Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:rpm/redhat/tomcat@1:9.0.87-2.el9_5?arch=1

Type rpm

Namespace redhat

Name tomcat

Version 1:9.0.87-2.el9_5

Qualifiers

arch	1

Subpath

Is_vulnerable true

Next_non_vulnerable_version null

Latest_non_vulnerable_version null

Affected_by_vulnerabilities

url

VCID-5sgv-7nsz-5fa8

vulnerability_id

VCID-5sgv-7nsz-5fa8

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-24813.json

reference_id

reference_type

scores

value	8.6
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-24813.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-24813

reference_id

reference_type

scores

value	0.94165
scoring_system	epss
scoring_elements	0.99918
published_at	2026-04-16T12:55:00Z

value	0.94165
scoring_system	epss
scoring_elements	0.99917
published_at	2026-04-12T12:55:00Z

value	0.94165
scoring_system	epss
scoring_elements	0.99916
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-24813

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/absholi7ly/POC-CVE-2025-24813/blob/main/README.md

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	9.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/absholi7ly/POC-CVE-2025-24813/blob/main/README.md

reference_url

https://github.com/apache/tomcat

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	9.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat

reference_url

https://github.com/apache/tomcat/commit/0a668e0c27f2b7ca0cc7c6eea32253b9b5ecb29c

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	9.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/0a668e0c27f2b7ca0cc7c6eea32253b9b5ecb29c

reference_url

https://github.com/apache/tomcat/commit/eb61aade8f8daccaecabf07d428b877975622f72

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	9.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/eb61aade8f8daccaecabf07d428b877975622f72

reference_url

https://github.com/apache/tomcat/commit/f6c01d6577cf9a1e06792be47e623d36acc3b5dc

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	9.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/f6c01d6577cf9a1e06792be47e623d36acc3b5dc

reference_url

https://lists.apache.org/thread/j5fkjv2k477os90nczf2v9l61fb0kkgq

reference_id

reference_type

scores

value	10
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	9.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-04-01T19:37:06Z/

url

https://lists.apache.org/thread/j5fkjv2k477os90nczf2v9l61fb0kkgq

reference_url

https://lists.debian.org/debian-lts-announce/2025/04/msg00003.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	9.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2025/04/msg00003.html

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2025-24813

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	9.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2025-24813

reference_url

https://security.netapp.com/advisory/ntap-20250321-0001

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	9.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20250321-0001

reference_url

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-24813

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	9.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-24813

reference_url

https://www.vicarius.io/vsociety/posts/cve-2025-24813-detect-apache-tomcat-rce

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	9.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.vicarius.io/vsociety/posts/cve-2025-24813-detect-apache-tomcat-rce

reference_url

https://www.vicarius.io/vsociety/posts/cve-2025-24813-mitigate-apache-tomcat-rce

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	9.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.vicarius.io/vsociety/posts/cve-2025-24813-mitigate-apache-tomcat-rce

reference_url

https://www.vicarius.io/vsociety/posts/cve-2025-24813-tomcat-detect-vulnerability

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	9.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.vicarius.io/vsociety/posts/cve-2025-24813-tomcat-detect-vulnerability

reference_url

https://www.vicarius.io/vsociety/posts/cve-2025-24813-tomcat-mitigation-vulnerability

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	9.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.vicarius.io/vsociety/posts/cve-2025-24813-tomcat-mitigation-vulnerability

reference_url

http://www.openwall.com/lists/oss-security/2025/03/10/5

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	9.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2025/03/10/5

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2351129
reference_id	2351129
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2351129

reference_url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24813

reference_id

CVE-2025-24813

reference_type

scores

value	Important
scoring_system	apache_tomcat
scoring_elements

url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24813

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/52134.txt
reference_id	CVE-2025-24813
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/52134.txt

reference_url

https://github.com/advisories/GHSA-83qj-6fr2-vhqg

reference_id

GHSA-83qj-6fr2-vhqg

reference_type

scores

value	CRITICAL
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-83qj-6fr2-vhqg

reference_url	https://access.redhat.com/errata/RHSA-2025:3454
reference_id	RHSA-2025:3454
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3454

reference_url	https://access.redhat.com/errata/RHSA-2025:3455
reference_id	RHSA-2025:3455
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3455

reference_url	https://access.redhat.com/errata/RHSA-2025:3608
reference_id	RHSA-2025:3608
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3608

reference_url	https://access.redhat.com/errata/RHSA-2025:3609
reference_id	RHSA-2025:3609
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3609

reference_url	https://access.redhat.com/errata/RHSA-2025:3645
reference_id	RHSA-2025:3645
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3645

reference_url	https://access.redhat.com/errata/RHSA-2025:3646
reference_id	RHSA-2025:3646
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3646

reference_url	https://access.redhat.com/errata/RHSA-2025:3647
reference_id	RHSA-2025:3647
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3647

reference_url	https://access.redhat.com/errata/RHSA-2025:3683
reference_id	RHSA-2025:3683
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3683

reference_url	https://access.redhat.com/errata/RHSA-2025:3684
reference_id	RHSA-2025:3684
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3684

reference_url	https://access.redhat.com/errata/RHSA-2025:7494
reference_id	RHSA-2025:7494
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:7494

reference_url	https://access.redhat.com/errata/RHSA-2025:7497
reference_id	RHSA-2025:7497
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:7497

reference_url	https://usn.ubuntu.com/7525-1/
reference_id	USN-7525-1
reference_type
scores
url	https://usn.ubuntu.com/7525-1/

reference_url	https://usn.ubuntu.com/7525-2/
reference_id	USN-7525-2
reference_type
scores
url	https://usn.ubuntu.com/7525-2/

