Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-kehq-gcjx-17e4

Summary

Aliases

alias	CVE-2025-24813

alias	GHSA-83qj-6fr2-vhqg

Fixed_packages

url	pkg:apache/tomcat@9.0.99
purl	pkg:apache/tomcat@9.0.99
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@9.0.99

url	pkg:apache/tomcat@10.1.35
purl	pkg:apache/tomcat@10.1.35
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@10.1.35

url	pkg:apache/tomcat@11.0.3
purl	pkg:apache/tomcat@11.0.3
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@11.0.3

url	pkg:deb/debian/tomcat10@10.1.34-0%2Bdeb12u2?distro=trixie
purl	pkg:deb/debian/tomcat10@10.1.34-0%2Bdeb12u2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat10@10.1.34-0%252Bdeb12u2%3Fdistro=trixie

url	pkg:deb/debian/tomcat10@10.1.35-1?distro=trixie
purl	pkg:deb/debian/tomcat10@10.1.35-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat10@10.1.35-1%3Fdistro=trixie

url	pkg:deb/debian/tomcat10@10.1.52-1~deb12u1?distro=trixie
purl	pkg:deb/debian/tomcat10@10.1.52-1~deb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat10@10.1.52-1~deb12u1%3Fdistro=trixie

url	pkg:deb/debian/tomcat10@10.1.52-1~deb13u1?distro=trixie
purl	pkg:deb/debian/tomcat10@10.1.52-1~deb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat10@10.1.52-1~deb13u1%3Fdistro=trixie

url	pkg:deb/debian/tomcat10@10.1.55-1?distro=trixie
purl	pkg:deb/debian/tomcat10@10.1.55-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat10@10.1.55-1%3Fdistro=trixie

url	pkg:deb/debian/tomcat9@9.0.43-2~deb11u10?distro=trixie
purl	pkg:deb/debian/tomcat9@9.0.43-2~deb11u10?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat9@9.0.43-2~deb11u10%3Fdistro=trixie

url	pkg:deb/debian/tomcat9@9.0.43-2~deb11u12?distro=trixie
purl	pkg:deb/debian/tomcat9@9.0.43-2~deb11u12?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat9@9.0.43-2~deb11u12%3Fdistro=trixie

url	pkg:deb/debian/tomcat9@9.0.70-2?distro=trixie
purl	pkg:deb/debian/tomcat9@9.0.70-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat9@9.0.70-2%3Fdistro=trixie

url pkg:deb/debian/tomcat9@9.0.70-2

purl pkg:deb/debian/tomcat9@9.0.70-2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1fr1-b1h1-zqcz

vulnerability	VCID-2n2k-sh22-fkfw

vulnerability	VCID-4md2-vchu-3bgx

vulnerability	VCID-63vc-sc11-8kf1

vulnerability	VCID-697g-gcg9-zyaa

vulnerability	VCID-6wqu-jupw-tyhu

vulnerability	VCID-7wr9-uez1-8bdg

vulnerability	VCID-8sda-scr3-qfex

vulnerability	VCID-97et-ubnp-wqcy

vulnerability	VCID-9xyf-k9wq-g7b9

vulnerability	VCID-a463-td75-3bhf

vulnerability	VCID-dhxd-kknv-9qb7

vulnerability	VCID-dj7q-4map-ebg4

vulnerability	VCID-dkek-2jbz-2fhz

vulnerability	VCID-hv33-kv9q-gugf

vulnerability	VCID-hvgr-azs4-qqac

vulnerability	VCID-keh1-ycs9-ybdd

vulnerability	VCID-m1c2-czst-vbb9

vulnerability	VCID-n4qq-m1x3-qkbz

vulnerability	VCID-nctp-shgj-sfgh

vulnerability	VCID-ngy5-k9cv-rkbn

vulnerability	VCID-q4zv-r7va-nfc3

vulnerability	VCID-r6yr-45cm-8ucv

vulnerability	VCID-s2kf-jwgc-pfas

vulnerability	VCID-t5hs-wb5y-tfgw

vulnerability	VCID-t8tc-zb3w-57gv

vulnerability	VCID-vnfg-9em7-u7ee

vulnerability	VCID-vwn1-fgjk-p7bz

vulnerability	VCID-xvbv-9ztw-mfcn

vulnerability	VCID-zgcn-hta4-xfb2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat9@9.0.70-2

url	pkg:deb/debian/tomcat9@9.0.95-1?distro=trixie
purl	pkg:deb/debian/tomcat9@9.0.95-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat9@9.0.95-1%3Fdistro=trixie

url	pkg:deb/debian/tomcat9@9.0.118-1?distro=trixie
purl	pkg:deb/debian/tomcat9@9.0.118-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat9@9.0.118-1%3Fdistro=trixie

url pkg:maven/org.apache.tomcat/tomcat@9.0.99

purl pkg:maven/org.apache.tomcat/tomcat@9.0.99

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2n2k-sh22-fkfw

vulnerability	VCID-63vc-sc11-8kf1

vulnerability	VCID-697g-gcg9-zyaa

vulnerability	VCID-6wqu-jupw-tyhu

vulnerability	VCID-7wr9-uez1-8bdg

vulnerability	VCID-97et-ubnp-wqcy

vulnerability	VCID-9xyf-k9wq-g7b9

vulnerability	VCID-bwh8-tmf1-8uac

vulnerability	VCID-dhxd-kknv-9qb7

vulnerability	VCID-dj7q-4map-ebg4

vulnerability	VCID-hv33-kv9q-gugf

vulnerability	VCID-hvgr-azs4-qqac

vulnerability	VCID-keh1-ycs9-ybdd

vulnerability	VCID-n4qq-m1x3-qkbz

vulnerability	VCID-nctp-shgj-sfgh

vulnerability	VCID-p4j1-xp15-t3b8

vulnerability	VCID-s2kf-jwgc-pfas

vulnerability	VCID-t8tc-zb3w-57gv

vulnerability	VCID-vnfg-9em7-u7ee

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.99

url pkg:maven/org.apache.tomcat/tomcat@10.1.35

purl pkg:maven/org.apache.tomcat/tomcat@10.1.35

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2n2k-sh22-fkfw

vulnerability	VCID-63vc-sc11-8kf1

vulnerability	VCID-697g-gcg9-zyaa

vulnerability	VCID-6wqu-jupw-tyhu

vulnerability	VCID-7wr9-uez1-8bdg

vulnerability	VCID-97et-ubnp-wqcy

vulnerability	VCID-9xyf-k9wq-g7b9

vulnerability	VCID-bwh8-tmf1-8uac

vulnerability	VCID-dj7q-4map-ebg4

vulnerability	VCID-hv33-kv9q-gugf

vulnerability	VCID-hvgr-azs4-qqac

vulnerability	VCID-keh1-ycs9-ybdd

vulnerability	VCID-n4qq-m1x3-qkbz

vulnerability	VCID-nctp-shgj-sfgh

vulnerability	VCID-p4j1-xp15-t3b8

vulnerability	VCID-s2kf-jwgc-pfas

vulnerability	VCID-t8tc-zb3w-57gv

vulnerability	VCID-vnfg-9em7-u7ee

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.35

url pkg:maven/org.apache.tomcat/tomcat@11.0.3

purl pkg:maven/org.apache.tomcat/tomcat@11.0.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2n2k-sh22-fkfw

vulnerability	VCID-63vc-sc11-8kf1

vulnerability	VCID-697g-gcg9-zyaa

vulnerability	VCID-6wqu-jupw-tyhu

vulnerability	VCID-7wr9-uez1-8bdg

vulnerability	VCID-97et-ubnp-wqcy

vulnerability	VCID-9xyf-k9wq-g7b9

vulnerability	VCID-bwh8-tmf1-8uac

vulnerability	VCID-dhxd-kknv-9qb7

vulnerability	VCID-dj7q-4map-ebg4

vulnerability	VCID-hv33-kv9q-gugf

vulnerability	VCID-hvgr-azs4-qqac

vulnerability	VCID-keh1-ycs9-ybdd

vulnerability	VCID-n4qq-m1x3-qkbz

vulnerability	VCID-nctp-shgj-sfgh

vulnerability	VCID-p4j1-xp15-t3b8

vulnerability	VCID-s2kf-jwgc-pfas

vulnerability	VCID-t8tc-zb3w-57gv

vulnerability	VCID-vnfg-9em7-u7ee

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@11.0.3

url pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.99

purl pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.99

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2n2k-sh22-fkfw

vulnerability	VCID-63vc-sc11-8kf1

vulnerability	VCID-697g-gcg9-zyaa

vulnerability	VCID-6wqu-jupw-tyhu

vulnerability	VCID-7wr9-uez1-8bdg

vulnerability	VCID-97et-ubnp-wqcy

vulnerability	VCID-9xyf-k9wq-g7b9

vulnerability	VCID-dhxd-kknv-9qb7

vulnerability	VCID-dj7q-4map-ebg4

vulnerability	VCID-hv33-kv9q-gugf

vulnerability	VCID-hvgr-azs4-qqac

vulnerability	VCID-keh1-ycs9-ybdd

vulnerability	VCID-n4qq-m1x3-qkbz

vulnerability	VCID-nctp-shgj-sfgh

vulnerability	VCID-s2kf-jwgc-pfas

vulnerability	VCID-t8tc-zb3w-57gv

vulnerability	VCID-vnfg-9em7-u7ee

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.99

url pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.35

purl pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.35

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2n2k-sh22-fkfw

vulnerability	VCID-63vc-sc11-8kf1

vulnerability	VCID-697g-gcg9-zyaa

vulnerability	VCID-6wqu-jupw-tyhu

vulnerability	VCID-7wr9-uez1-8bdg

vulnerability	VCID-97et-ubnp-wqcy

vulnerability	VCID-9xyf-k9wq-g7b9

vulnerability	VCID-dj7q-4map-ebg4

vulnerability	VCID-hv33-kv9q-gugf

vulnerability	VCID-hvgr-azs4-qqac

vulnerability	VCID-keh1-ycs9-ybdd

vulnerability	VCID-n4qq-m1x3-qkbz

vulnerability	VCID-nctp-shgj-sfgh

vulnerability	VCID-s2kf-jwgc-pfas

vulnerability	VCID-t8tc-zb3w-57gv

vulnerability	VCID-vnfg-9em7-u7ee

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.35

url pkg:maven/org.apache.tomcat/tomcat-catalina@11.0.3

purl pkg:maven/org.apache.tomcat/tomcat-catalina@11.0.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2n2k-sh22-fkfw

