web.archive.org/web/20200516094320/http://www.securitytracker.com/id/1040428
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200516094320/http://www.securitytracker.com/id/1040428
45
reference_url http://www.securityfocus.com/bid/103144
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/103144
46
reference_url http://www.securitytracker.com/id/1040428
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1040428
47
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1548282
reference_id 1548282
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1548282
48
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1305
reference_id CVE-2018-1305
reference_type
scores
0
value Important
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1305
49
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-1305
reference_id CVE-2018-1305
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-1305
50
reference_url https://github.com/advisories/GHSA-jx6h-3fjx-cgv5
reference_id GHSA-jx6h-3fjx-cgv5
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-jx6h-3fjx-cgv5
51
reference_url https://access.redhat.com/errata/RHSA-2018:0465
reference_id RHSA-2018:0465
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:0465
52
reference_url https://access.redhat.com/errata/RHSA-2018:0466
reference_id RHSA-2018:0466
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:0466
53
reference_url https://access.redhat.com/errata/RHSA-2018:2939
reference_id RHSA-2018:2939
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:2939
54
reference_url https://access.redhat.com/errata/RHSA-2019:2205
reference_id RHSA-2019:2205
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:2205
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@9.0.5
purl pkg:maven/org.apache.tomcat/tomcat@9.0.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2n2k-sh22-fkfw
1
vulnerability VCID-3977-sdws-euh4
2
vulnerability VCID-3kn9-yxww-ryh4
3
vulnerability VCID-4c8y-tn9d-v3d5
4
vulnerability VCID-5nu4-5ude-4yhc
5
vulnerability VCID-697g-gcg9-zyaa
6
vulnerability VCID-6wqu-jupw-tyhu
7
vulnerability VCID-7wr9-uez1-8bdg
8
vulnerability VCID-824z-m36f-87ea
9
vulnerability VCID-97et-ubnp-wqcy
10
vulnerability VCID-9gs9-4vzf-uqbu
11
vulnerability VCID-9xyf-k9wq-g7b9
12
vulnerability VCID-dj7q-4map-ebg4
13
vulnerability VCID-euv9-huaz-y3d1
14
vulnerability VCID-evws-hrsq-ybfw
15
vulnerability VCID-ftu2-phtp-bqad
16
vulnerability VCID-gecz-htub-27gx
17
vulnerability VCID-ht8m-9gxn-mkaa
18
vulnerability VCID-hv33-kv9q-gugf
19
vulnerability VCID-k11z-qhvd-9ugj
20
vulnerability VCID-keh1-ycs9-ybdd
21
vulnerability VCID-m3py-3ba2-jkg7
22
vulnerability VCID-ngy5-k9cv-rkbn
23
vulnerability VCID-nj9t-gdm3-6ycn
24
vulnerability VCID-p65m-6crd-bufr
25
vulnerability VCID-qvgx-r4rr-xugp
26
vulnerability VCID-qxbw-zvw5-ckdp
27
vulnerability VCID-r9fd-ndvw-ekfa
28
vulnerability VCID-s2kf-jwgc-pfas
29
vulnerability VCID-t7xw-r7rz-u3g5
30
vulnerability VCID-t8tc-zb3w-57gv
31
vulnerability VCID-tvrz-n2kd-pba4
32
vulnerability VCID-uyc3-3cnp-wqf3
33
vulnerability VCID-v5zf-qfdq-kbbp
34
vulnerability VCID-vfh6-rc99-e3bf
35
vulnerability VCID-w35j-v3r4-tqhu
36
vulnerability VCID-x57v-g2md-7bbq
37
vulnerability VCID-yg5s-2fsb-gub2
38
vulnerability VCID-yjb8-hdqu-4fe5
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.5
aliases CVE-2018-1305, GHSA-jx6h-3fjx-cgv5
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qxfb-yg6b-nfda
22
url VCID-r9fd-ndvw-ekfa
vulnerability_id VCID-r9fd-ndvw-ekfa
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-41079.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-41079.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-41079
reference_id
reference_type
scores
0
value 0.00103
scoring_system epss
scoring_elements 0.27687
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-41079
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
4
reference_url https://github.com/apache/tomcat/commit/34115fb3c83f6cd97772232316a492a4cc5729e0
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/34115fb3c83f6cd97772232316a492a4cc5729e0
5
reference_url https://github.com/apache/tomcat/commit/b90d4fc1ff44f30e4b3aba622ba6677e3f003822
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/b90d4fc1ff44f30e4b3aba622ba6677e3f003822
6
reference_url https://github.com/apache/tomcat/commit/d4b340fa8feaf55831f9a59350578f7b6ca048b8
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/d4b340fa8feaf55831f9a59350578f7b6ca048b8
7
reference_url https://lists.apache.org/thread.html/r6b6b674e3f168dd010e67dbe6848b866e2acf26371452fdae313b98a@%3Cusers.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r6b6b674e3f168dd010e67dbe6848b866e2acf26371452fdae313b98a@%3Cusers.tomcat.apache.org%3E
8
reference_url https://lists.apache.org/thread.html/rb4de81ac647043541a32881099aa6eb5a23f1b7fd116f713f8ab9dbe@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb4de81ac647043541a32881099aa6eb5a23f1b7fd116f713f8ab9dbe@%3Cdev.tomcat.apache.org%3E
9
reference_url https://lists.apache.org/thread.html/rccdef0349fdf4fb73a4e4403095446d7fe6264e0a58e2df5c6799434%40%3Cannounce.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rccdef0349fdf4fb73a4e4403095446d7fe6264e0a58e2df5c6799434%40%3Cannounce.tomcat.apache.org%3E
10
reference_url https://lists.debian.org/debian-lts-announce/2021/09/msg00012.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2021/09/msg00012.html
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-41079
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-41079
12
reference_url https://security.netapp.com/advisory/ntap-20211008-0005
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20211008-0005
13
reference_url https://security.netapp.com/advisory/ntap-20211008-0005/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20211008-0005/
14
reference_url https://www.debian.org/security/2021/dsa-4986
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2021/dsa-4986
15
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2004820
reference_id 2004820
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2004820
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41079
reference_id CVE-2021-41079
reference_type
scores
0
value Important
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41079
17
reference_url https://github.com/advisories/GHSA-59g9-7gfx-c72p
reference_id GHSA-59g9-7gfx-c72p
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-59g9-7gfx-c72p
18
reference_url https://access.redhat.com/errata/RHSA-2021:3741
reference_id RHSA-2021:3741
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3741
19
reference_url https://access.redhat.com/errata/RHSA-2021:3743
reference_id RHSA-2021:3743
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3743
20
reference_url https://access.redhat.com/errata/RHSA-2022:1179
reference_id RHSA-2022:1179
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1179
21
reference_url https://access.redhat.com/errata/RHSA-2022:5532
reference_id RHSA-2022:5532
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5532
22
reference_url https://usn.ubuntu.com/5360-1/
reference_id USN-5360-1
reference_type
scores
url https://usn.ubuntu.com/5360-1/
23
reference_url https://usn.ubuntu.com/6943-1/
reference_id USN-6943-1
reference_type
scores
url https://usn.ubuntu.com/6943-1/
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@8.5.64
purl pkg:maven/org.apache.tomcat/tomcat@8.5.64
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2hmq-5245-jyaf
1
vulnerability VCID-2n2k-sh22-fkfw
2
vulnerability VCID-3kn9-yxww-ryh4
3
vulnerability VCID-63vc-sc11-8kf1
4
vulnerability VCID-697g-gcg9-zyaa
5
vulnerability VCID-6wqu-jupw-tyhu
6
vulnerability VCID-7wr9-uez1-8bdg
7
vulnerability VCID-97et-ubnp-wqcy
8
vulnerability VCID-9xyf-k9wq-g7b9
9
vulnerability VCID-bbye-dcrb-t3ev
10
vulnerability VCID-dhxd-kknv-9qb7
11
vulnerability VCID-dj7q-4map-ebg4
12
vulnerability VCID-dx14-ejnx-37ad
13
vulnerability VCID-hv33-kv9q-gugf
14
vulnerability VCID-keh1-ycs9-ybdd
15
vulnerability VCID-m3py-3ba2-jkg7
16
vulnerability VCID-ndb1-hdsw-v7fq
17
vulnerability VCID-qxfb-yg6b-nfda
18
vulnerability VCID-s2kf-jwgc-pfas
19
vulnerability VCID-t8tc-zb3w-57gv
20
vulnerability VCID-tvrz-n2kd-pba4
21
vulnerability VCID-uyc3-3cnp-wqf3
22
vulnerability VCID-v5zf-qfdq-kbbp
23
vulnerability VCID-vfh6-rc99-e3bf
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@8.5.64
1
url pkg:maven/org.apache.tomcat/tomcat@9.0.44
purl pkg:maven/org.apache.tomcat/tomcat@9.0.44
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2hmq-5245-jyaf
1
vulnerability VCID-2n2k-sh22-fkfw
2
vulnerability VCID-3kn9-yxww-ryh4
3
vulnerability VCID-63vc-sc11-8kf1
4
vulnerability VCID-697g-gcg9-zyaa
5
vulnerability VCID-6wqu-jupw-tyhu
6
vulnerability VCID-7wr9-uez1-8bdg
7
vulnerability VCID-97et-ubnp-wqcy
8
vulnerability VCID-9xyf-k9wq-g7b9
9
vulnerability VCID-bbye-dcrb-t3ev
10
vulnerability VCID-dhxd-kknv-9qb7
11
vulnerability VCID-dj7q-4map-ebg4
12
vulnerability VCID-dx14-ejnx-37ad
13
vulnerability VCID-hv33-kv9q-gugf
14
vulnerability VCID-hvgr-azs4-qqac
15
vulnerability VCID-keh1-ycs9-ybdd
16
vulnerability VCID-ndb1-hdsw-v7fq
17
vulnerability VCID-ngy5-k9cv-rkbn
18
vulnerability VCID-s2kf-jwgc-pfas
19
vulnerability VCID-t8tc-zb3w-57gv
20
vulnerability VCID-tvrz-n2kd-pba4
21
vulnerability VCID-uyc3-3cnp-wqf3
22
vulnerability VCID-v5zf-qfdq-kbbp
23
vulnerability VCID-vfh6-rc99-e3bf
24
vulnerability VCID-vnfg-9em7-u7ee
25
vulnerability VCID-x7wn-uamc-6bg5
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.44
2
url pkg:maven/org.apache.tomcat/tomcat@10.0.4
purl pkg:maven/org.apache.tomcat/tomcat@10.0.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2hmq-5245-jyaf
1
vulnerability VCID-3kn9-yxww-ryh4
2
vulnerability VCID-bbye-dcrb-t3ev
3
vulnerability VCID-dx14-ejnx-37ad
4
vulnerability VCID-ndb1-hdsw-v7fq
5
vulnerability VCID-tvrz-n2kd-pba4
6
vulnerability VCID-vfh6-rc99-e3bf
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.0.4
aliases CVE-2021-41079, GHSA-59g9-7gfx-c72p
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r9fd-ndvw-ekfa
23
url VCID-s2kf-jwgc-pfas
vulnerability_id VCID-s2kf-jwgc-pfas
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43514.json
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43514.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-43514
reference_id
reference_type
scores
0
value 0.001
scoring_system epss
scoring_elements 0.27214
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-43514
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
4
reference_url https://github.com/apache/tomcat/commit/2e676264ce27448a4d4841e42c1238bd10ca3755
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/2e676264ce27448a4d4841e42c1238bd10ca3755
5
reference_url https://github.com/apache/tomcat/commit/933dcdbf2515972280002929e7e597dead2e9ffa
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/933dcdbf2515972280002929e7e597dead2e9ffa
6
reference_url https://github.com/apache/tomcat/commit/a102a2a157868ca51d83eaf5a119ccd9976a113e
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/a102a2a157868ca51d83eaf5a119ccd9976a113e
7
reference_url https://github.com/apache/tomcat/commit/a90c358400c133b6173c6b26591923bf814a8508
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/a90c358400c133b6173c6b26591923bf814a8508
8
reference_url https://github.com/apache/tomcat/commit/d35d9d23263c8e4af561f615c960c91697ff200e
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/d35d9d23263c8e4af561f615c960c91697ff200e
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-43514
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-43514
10
reference_url https://tomcat.apache.org/security-10.html
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-10.html
11
reference_url https://tomcat.apache.org/security-11.html
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-11.html
12
reference_url https://tomcat.apache.org/security-9.html
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-9.html
13
reference_url http://www.openwall.com/lists/oss-security/2026/05/12/10
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2026/05/12/10
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2476512
reference_id 2476512
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2476512
15
reference_url https://lists.apache.org/thread/2k654v5cq123npfsd1b2kk1y30owqb1m
reference_id 2k654v5cq123npfsd1b2kk1y30owqb1m
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-13T17:22:38Z/
url https://lists.apache.org/thread/2k654v5cq123npfsd1b2kk1y30owqb1m
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-43514
reference_id CVE-2026-43514
reference_type
scores
0
value Low
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-43514
17
reference_url https://github.com/advisories/GHSA-9m89-8frq-c98c
reference_id GHSA-9m89-8frq-c98c
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-9m89-8frq-c98c
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@9.0.118
purl pkg:maven/org.apache.tomcat/tomcat@9.0.118
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.118
1
url pkg:maven/org.apache.tomcat/tomcat@10.1.55
purl pkg:maven/org.apache.tomcat/tomcat@10.1.55
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.55
2
url pkg:maven/org.apache.tomcat/tomcat@11.0.22
purl pkg:maven/org.apache.tomcat/tomcat@11.0.22
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@11.0.22
aliases CVE-2026-43514, GHSA-9m89-8frq-c98c
risk_score 1.6
exploitability 0.5
weighted_severity 3.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-s2kf-jwgc-pfas
24
url VCID-t7xw-r7rz-u3g5
vulnerability_id VCID-t7xw-r7rz-u3g5
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1938.json
reference_id
reference_type
scores
0
value 7.6
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1938.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-1938
reference_id
reference_type
scores
0