fixed_packages

aliases

CVE-2025-24813, GHSA-83qj-6fr2-vhqg

risk_score

10.0

exploitability

2.0

weighted_severity

9.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-5sgv-7nsz-5fa8

url

VCID-v8ku-sjc8-wfga

vulnerability_id

VCID-v8ku-sjc8-wfga

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-50379.json

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-50379.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-50379

reference_id

reference_type

scores

value	0.86495
scoring_system	epss
scoring_elements	0.99417
published_at	2026-04-16T12:55:00Z

value	0.86495
scoring_system	epss
scoring_elements	0.99414
published_at	2026-04-13T12:55:00Z

value	0.86495
scoring_system	epss
scoring_elements	0.99413
published_at	2026-04-12T12:55:00Z

value	0.86495
scoring_system	epss
scoring_elements	0.99409
published_at	2026-04-07T12:55:00Z

value	0.86495
scoring_system	epss
scoring_elements	0.99408
published_at	2026-04-04T12:55:00Z

value	0.86495
scoring_system	epss
scoring_elements	0.9941
published_at	2026-04-08T12:55:00Z

value	0.86495
scoring_system	epss
scoring_elements	0.99411
published_at	2026-04-09T12:55:00Z

value	0.86495
scoring_system	epss
scoring_elements	0.99412
published_at	2026-04-11T12:55:00Z

value	0.87447
scoring_system	epss
scoring_elements	0.99451
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-50379

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/apache/tomcat

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	7.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat

reference_url

https://github.com/apache/tomcat/commit/05ddeeaa54df1e2dc427d0164bedd6b79f78d81f

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	7.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/05ddeeaa54df1e2dc427d0164bedd6b79f78d81f

reference_url

https://github.com/apache/tomcat/commit/43b507ebac9d268b1ea3d908e296cc6e46795c00

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	7.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/43b507ebac9d268b1ea3d908e296cc6e46795c00

reference_url

https://github.com/apache/tomcat/commit/631500b0c9b2a2a2abb707e3de2e10a5936e5d41

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	7.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/631500b0c9b2a2a2abb707e3de2e10a5936e5d41

reference_url

https://github.com/apache/tomcat/commit/684247ae85fa633b9197b32391de59fc54703842

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	7.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/684247ae85fa633b9197b32391de59fc54703842

reference_url

https://github.com/apache/tomcat/commit/8554f6b1722b33a2ce8b0a3fad37825f3a75f2d2

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	7.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/8554f6b1722b33a2ce8b0a3fad37825f3a75f2d2

reference_url

https://github.com/apache/tomcat/commit/cc7a98b57c6dc1df21979fcff94a36e068f4456c

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	7.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/cc7a98b57c6dc1df21979fcff94a36e068f4456c

reference_url

https://lists.apache.org/thread/y6lj6q1xnp822g6ro70tn19sgtjmr80r

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	7.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-12-17T16:54:54Z/

url

https://lists.apache.org/thread/y6lj6q1xnp822g6ro70tn19sgtjmr80r

reference_url

https://lists.debian.org/debian-lts-announce/2025/01/msg00009.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	7.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2025/01/msg00009.html

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2024-50379

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	7.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2024-50379

reference_url

https://security.netapp.com/advisory/ntap-20250103-0003

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	7.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20250103-0003

reference_url

https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.34

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	7.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.34

reference_url

https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.2

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	7.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.2

reference_url

https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.98

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	7.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.98

reference_url

http://www.openwall.com/lists/oss-security/2024/12/17/4

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	7.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2024/12/17/4

reference_url

http://www.openwall.com/lists/oss-security/2024/12/18/2

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	7.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2024/12/18/2

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2332817
reference_id	2332817
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2332817

reference_url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50379

reference_id

CVE-2024-50379

reference_type

scores

value	Important
scoring_system	apache_tomcat
scoring_elements

url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50379

reference_url

https://github.com/advisories/GHSA-5j33-cvvr-w245

reference_id

GHSA-5j33-cvvr-w245

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-5j33-cvvr-w245

reference_url	https://access.redhat.com/errata/RHSA-2025:0342
reference_id	RHSA-2025:0342
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:0342

reference_url	https://access.redhat.com/errata/RHSA-2025:0343
reference_id	RHSA-2025:0343
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:0343

reference_url	https://access.redhat.com/errata/RHSA-2025:0361
reference_id	RHSA-2025:0361
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:0361

reference_url	https://access.redhat.com/errata/RHSA-2025:0362
reference_id	RHSA-2025:0362
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:0362

reference_url	https://access.redhat.com/errata/RHSA-2025:1920
reference_id	RHSA-2025:1920
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:1920

reference_url	https://access.redhat.com/errata/RHSA-2025:3645
reference_id	RHSA-2025:3645
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3645

reference_url	https://access.redhat.com/errata/RHSA-2025:3646
reference_id	RHSA-2025:3646
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3646

reference_url	https://access.redhat.com/errata/RHSA-2025:3647
reference_id	RHSA-2025:3647
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3647

reference_url	https://access.redhat.com/errata/RHSA-2025:3683
reference_id	RHSA-2025:3683
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3683

reference_url	https://access.redhat.com/errata/RHSA-2025:3684
reference_id	RHSA-2025:3684
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3684

reference_url	https://usn.ubuntu.com/7705-1/
reference_id	USN-7705-1
reference_type
scores
url	https://usn.ubuntu.com/7705-1/

fixed_packages

aliases

CVE-2024-50379, GHSA-5j33-cvvr-w245

risk_score

10.0

exploitability

2.0

weighted_severity

8.8

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-v8ku-sjc8-wfga

Fixing_vulnerabilities

Risk_score 10.0

Resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/tomcat@1:9.0.87-2.el9_5%3Farch=1

Package Instance