vulnerability	VCID-63vc-sc11-8kf1

vulnerability	VCID-697g-gcg9-zyaa

vulnerability	VCID-6wqu-jupw-tyhu

vulnerability	VCID-7wr9-uez1-8bdg

vulnerability	VCID-97et-ubnp-wqcy

vulnerability	VCID-9xyf-k9wq-g7b9

vulnerability	VCID-dhxd-kknv-9qb7

vulnerability	VCID-dj7q-4map-ebg4

vulnerability	VCID-hv33-kv9q-gugf

vulnerability	VCID-hvgr-azs4-qqac

vulnerability	VCID-keh1-ycs9-ybdd

vulnerability	VCID-n4qq-m1x3-qkbz

vulnerability	VCID-nctp-shgj-sfgh

vulnerability	VCID-s2kf-jwgc-pfas

vulnerability	VCID-t8tc-zb3w-57gv

vulnerability	VCID-vnfg-9em7-u7ee

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-catalina@11.0.3

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.99

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.99

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2n2k-sh22-fkfw

vulnerability	VCID-4md2-vchu-3bgx

vulnerability	VCID-63vc-sc11-8kf1

vulnerability	VCID-697g-gcg9-zyaa

vulnerability	VCID-6wqu-jupw-tyhu

vulnerability	VCID-7wr9-uez1-8bdg

vulnerability	VCID-97et-ubnp-wqcy

vulnerability	VCID-9xyf-k9wq-g7b9

vulnerability	VCID-a7e6-gxvv-pub9

vulnerability	VCID-dhxd-kknv-9qb7

vulnerability	VCID-dj7q-4map-ebg4

vulnerability	VCID-hv33-kv9q-gugf

vulnerability	VCID-hvgr-azs4-qqac

vulnerability	VCID-keh1-ycs9-ybdd

vulnerability	VCID-n4qq-m1x3-qkbz

vulnerability	VCID-nctp-shgj-sfgh

vulnerability	VCID-p4j1-xp15-t3b8

vulnerability	VCID-s2kf-jwgc-pfas

vulnerability	VCID-t8tc-zb3w-57gv

vulnerability	VCID-vnfg-9em7-u7ee

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.99

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.35

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.35

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2n2k-sh22-fkfw

vulnerability	VCID-4md2-vchu-3bgx

vulnerability	VCID-63vc-sc11-8kf1

vulnerability	VCID-697g-gcg9-zyaa

vulnerability	VCID-6wqu-jupw-tyhu

vulnerability	VCID-7wr9-uez1-8bdg

vulnerability	VCID-97et-ubnp-wqcy

vulnerability	VCID-9xyf-k9wq-g7b9

vulnerability	VCID-a7e6-gxvv-pub9

vulnerability	VCID-dj7q-4map-ebg4

vulnerability	VCID-hv33-kv9q-gugf

vulnerability	VCID-hvgr-azs4-qqac

vulnerability	VCID-keh1-ycs9-ybdd

vulnerability	VCID-n4qq-m1x3-qkbz

vulnerability	VCID-nctp-shgj-sfgh

vulnerability	VCID-p4j1-xp15-t3b8

vulnerability	VCID-s2kf-jwgc-pfas

vulnerability	VCID-t8tc-zb3w-57gv

vulnerability	VCID-vnfg-9em7-u7ee

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.35

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@11.0.3

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@11.0.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2n2k-sh22-fkfw

vulnerability	VCID-4md2-vchu-3bgx

vulnerability	VCID-63vc-sc11-8kf1

vulnerability	VCID-697g-gcg9-zyaa

vulnerability	VCID-6wqu-jupw-tyhu

vulnerability	VCID-7wr9-uez1-8bdg

vulnerability	VCID-97et-ubnp-wqcy

vulnerability	VCID-9xyf-k9wq-g7b9

vulnerability	VCID-a7e6-gxvv-pub9

vulnerability	VCID-dhxd-kknv-9qb7

vulnerability	VCID-dj7q-4map-ebg4

vulnerability	VCID-hv33-kv9q-gugf

vulnerability	VCID-hvgr-azs4-qqac

vulnerability	VCID-keh1-ycs9-ybdd

vulnerability	VCID-n4qq-m1x3-qkbz

vulnerability	VCID-nctp-shgj-sfgh

vulnerability	VCID-p4j1-xp15-t3b8

vulnerability	VCID-s2kf-jwgc-pfas

vulnerability	VCID-t8tc-zb3w-57gv

vulnerability	VCID-vnfg-9em7-u7ee

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@11.0.3

Affected_packages

url pkg:apache/tomcat@9.0.0%2BM1

purl pkg:apache/tomcat@9.0.0%2BM1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1fr1-b1h1-zqcz

vulnerability	VCID-2n2k-sh22-fkfw

vulnerability	VCID-395x-2jej-4ubj

vulnerability	VCID-3977-sdws-euh4

vulnerability	VCID-4c8y-tn9d-v3d5

vulnerability	VCID-4md2-vchu-3bgx

vulnerability	VCID-4tdx-52h3-bkfj

vulnerability	VCID-5hp9-mbcu-2bdt

vulnerability	VCID-5nu4-5ude-4yhc

vulnerability	VCID-64zy-xgrf-eba1

vulnerability	VCID-65td-2enz-63hf

vulnerability	VCID-697g-gcg9-zyaa

vulnerability	VCID-6tzd-v653-9bdq

vulnerability	VCID-824z-m36f-87ea

vulnerability	VCID-8zsm-8skx-dfha

vulnerability	VCID-97et-ubnp-wqcy

vulnerability	VCID-9gs9-4vzf-uqbu

vulnerability	VCID-a463-td75-3bhf

vulnerability	VCID-a7e6-gxvv-pub9

vulnerability	VCID-b25a-4gka-5yhr

vulnerability	VCID-d1px-uadx-vqdx

vulnerability	VCID-d4m6-nran-5ydj

vulnerability	VCID-dj7q-4map-ebg4

vulnerability	VCID-evws-hrsq-ybfw

vulnerability	VCID-ftu2-phtp-bqad

vulnerability	VCID-fwgq-vmfm-j7bh

vulnerability	VCID-fy3t-qn64-bkhn

vulnerability	VCID-gecz-htub-27gx

vulnerability	VCID-hv33-kv9q-gugf

vulnerability	VCID-k11z-qhvd-9ugj

vulnerability	VCID-keh1-ycs9-ybdd

vulnerability	VCID-kehq-gcjx-17e4

vulnerability	VCID-m3py-3ba2-jkg7

vulnerability	VCID-m7b3-kxzn-t7hj

vulnerability	VCID-mdsb-pema-d3ds

vulnerability	VCID-mr66-8myw-1bc9

vulnerability	VCID-n5t6-xtd3-hfa7

vulnerability	VCID-ngy5-k9cv-rkbn

vulnerability	VCID-nstu-jfc5-3kgd

vulnerability	VCID-nz4k-nfug-tufw

vulnerability	VCID-p4j1-xp15-t3b8

vulnerability	VCID-p65m-6crd-bufr

vulnerability	VCID-q1pv-h34q-7ufy

vulnerability	VCID-q4zv-r7va-nfc3

vulnerability	VCID-qvgx-r4rr-xugp

vulnerability	VCID-qxbw-zvw5-ckdp

vulnerability	VCID-qxfb-yg6b-nfda

vulnerability	VCID-rfbc-9e8h-gfhr

vulnerability	VCID-rwqs-mabh-17c9

vulnerability	VCID-rxdf-fjd8-6yhk

vulnerability	VCID-s2kf-jwgc-pfas

vulnerability	VCID-s4fd-atmc-qkcz

vulnerability	VCID-swxs-3ua6-3yfn

vulnerability	VCID-t5hs-wb5y-tfgw

vulnerability	VCID-t7xw-r7rz-u3g5

vulnerability	VCID-t8tc-zb3w-57gv

vulnerability	VCID-uqgg-5gr8-sfgg

vulnerability	VCID-urhx-sw6q-cqce

vulnerability	VCID-v9zx-5ppt-qfbb

vulnerability	VCID-vfh6-rc99-e3bf

vulnerability	VCID-vvc7-62tw-2bhh

vulnerability	VCID-vwn1-fgjk-p7bz

vulnerability	VCID-vz4c-rt19-pbaf

vulnerability	VCID-w35j-v3r4-tqhu

vulnerability	VCID-wgfy-cxth-fkas

vulnerability	VCID-wu55-n9ff-sbbf

vulnerability	VCID-x57v-g2md-7bbq

vulnerability	VCID-xjen-b9ss-33by

vulnerability	VCID-xvbv-9ztw-mfcn

vulnerability	VCID-yqd8-3j9e-cken

vulnerability	VCID-zgcn-hta4-xfb2

vulnerability	VCID-znw1-bajd-7yfp

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@9.0.0%252BM1

url pkg:apache/tomcat@9.0.98

purl pkg:apache/tomcat@9.0.98

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-kehq-gcjx-17e4

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@9.0.98

url pkg:apache/tomcat@10.1.0-M1

purl pkg:apache/tomcat@10.1.0-M1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16sq-3qm1-kqb2