value 0.94469
scoring_system epss
scoring_elements 0.99998
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-1938
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
4
reference_url https://github.com/apache/tomcat/commit/03c436126db6794db5277a3b3d871016fb9a3f23
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/03c436126db6794db5277a3b3d871016fb9a3f23
5
reference_url https://github.com/apache/tomcat/commit/0d633e72ebc7b3c242d0081c23bba5e4dacd9b72
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/0d633e72ebc7b3c242d0081c23bba5e4dacd9b72
6
reference_url https://github.com/apache/tomcat/commit/0e8a50f0a5958744bea1fd6768c862e04d3b7e75
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/0e8a50f0a5958744bea1fd6768c862e04d3b7e75
7
reference_url https://github.com/apache/tomcat/commit/40d5d93bd284033cf4a1f77f5492444f83d803e2
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/40d5d93bd284033cf4a1f77f5492444f83d803e2
8
reference_url https://github.com/apache/tomcat/commit/49ad3f954f69c6e838c8cd112ad79aa5fa8e7153
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/49ad3f954f69c6e838c8cd112ad79aa5fa8e7153
9
reference_url https://github.com/apache/tomcat/commit/5a5494f023e81aa353e262fb14fff4cd0338a67c
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/5a5494f023e81aa353e262fb14fff4cd0338a67c
10
reference_url https://github.com/apache/tomcat/commit/64159aa1d7cdc2c118fcb5eac098e70129d54a19
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/64159aa1d7cdc2c118fcb5eac098e70129d54a19
11
reference_url https://github.com/apache/tomcat/commit/64fa5b99442589ef0bf2a7fcd71ad2bc68b35fad
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/64fa5b99442589ef0bf2a7fcd71ad2bc68b35fad
12
reference_url https://github.com/apache/tomcat/commit/69c56080fb3355507e1b55d014ec0ee6767a6150
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/69c56080fb3355507e1b55d014ec0ee6767a6150
13
reference_url https://github.com/apache/tomcat/commit/7a1406a3cd20fdd90656add6cd8f27ef8f24e957
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/7a1406a3cd20fdd90656add6cd8f27ef8f24e957
14
reference_url https://github.com/apache/tomcat/commit/9ac90532e9a7d239f90952edb229b07c80a9a3eb
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/9ac90532e9a7d239f90952edb229b07c80a9a3eb
15
reference_url https://github.com/apache/tomcat/commit/9be57601efb8a81e3832feb0dd60b1eb9d2b61d5
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/9be57601efb8a81e3832feb0dd60b1eb9d2b61d5
16
reference_url https://github.com/apache/tomcat/commit/b962835f98b905286b78c414d5aaec2d0e711f75
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/b962835f98b905286b78c414d5aaec2d0e711f75
17
reference_url https://github.com/apache/tomcat/commit/b99fba5bd796d876ea536e83299603443842feba
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/b99fba5bd796d876ea536e83299603443842feba
18
reference_url https://github.com/apache/tomcat/commit/f7180bafc74cb1250c9e9287b68a230f0e1f4645
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/f7180bafc74cb1250c9e9287b68a230f0e1f4645
19
reference_url https://lists.apache.org/thread.html/r089dc67c0358a1556dd279c762c74f32d7a254a54836b7ee2d839d8e@%3Cdev.tomee.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r089dc67c0358a1556dd279c762c74f32d7a254a54836b7ee2d839d8e@%3Cdev.tomee.apache.org%3E
20
reference_url https://lists.apache.org/thread.html/r1125f3044a0946d1e7e6f125a6170b58d413ebd4a95157e4608041c7@%3Cannounce.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r1125f3044a0946d1e7e6f125a6170b58d413ebd4a95157e4608041c7@%3Cannounce.apache.org%3E
21
reference_url https://lists.apache.org/thread.html/r17aaa3a05b5b7fe9075613dd0c681efa60a4f8c8fbad152c61371b6e@%3Cusers.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r17aaa3a05b5b7fe9075613dd0c681efa60a4f8c8fbad152c61371b6e@%3Cusers.tomcat.apache.org%3E
22
reference_url https://lists.apache.org/thread.html/r38a5b7943b9a62ecb853acc22ef08ff586a7b3c66e08f949f0396ab1@%3Cusers.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r38a5b7943b9a62ecb853acc22ef08ff586a7b3c66e08f949f0396ab1@%3Cusers.tomcat.apache.org%3E
23
reference_url https://lists.apache.org/thread.html/r43faacf64570b1d9a4bada407a5af3b2738b0c007b905f1b6b608c65@%3Cusers.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r43faacf64570b1d9a4bada407a5af3b2738b0c007b905f1b6b608c65@%3Cusers.tomcat.apache.org%3E
24
reference_url https://lists.apache.org/thread.html/r47caef01f663106c2bb81d116b8380d62beac9e543dd3f3bc2c2beda@%3Ccommits.tomee.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r47caef01f663106c2bb81d116b8380d62beac9e543dd3f3bc2c2beda@%3Ccommits.tomee.apache.org%3E
25
reference_url https://lists.apache.org/thread.html/r4afa11e0464408e68f0e9560e90b185749363a66398b1491254f7864@%3Cusers.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r4afa11e0464408e68f0e9560e90b185749363a66398b1491254f7864@%3Cusers.tomcat.apache.org%3E
26
reference_url https://lists.apache.org/thread.html/r4f86cb260196e5cfcbbe782822c225ddcc70f54560f14a8f11c6926f@%3Cusers.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r4f86cb260196e5cfcbbe782822c225ddcc70f54560f14a8f11c6926f@%3Cusers.tomcat.apache.org%3E
27
reference_url https://lists.apache.org/thread.html/r549b43509e387a42656f0641fa311bf27c127c244fe02007d5b8d6f6@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r549b43509e387a42656f0641fa311bf27c127c244fe02007d5b8d6f6@%3Cdev.tomcat.apache.org%3E
28
reference_url https://lists.apache.org/thread.html/r57f5e4ced436ace518a9e222fabe27fb785f09f5bf974814cc48ca97@%3Ccommits.tomee.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r57f5e4ced436ace518a9e222fabe27fb785f09f5bf974814cc48ca97@%3Ccommits.tomee.apache.org%3E
29
reference_url https://lists.apache.org/thread.html/r5e2f1201b92ee05a0527cfc076a81ea0c270be299b87895c0ddbe02b@%3Cusers.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r5e2f1201b92ee05a0527cfc076a81ea0c270be299b87895c0ddbe02b@%3Cusers.tomcat.apache.org%3E
30
reference_url https://lists.apache.org/thread.html/r61f280a76902b594692f0b24a1dbf647bb5a4c197b9395e9a6796e7c@%3Cusers.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r61f280a76902b594692f0b24a1dbf647bb5a4c197b9395e9a6796e7c@%3Cusers.tomcat.apache.org%3E
31
reference_url https://lists.apache.org/thread.html/r6a5633cad1b560a1e51f5b425f02918bdf30e090fdf18c5f7c2617eb@%3Ccommits.tomee.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r6a5633cad1b560a1e51f5b425f02918bdf30e090fdf18c5f7c2617eb@%3Ccommits.tomee.apache.org%3E
32
reference_url https://lists.apache.org/thread.html/r74328b178f9f37fe759dffbc9c1f2793e66d79d7a8a20d3836551794@%3Cnotifications.ofbiz.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r74328b178f9f37fe759dffbc9c1f2793e66d79d7a8a20d3836551794@%3Cnotifications.ofbiz.apache.org%3E
33
reference_url https://lists.apache.org/thread.html/r75113652e46c4dee687236510649acfb70d2c63e074152049c3f399d@%3Cnotifications.ofbiz.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r75113652e46c4dee687236510649acfb70d2c63e074152049c3f399d@%3Cnotifications.ofbiz.apache.org%3E
34
reference_url https://lists.apache.org/thread.html/r772335e6851ad33ddb076218fa4ff70de1bf398d5b43e2ddf0130e5d@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r772335e6851ad33ddb076218fa4ff70de1bf398d5b43e2ddf0130e5d@%3Cdev.tomcat.apache.org%3E
35
reference_url https://lists.apache.org/thread.html/r856cdd87eda7af40b50278d6de80ee4b42d63adeb433a34a7bdaf9db@%3Cnotifications.ofbiz.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r856cdd87eda7af40b50278d6de80ee4b42d63adeb433a34a7bdaf9db@%3Cnotifications.ofbiz.apache.org%3E
36
reference_url https://lists.apache.org/thread.html/r8f7484589454638af527182ae55ef5b628ba00c05c5b11887c922fb1@%3Cnotifications.ofbiz.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r8f7484589454638af527182ae55ef5b628ba00c05c5b11887c922fb1@%3Cnotifications.ofbiz.apache.org%3E
37
reference_url https://lists.apache.org/thread.html/r90890afea72a9571d666820b2fe5942a0a5f86be406fa31da3dd0922@%3Cannounce.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r90890afea72a9571d666820b2fe5942a0a5f86be406fa31da3dd0922@%3Cannounce.apache.org%3E
38
reference_url https://lists.apache.org/thread.html/r92d78655c068d0bc991d1edbdfb24f9c5134603e647cade1113d4e0a@%3Cusers.tomee.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r92d78655c068d0bc991d1edbdfb24f9c5134603e647cade1113d4e0a@%3Cusers.tomee.apache.org%3E
39
reference_url https://lists.apache.org/thread.html/r9f119d9ce9239114022e13dbfe385b3de7c972f24f05d6dbd35c1a2f@%3Cusers.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r9f119d9ce9239114022e13dbfe385b3de7c972f24f05d6dbd35c1a2f@%3Cusers.tomcat.apache.org%3E
40
reference_url https://lists.apache.org/thread.html/ra7092f7492569b39b04ec0decf52628ba86c51f15efb38f5853e2760@%3Cnotifications.ofbiz.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/ra7092f7492569b39b04ec0decf52628ba86c51f15efb38f5853e2760@%3Cnotifications.ofbiz.apache.org%3E
41
reference_url https://lists.apache.org/thread.html/rad36ec6a1ffc9e43266b030c22ceeea569243555d34fb4187ff08522@%3Cnotifications.ofbiz.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rad36ec6a1ffc9e43266b030c22ceeea569243555d34fb4187ff08522@%3Cnotifications.ofbiz.apache.org%3E
42
reference_url https://lists.apache.org/thread.html/rb1c0fb105ce2b93b7ec6fc1b77dd208022621a91c12d1f580813cfed@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb1c0fb105ce2b93b7ec6fc1b77dd208022621a91c12d1f580813cfed@%3Cdev.tomcat.apache.org%3E
43
reference_url https://lists.apache.org/thread.html/rb2fc890bef23cbc7f343900005fe1edd3b091cf18dada455580258f9@%3Cusers.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb2fc890bef23cbc7f343900005fe1edd3b091cf18dada455580258f9@%3Cusers.tomcat.apache.org%3E
44
reference_url https://lists.apache.org/thread.html/rbdb1d2b651a3728f0ceba9e0853575b6f90296a94a71836a15f7364a@%3Cdev.tomee.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rbdb1d2b651a3728f0ceba9e0853575b6f90296a94a71836a15f7364a@%3Cdev.tomee.apache.org%3E
45
reference_url https://lists.apache.org/thread.html/rc068e824654c4b8bd4f2490bec869e29edbfcd5dfe02d47cbf7433b2@%3Cdev.tomee.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rc068e824654c4b8bd4f2490bec869e29edbfcd5dfe02d47cbf7433b2@%3Cdev.tomee.apache.org%3E
46
reference_url https://lists.apache.org/thread.html/rcd5cd301e9e7e39f939baf2f5d58704750be07a5e2d3393e40ca7194@%3Ccommits.tomee.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rcd5cd301e9e7e39f939baf2f5d58704750be07a5e2d3393e40ca7194@%3Ccommits.tomee.apache.org%3E
47
reference_url https://lists.apache.org/thread.html/rce2af55f6e144ffcdc025f997eddceb315dfbc0b230e3d750a7f7425@%3Cnotifications.ofbiz.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rce2af55f6e144ffcdc025f997eddceb315dfbc0b230e3d750a7f7425@%3Cnotifications.ofbiz.apache.org%3E
48
reference_url https://lists.apache.org/thread.html/rd0774c95699d5aeb5e16e9a600fb2ea296e81175e30a62094e27e3e7@%3Ccommits.ofbiz.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rd0774c95699d5aeb5e16e9a600fb2ea296e81175e30a62094e27e3e7@%3Ccommits.ofbiz.apache.org%3E
49
reference_url https://lists.apache.org/thread.html/rd50baccd1bbb96c2327d5a8caa25a49692b3d68d96915bd1cfbb9f8b@%3Cusers.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rd50baccd1bbb96c2327d5a8caa25a49692b3d68d96915bd1cfbb9f8b@%3Cusers.tomcat.apache.org%3E
50
reference_url https://lists.apache.org/thread.html/re5eecbe5bf967439bafeeaa85987b3a43f0e6efe06b6976ee768cde2@%3Cusers.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/re5eecbe5bf967439bafeeaa85987b3a43f0e6efe06b6976ee768cde2@%3Cusers.tomcat.apache.org%3E
51
reference_url https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E
52
reference_url https://lists.apache.org/thread.html/rf26663f42e7f1a1d1cac732469fb5e92c89908a48b61ec546dbb79ca@%3Cbugs.httpd.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rf26663f42e7f1a1d1cac732469fb5e92c89908a48b61ec546dbb79ca@%3Cbugs.httpd.apache.org%3E
53
reference_url https://lists.apache.org/thread.html/rf992c5adf376294af31378a70aa8a158388a41d7039668821be28df3@%3Ccommits.tomee.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rf992c5adf376294af31378a70aa8a158388a41d7039668821be28df3@%3Ccommits.tomee.apache.org%3E
54
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2XFLQB3O5QVP4ZBIPVIXBEZV7F2R7ZMS
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2XFLQB3O5QVP4ZBIPVIXBEZV7F2R7ZMS
55
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K3IPNHCKFVUKSHDTM45UL4Q765EHHTFG
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K3IPNHCKFVUKSHDTM45UL4Q765EHHTFG
56
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L46WJIV6UV3FWA5O5YEY6XLA73RYD53B
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L46WJIV6UV3FWA5O5YEY6XLA73RYD53B
57
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2XFLQB3O5QVP4ZBIPVIXBEZV7F2R7ZMS
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2XFLQB3O5QVP4ZBIPVIXBEZV7F2R7ZMS
58
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2XFLQB3O5QVP4ZBIPVIXBEZV7F2R7ZMS/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2XFLQB3O5QVP4ZBIPVIXBEZV7F2R7ZMS/
59
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/K3IPNHCKFVUKSHDTM45UL4Q765EHHTFG
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/K3IPNHCKFVUKSHDTM45UL4Q765EHHTFG
60
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/K3IPNHCKFVUKSHDTM45UL4Q765EHHTFG/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/K3IPNHCKFVUKSHDTM45UL4Q765EHHTFG/
61
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L46WJIV6UV3FWA5O5YEY6XLA73RYD53B
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L46WJIV6UV3FWA5O5YEY6XLA73RYD53B
62
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L46WJIV6UV3FWA5O5YEY6XLA73RYD53B/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L46WJIV6UV3FWA5O5YEY6XLA73RYD53B/
63
