{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/43155?format=json","vulnerability_id":"VCID-bv96-e6r9-xka7","summary":"JULI logging component in Apache Tomcat does not restrict certain permissions for web applications\nThe default catalina.policy in the JULI logging component in Apache Tomcat 5.5.9 through 5.5.25 and 6.0.0 through 6.0.15 does not restrict certain permissions for web applications, which allows attackers to modify logging configuration options and overwrite arbitrary files, as demonstrated by changing the (1) level, (2) directory, and (3) prefix attributes in the org.apache.juli.FileHandler handler.","aliases":[{"alias":"CVE-2007-5342"},{"alias":"GHSA-w65j-cmqc-37p2"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/87237?format=json","purl":"pkg:apache/tomcat@5.5.26","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-t4mh-zvhq-27du"},{"vulnerability":"VCID-wg7f-pjmn-uudk"},{"vulnerability":"VCID-yswq-hnqg-sycs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@5.5.26"},{"url":"http://public2.vulnerablecode.io/api/packages/87181?format=json","purl":"pkg:apache/tomcat@6.0.16","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-t4mh-zvhq-27du"},{"vulnerability":"VCID-wg7f-pjmn-uudk"},{"vulnerability":"VCID-xa95-zsnk-3kg9"},{"vulnerability":"VCID-yswq-hnqg-sycs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@6.0.16"},{"url":"http://public2.vulnerablecode.io/api/packages/189317?format=json","purl":"pkg:ebuild/www-servers/tomcat@6.0.16","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-servers/tomcat@6.0.16"},{"url":"http://public2.vulnerablecode.io/api/packages/61692?format=json","purl":"pkg:maven/org.apache.tomcat/tomcat@5.5.26","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-t4mh-zvhq-27du"},{"vulnerability":"VCID-wg7f-pjmn-uudk"},{"vulnerability":"VCID-yswq-hnqg-sycs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@5.5.26"},{"url":"http://public2.vulnerablecode.io/api/packages/61689?format=json","purl":"pkg:maven/org.apache.tomcat/tomcat@6.0.16","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-t4mh-zvhq-27du"},{"vulnerability":"VCID-wg7f-pjmn-uudk"},{"vulnerability":"VCID-xa95-zsnk-3kg9"},{"vulnerability":"VCID-y9hs-ymcm-3ucx"},{"vulnerability":"VCID-yswq-hnqg-sycs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@6.0.16"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/87238?format=json","purl":"pkg:apache/tomcat@5.5.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-bv96-e6r9-xka7"},{"vulnerability":"VCID-yswq-hnqg-sycs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@5.5.9"},{"url":"http://public2.vulnerablecode.io/api/packages/87239?format=json","purl":"pkg:apache/tomcat@5.5.25","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-bv96-e6r9-xka7"},{"vulnerability":"VCID-kxc3-vz2c-wqca"},{"vulnerability":"VCID-qdvn-uc56-6fds"},{"vulnerability":"VCID-qzyq-d6qk-67ag"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@5.5.25"},{"url":"http://public2.vulnerablecode.io/api/packages/87178?format=json","purl":"pkg:apache/tomcat@6.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1a1b-3pdg-jbfq"},{"vulnerability":"VCID-2jws-wtvg-2khf"},{"vulnerability":"VCID-2kjh-4r2g-rqe6"},{"vulnerability":"VCID-4qcn-52ug-mbd5"},{"vulnerability":"VCID-4t2h-jjhm-y7fq"},{"vulnerability":"VCID-5m85-3zyu-7qak"},{"vulnerability":"VCID-6umz-z8db-kqcy"},{"vulnerability":"VCID-6uuq-2a39-yubx"},{"vulnerability":"VCID-7787-4bwm-efgq"},{"vulnerability":"VCID-7fh9-36qs-jfg5"},{"vulnerability":"VCID-89e9-m968-vfhe"},{"vulnerability":"VCID-937w-2w2q-7fdy"},{"vulnerability":"VCID-9j31-459b-4qbm"},{"vulnerability":"VCID-aar2-398