vulnerability	VCID-1fr1-b1h1-zqcz

vulnerability	VCID-1weg-s38v-nkh9

vulnerability	VCID-2381-kewd-m3ez

vulnerability	VCID-29jq-wnw7-9qcm

vulnerability	VCID-2hmq-5245-jyaf

vulnerability	VCID-2n2k-sh22-fkfw

vulnerability	VCID-3kn9-yxww-ryh4

vulnerability	VCID-4md2-vchu-3bgx

vulnerability	VCID-5wbm-3x72-17b6

vulnerability	VCID-63vc-sc11-8kf1

vulnerability	VCID-697g-gcg9-zyaa

vulnerability	VCID-6kab-xsqw-37ed

vulnerability	VCID-6wqu-jupw-tyhu

vulnerability	VCID-7wr9-uez1-8bdg

vulnerability	VCID-8zsm-8skx-dfha

vulnerability	VCID-97et-ubnp-wqcy

vulnerability	VCID-9xyf-k9wq-g7b9

vulnerability	VCID-a463-td75-3bhf

vulnerability	VCID-a7e6-gxvv-pub9

vulnerability	VCID-bbye-dcrb-t3ev

vulnerability	VCID-d4m6-nran-5ydj

vulnerability	VCID-dj7q-4map-ebg4

vulnerability	VCID-dx14-ejnx-37ad

vulnerability	VCID-f7fd-42vx-cydr

vulnerability	VCID-fbxk-sjfu-eyf1

vulnerability	VCID-hv33-kv9q-gugf

vulnerability	VCID-hvgr-azs4-qqac

vulnerability	VCID-keh1-ycs9-ybdd

vulnerability	VCID-kehq-gcjx-17e4

vulnerability	VCID-m1c2-czst-vbb9

vulnerability	VCID-ngy5-k9cv-rkbn

vulnerability	VCID-p4j1-xp15-t3b8

vulnerability	VCID-q4zv-r7va-nfc3

vulnerability	VCID-s2kf-jwgc-pfas

vulnerability	VCID-t8tc-zb3w-57gv

vulnerability	VCID-tktq-z7u7-kubw

vulnerability	VCID-tvrz-n2kd-pba4

vulnerability	VCID-uqgg-5gr8-sfgg

vulnerability	VCID-uyc3-3cnp-wqf3

vulnerability	VCID-v5zf-qfdq-kbbp

vulnerability	VCID-vnfg-9em7-u7ee

vulnerability	VCID-vwn1-fgjk-p7bz

vulnerability	VCID-wgfy-cxth-fkas

vulnerability	VCID-x7wn-uamc-6bg5

vulnerability	VCID-xgqg-vgr9-e3gm

vulnerability	VCID-xvbv-9ztw-mfcn

vulnerability	VCID-zgcn-hta4-xfb2

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@10.1.0-M1

url pkg:apache/tomcat@10.1.34

purl pkg:apache/tomcat@10.1.34

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-kehq-gcjx-17e4

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@10.1.34

url pkg:apache/tomcat@11.0.0-M1

purl pkg:apache/tomcat@11.0.0-M1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16sq-3qm1-kqb2

vulnerability	VCID-1fr1-b1h1-zqcz

vulnerability	VCID-1weg-s38v-nkh9

vulnerability	VCID-2381-kewd-m3ez

vulnerability	VCID-29jq-wnw7-9qcm

vulnerability	VCID-2n2k-sh22-fkfw

vulnerability	VCID-4md2-vchu-3bgx

vulnerability	VCID-5wbm-3x72-17b6

vulnerability	VCID-63vc-sc11-8kf1

vulnerability	VCID-697g-gcg9-zyaa

vulnerability	VCID-6kab-xsqw-37ed

vulnerability	VCID-6wqu-jupw-tyhu

vulnerability	VCID-7wr9-uez1-8bdg

vulnerability	VCID-8zsm-8skx-dfha

vulnerability	VCID-97et-ubnp-wqcy

vulnerability	VCID-9xyf-k9wq-g7b9

vulnerability	VCID-a463-td75-3bhf

vulnerability	VCID-a7e6-gxvv-pub9

vulnerability	VCID-bwh8-tmf1-8uac

vulnerability	VCID-d4m6-nran-5ydj

vulnerability	VCID-dhxd-kknv-9qb7

vulnerability	VCID-dj7q-4map-ebg4

vulnerability	VCID-dyrd-71bh-v7fs

vulnerability	VCID-hv33-kv9q-gugf

vulnerability	VCID-hvgr-azs4-qqac

vulnerability	VCID-keh1-ycs9-ybdd

vulnerability	VCID-kehq-gcjx-17e4

vulnerability	VCID-m1c2-czst-vbb9

vulnerability	VCID-n4qq-m1x3-qkbz

vulnerability	VCID-ngy5-k9cv-rkbn

vulnerability	VCID-p4j1-xp15-t3b8

vulnerability	VCID-q4zv-r7va-nfc3

vulnerability	VCID-s2kf-jwgc-pfas

vulnerability	VCID-t8tc-zb3w-57gv

vulnerability	VCID-tktq-z7u7-kubw

vulnerability	VCID-uqgg-5gr8-sfgg

vulnerability	VCID-uyc3-3cnp-wqf3

vulnerability	VCID-v5zf-qfdq-kbbp

vulnerability	VCID-vnfg-9em7-u7ee

vulnerability	VCID-vwn1-fgjk-p7bz

vulnerability	VCID-wgfy-cxth-fkas

vulnerability	VCID-xgqg-vgr9-e3gm

vulnerability	VCID-xvbv-9ztw-mfcn

vulnerability	VCID-zgcn-hta4-xfb2

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@11.0.0-M1

url pkg:apache/tomcat@11.0.2

purl pkg:apache/tomcat@11.0.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-kehq-gcjx-17e4

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@11.0.2

url pkg:deb/debian/tomcat9@9.0.31-1~deb10u6

purl pkg:deb/debian/tomcat9@9.0.31-1~deb10u6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16sq-3qm1-kqb2

vulnerability	VCID-1fr1-b1h1-zqcz

vulnerability	VCID-1weg-s38v-nkh9

vulnerability	VCID-2381-kewd-m3ez

vulnerability	VCID-29jq-wnw7-9qcm

vulnerability	VCID-2hmq-5245-jyaf

vulnerability	VCID-2n2k-sh22-fkfw

vulnerability	VCID-395x-2jej-4ubj

vulnerability	VCID-3kn9-yxww-ryh4

vulnerability	VCID-4md2-vchu-3bgx

vulnerability	VCID-5nu4-5ude-4yhc

vulnerability	VCID-5wbm-3x72-17b6

vulnerability	VCID-63vc-sc11-8kf1

vulnerability	VCID-64zy-xgrf-eba1

vulnerability	VCID-697g-gcg9-zyaa

vulnerability	VCID-6kab-xsqw-37ed

vulnerability	VCID-6wqu-jupw-tyhu

vulnerability	VCID-7wr9-uez1-8bdg

vulnerability	VCID-824z-m36f-87ea

vulnerability	VCID-8sda-scr3-qfex

vulnerability	VCID-8zsm-8skx-dfha

vulnerability	VCID-97et-ubnp-wqcy

vulnerability	VCID-9xyf-k9wq-g7b9

vulnerability	VCID-a463-td75-3bhf

vulnerability	VCID-a7e6-gxvv-pub9

vulnerability	VCID-bbye-dcrb-t3ev

vulnerability	VCID-bv5e-eycn-n7e2

vulnerability	VCID-bwh8-tmf1-8uac

vulnerability	VCID-d4m6-nran-5ydj

vulnerability	VCID-dhxd-kknv-9qb7

vulnerability	VCID-dj7q-4map-ebg4

vulnerability	VCID-dkek-2jbz-2fhz

vulnerability	VCID-dx14-ejnx-37ad

vulnerability	VCID-e7v9-1kzj-vbet

vulnerability	VCID-euv9-huaz-y3d1

vulnerability	VCID-f7fd-42vx-cydr

vulnerability	VCID-fbxk-sjfu-eyf1

vulnerability	VCID-gecz-htub-27gx

vulnerability	VCID-hv33-kv9q-gugf

vulnerability	VCID-hvgr-azs4-qqac

vulnerability	VCID-keh1-ycs9-ybdd

vulnerability	VCID-kehq-gcjx-17e4

vulnerability	VCID-m1c2-czst-vbb9

vulnerability	VCID-n4qq-m1x3-qkbz

vulnerability	VCID-n5t6-xtd3-hfa7

vulnerability	VCID-nctp-shgj-sfgh

vulnerability	VCID-ngy5-k9cv-rkbn

vulnerability	VCID-nj9t-gdm3-6ycn

vulnerability	VCID-nstu-jfc5-3kgd

vulnerability	VCID-nz4k-nfug-tufw

vulnerability	VCID-p4j1-xp15-t3b8

vulnerability	VCID-p65m-6crd-bufr

vulnerability	VCID-q4zv-r7va-nfc3

vulnerability	VCID-qvgx-r4rr-xugp

vulnerability	VCID-qxbw-zvw5-ckdp

vulnerability	VCID-r6yr-45cm-8ucv

vulnerability	VCID-r9fd-ndvw-ekfa

vulnerability	VCID-rm8c-589t-tug5

vulnerability	VCID-s2kf-jwgc-pfas

vulnerability	VCID-t5hs-wb5y-tfgw

vulnerability	VCID-t7xw-r7rz-u3g5

vulnerability	VCID-t8tc-zb3w-57gv

vulnerability	VCID-tktq-z7u7-kubw

vulnerability	VCID-tvrz-n2kd-pba4

vulnerability	VCID-uqgg-5gr8-sfgg

vulnerability	VCID-uyc3-3cnp-wqf3

vulnerability	VCID-v5zf-qfdq-kbbp

vulnerability	VCID-vfh6-rc99-e3bf

vulnerability	VCID-vnfg-9em7-u7ee

vulnerability	VCID-vwn1-fgjk-p7bz

vulnerability	VCID-wgfy-cxth-fkas

vulnerability	VCID-x7wn-uamc-6bg5

vulnerability	VCID-xgqg-vgr9-e3gm

vulnerability	VCID-xvbv-9ztw-mfcn

vulnerability	VCID-yjb8-hdqu-4fe5

vulnerability	VCID-zgcn-hta4-xfb2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat9@9.0.31-1~deb10u6