reference_url https://security.netapp.com/advisory/ntap-20200226-0002
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20200226-0002
64
reference_url https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-1938
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-1938
65
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1806398
reference_id 1806398
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1806398
66
reference_url https://security.gentoo.org/glsa/202003-43
reference_id 202003-43
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://security.gentoo.org/glsa/202003-43
67
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2XFLQB3O5QVP4ZBIPVIXBEZV7F2R7ZMS/
reference_id 2XFLQB3O5QVP4ZBIPVIXBEZV7F2R7ZMS
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2XFLQB3O5QVP4ZBIPVIXBEZV7F2R7ZMS/
68
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=952437
reference_id 952437
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=952437
69
reference_url http://support.blackberry.com/kb/articleDetail?articleNumber=000062739
reference_id articleDetail?articleNumber=000062739
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url http://support.blackberry.com/kb/articleDetail?articleNumber=000062739
70
reference_url https://www.oracle.com/security-alerts/cpujan2021.html
reference_id cpujan2021.html
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://www.oracle.com/security-alerts/cpujan2021.html
71
reference_url https://www.oracle.com/security-alerts/cpujul2020.html
reference_id cpujul2020.html
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://www.oracle.com/security-alerts/cpujul2020.html
72
reference_url https://www.oracle.com/security-alerts/cpuoct2020.html
reference_id cpuoct2020.html
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://www.oracle.com/security-alerts/cpuoct2020.html
73
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1938
reference_id CVE-2020-1938
reference_type
scores
0
value High
scoring_system apache_tomcat
scoring_elements
1
value Important
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1938
74
reference_url https://github.com/YDHCUI/CNVD-2020-10487-Tomcat-Ajp-lfi/blob/8bd38f4cf22331ecf4e48096a78c5931509c26be/CNVD-2020-10487-Tomcat-Ajp-lfi.py
reference_id CVE-2020-1938
reference_type exploit
scores
url https://github.com/YDHCUI/CNVD-2020-10487-Tomcat-Ajp-lfi/blob/8bd38f4cf22331ecf4e48096a78c5931509c26be/CNVD-2020-10487-Tomcat-Ajp-lfi.py
75
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/48143.py
reference_id CVE-2020-1938
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/48143.py
76
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/49039.rb
reference_id CVE-2020-1938
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/49039.rb
77
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-1938
reference_id CVE-2020-1938
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-1938
78
reference_url https://www.debian.org/security/2020/dsa-4673
reference_id dsa-4673
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://www.debian.org/security/2020/dsa-4673
79
reference_url https://www.debian.org/security/2020/dsa-4680
reference_id dsa-4680
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://www.debian.org/security/2020/dsa-4680
80
reference_url https://github.com/advisories/GHSA-c9hw-wf7x-jp9j
reference_id GHSA-c9hw-wf7x-jp9j
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-c9hw-wf7x-jp9j
81
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K3IPNHCKFVUKSHDTM45UL4Q765EHHTFG/
reference_id K3IPNHCKFVUKSHDTM45UL4Q765EHHTFG
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K3IPNHCKFVUKSHDTM45UL4Q765EHHTFG/
82
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L46WJIV6UV3FWA5O5YEY6XLA73RYD53B/
reference_id L46WJIV6UV3FWA5O5YEY6XLA73RYD53B
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L46WJIV6UV3FWA5O5YEY6XLA73RYD53B/
83
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00002.html
reference_id msg00002.html
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00002.html
84
reference_url https://lists.debian.org/debian-lts-announce/2020/03/msg00006.html
reference_id msg00006.html
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://lists.debian.org/debian-lts-announce/2020/03/msg00006.html
85
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00025.html
reference_id msg00025.html
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00025.html
86
reference_url https://lists.debian.org/debian-lts-announce/2020/05/msg00026.html
reference_id msg00026.html
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://lists.debian.org/debian-lts-announce/2020/05/msg00026.html
87
reference_url https://security.netapp.com/advisory/ntap-20200226-0002/
reference_id ntap-20200226-0002
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://security.netapp.com/advisory/ntap-20200226-0002/
88
reference_url https://lists.apache.org/thread.html/r089dc67c0358a1556dd279c762c74f32d7a254a54836b7ee2d839d8e%40%3Cdev.tomee.apache.org%3E
reference_id r089dc67c0358a1556dd279c762c74f32d7a254a54836b7ee2d839d8e%40%3Cdev.tomee.apache.org%3E
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://lists.apache.org/thread.html/r089dc67c0358a1556dd279c762c74f32d7a254a54836b7ee2d839d8e%40%3Cdev.tomee.apache.org%3E
89
reference_url https://lists.apache.org/thread.html/r1125f3044a0946d1e7e6f125a6170b58d413ebd4a95157e4608041c7%40%3Cannounce.apache.org%3E
reference_id r1125f3044a0946d1e7e6f125a6170b58d413ebd4a95157e4608041c7%40%3Cannounce.apache.org%3E
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://lists.apache.org/thread.html/r1125f3044a0946d1e7e6f125a6170b58d413ebd4a95157e4608041c7%40%3Cannounce.apache.org%3E
90
reference_url https://lists.apache.org/thread.html/r17aaa3a05b5b7fe9075613dd0c681efa60a4f8c8fbad152c61371b6e%40%3Cusers.tomcat.apache.org%3E
reference_id r17aaa3a05b5b7fe9075613dd0c681efa60a4f8c8fbad152c61371b6e%40%3Cusers.tomcat.apache.org%3E
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://lists.apache.org/thread.html/r17aaa3a05b5b7fe9075613dd0c681efa60a4f8c8fbad152c61371b6e%40%3Cusers.tomcat.apache.org%3E
91
reference_url https://lists.apache.org/thread.html/r38a5b7943b9a62ecb853acc22ef08ff586a7b3c66e08f949f0396ab1%40%3Cusers.tomcat.apache.org%3E
reference_id r38a5b7943b9a62ecb853acc22ef08ff586a7b3c66e08f949f0396ab1%40%3Cusers.tomcat.apache.org%3E
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://lists.apache.org/thread.html/r38a5b7943b9a62ecb853acc22ef08ff586a7b3c66e08f949f0396ab1%40%3Cusers.tomcat.apache.org%3E
92
reference_url https://lists.apache.org/thread.html/r43faacf64570b1d9a4bada407a5af3b2738b0c007b905f1b6b608c65%40%3Cusers.tomcat.apache.org%3E
reference_id r43faacf64570b1d9a4bada407a5af3b2738b0c007b905f1b6b608c65%40%3Cusers.tomcat.apache.org%3E
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://lists.apache.org/thread.html/r43faacf64570b1d9a4bada407a5af3b2738b0c007b905f1b6b608c65%40%3Cusers.tomcat.apache.org%3E
93
reference_url https://lists.apache.org/thread.html/r47caef01f663106c2bb81d116b8380d62beac9e543dd3f3bc2c2beda%40%3Ccommits.tomee.apache.org%3E
reference_id r47caef01f663106c2bb81d116b8380d62beac9e543dd3f3bc2c2beda%40%3Ccommits.tomee.apache.org%3E
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://lists.apache.org/thread.html/r47caef01f663106c2bb81d116b8380d62beac9e543dd3f3bc2c2beda%40%3Ccommits.tomee.apache.org%3E
94
reference_url https://lists.apache.org/thread.html/r4afa11e0464408e68f0e9560e90b185749363a66398b1491254f7864%40%3Cusers.tomcat.apache.org%3E
reference_id r4afa11e0464408e68f0e9560e90b185749363a66398b1491254f7864%40%3Cusers.tomcat.apache.org%3E
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://lists.apache.org/thread.html/r4afa11e0464408e68f0e9560e90b185749363a66398b1491254f7864%40%3Cusers.tomcat.apache.org%3E
95
reference_url https://lists.apache.org/thread.html/r4f86cb260196e5cfcbbe782822c225ddcc70f54560f14a8f11c6926f%40%3Cusers.tomcat.apache.org%3E
reference_id r4f86cb260196e5cfcbbe782822c225ddcc70f54560f14a8f11c6926f%40%3Cusers.tomcat.apache.org%3E
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://lists.apache.org/thread.html/r4f86cb260196e5cfcbbe782822c225ddcc70f54560f14a8f11c6926f%40%3Cusers.tomcat.apache.org%3E
96
reference_url https://lists.apache.org/thread.html/r549b43509e387a42656f0641fa311bf27c127c244fe02007d5b8d6f6%40%3Cdev.tomcat.apache.org%3E
reference_id r549b43509e387a42656f0641fa311bf27c127c244fe02007d5b8d6f6%40%3Cdev.tomcat.apache.org%3E
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://lists.apache.org/thread.html/r549b43509e387a42656f0641fa311bf27c127c244fe02007d5b8d6f6%40%3Cdev.tomcat.apache.org%3E
97
reference_url https://lists.apache.org/thread.html/r57f5e4ced436ace518a9e222fabe27fb785f09f5bf974814cc48ca97%40%3Ccommits.tomee.apache.org%3E
reference_id r57f5e4ced436ace518a9e222fabe27fb785f09f5bf974814cc48ca97%40%3Ccommits.tomee.apache.org%3E
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://lists.apache.org/thread.html/r57f5e4ced436ace518a9e222fabe27fb785f09f5bf974814cc48ca97%40%3Ccommits.tomee.apache.org%3E
98
reference_url https://lists.apache.org/thread.html/r5e2f1201b92ee05a0527cfc076a81ea0c270be299b87895c0ddbe02b%40%3Cusers.tomcat.apache.org%3E
reference_id r5e2f1201b92ee05a0527cfc076a81ea0c270be299b87895c0ddbe02b%40%3Cusers.tomcat.apache.org%3E
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://lists.apache.org/thread.html/r5e2f1201b92ee05a0527cfc076a81ea0c270be299b87895c0ddbe02b%40%3Cusers.tomcat.apache.org%3E
99
reference_url https://lists.apache.org/thread.html/r61f280a76902b594692f0b24a1dbf647bb5a4c197b9395e9a6796e7c%40%3Cusers.tomcat.apache.org%3E
reference_id r61f280a76902b594692f0b24a1dbf647bb5a4c197b9395e9a6796e7c%40%3Cusers.tomcat.apache.org%3E
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://lists.apache.org/thread.html/r61f280a76902b594692f0b24a1dbf647bb5a4c197b9395e9a6796e7c%40%3Cusers.tomcat.apache.org%3E
100
reference_url https://lists.apache.org/thread.html/r6a5633cad1b560a1e51f5b425f02918bdf30e090fdf18c5f7c2617eb%40%3Ccommits.tomee.apache.org%3E
reference_id r6a5633cad1b560a1e51f5b425f02918bdf30e090fdf18c5f7c2617eb%40%3Ccommits.tomee.apache.org%3E
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://lists.apache.org/thread.html/r6a5633cad1b560a1e51f5b425f02918bdf30e090fdf18c5f7c2617eb%40%3Ccommits.tomee.apache.org%3E
101
reference_url https://lists.apache.org/thread.html/r74328b178f9f37fe759dffbc9c1f2793e66d79d7a8a20d3836551794%40%3Cnotifications.ofbiz.apache.org%3E
reference_id r74328b178f9f37fe759dffbc9c1f2793e66d79d7a8a20d3836551794%40%3Cnotifications.ofbiz.apache.org%3E
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://lists.apache.org/thread.html/r74328b178f9f37fe759dffbc9c1f2793e66d79d7a8a20d3836551794%40%3Cnotifications.ofbiz.apache.org%3E
102
reference_url https://lists.apache.org/thread.html/r75113652e46c4dee687236510649acfb70d2c63e074152049c3f399d%40%3Cnotifications.ofbiz.apache.org%3E
reference_id r75113652e46c4dee687236510649acfb70d2c63e074152049c3f399d%40%3Cnotifications.ofbiz.apache.org%3E
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://lists.apache.org/thread.html/r75113652e46c4dee687236510649acfb70d2c63e074152049c3f399d%40%3Cnotifications.ofbiz.apache.org%3E
103
reference_url https://lists.apache.org/thread.html/r772335e6851ad33ddb076218fa4ff70de1bf398d5b43e2ddf0130e5d%40%3Cdev.tomcat.apache.org%3E
reference_id r772335e6851ad33ddb076218fa4ff70de1bf398d5b43e2ddf0130e5d%40%3Cdev.tomcat.apache.org%3E
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://lists.apache.org/thread.html/r772335e6851ad33ddb076218fa4ff70de1bf398d5b43e2ddf0130e5d%40%3Cdev.tomcat.apache.org%3E
104
reference_url https://lists.apache.org/thread.html/r7c6f492fbd39af34a68681dbbba0468490ff1a97a1bd79c6a53610ef%40%3Cannounce.tomcat.apache.org%3E
reference_id r7c6f492fbd39af34a68681dbbba0468490ff1a97a1bd79c6a53610ef%40%3Cannounce.tomcat.apache.org%3E
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://lists.apache.org/thread.html/r7c6f492fbd39af34a68681dbbba0468490ff1a97a1bd79c6a53610ef%40%3Cannounce.tomcat.apache.org%3E
105
reference_url https://lists.apache.org/thread.html/r856cdd87eda7af40b50278d6de80ee4b42d63adeb433a34a7bdaf9db%40%3Cnotifications.ofbiz.apache.org%3E
reference_id r856cdd87eda7af40b50278d6de80ee4b42d63adeb433a34a7bdaf9db%40%3Cnotifications.ofbiz.apache.org%3E
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://lists.apache.org/thread.html/r856cdd87eda7af40b50278d6de80ee4b42d63adeb433a34a7bdaf9db%40%3Cnotifications.ofbiz.apache.org%3E
106
reference_url https://lists.apache.org/thread.html/r8f7484589454638af527182ae55ef5b628ba00c05c5b11887c922fb1%40%3Cnotifications.ofbiz.apache.org%3E
reference_id r8f7484589454638af527182ae55ef5b628ba00c05c5b11887c922fb1%40%3Cnotifications.ofbiz.apache.org%3E
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://lists.apache.org/thread.html/r8f7484589454638af527182ae55ef5b628ba00c05c5b11887c922fb1%40%3Cnotifications.ofbiz.apache.org%3E
107
reference_url https://lists.apache.org/thread.html/r90890afea72a9571d666820b2fe5942a0a5f86be406fa31da3dd0922%40%3Cannounce.apache.org%3E
reference_id r90890afea72a9571d666820b2fe5942a0a5f86be406fa31da3dd0922%40%3Cannounce.apache.org%3E
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://lists.apache.org/thread.html/r90890afea72a9571d666820b2fe5942a0a5f86be406fa31da3dd0922%40%3Cannounce.apache.org%3E
108
reference_url https://lists.apache.org/thread.html/r92d78655c068d0bc991d1edbdfb24f9c5134603e647cade1113d4e0a%40%3Cusers.tomee.apache.org%3E
reference_id r92d78655c068d0bc991d1edbdfb24f9c5134603e647cade1113d4e0a%40%3Cusers.tomee.apache.org%3E
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://lists.apache.org/thread.html/r92d78655c068d0bc991d1edbdfb24f9c5134603e647cade1113d4e0a%40%3Cusers.tomee.apache.org%3E
109
