Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:apache/tomcat@9.0.44

Type apache

Namespace

Name tomcat

Version 9.0.44

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 9.0.48

Latest_non_vulnerable_version 11.0.22

Affected_by_vulnerabilities

url VCID-8qze-3eq1-mbf9

vulnerability_id VCID-8qze-3eq1-mbf9

summary

Improper Handling of Exceptional Conditions
A vulnerability in Apache Tomcat allows an attacker to remotely trigger a denial of service.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-30639.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-30639.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-30639

reference_id

reference_type

scores

value	0.00422
scoring_system	epss
scoring_elements	0.62386
published_at	2026-06-04T12:55:00Z

value	0.00422
scoring_system	epss
scoring_elements	0.62432
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-30639

reference_url	https://github.com/apache/tomcat/commit/411caf29ac1c16e6ac291b6e5543b2371dbd25e2
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/411caf29ac1c16e6ac291b6e5543b2371dbd25e2

reference_url	https://github.com/apache/tomcat/commit/8ece47c4a9fb9349e8862c84358a4dd23c643a24
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/8ece47c4a9fb9349e8862c84358a4dd23c643a24

reference_url	https://github.com/apache/tomcat/commit/b59099e4ca501a039510334ebe1024971cd6f959
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/b59099e4ca501a039510334ebe1024971cd6f959

reference_url

https://kc.mcafee.com/corporate/index?page=content&id=SB10366

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://kc.mcafee.com/corporate/index?page=content&id=SB10366

reference_url

https://lists.apache.org/thread.html/r79a7c019712b39aedf7cf4da9276d80610f04441b2a4f6506cb2daaf@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r79a7c019712b39aedf7cf4da9276d80610f04441b2a4f6506cb2daaf@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r79a7c019712b39aedf7cf4da9276d80610f04441b2a4f6506cb2daaf@%3Cusers.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r79a7c019712b39aedf7cf4da9276d80610f04441b2a4f6506cb2daaf@%3Cusers.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rd84fae1f474597bdf358f5bdc0a5c453c507bd527b83e8be6b5ea3f4%40%3Cannounce.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rd84fae1f474597bdf358f5bdc0a5c453c507bd527b83e8be6b5ea3f4%40%3Cannounce.tomcat.apache.org%3E

reference_url

https://security.gentoo.org/glsa/202208-34

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.gentoo.org/glsa/202208-34

reference_url

https://security.netapp.com/advisory/ntap-20210827-0007

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20210827-0007

reference_url	https://security.netapp.com/advisory/ntap-20210827-0007/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20210827-0007/

reference_url

https://www.oracle.com/security-alerts/cpujan2022.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpujan2022.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1981540
reference_id	1981540
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1981540

reference_url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30639

reference_id

CVE-2021-30639

reference_type

scores

value	Important
scoring_system	apache_tomcat
scoring_elements

url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30639

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2021-30639

reference_id

CVE-2021-30639

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2021-30639

reference_url	https://github.com/advisories/GHSA-44qp-qhfv-c7f6
reference_id	GHSA-44qp-qhfv-c7f6
reference_type
scores
url	https://github.com/advisories/GHSA-44qp-qhfv-c7f6

fixed_packages

url pkg:apache/tomcat@9.0.45

purl pkg:apache/tomcat@9.0.45

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-dk58-p9py-rka9

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@9.0.45

url pkg:apache/tomcat@10.0.5

purl pkg:apache/tomcat@10.0.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-dk58-p9py-rka9

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@10.0.5

aliases CVE-2021-30639, GHSA-44qp-qhfv-c7f6

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8qze-3eq1-mbf9

Fixing_vulnerabilities

url VCID-dbu6-fhrs-aubn

vulnerability_id VCID-dbu6-fhrs-aubn

summary

Improper Input Validation
Apache Tomcat does not properly validate incoming TLS packets. When Tomcat was configured to use NIO+OpenSSL or NIO2+OpenSSL for TLS, a specially crafted packet could be used to trigger an infinite loop resulting in a denial of service.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-41079.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-41079.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-41079

reference_id

reference_type

scores

value	0.00103
scoring_system	epss
scoring_elements	0.2779
published_at	2026-06-05T12:55:00Z

value	0.00103
scoring_system	epss
scoring_elements	0.27723
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-41079

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/apache/tomcat

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat

reference_url

https://github.com/apache/tomcat/commit/34115fb3c83f6cd97772232316a492a4cc5729e0

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/34115fb3c83f6cd97772232316a492a4cc5729e0

reference_url	https://github.com/apache/tomcat/commit/b90d4fc1ff44f30e4b3aba622ba6677e3f003822
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/b90d4fc1ff44f30e4b3aba622ba6677e3f003822

reference_url	https://github.com/apache/tomcat/commit/d4b340fa8feaf55831f9a59350578f7b6ca048b8
reference_id
reference_type
scores
url	https://github.com/apache/tomcat/commit/d4b340fa8feaf55831f9a59350578f7b6ca048b8

reference_url

https://lists.apache.org/thread.html/r6b6b674e3f168dd010e67dbe6848b866e2acf26371452fdae313b98a@%3Cusers.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r6b6b674e3f168dd010e67dbe6848b866e2acf26371452fdae313b98a@%3Cusers.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rb4de81ac647043541a32881099aa6eb5a23f1b7fd116f713f8ab9dbe@%3Cdev.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rb4de81ac647043541a32881099aa6eb5a23f1b7fd116f713f8ab9dbe@%3Cdev.tomcat.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rccdef0349fdf4fb73a4e4403095446d7fe6264e0a58e2df5c6799434%40%3Cannounce.tomcat.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rccdef0349fdf4fb73a4e4403095446d7fe6264e0a58e2df5c6799434%40%3Cannounce.tomcat.apache.org%3E

reference_url

https://lists.debian.org/debian-lts-announce/2021/09/msg00012.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2021/09/msg00012.html

reference_url

https://security.netapp.com/advisory/ntap-20211008-0005

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20211008-0005

reference_url

https://www.debian.org/security/2021/dsa-4986

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.debian.org/security/2021/dsa-4986