url pkg:deb/debian/tomcat9@9.0.43-2~deb11u10

purl pkg:deb/debian/tomcat9@9.0.43-2~deb11u10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1fr1-b1h1-zqcz

vulnerability	VCID-2hmq-5245-jyaf

vulnerability	VCID-2n2k-sh22-fkfw

vulnerability	VCID-4md2-vchu-3bgx

vulnerability	VCID-5wbm-3x72-17b6

vulnerability	VCID-63vc-sc11-8kf1

vulnerability	VCID-697g-gcg9-zyaa

vulnerability	VCID-6wqu-jupw-tyhu

vulnerability	VCID-7wr9-uez1-8bdg

vulnerability	VCID-8sda-scr3-qfex

vulnerability	VCID-8zsm-8skx-dfha

vulnerability	VCID-97et-ubnp-wqcy

vulnerability	VCID-9xyf-k9wq-g7b9

vulnerability	VCID-a463-td75-3bhf

vulnerability	VCID-a7e6-gxvv-pub9

vulnerability	VCID-bwh8-tmf1-8uac

vulnerability	VCID-d4m6-nran-5ydj

vulnerability	VCID-dhxd-kknv-9qb7

vulnerability	VCID-dj7q-4map-ebg4

vulnerability	VCID-dkek-2jbz-2fhz

vulnerability	VCID-hv33-kv9q-gugf

vulnerability	VCID-hvgr-azs4-qqac

vulnerability	VCID-keh1-ycs9-ybdd

vulnerability	VCID-kehq-gcjx-17e4

vulnerability	VCID-m1c2-czst-vbb9

vulnerability	VCID-n4qq-m1x3-qkbz

vulnerability	VCID-nctp-shgj-sfgh

vulnerability	VCID-ngy5-k9cv-rkbn

vulnerability	VCID-p4j1-xp15-t3b8

vulnerability	VCID-q4zv-r7va-nfc3

vulnerability	VCID-r6yr-45cm-8ucv

vulnerability	VCID-s2kf-jwgc-pfas

vulnerability	VCID-t5hs-wb5y-tfgw

vulnerability	VCID-t8tc-zb3w-57gv

vulnerability	VCID-tktq-z7u7-kubw

vulnerability	VCID-uqgg-5gr8-sfgg

vulnerability	VCID-vnfg-9em7-u7ee

vulnerability	VCID-vwn1-fgjk-p7bz

vulnerability	VCID-wgfy-cxth-fkas

vulnerability	VCID-xvbv-9ztw-mfcn

vulnerability	VCID-yjb8-hdqu-4fe5

vulnerability	VCID-zgcn-hta4-xfb2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat9@9.0.43-2~deb11u10

url pkg:maven/org.apache.tomcat/tomcat@9.0.0.M1

purl pkg:maven/org.apache.tomcat/tomcat@9.0.0.M1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16sq-3qm1-kqb2

vulnerability	VCID-1fr1-b1h1-zqcz

vulnerability	VCID-2n2k-sh22-fkfw

vulnerability	VCID-395x-2jej-4ubj

vulnerability	VCID-3977-sdws-euh4

vulnerability	VCID-4c8y-tn9d-v3d5

vulnerability	VCID-4md2-vchu-3bgx

vulnerability	VCID-4tdx-52h3-bkfj

vulnerability	VCID-5hp9-mbcu-2bdt

vulnerability	VCID-5nu4-5ude-4yhc

vulnerability	VCID-64zy-xgrf-eba1

vulnerability	VCID-65td-2enz-63hf

vulnerability	VCID-697g-gcg9-zyaa

vulnerability	VCID-6kab-xsqw-37ed

vulnerability	VCID-6tzd-v653-9bdq

vulnerability	VCID-6wqu-jupw-tyhu

vulnerability	VCID-7wr9-uez1-8bdg

vulnerability	VCID-824z-m36f-87ea

vulnerability	VCID-8zsm-8skx-dfha

vulnerability	VCID-97et-ubnp-wqcy

vulnerability	VCID-9gs9-4vzf-uqbu

vulnerability	VCID-9xyf-k9wq-g7b9

vulnerability	VCID-a463-td75-3bhf

vulnerability	VCID-a7e6-gxvv-pub9

vulnerability	VCID-b25a-4gka-5yhr

vulnerability	VCID-d1px-uadx-vqdx

vulnerability	VCID-d4m6-nran-5ydj

vulnerability	VCID-dj7q-4map-ebg4

vulnerability	VCID-euv9-huaz-y3d1

vulnerability	VCID-evws-hrsq-ybfw

vulnerability	VCID-ftu2-phtp-bqad

vulnerability	VCID-fwgq-vmfm-j7bh

vulnerability	VCID-fy3t-qn64-bkhn

vulnerability	VCID-gecz-htub-27gx

vulnerability	VCID-hv33-kv9q-gugf

vulnerability	VCID-k11z-qhvd-9ugj

vulnerability	VCID-keh1-ycs9-ybdd

vulnerability	VCID-kehq-gcjx-17e4

vulnerability	VCID-m3py-3ba2-jkg7

vulnerability	VCID-m7b3-kxzn-t7hj

vulnerability	VCID-mdsb-pema-d3ds

vulnerability	VCID-mr66-8myw-1bc9

vulnerability	VCID-n5t6-xtd3-hfa7

vulnerability	VCID-ngy5-k9cv-rkbn

vulnerability	VCID-nstu-jfc5-3kgd

vulnerability	VCID-nz4k-nfug-tufw

vulnerability	VCID-p4j1-xp15-t3b8

vulnerability	VCID-p65m-6crd-bufr

vulnerability	VCID-q1pv-h34q-7ufy

vulnerability	VCID-q4zv-r7va-nfc3

vulnerability	VCID-qvgx-r4rr-xugp

vulnerability	VCID-qxbw-zvw5-ckdp

vulnerability	VCID-qxfb-yg6b-nfda

vulnerability	VCID-rfbc-9e8h-gfhr

vulnerability	VCID-rwqs-mabh-17c9

vulnerability	VCID-rxdf-fjd8-6yhk

vulnerability	VCID-s2kf-jwgc-pfas

vulnerability	VCID-s4fd-atmc-qkcz

vulnerability	VCID-swxs-3ua6-3yfn

vulnerability	VCID-t5hs-wb5y-tfgw

vulnerability	VCID-t7xw-r7rz-u3g5

vulnerability	VCID-t8tc-zb3w-57gv

vulnerability	VCID-uqgg-5gr8-sfgg

vulnerability	VCID-urhx-sw6q-cqce

vulnerability	VCID-uyc3-3cnp-wqf3

vulnerability	VCID-v9zx-5ppt-qfbb

vulnerability	VCID-vfh6-rc99-e3bf

vulnerability	VCID-vvc7-62tw-2bhh

vulnerability	VCID-vwn1-fgjk-p7bz

vulnerability	VCID-vz4c-rt19-pbaf

vulnerability	VCID-w35j-v3r4-tqhu

vulnerability	VCID-wgfy-cxth-fkas

vulnerability	VCID-wu55-n9ff-sbbf

vulnerability	VCID-x57v-g2md-7bbq

vulnerability	VCID-xjen-b9ss-33by

vulnerability	VCID-xvbv-9ztw-mfcn

vulnerability	VCID-yjb8-hdqu-4fe5

vulnerability	VCID-yqd8-3j9e-cken

vulnerability	VCID-zgcn-hta4-xfb2

vulnerability	VCID-znw1-bajd-7yfp

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.0.M1

url pkg:maven/org.apache.tomcat/tomcat@9.0.98

purl pkg:maven/org.apache.tomcat/tomcat@9.0.98

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2n2k-sh22-fkfw

vulnerability	VCID-63vc-sc11-8kf1

vulnerability	VCID-697g-gcg9-zyaa

vulnerability	VCID-6wqu-jupw-tyhu

vulnerability	VCID-7wr9-uez1-8bdg

vulnerability	VCID-97et-ubnp-wqcy

vulnerability	VCID-9xyf-k9wq-g7b9

vulnerability	VCID-bwh8-tmf1-8uac

vulnerability	VCID-dhxd-kknv-9qb7

vulnerability	VCID-dj7q-4map-ebg4

vulnerability	VCID-hv33-kv9q-gugf

vulnerability	VCID-hvgr-azs4-qqac

vulnerability	VCID-keh1-ycs9-ybdd

vulnerability	VCID-kehq-gcjx-17e4

vulnerability	VCID-n4qq-m1x3-qkbz

vulnerability	VCID-nctp-shgj-sfgh

vulnerability	VCID-p4j1-xp15-t3b8

vulnerability	VCID-s2kf-jwgc-pfas

vulnerability	VCID-t8tc-zb3w-57gv

vulnerability	VCID-vnfg-9em7-u7ee

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.98

url pkg:maven/org.apache.tomcat/tomcat@10.1.0-M1

purl pkg:maven/org.apache.tomcat/tomcat@10.1.0-M1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16sq-3qm1-kqb2