reference_url https://lists.apache.org/thread.html/r9f119d9ce9239114022e13dbfe385b3de7c972f24f05d6dbd35c1a2f%40%3Cusers.tomcat.apache.org%3E
reference_id r9f119d9ce9239114022e13dbfe385b3de7c972f24f05d6dbd35c1a2f%40%3Cusers.tomcat.apache.org%3E
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://lists.apache.org/thread.html/r9f119d9ce9239114022e13dbfe385b3de7c972f24f05d6dbd35c1a2f%40%3Cusers.tomcat.apache.org%3E
110
reference_url https://lists.apache.org/thread.html/ra7092f7492569b39b04ec0decf52628ba86c51f15efb38f5853e2760%40%3Cnotifications.ofbiz.apache.org%3E
reference_id ra7092f7492569b39b04ec0decf52628ba86c51f15efb38f5853e2760%40%3Cnotifications.ofbiz.apache.org%3E
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://lists.apache.org/thread.html/ra7092f7492569b39b04ec0decf52628ba86c51f15efb38f5853e2760%40%3Cnotifications.ofbiz.apache.org%3E
111
reference_url https://lists.apache.org/thread.html/rad36ec6a1ffc9e43266b030c22ceeea569243555d34fb4187ff08522%40%3Cnotifications.ofbiz.apache.org%3E
reference_id rad36ec6a1ffc9e43266b030c22ceeea569243555d34fb4187ff08522%40%3Cnotifications.ofbiz.apache.org%3E
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://lists.apache.org/thread.html/rad36ec6a1ffc9e43266b030c22ceeea569243555d34fb4187ff08522%40%3Cnotifications.ofbiz.apache.org%3E
112
reference_url https://lists.apache.org/thread.html/rb1c0fb105ce2b93b7ec6fc1b77dd208022621a91c12d1f580813cfed%40%3Cdev.tomcat.apache.org%3E
reference_id rb1c0fb105ce2b93b7ec6fc1b77dd208022621a91c12d1f580813cfed%40%3Cdev.tomcat.apache.org%3E
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://lists.apache.org/thread.html/rb1c0fb105ce2b93b7ec6fc1b77dd208022621a91c12d1f580813cfed%40%3Cdev.tomcat.apache.org%3E
113
reference_url https://lists.apache.org/thread.html/rb2fc890bef23cbc7f343900005fe1edd3b091cf18dada455580258f9%40%3Cusers.tomcat.apache.org%3E
reference_id rb2fc890bef23cbc7f343900005fe1edd3b091cf18dada455580258f9%40%3Cusers.tomcat.apache.org%3E
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://lists.apache.org/thread.html/rb2fc890bef23cbc7f343900005fe1edd3b091cf18dada455580258f9%40%3Cusers.tomcat.apache.org%3E
114
reference_url https://lists.apache.org/thread.html/rbdb1d2b651a3728f0ceba9e0853575b6f90296a94a71836a15f7364a%40%3Cdev.tomee.apache.org%3E
reference_id rbdb1d2b651a3728f0ceba9e0853575b6f90296a94a71836a15f7364a%40%3Cdev.tomee.apache.org%3E
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://lists.apache.org/thread.html/rbdb1d2b651a3728f0ceba9e0853575b6f90296a94a71836a15f7364a%40%3Cdev.tomee.apache.org%3E
115
reference_url https://lists.apache.org/thread.html/rc068e824654c4b8bd4f2490bec869e29edbfcd5dfe02d47cbf7433b2%40%3Cdev.tomee.apache.org%3E
reference_id rc068e824654c4b8bd4f2490bec869e29edbfcd5dfe02d47cbf7433b2%40%3Cdev.tomee.apache.org%3E
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://lists.apache.org/thread.html/rc068e824654c4b8bd4f2490bec869e29edbfcd5dfe02d47cbf7433b2%40%3Cdev.tomee.apache.org%3E
116
reference_url https://lists.apache.org/thread.html/rcd5cd301e9e7e39f939baf2f5d58704750be07a5e2d3393e40ca7194%40%3Ccommits.tomee.apache.org%3E
reference_id rcd5cd301e9e7e39f939baf2f5d58704750be07a5e2d3393e40ca7194%40%3Ccommits.tomee.apache.org%3E
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://lists.apache.org/thread.html/rcd5cd301e9e7e39f939baf2f5d58704750be07a5e2d3393e40ca7194%40%3Ccommits.tomee.apache.org%3E
117
reference_url https://lists.apache.org/thread.html/rce2af55f6e144ffcdc025f997eddceb315dfbc0b230e3d750a7f7425%40%3Cnotifications.ofbiz.apache.org%3E
reference_id rce2af55f6e144ffcdc025f997eddceb315dfbc0b230e3d750a7f7425%40%3Cnotifications.ofbiz.apache.org%3E
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://lists.apache.org/thread.html/rce2af55f6e144ffcdc025f997eddceb315dfbc0b230e3d750a7f7425%40%3Cnotifications.ofbiz.apache.org%3E
118
reference_url https://lists.apache.org/thread.html/rd0774c95699d5aeb5e16e9a600fb2ea296e81175e30a62094e27e3e7%40%3Ccommits.ofbiz.apache.org%3E
reference_id rd0774c95699d5aeb5e16e9a600fb2ea296e81175e30a62094e27e3e7%40%3Ccommits.ofbiz.apache.org%3E
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://lists.apache.org/thread.html/rd0774c95699d5aeb5e16e9a600fb2ea296e81175e30a62094e27e3e7%40%3Ccommits.ofbiz.apache.org%3E
119
reference_url https://lists.apache.org/thread.html/rd50baccd1bbb96c2327d5a8caa25a49692b3d68d96915bd1cfbb9f8b%40%3Cusers.tomcat.apache.org%3E
reference_id rd50baccd1bbb96c2327d5a8caa25a49692b3d68d96915bd1cfbb9f8b%40%3Cusers.tomcat.apache.org%3E
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://lists.apache.org/thread.html/rd50baccd1bbb96c2327d5a8caa25a49692b3d68d96915bd1cfbb9f8b%40%3Cusers.tomcat.apache.org%3E
120
reference_url https://lists.apache.org/thread.html/re5eecbe5bf967439bafeeaa85987b3a43f0e6efe06b6976ee768cde2%40%3Cusers.tomcat.apache.org%3E
reference_id re5eecbe5bf967439bafeeaa85987b3a43f0e6efe06b6976ee768cde2%40%3Cusers.tomcat.apache.org%3E
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://lists.apache.org/thread.html/re5eecbe5bf967439bafeeaa85987b3a43f0e6efe06b6976ee768cde2%40%3Cusers.tomcat.apache.org%3E
121
reference_url https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2%40%3Cissues.geode.apache.org%3E
reference_id rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2%40%3Cissues.geode.apache.org%3E
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2%40%3Cissues.geode.apache.org%3E
122
reference_url https://lists.apache.org/thread.html/rf26663f42e7f1a1d1cac732469fb5e92c89908a48b61ec546dbb79ca%40%3Cbugs.httpd.apache.org%3E
reference_id rf26663f42e7f1a1d1cac732469fb5e92c89908a48b61ec546dbb79ca%40%3Cbugs.httpd.apache.org%3E
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://lists.apache.org/thread.html/rf26663f42e7f1a1d1cac732469fb5e92c89908a48b61ec546dbb79ca%40%3Cbugs.httpd.apache.org%3E
123
reference_url https://lists.apache.org/thread.html/rf992c5adf376294af31378a70aa8a158388a41d7039668821be28df3%40%3Ccommits.tomee.apache.org%3E
reference_id rf992c5adf376294af31378a70aa8a158388a41d7039668821be28df3%40%3Ccommits.tomee.apache.org%3E
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-06T21:05:38Z/
url https://lists.apache.org/thread.html/rf992c5adf376294af31378a70aa8a158388a41d7039668821be28df3%40%3Ccommits.tomee.apache.org%3E
124
reference_url https://access.redhat.com/errata/RHSA-2020:0855
reference_id RHSA-2020:0855
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0855
125
reference_url https://access.redhat.com/errata/RHSA-2020:0860
reference_id RHSA-2020:0860
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0860
126
reference_url https://access.redhat.com/errata/RHSA-2020:0861
reference_id RHSA-2020:0861
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0861
127
reference_url https://access.redhat.com/errata/RHSA-2020:0912
reference_id RHSA-2020:0912
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0912
128
reference_url https://access.redhat.com/errata/RHSA-2020:1478
reference_id RHSA-2020:1478
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1478
129
reference_url https://access.redhat.com/errata/RHSA-2020:1479
reference_id RHSA-2020:1479
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1479
130
reference_url https://access.redhat.com/errata/RHSA-2020:1520
reference_id RHSA-2020:1520
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1520
131
reference_url https://access.redhat.com/errata/RHSA-2020:1521
reference_id RHSA-2020:1521
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1521
132
reference_url https://access.redhat.com/errata/RHSA-2020:2367
reference_id RHSA-2020:2367
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2367
133
reference_url https://access.redhat.com/errata/RHSA-2020:2779
reference_id RHSA-2020:2779
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2779
134
reference_url https://access.redhat.com/errata/RHSA-2020:2780
reference_id RHSA-2020:2780
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2780
135
reference_url https://access.redhat.com/errata/RHSA-2020:2781
reference_id RHSA-2020:2781
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2781
136
reference_url https://access.redhat.com/errata/RHSA-2020:2783
reference_id RHSA-2020:2783
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2783
137
reference_url https://access.redhat.com/errata/RHSA-2020:2840
reference_id RHSA-2020:2840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2840
138
reference_url https://access.redhat.com/errata/RHSA-2020:4847
reference_id RHSA-2020:4847
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4847
139
reference_url https://access.redhat.com/errata/RHSA-2021:3140
reference_id RHSA-2021:3140
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3140
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@8.5.51
purl pkg:maven/org.apache.tomcat/tomcat@8.5.51
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2hmq-5245-jyaf
1
vulnerability VCID-2n2k-sh22-fkfw
2
vulnerability VCID-3kn9-yxww-ryh4
3
vulnerability VCID-697g-gcg9-zyaa
4
vulnerability VCID-6wqu-jupw-tyhu
5
vulnerability VCID-7wr9-uez1-8bdg
6
vulnerability VCID-97et-ubnp-wqcy
7
vulnerability VCID-9xyf-k9wq-g7b9
8
vulnerability VCID-dhxd-kknv-9qb7
9
vulnerability VCID-dj7q-4map-ebg4
10
vulnerability VCID-dx14-ejnx-37ad
11
vulnerability VCID-euv9-huaz-y3d1
12
vulnerability VCID-gecz-htub-27gx
13
vulnerability VCID-hv33-kv9q-gugf
14
vulnerability VCID-keh1-ycs9-ybdd
15
vulnerability VCID-m3py-3ba2-jkg7
16
vulnerability VCID-nj9t-gdm3-6ycn
17
vulnerability VCID-p65m-6crd-bufr
18
vulnerability VCID-qvgx-r4rr-xugp
19
vulnerability VCID-qxfb-yg6b-nfda
20
vulnerability VCID-r9fd-ndvw-ekfa
21
vulnerability VCID-s2kf-jwgc-pfas
22
vulnerability VCID-t8tc-zb3w-57gv
23
vulnerability VCID-tvrz-n2kd-pba4
24
vulnerability VCID-uyc3-3cnp-wqf3
25
vulnerability VCID-v5zf-qfdq-kbbp
26
vulnerability VCID-vfh6-rc99-e3bf
27
vulnerability VCID-yjb8-hdqu-4fe5
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@8.5.51
1
url pkg:maven/org.apache.tomcat/tomcat@9.0.31
purl pkg:maven/org.apache.tomcat/tomcat@9.0.31
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2hmq-5245-jyaf
1
vulnerability VCID-2n2k-sh22-fkfw
2
vulnerability VCID-3kn9-yxww-ryh4
3
vulnerability VCID-697g-gcg9-zyaa
4
vulnerability VCID-6wqu-jupw-tyhu
5
vulnerability VCID-7wr9-uez1-8bdg
6
vulnerability VCID-97et-ubnp-wqcy
7
vulnerability VCID-9xyf-k9wq-g7b9
8
vulnerability VCID-dhxd-kknv-9qb7
9
vulnerability VCID-dj7q-4map-ebg4
10
vulnerability VCID-dx14-ejnx-37ad
11
vulnerability VCID-euv9-huaz-y3d1
12
vulnerability VCID-gecz-htub-27gx
13
vulnerability VCID-hv33-kv9q-gugf
14
vulnerability VCID-keh1-ycs9-ybdd
15
vulnerability VCID-ngy5-k9cv-rkbn
16
vulnerability VCID-nj9t-gdm3-6ycn
17
vulnerability VCID-p65m-6crd-bufr
18
vulnerability VCID-qvgx-r4rr-xugp
19
vulnerability VCID-r9fd-ndvw-ekfa
20
vulnerability VCID-s2kf-jwgc-pfas
21
vulnerability VCID-t8tc-zb3w-57gv
22
vulnerability VCID-tvrz-n2kd-pba4
23
vulnerability VCID-uyc3-3cnp-wqf3
24
vulnerability VCID-v5zf-qfdq-kbbp
25
vulnerability VCID-vfh6-rc99-e3bf
26
vulnerability VCID-vnfg-9em7-u7ee
27
vulnerability VCID-yg5s-2fsb-gub2
28
vulnerability VCID-yjb8-hdqu-4fe5
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.31
aliases CVE-2020-1938, GHSA-c9hw-wf7x-jp9j
risk_score 10.0
exploitability 2.0
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-t7xw-r7rz-u3g5
25
url VCID-t8tc-zb3w-57gv
vulnerability_id VCID-t8tc-zb3w-57gv
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-24880.json
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-24880.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-24880
reference_id
reference_type
scores
0
value 0.00176
scoring_system epss
scoring_elements 0.38954
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-24880
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
4
reference_url https://github.com/apache/tomcat/commit/1b586d6aa8ae65726da5fa8799427b5d4718478a
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/1b586d6aa8ae65726da5fa8799427b5d4718478a
5
reference_url https://github.com/apache/tomcat/commit/1e71441a15972f56e661b0b549fb9e5d838b83bb
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/1e71441a15972f56e661b0b549fb9e5d838b83bb
6
reference_url https://github.com/apache/tomcat/commit/2cb06c34f661ca42f7570bbcc21e99806184bcc5
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/2cb06c34f661ca42f7570bbcc21e99806184bcc5
7
reference_url https://github.com/apache/tomcat/commit/6d478dbe18b7c4bb671c30fedf130309b0dab77c
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/6d478dbe18b7c4bb671c30fedf130309b0dab77c
8
reference_url https://github.com/apache/tomcat/commit/f07df938d00f7419b40fa65aa912966d0efac522
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/f07df938d00f7419b40fa65aa912966d0efac522
9
reference_url https://github.com/apache/tomcat/commit/fde1a8235fb73125217bd41e162aa0a113f33552
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/fde1a8235fb73125217bd41e162aa0a113f33552
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-24880
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-24880
11
reference_url https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.53
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.53
12
reference_url https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.20
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.20
13
reference_url https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.116
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.116
14
reference_url https://www.herodevs.com/vulnerability-directory/cve-2026-24880
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.herodevs.com/vulnerability-directory/cve-2026-24880
15
reference_url http://www.openwall.com/lists/oss-security/2026/04/09/20
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2026/04/09/20
16
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133356