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2004820
reference_id	2004820
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2004820

reference_url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41079

reference_id

CVE-2021-41079

reference_type

scores

value	Important
scoring_system	apache_tomcat
scoring_elements

url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41079

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2021-41079

reference_id

CVE-2021-41079

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2021-41079

reference_url	https://access.redhat.com/errata/RHSA-2021:3741
reference_id	RHSA-2021:3741
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:3741

reference_url	https://access.redhat.com/errata/RHSA-2021:3743
reference_id	RHSA-2021:3743
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:3743

reference_url	https://access.redhat.com/errata/RHSA-2022:1179
reference_id	RHSA-2022:1179
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1179

reference_url	https://access.redhat.com/errata/RHSA-2022:5532
reference_id	RHSA-2022:5532
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5532

reference_url	https://usn.ubuntu.com/5360-1/
reference_id	USN-5360-1
reference_type
scores
url	https://usn.ubuntu.com/5360-1/

reference_url	https://usn.ubuntu.com/6943-1/
reference_id	USN-6943-1
reference_type
scores
url	https://usn.ubuntu.com/6943-1/

fixed_packages

url pkg:apache/tomcat@8.5.64

purl pkg:apache/tomcat@8.5.64

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8qze-3eq1-mbf9

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@8.5.64

url pkg:apache/tomcat@9.0.44

purl pkg:apache/tomcat@9.0.44

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8qze-3eq1-mbf9

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@9.0.44

url pkg:apache/tomcat@10.0.4

purl pkg:apache/tomcat@10.0.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8qze-3eq1-mbf9

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@10.0.4

aliases CVE-2021-41079, GHSA-59g9-7gfx-c72p

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dbu6-fhrs-aubn

url VCID-wyf8-8szf-qbfn

vulnerability_id VCID-wyf8-8szf-qbfn

summary

Apache Tomcat vulnerable to Generation of Error Message Containing Sensitive Information
Generation of Error Message Containing Sensitive Information vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 8.5.7 through 8.5.63, from 9.0.0-M11 through 9.0.43.

Users are recommended to upgrade to version 8.5.64 onwards or 9.0.44 onwards, which contain a fix for the issue.

references

reference_url

http://packetstormsecurity.com/files/176951/Apache-Tomcat-8.5.63-9.0.43-HTTP-Response-Smuggling.html

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://packetstormsecurity.com/files/176951/Apache-Tomcat-8.5.63-9.0.43-HTTP-Response-Smuggling.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21733.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21733.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-21733

reference_id

reference_type

scores

value	0.70951
scoring_system	epss
scoring_elements	0.98723
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-21733

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/apache/tomcat

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat

reference_url

https://github.com/apache/tomcat/commit/86ccc43940861703c2be96a5f35384407522125a

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/86ccc43940861703c2be96a5f35384407522125a

reference_url

https://github.com/apache/tomcat/commit/ce4b154e7b48f66bd98858626347747cd2514311

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/ce4b154e7b48f66bd98858626347747cd2514311

reference_url

https://lists.apache.org/thread/h9bjqdd0odj6lhs2o96qgowcc6hb0cfz

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-13T16:09:11Z/

url

https://lists.apache.org/thread/h9bjqdd0odj6lhs2o96qgowcc6hb0cfz

reference_url

https://lists.debian.org/debian-lts-announce/2025/01/msg00009.html

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2025/01/msg00009.html

reference_url

https://security.netapp.com/advisory/ntap-20240216-0005

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20240216-0005

reference_url

https://tomcat.apache.org/security-8.html

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://tomcat.apache.org/security-8.html

reference_url

https://tomcat.apache.org/security-9.html

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://tomcat.apache.org/security-9.html

reference_url

http://www.openwall.com/lists/oss-security/2024/01/19/2

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2024/01/19/2

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2259204
reference_id	2259204
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2259204

reference_url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21733

reference_id

CVE-2024-21733

reference_type

scores

value	Important
scoring_system	apache_tomcat
scoring_elements

url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21733

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2024-21733

reference_id

CVE-2024-21733

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2024-21733

reference_url

https://github.com/advisories/GHSA-f4qf-m5gf-8jm8

reference_id

GHSA-f4qf-m5gf-8jm8

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-f4qf-m5gf-8jm8

reference_url	https://usn.ubuntu.com/7562-1/
reference_id	USN-7562-1
reference_type
scores
url	https://usn.ubuntu.com/7562-1/

fixed_packages

url pkg:apache/tomcat@8.5.64

purl pkg:apache/tomcat@8.5.64

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8qze-3eq1-mbf9

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@8.5.64

url pkg:apache/tomcat@9.0.44

purl pkg:apache/tomcat@9.0.44

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8qze-3eq1-mbf9

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@9.0.44

aliases CVE-2024-21733, GHSA-f4qf-m5gf-8jm8

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wyf8-8szf-qbfn

Risk_score 4.0

Resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@9.0.44

Package Instance