vulnerability	VCID-1fr1-b1h1-zqcz

vulnerability	VCID-1weg-s38v-nkh9

vulnerability	VCID-2381-kewd-m3ez

vulnerability	VCID-29jq-wnw7-9qcm

vulnerability	VCID-2hmq-5245-jyaf

vulnerability	VCID-2n2k-sh22-fkfw

vulnerability	VCID-3kn9-yxww-ryh4

vulnerability	VCID-4md2-vchu-3bgx

vulnerability	VCID-5wbm-3x72-17b6

vulnerability	VCID-63vc-sc11-8kf1

vulnerability	VCID-697g-gcg9-zyaa

vulnerability	VCID-6kab-xsqw-37ed

vulnerability	VCID-6wqu-jupw-tyhu

vulnerability	VCID-7wr9-uez1-8bdg

vulnerability	VCID-8zsm-8skx-dfha

vulnerability	VCID-97et-ubnp-wqcy

vulnerability	VCID-9xyf-k9wq-g7b9

vulnerability	VCID-a463-td75-3bhf

vulnerability	VCID-a7e6-gxvv-pub9

vulnerability	VCID-bbye-dcrb-t3ev

vulnerability	VCID-d4m6-nran-5ydj

vulnerability	VCID-dj7q-4map-ebg4

vulnerability	VCID-dx14-ejnx-37ad

vulnerability	VCID-f7fd-42vx-cydr

vulnerability	VCID-fbxk-sjfu-eyf1

vulnerability	VCID-hv33-kv9q-gugf

vulnerability	VCID-hvgr-azs4-qqac

vulnerability	VCID-keh1-ycs9-ybdd

vulnerability	VCID-kehq-gcjx-17e4

vulnerability	VCID-m1c2-czst-vbb9

vulnerability	VCID-ngy5-k9cv-rkbn

vulnerability	VCID-p4j1-xp15-t3b8

vulnerability	VCID-q4zv-r7va-nfc3

vulnerability	VCID-s2kf-jwgc-pfas

vulnerability	VCID-t8tc-zb3w-57gv

vulnerability	VCID-tktq-z7u7-kubw

vulnerability	VCID-tvrz-n2kd-pba4

vulnerability	VCID-uqgg-5gr8-sfgg

vulnerability	VCID-uyc3-3cnp-wqf3

vulnerability	VCID-v5zf-qfdq-kbbp

vulnerability	VCID-vnfg-9em7-u7ee

vulnerability	VCID-vwn1-fgjk-p7bz

vulnerability	VCID-wgfy-cxth-fkas

vulnerability	VCID-x7wn-uamc-6bg5

vulnerability	VCID-xgqg-vgr9-e3gm

vulnerability	VCID-xvbv-9ztw-mfcn

vulnerability	VCID-zgcn-hta4-xfb2

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.0-M1

url pkg:maven/org.apache.tomcat/tomcat@10.1.34

purl pkg:maven/org.apache.tomcat/tomcat@10.1.34

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2n2k-sh22-fkfw

vulnerability	VCID-63vc-sc11-8kf1

vulnerability	VCID-697g-gcg9-zyaa

vulnerability	VCID-6wqu-jupw-tyhu

vulnerability	VCID-7wr9-uez1-8bdg

vulnerability	VCID-97et-ubnp-wqcy

vulnerability	VCID-9xyf-k9wq-g7b9

vulnerability	VCID-bwh8-tmf1-8uac

vulnerability	VCID-dj7q-4map-ebg4

vulnerability	VCID-hv33-kv9q-gugf

vulnerability	VCID-hvgr-azs4-qqac

vulnerability	VCID-keh1-ycs9-ybdd

vulnerability	VCID-kehq-gcjx-17e4

vulnerability	VCID-n4qq-m1x3-qkbz

vulnerability	VCID-nctp-shgj-sfgh

vulnerability	VCID-p4j1-xp15-t3b8

vulnerability	VCID-s2kf-jwgc-pfas

vulnerability	VCID-t8tc-zb3w-57gv

vulnerability	VCID-vnfg-9em7-u7ee

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@10.1.34

url pkg:maven/org.apache.tomcat/tomcat@11.0.0-M1

purl pkg:maven/org.apache.tomcat/tomcat@11.0.0-M1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16sq-3qm1-kqb2

vulnerability	VCID-1fr1-b1h1-zqcz

vulnerability	VCID-1weg-s38v-nkh9

vulnerability	VCID-2381-kewd-m3ez

vulnerability	VCID-29jq-wnw7-9qcm

vulnerability	VCID-2n2k-sh22-fkfw

vulnerability	VCID-4md2-vchu-3bgx

vulnerability	VCID-5wbm-3x72-17b6

vulnerability	VCID-63vc-sc11-8kf1

vulnerability	VCID-697g-gcg9-zyaa

vulnerability	VCID-6kab-xsqw-37ed

vulnerability	VCID-6wqu-jupw-tyhu

vulnerability	VCID-7wr9-uez1-8bdg

vulnerability	VCID-8zsm-8skx-dfha

vulnerability	VCID-97et-ubnp-wqcy

vulnerability	VCID-9xyf-k9wq-g7b9

vulnerability	VCID-a463-td75-3bhf

vulnerability	VCID-a7e6-gxvv-pub9

vulnerability	VCID-bwh8-tmf1-8uac

vulnerability	VCID-d4m6-nran-5ydj

vulnerability	VCID-dhxd-kknv-9qb7

vulnerability	VCID-dj7q-4map-ebg4

vulnerability	VCID-dyrd-71bh-v7fs

vulnerability	VCID-hv33-kv9q-gugf

vulnerability	VCID-hvgr-azs4-qqac

vulnerability	VCID-keh1-ycs9-ybdd

vulnerability	VCID-kehq-gcjx-17e4

vulnerability	VCID-m1c2-czst-vbb9

vulnerability	VCID-n4qq-m1x3-qkbz

vulnerability	VCID-ngy5-k9cv-rkbn

vulnerability	VCID-p4j1-xp15-t3b8

vulnerability	VCID-q4zv-r7va-nfc3

vulnerability	VCID-s2kf-jwgc-pfas

vulnerability	VCID-t8tc-zb3w-57gv

vulnerability	VCID-tktq-z7u7-kubw

vulnerability	VCID-uqgg-5gr8-sfgg

vulnerability	VCID-uyc3-3cnp-wqf3

vulnerability	VCID-v5zf-qfdq-kbbp

vulnerability	VCID-vnfg-9em7-u7ee

vulnerability	VCID-vwn1-fgjk-p7bz

vulnerability	VCID-wgfy-cxth-fkas

vulnerability	VCID-xgqg-vgr9-e3gm

vulnerability	VCID-xvbv-9ztw-mfcn

vulnerability	VCID-zgcn-hta4-xfb2

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@11.0.0-M1

url pkg:maven/org.apache.tomcat/tomcat@11.0.2

purl pkg:maven/org.apache.tomcat/tomcat@11.0.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2n2k-sh22-fkfw

vulnerability	VCID-63vc-sc11-8kf1

vulnerability	VCID-697g-gcg9-zyaa

vulnerability	VCID-6wqu-jupw-tyhu

vulnerability	VCID-7wr9-uez1-8bdg

vulnerability	VCID-97et-ubnp-wqcy

vulnerability	VCID-9xyf-k9wq-g7b9

vulnerability	VCID-bwh8-tmf1-8uac

vulnerability	VCID-dhxd-kknv-9qb7

vulnerability	VCID-dj7q-4map-ebg4

vulnerability	VCID-hv33-kv9q-gugf

vulnerability	VCID-hvgr-azs4-qqac

vulnerability	VCID-keh1-ycs9-ybdd

vulnerability	VCID-kehq-gcjx-17e4

vulnerability	VCID-n4qq-m1x3-qkbz

vulnerability	VCID-nctp-shgj-sfgh

vulnerability	VCID-p4j1-xp15-t3b8

vulnerability	VCID-s2kf-jwgc-pfas

vulnerability	VCID-t8tc-zb3w-57gv

vulnerability	VCID-vnfg-9em7-u7ee

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@11.0.2

url pkg:maven/org.apache.tomcat/tomcat-catalina@8.5.0

purl pkg:maven/org.apache.tomcat/tomcat-catalina@8.5.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1fr1-b1h1-zqcz

vulnerability	VCID-2n2k-sh22-fkfw

vulnerability	VCID-4tdx-52h3-bkfj

vulnerability	VCID-5hp9-mbcu-2bdt

vulnerability	VCID-5wbm-3x72-17b6

vulnerability	VCID-697g-gcg9-zyaa

vulnerability	VCID-6kab-xsqw-37ed

vulnerability	VCID-8zsm-8skx-dfha

vulnerability	VCID-97et-ubnp-wqcy

vulnerability	VCID-9xyf-k9wq-g7b9

vulnerability	VCID-a463-td75-3bhf

vulnerability	VCID-b25a-4gka-5yhr

vulnerability	VCID-d1px-uadx-vqdx

vulnerability	VCID-dj7q-4map-ebg4

vulnerability	VCID-hv33-kv9q-gugf

vulnerability	VCID-keh1-ycs9-ybdd

vulnerability	VCID-kehq-gcjx-17e4

vulnerability	VCID-m3py-3ba2-jkg7

vulnerability	VCID-m7b3-kxzn-t7hj

vulnerability	VCID-ngy5-k9cv-rkbn

vulnerability	VCID-nz4k-nfug-tufw

vulnerability	VCID-pe4q-h887-fqc9

vulnerability	VCID-qvgx-r4rr-xugp

vulnerability	VCID-rxdf-fjd8-6yhk

vulnerability	VCID-s2kf-jwgc-pfas

vulnerability	VCID-t8tc-zb3w-57gv

vulnerability	VCID-tvrz-n2kd-pba4

vulnerability	VCID-uyc3-3cnp-wqf3

vulnerability	VCID-v5zf-qfdq-kbbp

vulnerability	VCID-vwn1-fgjk-p7bz

vulnerability	VCID-xgqg-vgr9-e3gm

vulnerability	VCID-xjen-b9ss-33by

vulnerability	VCID-xvbv-9ztw-mfcn

vulnerability	VCID-zgcn-hta4-xfb2

vulnerability	VCID-znw1-bajd-7yfp

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-catalina@8.5.0

url pkg:maven/org.apache.tomcat/tomcat-catalina@8.5.100

purl pkg:maven/org.apache.tomcat/tomcat-catalina@8.5.100

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1fr1-b1h1-zqcz

vulnerability	VCID-2n2k-sh22-fkfw

vulnerability	VCID-5wbm-3x72-17b6

vulnerability	VCID-63vc-sc11-8kf1

vulnerability	VCID-697g-gcg9-zyaa

vulnerability	VCID-6wqu-jupw-tyhu

vulnerability	VCID-7wr9-uez1-8bdg

vulnerability	VCID-8zsm-8skx-dfha

vulnerability	VCID-97et-ubnp-wqcy

vulnerability	VCID-9xyf-k9wq-g7b9

vulnerability	VCID-a463-td75-3bhf

vulnerability	VCID-dj7q-4map-ebg4

vulnerability	VCID-hv33-kv9q-gugf

vulnerability	VCID-keh1-ycs9-ybdd

vulnerability	VCID-kehq-gcjx-17e4

vulnerability	VCID-ngy5-k9cv-rkbn

vulnerability	VCID-s2kf-jwgc-pfas

vulnerability	VCID-t8tc-zb3w-57gv

vulnerability	VCID-vwn1-fgjk-p7bz

vulnerability	VCID-xvbv-9ztw-mfcn

vulnerability	VCID-zgcn-hta4-xfb2

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-catalina@8.5.100

url pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.0.M1

purl pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.0.M1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1fr1-b1h1-zqcz