reference_id 1133356
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133356
17
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133357
reference_id 1133357
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133357
18
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2457040
reference_id 2457040
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2457040
19
reference_url https://lists.apache.org/thread/2c682qnlg2tv4o5knlggqbl9yc2gb5sn
reference_id 2c682qnlg2tv4o5knlggqbl9yc2gb5sn
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T18:33:19Z/
url https://lists.apache.org/thread/2c682qnlg2tv4o5knlggqbl9yc2gb5sn
20
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-24880
reference_id CVE-2026-24880
reference_type
scores
0
value Low
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-24880
21
reference_url https://github.com/advisories/GHSA-563x-q5rq-57qp
reference_id GHSA-563x-q5rq-57qp
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-563x-q5rq-57qp
22
reference_url https://access.redhat.com/errata/RHSA-2026:20405
reference_id RHSA-2026:20405
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:20405
23
reference_url https://access.redhat.com/errata/RHSA-2026:20406
reference_id RHSA-2026:20406
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:20406
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@9.0.116
purl pkg:maven/org.apache.tomcat/tomcat@9.0.116
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2n2k-sh22-fkfw
1
vulnerability VCID-697g-gcg9-zyaa
2
vulnerability VCID-97et-ubnp-wqcy
3
vulnerability VCID-9xyf-k9wq-g7b9
4
vulnerability VCID-dhxd-kknv-9qb7
5
vulnerability VCID-dj7q-4map-ebg4
6
vulnerability VCID-hv33-kv9q-gugf
7
vulnerability VCID-hvgr-azs4-qqac
8
vulnerability VCID-nctp-shgj-sfgh
9
vulnerability VCID-nfmu-1t27-e3fu
10
vulnerability VCID-s2kf-jwgc-pfas
11
vulnerability VCID-vnfg-9em7-u7ee
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.116
1
url pkg:maven/org.apache.tomcat/tomcat@10.1.52
purl pkg:maven/org.apache.tomcat/tomcat@10.1.52
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2n2k-sh22-fkfw
1
vulnerability VCID-697g-gcg9-zyaa
2
vulnerability VCID-7wr9-uez1-8bdg
3
vulnerability VCID-8sda-scr3-qfex
4
vulnerability VCID-97et-ubnp-wqcy
5
vulnerability VCID-9xyf-k9wq-g7b9
6
vulnerability VCID-dhxd-kknv-9qb7
7
vulnerability VCID-dj7q-4map-ebg4
8
vulnerability VCID-hv33-kv9q-gugf
9
vulnerability VCID-hvgr-azs4-qqac
10
vulnerability VCID-n4qq-m1x3-qkbz
11
vulnerability VCID-nctp-shgj-sfgh
12
vulnerability VCID-p4j1-xp15-t3b8
13
vulnerability VCID-r6yr-45cm-8ucv
14
vulnerability VCID-s2kf-jwgc-pfas
15
vulnerability VCID-t8tc-zb3w-57gv
16
vulnerability VCID-vnfg-9em7-u7ee
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.52
2
url pkg:maven/org.apache.tomcat/tomcat@10.1.53
purl pkg:maven/org.apache.tomcat/tomcat@10.1.53
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2n2k-sh22-fkfw
1
vulnerability VCID-697g-gcg9-zyaa
2
vulnerability VCID-97et-ubnp-wqcy
3
vulnerability VCID-9xyf-k9wq-g7b9
4
vulnerability VCID-dhxd-kknv-9qb7
5
vulnerability VCID-dj7q-4map-ebg4
6
vulnerability VCID-hv33-kv9q-gugf
7
vulnerability VCID-hvgr-azs4-qqac
8
vulnerability VCID-nctp-shgj-sfgh
9
vulnerability VCID-nfmu-1t27-e3fu
10
vulnerability VCID-s2kf-jwgc-pfas
11
vulnerability VCID-vnfg-9em7-u7ee
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.53
3
url pkg:maven/org.apache.tomcat/tomcat@11.0.20
purl pkg:maven/org.apache.tomcat/tomcat@11.0.20
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2n2k-sh22-fkfw
1
vulnerability VCID-697g-gcg9-zyaa
2
vulnerability VCID-97et-ubnp-wqcy
3
vulnerability VCID-9xyf-k9wq-g7b9
4
vulnerability VCID-dhxd-kknv-9qb7
5
vulnerability VCID-dj7q-4map-ebg4
6
vulnerability VCID-hv33-kv9q-gugf
7
vulnerability VCID-hvgr-azs4-qqac
8
vulnerability VCID-nctp-shgj-sfgh
9
vulnerability VCID-nfmu-1t27-e3fu
10
vulnerability VCID-s2kf-jwgc-pfas
11
vulnerability VCID-vnfg-9em7-u7ee
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@11.0.20
aliases CVE-2026-24880, GHSA-563x-q5rq-57qp
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-t8tc-zb3w-57gv
26
url VCID-tvrz-n2kd-pba4
vulnerability_id VCID-tvrz-n2kd-pba4
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43980.json
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43980.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-43980
reference_id
reference_type
scores
0
value 0.00203
scoring_system epss
scoring_elements 0.42334
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-43980
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
4
reference_url https://github.com/apache/tomcat/commit/170e0f792bd18ff031677890ba2fe50eb7a376c1
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/170e0f792bd18ff031677890ba2fe50eb7a376c1
5
reference_url https://github.com/apache/tomcat/commit/17f177eeb7df5938f67ef9ea580411b120195f13
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/17f177eeb7df5938f67ef9ea580411b120195f13
6
reference_url https://github.com/apache/tomcat/commit/4a00b0c0890538b9d3107eef8f2e0afadd119beb
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/4a00b0c0890538b9d3107eef8f2e0afadd119beb
7
reference_url https://github.com/apache/tomcat/commit/9651b83a1d04583791525e5f0c4c9089f678d9fc
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/9651b83a1d04583791525e5f0c4c9089f678d9fc
8
reference_url https://tomcat.apache.org/security-10.html
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-10.html
9
reference_url https://tomcat.apache.org/security-8.html
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-8.html
10
reference_url https://tomcat.apache.org/security-9.html
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-9.html
11
reference_url http://www.openwall.com/lists/oss-security/2022/09/28/1
reference_id 1
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-21T14:59:33Z/
url http://www.openwall.com/lists/oss-security/2022/09/28/1
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2130599
reference_id 2130599
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2130599
13
reference_url https://lists.apache.org/thread/3jjqbsp6j88b198x5rmg99b1qr8ht3g3
reference_id 3jjqbsp6j88b198x5rmg99b1qr8ht3g3
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-21T14:59:33Z/
url https://lists.apache.org/thread/3jjqbsp6j88b198x5rmg99b1qr8ht3g3
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43980
reference_id CVE-2021-43980
reference_type
scores
0
value High
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43980
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-43980
reference_id CVE-2021-43980
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-43980
16
reference_url https://www.debian.org/security/2022/dsa-5265
reference_id dsa-5265
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-21T14:59:33Z/
url https://www.debian.org/security/2022/dsa-5265
17
reference_url https://github.com/advisories/GHSA-jx7c-7mj5-9438
reference_id GHSA-jx7c-7mj5-9438
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-jx7c-7mj5-9438
18
reference_url https://lists.debian.org/debian-lts-announce/2022/10/msg00029.html
reference_id msg00029.html
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-21T14:59:33Z/
url https://lists.debian.org/debian-lts-announce/2022/10/msg00029.html
19
reference_url https://access.redhat.com/errata/RHSA-2022:7272
reference_id RHSA-2022:7272
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7272
20
reference_url https://access.redhat.com/errata/RHSA-2022:7273
reference_id RHSA-2022:7273
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7273
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@8.5.78
purl pkg:maven/org.apache.tomcat/tomcat@8.5.78
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2hmq-5245-jyaf
1
vulnerability VCID-2n2k-sh22-fkfw
2
vulnerability VCID-3kn9-yxww-ryh4
3
vulnerability VCID-63vc-sc11-8kf1
4
vulnerability VCID-697g-gcg9-zyaa
5
vulnerability VCID-6wqu-jupw-tyhu
6
vulnerability VCID-7wr9-uez1-8bdg
7
vulnerability VCID-97et-ubnp-wqcy
8
vulnerability VCID-9xyf-k9wq-g7b9
9
vulnerability VCID-dhxd-kknv-9qb7
10
vulnerability VCID-dj7q-4map-ebg4
11
vulnerability VCID-dx14-ejnx-37ad
12
vulnerability VCID-hv33-kv9q-gugf
13
vulnerability VCID-keh1-ycs9-ybdd
14
vulnerability VCID-qxfb-yg6b-nfda
15
vulnerability VCID-s2kf-jwgc-pfas
16
vulnerability VCID-t8tc-zb3w-57gv
17
vulnerability VCID-uyc3-3cnp-wqf3
18
vulnerability VCID-v5zf-qfdq-kbbp
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@8.5.78
1
url pkg:maven/org.apache.tomcat/tomcat@9.0.62
purl pkg:maven/org.apache.tomcat/tomcat@9.0.62
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2hmq-5245-jyaf
1
vulnerability VCID-2n2k-sh22-fkfw
2
vulnerability VCID-3kn9-yxww-ryh4
3
vulnerability VCID-63vc-sc11-8kf1
4
vulnerability VCID-697g-gcg9-zyaa
5
vulnerability VCID-6wqu-jupw-tyhu
6
vulnerability VCID-7wr9-uez1-8bdg
7
vulnerability VCID-97et-ubnp-wqcy
8
vulnerability VCID-9xyf-k9wq-g7b9
9
vulnerability VCID-dhxd-kknv-9qb7
10
vulnerability VCID-dj7q-4map-ebg4
11
vulnerability VCID-dx14-ejnx-37ad
12
vulnerability VCID-hv33-kv9q-gugf
13
vulnerability VCID-hvgr-azs4-qqac
14
vulnerability VCID-keh1-ycs9-ybdd
15
vulnerability VCID-ngy5-k9cv-rkbn
16
vulnerability VCID-s2kf-jwgc-pfas
17
vulnerability VCID-t8tc-zb3w-57gv
18
vulnerability VCID-uyc3-3cnp-wqf3
19
vulnerability VCID-v5zf-qfdq-kbbp
20
vulnerability VCID-vnfg-9em7-u7ee
21
vulnerability VCID-x7wn-uamc-6bg5
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.62
2
url pkg:maven/org.apache.tomcat/tomcat@10.0.20
purl pkg:maven/org.apache.tomcat/tomcat@10.0.20
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2hmq-5245-jyaf
1
vulnerability VCID-3kn9-yxww-ryh4
2
vulnerability VCID-bbye-dcrb-t3ev
3
vulnerability VCID-dx14-ejnx-37ad
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.0.20
3
url pkg:maven/org.apache.tomcat/tomcat@10.1.0-M14
purl pkg:maven/org.apache.tomcat/tomcat@10.1.0-M14
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2n2k-sh22-fkfw
1
vulnerability VCID-63vc-sc11-8kf1
2
vulnerability VCID-697g-gcg9-zyaa
3
vulnerability VCID-6wqu-jupw-tyhu
4
vulnerability VCID-7wr9-uez1-8bdg
5
vulnerability VCID-97et-ubnp-wqcy
6
vulnerability VCID-9xyf-k9wq-g7b9
7
vulnerability VCID-bbye-dcrb-t3ev
8
vulnerability VCID-bwh8-tmf1-8uac
9
vulnerability VCID-dj7q-4map-ebg4
10
vulnerability VCID-dx14-ejnx-37ad
11
vulnerability VCID-hv33-kv9q-gugf
12
vulnerability VCID-hvgr-azs4-qqac
13
vulnerability VCID-keh1-ycs9-ybdd
14
vulnerability VCID-n4qq-m1x3-qkbz
15
vulnerability VCID-ngy5-k9cv-rkbn
16
vulnerability VCID-s2kf-jwgc-pfas
17
vulnerability VCID-t8tc-zb3w-57gv
18
vulnerability VCID-uyc3-3cnp-wqf3
19
vulnerability VCID-vnfg-9em7-u7ee
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.0-M14
4
url pkg:maven/org.apache.tomcat/tomcat@10.1.1
purl pkg:maven/org.apache.tomcat/tomcat@10.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2n2k-sh22-fkfw
1
vulnerability VCID-63vc-sc11-8kf1
2
vulnerability VCID-697g-gcg9-zyaa
3
vulnerability VCID-6wqu-jupw-tyhu
4
vulnerability VCID-7wr9-uez1-8bdg
5
vulnerability VCID-97et-ubnp-wqcy
6
vulnerability VCID-9xyf-k9wq-g7b9
7
vulnerability VCID-bwh8-tmf1-8uac
8
vulnerability VCID-dj7q-4map-ebg4
9
vulnerability VCID-hv33-kv9q-gugf
10
vulnerability VCID-hvgr-azs4-qqac
11
vulnerability VCID-keh1-ycs9-ybdd
12
vulnerability VCID-n4qq-m1x3-qkbz
13
vulnerability VCID-ngy5-k9cv-rkbn
14
vulnerability VCID-s2kf-jwgc-pfas
15
vulnerability VCID-t8tc-zb3w-57gv
16
vulnerability VCID-uyc3-3cnp-wqf3
17
vulnerability VCID-v5zf-qfdq-kbbp
18
vulnerability VCID-vnfg-9em7-u7ee
19
vulnerability VCID-x7wn-uamc-6bg5
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.1
aliases CVE-2021-43980, GHSA-jx7c-7mj5-9438
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tvrz-n2kd-pba4
27
url VCID-uyc3-3cnp-wqf3
vulnerability_id VCID-uyc3-3cnp-wqf3
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-41080.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-41080.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-41080
reference_id
reference_type
scores
0
value 0.11586
scoring_system epss
scoring_elements 0.93808
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-41080
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
4
reference_url https://github.com/apache/tomcat/commit/4998ad745b67edeadefe541c94ed029b53933d3b
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/4998ad745b67edeadefe541c94ed029b53933d3b
5
reference_url https://github.com/apache/tomcat/commit/77c0ce2d169efa248b64b992e547aad549ec906b
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/77c0ce2d169efa248b64b992e547aad549ec906b
6
reference_url https://github.com/apache/tomcat/commit/bb4624a9f3e69d495182ebfa68d7983076407a27
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/bb4624a9f3e69d495182ebfa68d7983076407a27
7
reference_url https://github.com/apache/tomcat/commit/e3703c9abb8fe0d5602f6ba8a8f11d4b6940815a
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/e3703c9abb8fe0d5602f6ba8a8f11d4b6940815a
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-41080
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-41080
9
reference_url https://security.netapp.com/advisory/ntap-20230921-0006
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20230921-0006
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2235370
reference_id 2235370
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2235370
11
reference_url https://lists.apache.org/thread/71wvwprtx2j2m54fovq9zr7gbm2wow2f
reference_id 71wvwprtx2j2m54fovq9zr7gbm2wow2f
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-27T18:42:58Z/
url https://lists.apache.org/thread/71wvwprtx2j2m54fovq9zr7gbm2wow2f
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41080
reference_id CVE-2023-41080
reference_type
scores
0
value Moderate
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41080
13