vulnerability	VCID-2n2k-sh22-fkfw

vulnerability	VCID-4tdx-52h3-bkfj

vulnerability	VCID-5hp9-mbcu-2bdt

vulnerability	VCID-5wbm-3x72-17b6

vulnerability	VCID-697g-gcg9-zyaa

vulnerability	VCID-6kab-xsqw-37ed

vulnerability	VCID-6wqu-jupw-tyhu

vulnerability	VCID-7wr9-uez1-8bdg

vulnerability	VCID-8zsm-8skx-dfha

vulnerability	VCID-97et-ubnp-wqcy

vulnerability	VCID-9xyf-k9wq-g7b9

vulnerability	VCID-a463-td75-3bhf

vulnerability	VCID-b25a-4gka-5yhr

vulnerability	VCID-d1px-uadx-vqdx

vulnerability	VCID-d4m6-nran-5ydj

vulnerability	VCID-dj7q-4map-ebg4

vulnerability	VCID-hv33-kv9q-gugf

vulnerability	VCID-keh1-ycs9-ybdd

vulnerability	VCID-kehq-gcjx-17e4

vulnerability	VCID-m7b3-kxzn-t7hj

vulnerability	VCID-rxdf-fjd8-6yhk

vulnerability	VCID-s2kf-jwgc-pfas

vulnerability	VCID-t8tc-zb3w-57gv

vulnerability	VCID-uyc3-3cnp-wqf3

vulnerability	VCID-vwn1-fgjk-p7bz

vulnerability	VCID-xjen-b9ss-33by

vulnerability	VCID-xvbv-9ztw-mfcn

vulnerability	VCID-znw1-bajd-7yfp

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.0.M1

url pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.0-M1

purl pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.0-M1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1fr1-b1h1-zqcz

vulnerability	VCID-2n2k-sh22-fkfw

vulnerability	VCID-5wbm-3x72-17b6

vulnerability	VCID-63vc-sc11-8kf1

vulnerability	VCID-697g-gcg9-zyaa

vulnerability	VCID-6kab-xsqw-37ed

vulnerability	VCID-6wqu-jupw-tyhu

vulnerability	VCID-7wr9-uez1-8bdg

vulnerability	VCID-8zsm-8skx-dfha

vulnerability	VCID-97et-ubnp-wqcy

vulnerability	VCID-9xyf-k9wq-g7b9

vulnerability	VCID-a463-td75-3bhf

vulnerability	VCID-d4m6-nran-5ydj

vulnerability	VCID-dj7q-4map-ebg4

vulnerability	VCID-hv33-kv9q-gugf

vulnerability	VCID-hvgr-azs4-qqac

vulnerability	VCID-keh1-ycs9-ybdd

vulnerability	VCID-kehq-gcjx-17e4

vulnerability	VCID-p4j1-xp15-t3b8

vulnerability	VCID-s2kf-jwgc-pfas

vulnerability	VCID-t8tc-zb3w-57gv

vulnerability	VCID-uqgg-5gr8-sfgg

vulnerability	VCID-uyc3-3cnp-wqf3

vulnerability	VCID-v5zf-qfdq-kbbp

vulnerability	VCID-vnfg-9em7-u7ee

vulnerability	VCID-vwn1-fgjk-p7bz

vulnerability	VCID-wgfy-cxth-fkas

vulnerability	VCID-xgqg-vgr9-e3gm

vulnerability	VCID-xvbv-9ztw-mfcn

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.0-M1

url pkg:maven/org.apache.tomcat/tomcat-catalina@11.0.0-M1

purl pkg:maven/org.apache.tomcat/tomcat-catalina@11.0.0-M1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1fr1-b1h1-zqcz

vulnerability	VCID-2n2k-sh22-fkfw

vulnerability	VCID-5wbm-3x72-17b6

vulnerability	VCID-63vc-sc11-8kf1

vulnerability	VCID-697g-gcg9-zyaa

vulnerability	VCID-6kab-xsqw-37ed

vulnerability	VCID-6wqu-jupw-tyhu

vulnerability	VCID-7wr9-uez1-8bdg

vulnerability	VCID-8zsm-8skx-dfha

vulnerability	VCID-97et-ubnp-wqcy

vulnerability	VCID-9xyf-k9wq-g7b9

vulnerability	VCID-a463-td75-3bhf

vulnerability	VCID-d4m6-nran-5ydj

vulnerability	VCID-dhxd-kknv-9qb7

vulnerability	VCID-dj7q-4map-ebg4

vulnerability	VCID-dyrd-71bh-v7fs

vulnerability	VCID-hv33-kv9q-gugf

vulnerability	VCID-hvgr-azs4-qqac

vulnerability	VCID-keh1-ycs9-ybdd

vulnerability	VCID-kehq-gcjx-17e4

vulnerability	VCID-n4qq-m1x3-qkbz

vulnerability	VCID-p4j1-xp15-t3b8

vulnerability	VCID-s2kf-jwgc-pfas

vulnerability	VCID-t8tc-zb3w-57gv

vulnerability	VCID-uqgg-5gr8-sfgg

vulnerability	VCID-v5zf-qfdq-kbbp

vulnerability	VCID-vnfg-9em7-u7ee

vulnerability	VCID-vwn1-fgjk-p7bz

vulnerability	VCID-wgfy-cxth-fkas

vulnerability	VCID-xgqg-vgr9-e3gm

vulnerability	VCID-xvbv-9ztw-mfcn

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-catalina@11.0.0-M1

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.0

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16sq-3qm1-kqb2

vulnerability	VCID-1fr1-b1h1-zqcz

vulnerability	VCID-1weg-s38v-nkh9

vulnerability	VCID-2381-kewd-m3ez

vulnerability	VCID-2n2k-sh22-fkfw

vulnerability	VCID-395x-2jej-4ubj

vulnerability	VCID-3977-sdws-euh4

vulnerability	VCID-3kn9-yxww-ryh4

vulnerability	VCID-4md2-vchu-3bgx

vulnerability	VCID-4tdx-52h3-bkfj

vulnerability	VCID-5hp9-mbcu-2bdt

vulnerability	VCID-5nu4-5ude-4yhc

vulnerability	VCID-697g-gcg9-zyaa

vulnerability	VCID-6kab-xsqw-37ed

vulnerability	VCID-824z-m36f-87ea

vulnerability	VCID-8zsm-8skx-dfha

vulnerability	VCID-97et-ubnp-wqcy

vulnerability	VCID-9xyf-k9wq-g7b9

vulnerability	VCID-a463-td75-3bhf

vulnerability	VCID-b25a-4gka-5yhr

vulnerability	VCID-dj7q-4map-ebg4

vulnerability	VCID-dkek-2jbz-2fhz

vulnerability	VCID-evws-hrsq-ybfw

vulnerability	VCID-ftu2-phtp-bqad

vulnerability	VCID-fwgq-vmfm-j7bh

vulnerability	VCID-gecz-htub-27gx

vulnerability	VCID-hv33-kv9q-gugf

vulnerability	VCID-k11z-qhvd-9ugj

vulnerability	VCID-keh1-ycs9-ybdd

vulnerability	VCID-kehq-gcjx-17e4

vulnerability	VCID-m1c2-czst-vbb9

vulnerability	VCID-m3py-3ba2-jkg7

vulnerability	VCID-n5t6-xtd3-hfa7

vulnerability	VCID-nz4k-nfug-tufw

vulnerability	VCID-p4j1-xp15-t3b8

vulnerability	VCID-pmqs-cuvn-yqcc

vulnerability	VCID-qvgx-r4rr-xugp

vulnerability	VCID-qxbw-zvw5-ckdp

vulnerability	VCID-qxfb-yg6b-nfda

vulnerability	VCID-r9fd-ndvw-ekfa

vulnerability	VCID-rwqs-mabh-17c9

vulnerability	VCID-s2kf-jwgc-pfas

vulnerability	VCID-swxs-3ua6-3yfn

vulnerability	VCID-t8tc-zb3w-57gv

vulnerability	VCID-tvrz-n2kd-pba4

vulnerability	VCID-urhx-sw6q-cqce

vulnerability	VCID-uyc3-3cnp-wqf3

vulnerability	VCID-v5zf-qfdq-kbbp

vulnerability	VCID-v9zx-5ppt-qfbb

vulnerability	VCID-vfh6-rc99-e3bf

vulnerability	VCID-vvc7-62tw-2bhh

vulnerability	VCID-vwn1-fgjk-p7bz

vulnerability	VCID-w35j-v3r4-tqhu

vulnerability	VCID-x57v-g2md-7bbq

vulnerability	VCID-xgqg-vgr9-e3gm

vulnerability	VCID-xvbv-9ztw-mfcn

vulnerability	VCID-zgcn-hta4-xfb2

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.0

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.100

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.100

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1fr1-b1h1-zqcz

vulnerability	VCID-2n2k-sh22-fkfw

vulnerability	VCID-4md2-vchu-3bgx

vulnerability	VCID-63vc-sc11-8kf1

vulnerability	VCID-697g-gcg9-zyaa

vulnerability	VCID-6wqu-jupw-tyhu

vulnerability	VCID-7wr9-uez1-8bdg

vulnerability	VCID-8zsm-8skx-dfha

vulnerability	VCID-97et-ubnp-wqcy

vulnerability	VCID-9xyf-k9wq-g7b9

vulnerability	VCID-a463-td75-3bhf

vulnerability	VCID-dj7q-4map-ebg4

vulnerability	VCID-dkek-2jbz-2fhz

vulnerability	VCID-hv33-kv9q-gugf

vulnerability	VCID-keh1-ycs9-ybdd

vulnerability	VCID-kehq-gcjx-17e4

vulnerability	VCID-m1c2-czst-vbb9

vulnerability	VCID-p4j1-xp15-t3b8

vulnerability	VCID-s2kf-jwgc-pfas

vulnerability	VCID-t8tc-zb3w-57gv

vulnerability	VCID-vwn1-fgjk-p7bz

vulnerability	VCID-xvbv-9ztw-mfcn

vulnerability	VCID-zgcn-hta4-xfb2

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.100

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.0.M1

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.0.M1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16sq-3qm1-kqb2

vulnerability	VCID-1fr1-b1h1-zqcz

vulnerability	VCID-2381-kewd-m3ez

vulnerability	VCID-2n2k-sh22-fkfw

vulnerability	VCID-395x-2jej-4ubj

vulnerability	VCID-3977-sdws-euh4

vulnerability	VCID-4c8y-tn9d-v3d5

vulnerability	VCID-4md2-vchu-3bgx

vulnerability	VCID-4tdx-52h3-bkfj

vulnerability	VCID-697g-gcg9-zyaa

vulnerability	VCID-6kab-xsqw-37ed

vulnerability	VCID-6wqu-jupw-tyhu

vulnerability	VCID-7wr9-uez1-8bdg

vulnerability	VCID-8zsm-8skx-dfha

vulnerability	VCID-97et-ubnp-wqcy

vulnerability	VCID-9xyf-k9wq-g7b9

vulnerability	VCID-a463-td75-3bhf

vulnerability	VCID-a7e6-gxvv-pub9

vulnerability	VCID-b25a-4gka-5yhr

vulnerability	VCID-dj7q-4map-ebg4

vulnerability	VCID-ftu2-phtp-bqad

vulnerability	VCID-gecz-htub-27gx

vulnerability	VCID-hv33-kv9q-gugf

vulnerability	VCID-keh1-ycs9-ybdd

vulnerability	VCID-kehq-gcjx-17e4

vulnerability	VCID-p4j1-xp15-t3b8

vulnerability	VCID-pmqs-cuvn-yqcc

vulnerability	VCID-s2kf-jwgc-pfas

vulnerability	VCID-t8tc-zb3w-57gv

vulnerability	VCID-uqgg-5gr8-sfgg

vulnerability	VCID-urhx-sw6q-cqce

vulnerability	VCID-uyc3-3cnp-wqf3

vulnerability	VCID-vwn1-fgjk-p7bz

vulnerability	VCID-xgqg-vgr9-e3gm

vulnerability	VCID-xvbv-9ztw-mfcn

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.0.M1

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.0-M1

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.0-M1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16sq-3qm1-kqb2

vulnerability	VCID-1fr1-b1h1-zqcz

vulnerability	VCID-1weg-s38v-nkh9

vulnerability	VCID-2381-kewd-m3ez

vulnerability	VCID-2n2k-sh22-fkfw

vulnerability	VCID-3kn9-yxww-ryh4

vulnerability	VCID-4md2-vchu-3bgx

vulnerability	VCID-63vc-sc11-8kf1

vulnerability	VCID-697g-gcg9-zyaa

vulnerability	VCID-6kab-xsqw-37ed

vulnerability	VCID-6wqu-jupw-tyhu

vulnerability	VCID-7wr9-uez1-8bdg

vulnerability	VCID-8zsm-8skx-dfha

vulnerability	VCID-97et-ubnp-wqcy

vulnerability	VCID-9xyf-k9wq-g7b9

vulnerability	VCID-a463-td75-3bhf

vulnerability	VCID-a7e6-gxvv-pub9

vulnerability	VCID-bbye-dcrb-t3ev

vulnerability	VCID-dj7q-4map-ebg4

vulnerability	VCID-f7fd-42vx-cydr

vulnerability	VCID-hv33-kv9q-gugf

vulnerability	VCID-hvgr-azs4-qqac

vulnerability	VCID-keh1-ycs9-ybdd

vulnerability	VCID-kehq-gcjx-17e4

vulnerability	VCID-m1c2-czst-vbb9

vulnerability	VCID-p4j1-xp15-t3b8

vulnerability	VCID-s2kf-jwgc-pfas

vulnerability	VCID-t8tc-zb3w-57gv

vulnerability	VCID-uqgg-5gr8-sfgg

vulnerability	VCID-uyc3-3cnp-wqf3

vulnerability	VCID-v5zf-qfdq-kbbp

vulnerability	VCID-vnfg-9em7-u7ee

vulnerability	VCID-vwn1-fgjk-p7bz

vulnerability	VCID-wgfy-cxth-fkas

vulnerability	VCID-xgqg-vgr9-e3gm

vulnerability	VCID-xvbv-9ztw-mfcn

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.0-M1

url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@11.0.0-M1

purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@11.0.0-M1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16sq-3qm1-kqb2

vulnerability	VCID-1fr1-b1h1-zqcz

vulnerability	VCID-1weg-s38v-nkh9

vulnerability	VCID-2381-kewd-m3ez

vulnerability	VCID-2n2k-sh22-fkfw

vulnerability	VCID-4md2-vchu-3bgx

vulnerability	VCID-63vc-sc11-8kf1

vulnerability	VCID-697g-gcg9-zyaa

vulnerability	VCID-6kab-xsqw-37ed

vulnerability	VCID-6wqu-jupw-tyhu

vulnerability	VCID-7wr9-uez1-8bdg

vulnerability	VCID-8zsm-8skx-dfha

vulnerability	VCID-97et-ubnp-wqcy

vulnerability	VCID-9xyf-k9wq-g7b9

vulnerability	VCID-a463-td75-3bhf

vulnerability	VCID-a7e6-gxvv-pub9

vulnerability	VCID-bwh8-tmf1-8uac

vulnerability	VCID-dhxd-kknv-9qb7

vulnerability	VCID-dj7q-4map-ebg4

vulnerability	VCID-dyrd-71bh-v7fs

vulnerability	VCID-hv33-kv9q-gugf

vulnerability	VCID-hvgr-azs4-qqac

vulnerability	VCID-keh1-ycs9-ybdd

vulnerability	VCID-kehq-gcjx-17e4

vulnerability	VCID-m1c2-czst-vbb9

vulnerability	VCID-n4qq-m1x3-qkbz

vulnerability	VCID-p4j1-xp15-t3b8

vulnerability	VCID-s2kf-jwgc-pfas

vulnerability	VCID-t8tc-zb3w-57gv

vulnerability	VCID-uqgg-5gr8-sfgg

vulnerability	VCID-uyc3-3cnp-wqf3

vulnerability	VCID-v5zf-qfdq-kbbp

vulnerability	VCID-vnfg-9em7-u7ee

vulnerability	VCID-vwn1-fgjk-p7bz

vulnerability	VCID-wgfy-cxth-fkas

vulnerability	VCID-xgqg-vgr9-e3gm

vulnerability	VCID-xvbv-9ztw-mfcn

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@11.0.0-M1

url pkg:rpm/redhat/jws5-tomcat@9.0.87-8.redhat_00008.1?arch=el9jws

purl pkg:rpm/redhat/jws5-tomcat@9.0.87-8.redhat_00008.1?arch=el9jws

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-kehq-gcjx-17e4

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jws5-tomcat@9.0.87-8.redhat_00008.1%3Farch=el9jws

url pkg:rpm/redhat/jws5-tomcat@9.0.87-8.redhat_00008.1?arch=el7jws

purl pkg:rpm/redhat/jws5-tomcat@9.0.87-8.redhat_00008.1?arch=el7jws

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-kehq-gcjx-17e4

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jws5-tomcat@9.0.87-8.redhat_00008.1%3Farch=el7jws

url pkg:rpm/redhat/jws5-tomcat@9.0.87-8.redhat_00008.1?arch=el8jws

purl pkg:rpm/redhat/jws5-tomcat@9.0.87-8.redhat_00008.1?arch=el8jws

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-kehq-gcjx-17e4

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jws5-tomcat@9.0.87-8.redhat_00008.1%3Farch=el8jws

url pkg:rpm/redhat/jws6-tomcat@10.1.36-6.redhat_00007.1?arch=el8jws

purl pkg:rpm/redhat/jws6-tomcat@10.1.36-6.redhat_00007.1?arch=el8jws

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5wbm-3x72-17b6

vulnerability	VCID-dkek-2jbz-2fhz

vulnerability	VCID-kehq-gcjx-17e4

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jws6-tomcat@10.1.36-6.redhat_00007.1%3Farch=el8jws

url pkg:rpm/redhat/jws6-tomcat@10.1.36-6.redhat_00007.1?arch=el9jws

purl pkg:rpm/redhat/jws6-tomcat@10.1.36-6.redhat_00007.1?arch=el9jws

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5wbm-3x72-17b6

vulnerability	VCID-dkek-2jbz-2fhz

vulnerability	VCID-kehq-gcjx-17e4

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jws6-tomcat@10.1.36-6.redhat_00007.1%3Farch=el9jws

url pkg:rpm/redhat/tomcat@1:9.0.87-1.el8_8?arch=4

purl pkg:rpm/redhat/tomcat@1:9.0.87-1.el8_8?arch=4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8zsm-8skx-dfha

vulnerability	VCID-kehq-gcjx-17e4

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/tomcat@1:9.0.87-1.el8_8%3Farch=4