reference_url https://github.com/advisories/GHSA-q3mw-pvr8-9ggc
reference_id GHSA-q3mw-pvr8-9ggc
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-q3mw-pvr8-9ggc
14
reference_url https://access.redhat.com/errata/RHSA-2023:5946
reference_id RHSA-2023:5946
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5946
15
reference_url https://access.redhat.com/errata/RHSA-2023:7622
reference_id RHSA-2023:7622
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7622
16
reference_url https://access.redhat.com/errata/RHSA-2023:7623
reference_id RHSA-2023:7623
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7623
17
reference_url https://access.redhat.com/errata/RHSA-2023:7678
reference_id RHSA-2023:7678
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7678
18
reference_url https://access.redhat.com/errata/RHSA-2024:0125
reference_id RHSA-2024:0125
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0125
19
reference_url https://access.redhat.com/errata/RHSA-2024:0474
reference_id RHSA-2024:0474
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0474
20
reference_url https://access.redhat.com/errata/RHSA-2024:1324
reference_id RHSA-2024:1324
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1324
21
reference_url https://access.redhat.com/errata/RHSA-2024:1325
reference_id RHSA-2024:1325
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1325
22
reference_url https://access.redhat.com/errata/RHSA-2024:4631
reference_id RHSA-2024:4631
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4631
23
reference_url https://usn.ubuntu.com/7106-1/
reference_id USN-7106-1
reference_type
scores
url https://usn.ubuntu.com/7106-1/
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@8.5.93
purl pkg:maven/org.apache.tomcat/tomcat@8.5.93
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-16sq-3qm1-kqb2
1
vulnerability VCID-1weg-s38v-nkh9
2
vulnerability VCID-2n2k-sh22-fkfw
3
vulnerability VCID-63vc-sc11-8kf1
4
vulnerability VCID-697g-gcg9-zyaa
5
vulnerability VCID-6kab-xsqw-37ed
6
vulnerability VCID-6wqu-jupw-tyhu
7
vulnerability VCID-7wr9-uez1-8bdg
8
vulnerability VCID-97et-ubnp-wqcy
9
vulnerability VCID-9xyf-k9wq-g7b9
10
vulnerability VCID-dhxd-kknv-9qb7
11
vulnerability VCID-dj7q-4map-ebg4
12
vulnerability VCID-hv33-kv9q-gugf
13
vulnerability VCID-keh1-ycs9-ybdd
14
vulnerability VCID-qxfb-yg6b-nfda
15
vulnerability VCID-s2kf-jwgc-pfas
16
vulnerability VCID-t8tc-zb3w-57gv
17
vulnerability VCID-v5zf-qfdq-kbbp
18
vulnerability VCID-xuma-qnw9-8bb8
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@8.5.93
1
url pkg:maven/org.apache.tomcat/tomcat@9.0.80
purl pkg:maven/org.apache.tomcat/tomcat@9.0.80
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-16sq-3qm1-kqb2
1
vulnerability VCID-1weg-s38v-nkh9
2
vulnerability VCID-2n2k-sh22-fkfw
3
vulnerability VCID-63vc-sc11-8kf1
4
vulnerability VCID-697g-gcg9-zyaa
5
vulnerability VCID-6kab-xsqw-37ed
6
vulnerability VCID-6wqu-jupw-tyhu
7
vulnerability VCID-7wr9-uez1-8bdg
8
vulnerability VCID-97et-ubnp-wqcy
9
vulnerability VCID-9xyf-k9wq-g7b9
10
vulnerability VCID-dhxd-kknv-9qb7
11
vulnerability VCID-dj7q-4map-ebg4
12
vulnerability VCID-hv33-kv9q-gugf
13
vulnerability VCID-hvgr-azs4-qqac
14
vulnerability VCID-keh1-ycs9-ybdd
15
vulnerability VCID-ngy5-k9cv-rkbn
16
vulnerability VCID-s2kf-jwgc-pfas
17
vulnerability VCID-t8tc-zb3w-57gv
18
vulnerability VCID-v5zf-qfdq-kbbp
19
vulnerability VCID-vnfg-9em7-u7ee
20
vulnerability VCID-xuma-qnw9-8bb8
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.80
2
url pkg:maven/org.apache.tomcat/tomcat@10.1.13
purl pkg:maven/org.apache.tomcat/tomcat@10.1.13
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-16sq-3qm1-kqb2
1
vulnerability VCID-1weg-s38v-nkh9
2
vulnerability VCID-2n2k-sh22-fkfw
3
vulnerability VCID-63vc-sc11-8kf1
4
vulnerability VCID-697g-gcg9-zyaa
5
vulnerability VCID-6kab-xsqw-37ed
6
vulnerability VCID-6wqu-jupw-tyhu
7
vulnerability VCID-7wr9-uez1-8bdg
8
vulnerability VCID-97et-ubnp-wqcy
9
vulnerability VCID-9xyf-k9wq-g7b9
10
vulnerability VCID-bwh8-tmf1-8uac
11
vulnerability VCID-dj7q-4map-ebg4
12
vulnerability VCID-hv33-kv9q-gugf
13
vulnerability VCID-hvgr-azs4-qqac
14
vulnerability VCID-keh1-ycs9-ybdd
15
vulnerability VCID-n4qq-m1x3-qkbz
16
vulnerability VCID-ngy5-k9cv-rkbn
17
vulnerability VCID-s2kf-jwgc-pfas
18
vulnerability VCID-t8tc-zb3w-57gv
19
vulnerability VCID-v5zf-qfdq-kbbp
20
vulnerability VCID-vnfg-9em7-u7ee
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.13
3
url pkg:maven/org.apache.tomcat/tomcat@11.0.0-M11
purl pkg:maven/org.apache.tomcat/tomcat@11.0.0-M11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-16sq-3qm1-kqb2
1
vulnerability VCID-1weg-s38v-nkh9
2
vulnerability VCID-2n2k-sh22-fkfw
3
vulnerability VCID-63vc-sc11-8kf1
4
vulnerability VCID-697g-gcg9-zyaa
5
vulnerability VCID-6kab-xsqw-37ed
6
vulnerability VCID-6wqu-jupw-tyhu
7
vulnerability VCID-7wr9-uez1-8bdg
8
vulnerability VCID-97et-ubnp-wqcy
9
vulnerability VCID-9xyf-k9wq-g7b9
10
vulnerability VCID-bwh8-tmf1-8uac
11
vulnerability VCID-dhxd-kknv-9qb7
12
vulnerability VCID-dj7q-4map-ebg4
13
vulnerability VCID-hv33-kv9q-gugf
14
vulnerability VCID-hvgr-azs4-qqac
15
vulnerability VCID-keh1-ycs9-ybdd
16
vulnerability VCID-n4qq-m1x3-qkbz
17
vulnerability VCID-ngy5-k9cv-rkbn
18
vulnerability VCID-s2kf-jwgc-pfas
19
vulnerability VCID-t8tc-zb3w-57gv
20
vulnerability VCID-vnfg-9em7-u7ee
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@11.0.0-M11
aliases CVE-2023-41080, GHSA-q3mw-pvr8-9ggc
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uyc3-3cnp-wqf3
28
url VCID-v5zf-qfdq-kbbp
vulnerability_id VCID-v5zf-qfdq-kbbp
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-46589.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-46589.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-46589
reference_id
reference_type
scores
0
value 0.53163
scoring_system epss
scoring_elements 0.98026
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-46589
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
4
reference_url https://github.com/apache/tomcat/commit/6f181e1062a472bc5f0234980f66cbde42c1041b
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/6f181e1062a472bc5f0234980f66cbde42c1041b
5
reference_url https://github.com/apache/tomcat/commit/7a2d8818fcea0b51747a67af9510ce7977245ebd
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/7a2d8818fcea0b51747a67af9510ce7977245ebd
6
reference_url https://github.com/apache/tomcat/commit/aa92971e879a519384c517febc39fd04c48d4642
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/aa92971e879a519384c517febc39fd04c48d4642
7
reference_url https://github.com/apache/tomcat/commit/b5776d769bffeade865061bc8ecbeb2b56167b08
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/b5776d769bffeade865061bc8ecbeb2b56167b08
8
reference_url https://lists.debian.org/debian-lts-announce/2024/01/msg00001.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2024/01/msg00001.html
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-46589
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-46589
10
reference_url https://security.netapp.com/advisory/ntap-20231214-0009
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20231214-0009
11
reference_url https://tomcat.apache.org/security-10.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-10.html
12
reference_url https://tomcat.apache.org/security-11.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-11.html
13
reference_url https://tomcat.apache.org/security-8.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-8.html
14
reference_url https://tomcat.apache.org/security-9.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-9.html
15
reference_url http://www.openwall.com/lists/oss-security/2023/11/28/2
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2023/11/28/2
16
reference_url https://lists.apache.org/thread/0rqq6ktozqc42ro8hhxdmmdjm1k1tpxr
reference_id 0rqq6ktozqc42ro8hhxdmmdjm1k1tpxr
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-11T16:04:24Z/
url https://lists.apache.org/thread/0rqq6ktozqc42ro8hhxdmmdjm1k1tpxr
17
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1057082
reference_id 1057082
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1057082
18
reference_url https://www.openwall.com/lists/oss-security/2023/11/28/2
reference_id 2
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-11T16:04:24Z/
url https://www.openwall.com/lists/oss-security/2023/11/28/2
19
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2252050
reference_id 2252050
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2252050
20
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46589
reference_id CVE-2023-46589
reference_type
scores
0
value Important
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46589
21
reference_url https://github.com/advisories/GHSA-fccv-jmmp-qg76
reference_id GHSA-fccv-jmmp-qg76
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-fccv-jmmp-qg76
22
reference_url https://access.redhat.com/errata/RHSA-2024:0532
reference_id RHSA-2024:0532
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0532
23
reference_url https://access.redhat.com/errata/RHSA-2024:0539
reference_id RHSA-2024:0539
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0539
24
reference_url https://access.redhat.com/errata/RHSA-2024:1092
reference_id RHSA-2024:1092
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1092
25
reference_url https://access.redhat.com/errata/RHSA-2024:1134
reference_id RHSA-2024:1134
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1134
26
reference_url https://access.redhat.com/errata/RHSA-2024:1318
reference_id RHSA-2024:1318
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1318
27
reference_url https://access.redhat.com/errata/RHSA-2024:1319
reference_id RHSA-2024:1319
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1319
28
reference_url https://access.redhat.com/errata/RHSA-2024:1324
reference_id RHSA-2024:1324
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1324
29
reference_url https://access.redhat.com/errata/RHSA-2024:1325
reference_id RHSA-2024:1325
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1325
30
reference_url https://access.redhat.com/errata/RHSA-2024:3354
reference_id RHSA-2024:3354
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:3354
31
reference_url https://usn.ubuntu.com/7032-1/
reference_id USN-7032-1
reference_type
scores
url https://usn.ubuntu.com/7032-1/
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@8.5.96
purl pkg:maven/org.apache.tomcat/tomcat@8.5.96
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2n2k-sh22-fkfw
1
vulnerability VCID-63vc-sc11-8kf1
2
vulnerability VCID-697g-gcg9-zyaa
3
vulnerability VCID-6wqu-jupw-tyhu
4
vulnerability VCID-7wr9-uez1-8bdg
5
vulnerability VCID-97et-ubnp-wqcy
6
vulnerability VCID-9xyf-k9wq-g7b9
7
vulnerability VCID-dhxd-kknv-9qb7
8
vulnerability VCID-dj7q-4map-ebg4
9
vulnerability VCID-hv33-kv9q-gugf
10
vulnerability VCID-keh1-ycs9-ybdd
11
vulnerability VCID-qxfb-yg6b-nfda
12
vulnerability VCID-s2kf-jwgc-pfas
13
vulnerability VCID-t8tc-zb3w-57gv
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@8.5.96
1
url pkg:maven/org.apache.tomcat/tomcat@9.0.83
purl pkg:maven/org.apache.tomcat/tomcat@9.0.83
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2n2k-sh22-fkfw
1
vulnerability VCID-63vc-sc11-8kf1
2
vulnerability VCID-697g-gcg9-zyaa
3
vulnerability VCID-6wqu-jupw-tyhu
4
vulnerability VCID-7wr9-uez1-8bdg
5
vulnerability VCID-97et-ubnp-wqcy
6
vulnerability VCID-9xyf-k9wq-g7b9
7
vulnerability VCID-bwh8-tmf1-8uac
8
vulnerability VCID-dhxd-kknv-9qb7
9
vulnerability VCID-dj7q-4map-ebg4
10
vulnerability VCID-hv33-kv9q-gugf
11
vulnerability VCID-hvgr-azs4-qqac
12
vulnerability VCID-keh1-ycs9-ybdd
13
vulnerability VCID-n4qq-m1x3-qkbz
14
vulnerability VCID-ngy5-k9cv-rkbn
15
vulnerability VCID-s2kf-jwgc-pfas
16
vulnerability VCID-t8tc-zb3w-57gv
17
vulnerability VCID-vnfg-9em7-u7ee
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.83
2
url pkg:maven/org.apache.tomcat/tomcat@10.1.16
purl pkg:maven/org.apache.tomcat/tomcat@10.1.16
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2n2k-sh22-fkfw
1
vulnerability VCID-63vc-sc11-8kf1
2
vulnerability VCID-697g-gcg9-zyaa
3
vulnerability VCID-6wqu-jupw-tyhu
4
vulnerability VCID-7wr9-uez1-8bdg
5
vulnerability VCID-97et-ubnp-wqcy
6
vulnerability VCID-9xyf-k9wq-g7b9
7
vulnerability VCID-bwh8-tmf1-8uac
8
vulnerability VCID-dj7q-4map-ebg4
9
vulnerability VCID-hv33-kv9q-gugf
10
vulnerability VCID-hvgr-azs4-qqac
11
vulnerability VCID-keh1-ycs9-ybdd
12
vulnerability VCID-n4qq-m1x3-qkbz
13
vulnerability VCID-ngy5-k9cv-rkbn
14
vulnerability VCID-s2kf-jwgc-pfas
15
vulnerability VCID-t8tc-zb3w-57gv
16
vulnerability VCID-vnfg-9em7-u7ee
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.16
3
url pkg:maven/org.apache.tomcat/tomcat@11.0.0-M11
purl pkg:maven/org.apache.tomcat/tomcat@11.0.0-M11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-16sq-3qm1-kqb2
1
vulnerability VCID-1weg-s38v-nkh9
2
vulnerability VCID-2n2k-sh22-fkfw
3
vulnerability VCID-63vc-sc11-8kf1
4
vulnerability VCID-697g-gcg9-zyaa
5
vulnerability VCID-6kab-xsqw-37ed
6
vulnerability VCID-6wqu-jupw-tyhu
7
vulnerability VCID-7wr9-uez1-8bdg
8
vulnerability VCID-97et-ubnp-wqcy
9
vulnerability VCID-9xyf-k9wq-g7b9
10
vulnerability VCID-bwh8-tmf1-8uac
11
vulnerability VCID-dhxd-kknv-9qb7
12
vulnerability VCID-dj7q-4map-ebg4
13
vulnerability VCID-hv33-kv9q-gugf
14
vulnerability VCID-hvgr-azs4-qqac
15
vulnerability VCID-keh1-ycs9-ybdd
16
vulnerability VCID-n4qq-m1x3-qkbz
17
vulnerability VCID-ngy5-k9cv-rkbn
18
vulnerability VCID-s2kf-jwgc-pfas
19
vulnerability VCID-t8tc-zb3w-57gv
20
vulnerability VCID-vnfg-9em7-u7ee
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@11.0.0-M11
4
url pkg:maven/org.apache.tomcat/tomcat@11.0.1
purl pkg:maven/org.apache.tomcat/tomcat@11.0.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2n2k-sh22-fkfw
1
vulnerability VCID-63vc-sc11-8kf1
2
vulnerability VCID-697g-gcg9-zyaa
3
vulnerability VCID-6wqu-jupw-tyhu
4
vulnerability VCID-7wr9-uez1-8bdg
5
vulnerability VCID-8zsm-8skx-dfha
6
vulnerability VCID-97et-ubnp-wqcy
7
vulnerability VCID-9xyf-k9wq-g7b9
8
vulnerability VCID-bwh8-tmf1-8uac
9
vulnerability VCID-dhxd-kknv-9qb7
10
vulnerability VCID-dj7q-4map-ebg4
11
vulnerability VCID-hv33-kv9q-gugf
12
vulnerability VCID-hvgr-azs4-qqac
13
vulnerability VCID-keh1-ycs9-ybdd
14
vulnerability VCID-n4qq-m1x3-qkbz
15
vulnerability VCID-nctp-shgj-sfgh
16
vulnerability VCID-ngy5-k9cv-rkbn
17
vulnerability VCID-s2kf-jwgc-pfas
18
vulnerability VCID-t8tc-zb3w-57gv
19
vulnerability VCID-uqgg-5gr8-sfgg
20
vulnerability VCID-vnfg-9em7-u7ee
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@11.0.1
aliases CVE-2023-46589, GHSA-fccv-jmmp-qg76
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v5zf-qfdq-kbbp
29
url VCID-vfh6-rc99-e3bf
vulnerability_id VCID-vfh6-rc99-e3bf
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-30640.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-30640.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-30640
reference_id
reference_type
scores
0
value 0.00123
scoring_system epss
scoring_elements 0.30957
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-30640
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/apache/tomcat/commit/0a272b00aed57526dbfc8b881ab253c23c61f100
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/0a272b00aed57526dbfc8b881ab253c23c61f100
4
reference_url https://github.com/apache/tomcat/commit/17208c645d68d2af1444ee8c64f36a9b8f0ba76f
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/17208c645d68d2af1444ee8c64f36a9b8f0ba76f
5
reference_url https://github.com/apache/tomcat/commit/24dfb30076997b640e5123e92c4b8d7f206f609c
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/24dfb30076997b640e5123e92c4b8d7f206f609c
6
reference_url https://github.com/apache/tomcat/commit/329932012d3a9b95fde0b18618416e659ecffdc0
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/329932012d3a9b95fde0b18618416e659ecffdc0
7
reference_url https://github.com/apache/tomcat/commit/3ce84512ed8783577d9945df28da5a033465b945
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/3ce84512ed8783577d9945df28da5a033465b945
8
reference_url https://github.com/apache/tomcat/commit/4e61e1d625a4a64d6b775e3a03c77a0b100d56d7
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/4e61e1d625a4a64d6b775e3a03c77a0b100d56d7
9
reference_url https://github.com/apache/tomcat/commit/4e86b4ea0d1a9b00fa93971c31b93ad1bd49c7fe
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/4e86b4ea0d1a9b00fa93971c31b93ad1bd49c7fe
10
reference_url https://github.com/apache/tomcat/commit/6a9129ac9bd06555ce04bb564a76fc3987311f38
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/6a9129ac9bd06555ce04bb564a76fc3987311f38
11
reference_url https://github.com/apache/tomcat/commit/749f3cc192c68c34f2375509aea087be45fc4434
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/749f3cc192c68c34f2375509aea087be45fc4434
12
reference_url https://github.com/apache/tomcat/commit/79580e7f70a07c083be07307376511bb864d5a7b
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/79580e7f70a07c083be07307376511bb864d5a7b
13
reference_url https://github.com/apache/tomcat/commit/81f16b0a7186ed02efbfac336589d6cff28d1e89
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/81f16b0a7186ed02efbfac336589d6cff28d1e89
14
reference_url https://github.com/apache/tomcat/commit/91ecdc61ce3420054c04114baaaf1c1e0cbd5d56
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/91ecdc61ce3420054c04114baaaf1c1e0cbd5d56
15
reference_url https://github.com/apache/tomcat/commit/ad22db641dcd61c2e8078f658fa709897b5da375
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/ad22db641dcd61c2e8078f658fa709897b5da375
16
reference_url https://github.com/apache/tomcat/commit/b5585a9e5d4fec020cc5ebadb82f899fae22bc43
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/b5585a9e5d4fec020cc5ebadb82f899fae22bc43
17
reference_url https://github.com/apache/tomcat/commit/b930d0b3161d9ec78d5fa57f886ed2de4680518b
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/b930d0b3161d9ec78d5fa57f886ed2de4680518b
18
reference_url https://github.com/apache/tomcat/commit/bd4d1fbe9146dff4714130594afd668406a6a5ef
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/bd4d1fbe9146dff4714130594afd668406a6a5ef
19
reference_url https://github.com/apache/tomcat/commit/c4df8d44a959a937d507d15e5b1ca35c3dbc41eb
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/c4df8d44a959a937d507d15e5b1ca35c3dbc41eb
20
reference_url https://github.com/apache/tomcat/commit/c6b6e1015ae44c936971b6bf8bce70987935b92e
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/c6b6e1015ae44c936971b6bf8bce70987935b92e
21
reference_url https://github.com/apache/tomcat/commit/c9f21a2a7908c7c4ecd4f9bb495d3ee36a2bd822
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/c9f21a2a7908c7c4ecd4f9bb495d3ee36a2bd822
22
reference_url https://github.com/apache/tomcat/commit/d3407672774e372fae8b5898d55f85d16f22b972
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/d3407672774e372fae8b5898d55f85d16f22b972
23
reference_url https://github.com/apache/tomcat/commit/d5303a506c7533803d2b3bc46e6120ce673a6667
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/d5303a506c7533803d2b3bc46e6120ce673a6667
24
reference_url https://github.com/apache/tomcat/commit/e21eb4764ccda55e5a35a5a7c19a6fd2b0757fe9
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/e21eb4764ccda55e5a35a5a7c19a6fd2b0757fe9
25
reference_url https://github.com/apache/tomcat/commit/e50067486cf86564175ca0cfdcbf7d209c6df862
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/e50067486cf86564175ca0cfdcbf7d209c6df862
26
reference_url https://github.com/apache/tomcat/commit/eeb7351219bd8803c0053e1e80444664a7cf5b51
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/eeb7351219bd8803c0053e1e80444664a7cf5b51
27
reference_url https://github.com/apache/tomcat/commit/f4d9bdef53ec009b7717620d890465fa273721a6
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/f4d9bdef53ec009b7717620d890465fa273721a6
28
reference_url https://lists.apache.org/thread.html/r59f9ef03929d32120f91f4ea7e6e79edd5688d75d0a9b65fd26d1fe8%40%3Cannounce.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r59f9ef03929d32120f91f4ea7e6e79edd5688d75d0a9b65fd26d1fe8%40%3Cannounce.tomcat.apache.org%3E
29
reference_url https://lists.debian.org/debian-lts-announce/2021/08/msg00009.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2021/08/msg00009.html
30
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-30640
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-30640
31
reference_url https://security.netapp.com/advisory/ntap-20210827-0007
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20210827-0007
32
reference_url https://security.netapp.com/advisory/ntap-20210827-0007/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20210827-0007/
33
reference_url https://www.debian.org/security/2021/dsa-4952
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2021/dsa-4952
34
reference_url https://www.debian.org/security/2021/dsa-4986
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2021/dsa-4986
35
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1981544
reference_id 1981544
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1981544
36
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991046
reference_id 991046
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991046
37
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30640
reference_id CVE-2021-30640
reference_type
scores
0
value Low
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30640
38
reference_url https://github.com/advisories/GHSA-36qh-35cm-5w2w
reference_id GHSA-36qh-35cm-5w2w
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-36qh-35cm-5w2w
39
reference_url https://security.gentoo.org/glsa/202208-34
reference_id GLSA-202208-34
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202208-34
40
reference_url https://access.redhat.com/errata/RHSA-2021:4861
reference_id RHSA-2021:4861
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4861
41
reference_url https://access.redhat.com/errata/RHSA-2021:4863
reference_id RHSA-2021:4863
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4863
42
reference_url https://access.redhat.com/errata/RHSA-2022:1179
reference_id RHSA-2022:1179
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1179
43
reference_url https://access.redhat.com/errata/RHSA-2022:5532
reference_id RHSA-2022:5532
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5532
44
reference_url https://usn.ubuntu.com/5360-1/
reference_id USN-5360-1
reference_type
scores
url https://usn.ubuntu.com/5360-1/
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@8.5.65
purl pkg:maven/org.apache.tomcat/tomcat@8.5.65
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2hmq-5245-jyaf
1
vulnerability VCID-2n2k-sh22-fkfw
2
vulnerability VCID-3kn9-yxww-ryh4
3
vulnerability VCID-63vc-sc11-8kf1
4
vulnerability VCID-697g-gcg9-zyaa
5
vulnerability VCID-6wqu-jupw-tyhu
6
vulnerability VCID-7wr9-uez1-8bdg
7
vulnerability VCID-97et-ubnp-wqcy
8
vulnerability VCID-9xyf-k9wq-g7b9
9
vulnerability VCID-bbye-dcrb-t3ev
10
vulnerability VCID-dhxd-kknv-9qb7
11
vulnerability VCID-dj7q-4map-ebg4
12
vulnerability VCID-dx14-ejnx-37ad
13
vulnerability VCID-hv33-kv9q-gugf
14
vulnerability VCID-keh1-ycs9-ybdd
15
vulnerability VCID-m3py-3ba2-jkg7
16
vulnerability VCID-qxfb-yg6b-nfda
17
vulnerability VCID-s2kf-jwgc-pfas
18
vulnerability VCID-t8tc-zb3w-57gv
19
vulnerability VCID-tvrz-n2kd-pba4
20
vulnerability VCID-uyc3-3cnp-wqf3
21
vulnerability VCID-v5zf-qfdq-kbbp
22
vulnerability VCID-vfh6-rc99-e3bf
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@8.5.65
1
url pkg:maven/org.apache.tomcat/tomcat@8.5.66
purl pkg:maven/org.apache.tomcat/tomcat@8.5.66
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2hmq-5245-jyaf
1
vulnerability VCID-2n2k-sh22-fkfw
2
vulnerability VCID-3kn9-yxww-ryh4
3
vulnerability VCID-63vc-sc11-8kf1
4
vulnerability VCID-64zy-xgrf-eba1
5
vulnerability VCID-697g-gcg9-zyaa
6
vulnerability VCID-6wqu-jupw-tyhu
7
vulnerability VCID-7wr9-uez1-8bdg
8
vulnerability VCID-97et-ubnp-wqcy
9
vulnerability VCID-9xyf-k9wq-g7b9
10
vulnerability VCID-bbye-dcrb-t3ev
11
vulnerability VCID-dhxd-kknv-9qb7
12
vulnerability VCID-dj7q-4map-ebg4
13
vulnerability VCID-dx14-ejnx-37ad
14
vulnerability VCID-hv33-kv9q-gugf
15
vulnerability VCID-keh1-ycs9-ybdd
16
vulnerability VCID-m3py-3ba2-jkg7
17
vulnerability VCID-qxfb-yg6b-nfda
18
vulnerability VCID-s2kf-jwgc-pfas
19
vulnerability VCID-t8tc-zb3w-57gv
20
vulnerability VCID-tvrz-n2kd-pba4
21
vulnerability VCID-uyc3-3cnp-wqf3
22
vulnerability VCID-v5zf-qfdq-kbbp
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@8.5.66
2
url pkg:maven/org.apache.tomcat/tomcat@9.0.45
purl pkg:maven/org.apache.tomcat/tomcat@9.0.45
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2hmq-5245-jyaf
1
vulnerability VCID-2n2k-sh22-fkfw
2
vulnerability VCID-3kn9-yxww-ryh4
3
vulnerability VCID-63vc-sc11-8kf1
4
vulnerability VCID-697g-gcg9-zyaa
5
vulnerability VCID-6wqu-jupw-tyhu
6
vulnerability VCID-7wr9-uez1-8bdg
7
vulnerability VCID-97et-ubnp-wqcy
8
vulnerability VCID-9xyf-k9wq-g7b9
9
vulnerability VCID-bbye-dcrb-t3ev
10
vulnerability VCID-dhxd-kknv-9qb7
11
vulnerability VCID-dj7q-4map-ebg4
12
vulnerability VCID-dx14-ejnx-37ad
13
vulnerability VCID-hv33-kv9q-gugf
14
vulnerability VCID-hvgr-azs4-qqac
15
vulnerability VCID-keh1-ycs9-ybdd
16
vulnerability VCID-ngy5-k9cv-rkbn
17
vulnerability VCID-s2kf-jwgc-pfas
18
vulnerability VCID-t8tc-zb3w-57gv
19
vulnerability VCID-tvrz-n2kd-pba4
20
vulnerability VCID-uyc3-3cnp-wqf3
21
vulnerability VCID-v5zf-qfdq-kbbp
22
vulnerability VCID-vfh6-rc99-e3bf
23
vulnerability VCID-vnfg-9em7-u7ee
24
vulnerability VCID-x7wn-uamc-6bg5
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.45
3
url pkg:maven/org.apache.tomcat/tomcat@9.0.46
purl pkg:maven/org.apache.tomcat/tomcat@9.0.46
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2hmq-5245-jyaf
1
vulnerability VCID-2n2k-sh22-fkfw
2
vulnerability VCID-3kn9-yxww-ryh4
3
vulnerability VCID-63vc-sc11-8kf1
4
vulnerability VCID-64zy-xgrf-eba1
5
vulnerability VCID-697g-gcg9-zyaa
6
vulnerability VCID-6wqu-jupw-tyhu
7
vulnerability VCID-7wr9-uez1-8bdg
8
vulnerability VCID-97et-ubnp-wqcy
9
vulnerability VCID-9xyf-k9wq-g7b9
10
vulnerability VCID-bbye-dcrb-t3ev
11
vulnerability VCID-dhxd-kknv-9qb7
12
vulnerability VCID-dj7q-4map-ebg4
13
vulnerability VCID-dx14-ejnx-37ad
14
vulnerability VCID-hv33-kv9q-gugf
15
vulnerability VCID-hvgr-azs4-qqac
16
vulnerability VCID-keh1-ycs9-ybdd
17
vulnerability VCID-ngy5-k9cv-rkbn
18
vulnerability VCID-s2kf-jwgc-pfas
19
vulnerability VCID-t8tc-zb3w-57gv
20
vulnerability VCID-tvrz-n2kd-pba4
21
vulnerability VCID-uyc3-3cnp-wqf3
22
vulnerability VCID-v5zf-qfdq-kbbp
23
vulnerability VCID-vnfg-9em7-u7ee
24
vulnerability VCID-x7wn-uamc-6bg5
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.46
4
url pkg:maven/org.apache.tomcat/tomcat@10.0.5
purl pkg:maven/org.apache.tomcat/tomcat@10.0.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2hmq-5245-jyaf
1
vulnerability VCID-3kn9-yxww-ryh4
2
vulnerability VCID-bbye-dcrb-t3ev
3
vulnerability VCID-dx14-ejnx-37ad
4
vulnerability VCID-tvrz-n2kd-pba4
5
vulnerability VCID-vfh6-rc99-e3bf
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.0.5
5
url pkg:maven/org.apache.tomcat/tomcat@10.0.6
purl pkg:maven/org.apache.tomcat/tomcat@10.0.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2hmq-5245-jyaf
1
vulnerability VCID-3kn9-yxww-ryh4
2
vulnerability VCID-64zy-xgrf-eba1
3
vulnerability VCID-bbye-dcrb-t3ev
4
vulnerability VCID-dx14-ejnx-37ad
5