url pkg:rpm/redhat/tomcat@1:9.0.87-1.el8_10?arch=3

purl pkg:rpm/redhat/tomcat@1:9.0.87-1.el8_10?arch=3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8zsm-8skx-dfha

vulnerability	VCID-kehq-gcjx-17e4

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/tomcat@1:9.0.87-1.el8_10%3Farch=3

url pkg:rpm/redhat/tomcat@1:9.0.87-1.el9_2?arch=3

purl pkg:rpm/redhat/tomcat@1:9.0.87-1.el9_2?arch=3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8zsm-8skx-dfha

vulnerability	VCID-kehq-gcjx-17e4

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/tomcat@1:9.0.87-1.el9_2%3Farch=3

url pkg:rpm/redhat/tomcat@1:9.0.87-1.el9_4?arch=3

purl pkg:rpm/redhat/tomcat@1:9.0.87-1.el9_4?arch=3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8zsm-8skx-dfha

vulnerability	VCID-kehq-gcjx-17e4

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/tomcat@1:9.0.87-1.el9_4%3Farch=3

url pkg:rpm/redhat/tomcat@1:9.0.87-2.el9_5?arch=1

purl pkg:rpm/redhat/tomcat@1:9.0.87-2.el9_5?arch=1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8zsm-8skx-dfha

vulnerability	VCID-kehq-gcjx-17e4

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/tomcat@1:9.0.87-2.el9_5%3Farch=1

url pkg:rpm/redhat/tomcat@1:10.1.36-1?arch=el10_0

purl pkg:rpm/redhat/tomcat@1:10.1.36-1?arch=el10_0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5wbm-3x72-17b6

vulnerability	VCID-kehq-gcjx-17e4

vulnerability	VCID-ngy5-k9cv-rkbn

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/tomcat@1:10.1.36-1%3Farch=el10_0

url pkg:rpm/redhat/tomcat9@1:9.0.87-5?arch=el10_0

purl pkg:rpm/redhat/tomcat9@1:9.0.87-5?arch=el10_0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-kehq-gcjx-17e4

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/tomcat9@1:9.0.87-5%3Farch=el10_0

References

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-24813.json

reference_id

reference_type

scores

value	8.6
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-24813.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-24813

reference_id

reference_type

scores

value	0.9413
scoring_system	epss
scoring_elements	0.99917
published_at	2026-06-14T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-24813

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/absholi7ly/POC-CVE-2025-24813/blob/main/README.md

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	9.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/absholi7ly/POC-CVE-2025-24813/blob/main/README.md

reference_url

https://github.com/apache/tomcat

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	9.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat

reference_url

https://github.com/apache/tomcat/commit/0a668e0c27f2b7ca0cc7c6eea32253b9b5ecb29c

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	9.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/0a668e0c27f2b7ca0cc7c6eea32253b9b5ecb29c

reference_url

https://github.com/apache/tomcat/commit/eb61aade8f8daccaecabf07d428b877975622f72

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	9.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/eb61aade8f8daccaecabf07d428b877975622f72

reference_url

https://github.com/apache/tomcat/commit/f6c01d6577cf9a1e06792be47e623d36acc3b5dc

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	9.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/f6c01d6577cf9a1e06792be47e623d36acc3b5dc

reference_url

https://lists.debian.org/debian-lts-announce/2025/04/msg00003.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	9.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2025/04/msg00003.html

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2025-24813

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	9.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2025-24813

reference_url

https://security.netapp.com/advisory/ntap-20250321-0001

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	9.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20250321-0001

reference_url

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-24813

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	9.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-24813

reference_url

https://www.vicarius.io/vsociety/posts/cve-2025-24813-detect-apache-tomcat-rce

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	9.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.vicarius.io/vsociety/posts/cve-2025-24813-detect-apache-tomcat-rce

reference_url

https://www.vicarius.io/vsociety/posts/cve-2025-24813-mitigate-apache-tomcat-rce

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	9.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.vicarius.io/vsociety/posts/cve-2025-24813-mitigate-apache-tomcat-rce

reference_url

https://www.vicarius.io/vsociety/posts/cve-2025-24813-tomcat-detect-vulnerability

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	9.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.vicarius.io/vsociety/posts/cve-2025-24813-tomcat-detect-vulnerability

reference_url

https://www.vicarius.io/vsociety/posts/cve-2025-24813-tomcat-mitigation-vulnerability

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	9.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.vicarius.io/vsociety/posts/cve-2025-24813-tomcat-mitigation-vulnerability

reference_url

http://www.openwall.com/lists/oss-security/2025/03/10/5

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	9.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2025/03/10/5

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2351129
reference_id	2351129
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2351129

reference_url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24813

reference_id

CVE-2025-24813

reference_type

scores

value	Important
scoring_system	apache_tomcat
scoring_elements

url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24813

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/52134.txt
reference_id	CVE-2025-24813
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/52134.txt

reference_url

https://github.com/advisories/GHSA-83qj-6fr2-vhqg

reference_id

GHSA-83qj-6fr2-vhqg

reference_type

scores

value	CRITICAL
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-83qj-6fr2-vhqg

reference_url

https://lists.apache.org/thread/j5fkjv2k477os90nczf2v9l61fb0kkgq

reference_id

j5fkjv2k477os90nczf2v9l61fb0kkgq

reference_type

scores

value	10
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	9.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-04-01T19:37:06Z/

url

https://lists.apache.org/thread/j5fkjv2k477os90nczf2v9l61fb0kkgq

reference_url	https://access.redhat.com/errata/RHSA-2025:3454
reference_id	RHSA-2025:3454
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3454

reference_url	https://access.redhat.com/errata/RHSA-2025:3455
reference_id	RHSA-2025:3455
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3455

reference_url	https://access.redhat.com/errata/RHSA-2025:3608
reference_id	RHSA-2025:3608
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3608

reference_url	https://access.redhat.com/errata/RHSA-2025:3609
reference_id	RHSA-2025:3609
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3609

reference_url	https://access.redhat.com/errata/RHSA-2025:3645
reference_id	RHSA-2025:3645
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3645

reference_url	https://access.redhat.com/errata/RHSA-2025:3646
reference_id	RHSA-2025:3646
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3646

reference_url	https://access.redhat.com/errata/RHSA-2025:3647
reference_id	RHSA-2025:3647
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3647

reference_url	https://access.redhat.com/errata/RHSA-2025:3683
reference_id	RHSA-2025:3683
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3683

reference_url	https://access.redhat.com/errata/RHSA-2025:3684
reference_id	RHSA-2025:3684
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3684

reference_url	https://access.redhat.com/errata/RHSA-2025:7494
reference_id	RHSA-2025:7494
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:7494

reference_url	https://access.redhat.com/errata/RHSA-2025:7497
reference_id	RHSA-2025:7497
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:7497

reference_url	https://usn.ubuntu.com/7525-1/
reference_id	USN-7525-1
reference_type
scores
url	https://usn.ubuntu.com/7525-1/

reference_url	https://usn.ubuntu.com/7525-2/
reference_id	USN-7525-2
reference_type
scores
url	https://usn.ubuntu.com/7525-2/

Weaknesses

cwe_id	44
name	Path Equivalence: 'file.name' (Internal Dot)
description	The product accepts path input in the form of internal dot ('file.ordir') without appropriate validation, which can lead to ambiguous path resolution and allow an attacker to traverse the file system to unintended locations or access arbitrary files.

cwe_id	502
name	Deserialization of Untrusted Data
description	The product deserializes untrusted data without sufficiently verifying that the resulting data will be valid.

cwe_id	41
name	Improper Resolution of Path Equivalence
description	The product is vulnerable to file system contents disclosure through path equivalence. Path equivalence involves the use of special characters in file and directory names. The associated manipulations are intended to generate multiple names for the same object.

cwe_id	937
name	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.

cwe_id	1035
name	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.

Exploits

date_added	2025-04-07
description	Apache Tomcat 11.0.3 - Remote Code Execution
required_action	`null`
due_date	`null`
notes	`null`
known_ransomware_campaign_use	`false`
source_date_published	2025-04-07
exploit_type	webapps
platform	multiple
source_date_updated	2025-04-07
data_source	Exploit-DB
source_url

date_added	2025-04-01
description	Apache Tomcat contains a path equivalence vulnerability that allows a remote attacker to execute code, disclose information, or inject malicious content via a partial PUT request.
required_action	Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
due_date	2025-04-22
notes	This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. Please check with specific vendors for information on patching status. For more information, please see: https://lists.apache.org/thread/j5fkjv2k477os90nczf2v9l61fb0kkgq ; https://nvd.nist.gov/vuln/detail/CVE-2025-24813
known_ransomware_campaign_use	`false`
source_date_published	`null`
exploit_type	`null`
platform	`null`
source_date_updated	`null`
data_source	KEV
source_url	`null`

date_added	`null`
description	This module exploits a Java deserialization vulnerability in Apache Tomcat's session restoration functionality that can be exploited with a partial HTTP PUT request to place an attacker controlled deserialization payload in the <tomcat_root_dir>/webapps/ROOT/ directory. For the exploit to succeed, writes must be enabled for the default servlet, and org.apache.catalina.session.PersistentManager must be configured to use org.apache.catalina.session.FileStore. Verified working on 10.1.16-1
required_action	`null`
due_date	`null`
notes	Stability: - crash-safe Reliability: - repeatable-session SideEffects: - ioc-in-logs - artifacts-on-disk
known_ransomware_campaign_use	`false`
source_date_published	2025-03-10
exploit_type	`null`
platform	Linux,Unix,Windows
source_date_updated	`null`
data_source	Metasploit
source_url	https://github.com/rapid7/metasploit-framework/tree/master/modules/exploits/multi/http/tomcat_partial_put_deserialization.rb

Severity_range_score 7.0 - 10.0

Exploitability 2.0

Weighted_severity 9.0

Risk_score 10.0

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kehq-gcjx-17e4

Vulnerability Instance