vulnerability VCID-tvrz-n2kd-pba4
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.0.6
aliases CVE-2021-30640, GHSA-36qh-35cm-5w2w
risk_score 1.6
exploitability 0.5
weighted_severity 3.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vfh6-rc99-e3bf
30
url VCID-yjb8-hdqu-4fe5
vulnerability_id VCID-yjb8-hdqu-4fe5
summary
references
0
reference_url http://packetstormsecurity.com/files/176951/Apache-Tomcat-8.5.63-9.0.43-HTTP-Response-Smuggling.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://packetstormsecurity.com/files/176951/Apache-Tomcat-8.5.63-9.0.43-HTTP-Response-Smuggling.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21733.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21733.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-21733
reference_id
reference_type
scores
0
value 0.70951
scoring_system epss
scoring_elements 0.98726
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-21733
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
5
reference_url https://github.com/apache/tomcat/commit/86ccc43940861703c2be96a5f35384407522125a
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/86ccc43940861703c2be96a5f35384407522125a
6
reference_url https://github.com/apache/tomcat/commit/ce4b154e7b48f66bd98858626347747cd2514311
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/ce4b154e7b48f66bd98858626347747cd2514311
7
reference_url https://lists.debian.org/debian-lts-announce/2025/01/msg00009.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2025/01/msg00009.html
8
reference_url https://security.netapp.com/advisory/ntap-20240216-0005
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20240216-0005
9
reference_url https://tomcat.apache.org/security-8.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-8.html
10
reference_url https://tomcat.apache.org/security-9.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-9.html
11
reference_url http://www.openwall.com/lists/oss-security/2024/01/19/2
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2024/01/19/2
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2259204
reference_id 2259204
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2259204
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21733
reference_id CVE-2024-21733
reference_type
scores
0
value Important
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21733
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-21733
reference_id CVE-2024-21733
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-21733
15
reference_url https://github.com/advisories/GHSA-f4qf-m5gf-8jm8
reference_id GHSA-f4qf-m5gf-8jm8
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-f4qf-m5gf-8jm8
16
reference_url https://lists.apache.org/thread/h9bjqdd0odj6lhs2o96qgowcc6hb0cfz
reference_id h9bjqdd0odj6lhs2o96qgowcc6hb0cfz
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-13T16:09:11Z/
url https://lists.apache.org/thread/h9bjqdd0odj6lhs2o96qgowcc6hb0cfz
17
reference_url https://access.redhat.com/errata/RHSA-2024:2707
reference_id RHSA-2024:2707
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2707
18
reference_url https://access.redhat.com/errata/RHSA-2024:3354
reference_id RHSA-2024:3354
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:3354
19
reference_url https://usn.ubuntu.com/7562-1/
reference_id USN-7562-1
reference_type
scores
url https://usn.ubuntu.com/7562-1/
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@8.5.64
purl pkg:maven/org.apache.tomcat/tomcat@8.5.64
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2hmq-5245-jyaf
1
vulnerability VCID-2n2k-sh22-fkfw
2
vulnerability VCID-3kn9-yxww-ryh4
3
vulnerability VCID-63vc-sc11-8kf1
4
vulnerability VCID-697g-gcg9-zyaa
5
vulnerability VCID-6wqu-jupw-tyhu
6
vulnerability VCID-7wr9-uez1-8bdg
7
vulnerability VCID-97et-ubnp-wqcy
8
vulnerability VCID-9xyf-k9wq-g7b9
9
vulnerability VCID-bbye-dcrb-t3ev
10
vulnerability VCID-dhxd-kknv-9qb7
11
vulnerability VCID-dj7q-4map-ebg4
12
vulnerability VCID-dx14-ejnx-37ad
13
vulnerability VCID-hv33-kv9q-gugf
14
vulnerability VCID-keh1-ycs9-ybdd
15
vulnerability VCID-m3py-3ba2-jkg7
16
vulnerability VCID-ndb1-hdsw-v7fq
17
vulnerability VCID-qxfb-yg6b-nfda
18
vulnerability VCID-s2kf-jwgc-pfas
19
vulnerability VCID-t8tc-zb3w-57gv
20
vulnerability VCID-tvrz-n2kd-pba4
21
vulnerability VCID-uyc3-3cnp-wqf3
22
vulnerability VCID-v5zf-qfdq-kbbp
23
vulnerability VCID-vfh6-rc99-e3bf
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@8.5.64
1
url pkg:maven/org.apache.tomcat/tomcat@9.0.44
purl pkg:maven/org.apache.tomcat/tomcat@9.0.44
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2hmq-5245-jyaf
1
vulnerability VCID-2n2k-sh22-fkfw
2
vulnerability VCID-3kn9-yxww-ryh4
3
vulnerability VCID-63vc-sc11-8kf1
4
vulnerability VCID-697g-gcg9-zyaa
5
vulnerability VCID-6wqu-jupw-tyhu
6
vulnerability VCID-7wr9-uez1-8bdg
7
vulnerability VCID-97et-ubnp-wqcy
8
vulnerability VCID-9xyf-k9wq-g7b9
9
vulnerability VCID-bbye-dcrb-t3ev
10
vulnerability VCID-dhxd-kknv-9qb7
11
vulnerability VCID-dj7q-4map-ebg4
12
vulnerability VCID-dx14-ejnx-37ad
13
vulnerability VCID-hv33-kv9q-gugf
14
vulnerability VCID-hvgr-azs4-qqac
15
vulnerability VCID-keh1-ycs9-ybdd
16
vulnerability VCID-ndb1-hdsw-v7fq
17
vulnerability VCID-ngy5-k9cv-rkbn
18
vulnerability VCID-s2kf-jwgc-pfas
19
vulnerability VCID-t8tc-zb3w-57gv
20
vulnerability VCID-tvrz-n2kd-pba4
21
vulnerability VCID-uyc3-3cnp-wqf3
22
vulnerability VCID-v5zf-qfdq-kbbp
23
vulnerability VCID-vfh6-rc99-e3bf
24
vulnerability VCID-vnfg-9em7-u7ee
25
vulnerability VCID-x7wn-uamc-6bg5
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.44
aliases CVE-2024-21733, GHSA-f4qf-m5gf-8jm8
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yjb8-hdqu-4fe5
Fixing_vulnerabilities
0
url VCID-5nu4-5ude-4yhc
vulnerability_id VCID-5nu4-5ude-4yhc
summary
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00013.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00013.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17563.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17563.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-17563
reference_id
reference_type
scores
0
value 0.04359
scoring_system epss
scoring_elements 0.8919
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-17563
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
5
reference_url https://github.com/apache/tomcat/commit/1ecba14e690cf5f3f143eef6ae7037a6d3c16652
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/1ecba14e690cf5f3f143eef6ae7037a6d3c16652
6
reference_url https://github.com/apache/tomcat/commit/e19a202ee43b6e2a538be5515ae0ab32d8ef112c
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/e19a202ee43b6e2a538be5515ae0ab32d8ef112c
7
reference_url https://lists.apache.org/thread.html/8b4c1db8300117b28a0f3f743c0b9e3f964687a690cdf9662a884bbd%40%3Cannounce.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/8b4c1db8300117b28a0f3f743c0b9e3f964687a690cdf9662a884bbd%40%3Cannounce.tomcat.apache.org%3E
8
reference_url https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E
9
reference_url https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E
10
reference_url https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9@%3Cdev.tomcat.apache.org%3E
11
reference_url https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a@%3Cdev.tomcat.apache.org%3E
13
reference_url https://lists.apache.org/thread.html/reb9a66f176df29b9a832caa95ebd9ffa3284e8f4922ec4fa3ad8eb2e@%3Cissues.cxf.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/reb9a66f176df29b9a832caa95ebd9ffa3284e8f4922ec4fa3ad8eb2e@%3Cissues.cxf.apache.org%3E
14
reference_url https://lists.debian.org/debian-lts-announce/2020/01/msg00024.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2020/01/msg00024.html
15
reference_url https://seclists.org/bugtraq/2019/Dec/43
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://seclists.org/bugtraq/2019/Dec/43
16
reference_url https://security.netapp.com/advisory/ntap-20200107-0001
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20200107-0001
17
reference_url https://security.netapp.com/advisory/ntap-20200107-0001/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20200107-0001/
18
reference_url https://usn.ubuntu.com/4251-1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/4251-1
19
reference_url https://usn.ubuntu.com/4251-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/4251-1/
20
reference_url https://www.debian.org/security/2019/dsa-4596
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2019/dsa-4596
21
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1785711
reference_id 1785711
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1785711
22
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17563
reference_id CVE-2019-17563
reference_type
scores
0
value Low
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17563
23
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-17563
reference_id CVE-2019-17563
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-17563
24
reference_url https://github.com/advisories/GHSA-9xcj-c8cr-8c3c
reference_id GHSA-9xcj-c8cr-8c3c
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-9xcj-c8cr-8c3c
25
reference_url https://access.redhat.com/errata/RHSA-2020:0860
reference_id RHSA-2020:0860
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0860
26
reference_url https://access.redhat.com/errata/RHSA-2020:0861
reference_id RHSA-2020:0861
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0861
27
reference_url https://access.redhat.com/errata/RHSA-2020:1520
reference_id RHSA-2020:1520
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1520
28
reference_url https://access.redhat.com/errata/RHSA-2020:1521
reference_id RHSA-2020:1521
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1521
29
reference_url https://access.redhat.com/errata/RHSA-2020:4004
reference_id RHSA-2020:4004
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4004
30
reference_url https://access.redhat.com/errata/RHSA-2021:0882
reference_id RHSA-2021:0882
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0882
31
reference_url https://access.redhat.com/errata/RHSA-2021:1030
reference_id RHSA-2021:1030
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:1030
fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@7.0.99
purl pkg:maven/org.apache.tomcat/tomcat@7.0.99
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2n2k-sh22-fkfw
1
vulnerability VCID-697g-gcg9-zyaa
2
vulnerability VCID-824z-m36f-87ea
3
vulnerability VCID-97et-ubnp-wqcy
4
vulnerability VCID-9xyf-k9wq-g7b9
5
vulnerability VCID-bv5e-eycn-n7e2
6
vulnerability VCID-dj7q-4map-ebg4
7
vulnerability VCID-hv33-kv9q-gugf
8
vulnerability VCID-p65m-6crd-bufr
9
vulnerability VCID-qvgx-r4rr-xugp
10
vulnerability VCID-s2kf-jwgc-pfas
11
vulnerability VCID-t7xw-r7rz-u3g5
12
vulnerability VCID-t8tc-zb3w-57gv
13
vulnerability VCID-vfh6-rc99-e3bf
14
vulnerability VCID-yg5s-2fsb-gub2
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@7.0.99
1
url pkg:maven/org.apache.tomcat/tomcat@8.5.50
purl pkg:maven/org.apache.tomcat/tomcat@8.5.50
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2hmq-5245-jyaf
1
vulnerability VCID-2n2k-sh22-fkfw
2
vulnerability VCID-3kn9-yxww-ryh4
3
vulnerability VCID-697g-gcg9-zyaa
4
vulnerability VCID-6wqu-jupw-tyhu
5
vulnerability VCID-7wr9-uez1-8bdg
6
vulnerability VCID-824z-m36f-87ea
7
vulnerability VCID-97et-ubnp-wqcy
8
vulnerability VCID-9xyf-k9wq-g7b9
9
vulnerability VCID-bv5e-eycn-n7e2
10
vulnerability VCID-dhxd-kknv-9qb7
11
vulnerability VCID-dj7q-4map-ebg4
12
vulnerability VCID-dx14-ejnx-37ad
13
vulnerability VCID-euv9-huaz-y3d1
14
vulnerability VCID-gecz-htub-27gx
15
vulnerability VCID-hv33-kv9q-gugf
16
vulnerability VCID-keh1-ycs9-ybdd
17
vulnerability VCID-m3py-3ba2-jkg7
18
vulnerability VCID-nj9t-gdm3-6ycn
19
vulnerability VCID-p65m-6crd-bufr
20
vulnerability VCID-qvgx-r4rr-xugp
21
vulnerability VCID-qxfb-yg6b-nfda
22
vulnerability VCID-r9fd-ndvw-ekfa
23
vulnerability VCID-s2kf-jwgc-pfas
24
vulnerability VCID-t7xw-r7rz-u3g5
25
vulnerability VCID-t8tc-zb3w-57gv
26
vulnerability VCID-tvrz-n2kd-pba4
27
vulnerability VCID-uyc3-3cnp-wqf3
28
vulnerability VCID-v5zf-qfdq-kbbp
29
vulnerability VCID-vfh6-rc99-e3bf
30
vulnerability VCID-yjb8-hdqu-4fe5
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@8.5.50
2
url pkg:maven/org.apache.tomcat/tomcat@9.0.30
purl pkg:maven/org.apache.tomcat/tomcat@9.0.30
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2hmq-5245-jyaf
1
vulnerability VCID-2n2k-sh22-fkfw
2
vulnerability VCID-3kn9-yxww-ryh4
3
vulnerability VCID-697g-gcg9-zyaa
4
vulnerability VCID-6wqu-jupw-tyhu
5
vulnerability VCID-7wr9-uez1-8bdg
6
vulnerability VCID-824z-m36f-87ea
7
vulnerability VCID-97et-ubnp-wqcy
8
vulnerability VCID-9xyf-k9wq-g7b9
9
vulnerability VCID-bv5e-eycn-n7e2
10
vulnerability VCID-dhxd-kknv-9qb7
11
vulnerability VCID-dj7q-4map-ebg4
12
vulnerability VCID-dx14-ejnx-37ad
13
vulnerability VCID-euv9-huaz-y3d1
14
vulnerability VCID-gecz-htub-27gx
15
vulnerability VCID-hv33-kv9q-gugf
16
vulnerability VCID-keh1-ycs9-ybdd
17
vulnerability VCID-ngy5-k9cv-rkbn
18
vulnerability VCID-nj9t-gdm3-6ycn
19
vulnerability VCID-p65m-6crd-bufr
20
vulnerability VCID-qvgx-r4rr-xugp
21
vulnerability VCID-r9fd-ndvw-ekfa
22
vulnerability VCID-s2kf-jwgc-pfas
23
vulnerability VCID-t7xw-r7rz-u3g5
24
vulnerability VCID-t8tc-zb3w-57gv
25
vulnerability VCID-tvrz-n2kd-pba4
26
vulnerability VCID-uyc3-3cnp-wqf3
27
vulnerability VCID-v5zf-qfdq-kbbp
28
vulnerability VCID-vfh6-rc99-e3bf
29
vulnerability VCID-vnfg-9em7-u7ee
30
vulnerability VCID-yg5s-2fsb-gub2
31
vulnerability VCID-yjb8-hdqu-4fe5
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.30
aliases CVE-2019-17563, GHSA-9xcj-c8cr-8c3c
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5nu4-5ude-4yhc
Risk_score10.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@8.5.50