x-p3d8"},{"vulnerability":"VCID-axzz-cadr-b7fv"},{"vulnerability":"VCID-bv96-e6r9-xka7"},{"vulnerability":"VCID-crhe-rt8j-wycu"},{"vulnerability":"VCID-eawm-8v9w-yfap"},{"vulnerability":"VCID-eygg-nt7y-qubh"},{"vulnerability":"VCID-f4ka-47dk-zffs"},{"vulnerability":"VCID-fu9h-e3jx-abe2"},{"vulnerability":"VCID-hmqa-jhuf-hfe2"},{"vulnerability":"VCID-hqzu-shyu-j3hp"},{"vulnerability":"VCID-jfhv-r8ep-ykbm"},{"vulnerability":"VCID-jw6e-g8z9-43ej"},{"vulnerability":"VCID-jzta-navk-87bn"},{"vulnerability":"VCID-kaem-zczd-pyhu"},{"vulnerability":"VCID-kua1-kn4q-7kd2"},{"vulnerability":"VCID-kxc3-vz2c-wqca"},{"vulnerability":"VCID-mj47-ya6v-9kd3"},{"vulnerability":"VCID-n4zk-mdyw-3fcz"},{"vulnerability":"VCID-nmvx-w2sz-2kge"},{"vulnerability":"VCID-nnye-4xbb-kuf5"},{"vulnerability":"VCID-pq53-6deg-abfx"},{"vulnerability":"VCID-pzkk-4e94-aqag"},{"vulnerability":"VCID-qdvn-uc56-6fds"},{"vulnerability":"VCID-qrbz-jgfy-qqhm"},{"vulnerability":"VCID-qz87-x4zb-rud7"},{"vulnerability":"VCID-qzyq-d6qk-67ag"},{"vulnerability":"VCID-rbvf-c791-e7cg"},{"vulnerability":"VCID-rdr4-db3y-p3cz"},{"vulnerability":"VCID-s37s-p75k-27e6"},{"vulnerability":"VCID-sk1w-8yt4-93cv"},{"vulnerability":"VCID-t4mh-zvhq-27du"},{"vulnerability":"VCID-t57j-pu79-dbbn"},{"vulnerability":"VCID-tc66-7b7t-k7h3"},{"vulnerability":"VCID-tcmv-6ftg-fqen"},{"vulnerability":"VCID-tmjv-jvfy-judb"},{"vulnerability":"VCID-ua64-94fd-ekad"},{"vulnerability":"VCID-uwuf-vukf-cqck"},{"vulnerability":"VCID-vsta-e8jg-4qa8"},{"vulnerability":"VCID-w8uj-zy2r-fyca"},{"vulnerability":"VCID-wg7f-pjmn-uudk"},{"vulnerability":"VCID-xjj5-fy4e-e7ha"},{"vulnerability":"VCID-xra9-q91u-rfd5"},{"vulnerability":"VCID-y9hs-ymcm-3ucx"},{"vulnerability":"VCID-y9yv-u4jh-mqew"},{"vulnerability":"VCID-ypuq-2mr2-sybb"},{"vulnerability":"VCID-yswq-hnqg-sycs"},{"vulnerability":"VCID-yusx-ncpv-sfhg"},{"vulnerability":"VCID-yvcg-96dp-r7e6"},{"vulnerability":"VCID-zam7-79x3-ekg3"},{"vulnerability":"VCID-zm75-zwps-h3fv"},{"vulnerability":"VCID-zrc5-bf77-aygn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@6.0.0"},{"url":"http://public2.vulnerablecode.io/api/packages/87210?format=json","purl":"pkg:apache/tomcat@6.0.15","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-bv96-e6r9-xka7"},{"vulnerability":"VCID-qzyq-d6qk-67ag"},{"vulnerability":"VCID-t3ya-1w1r-h3dv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@6.0.15"},{"url":"http://public2.vulnerablecode.io/api/packages/61798?format=json","purl":"pkg:maven/org.apache.tomcat/tomcat@5.5.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-bv96-e6r9-xka7"},{"vulnerability":"VCID-yswq-hnqg-sycs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@5.5.9"},{"url":"http://public2.vulnerablecode.io/api/packages/61743?format=json","purl":"pkg:maven/org.apache.tomcat/tomcat@5.5.25","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-bv96-e6r9-xka7"},{"vulnerability":"VCID-kxc3-vz2c-wqca"},{"vulnerability":"VCID-qdvn-uc56-6fds"},{"vulnerability":"VCID-qzyq-d6qk-67ag"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@5.5.25"},{"url":"http://public2.vulnerablecode.io/api/packages/61688?format=json","purl":"pkg:maven/org.apache.tomcat/tomcat@6.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1a1b-3pdg-jbfq"},{"vulnerability":"VCID-2jws-wtvg-2khf"},{"vulnerability":"VCID-2kjh-4r2g-rqe6"},{"vulnerability":"VCID-46sr-9kr3-1ubw"},{"vulnerability":"VCID-4qcn-52ug-mbd5"},{"vulnerability":"VCID-4t2h-jjhm-y7fq"},{"vulnerability":"VCID-5m85-3zyu-7qak"},{"vulnerability":"VCID-6umz-z8db-kqcy"},{"vulnerability":"VCID-6uuq-2a39-yubx"},{"vulnerability":"VCID-74c7-a56p-kufz"},{"vulnerability":"VCID-7787-4bwm-efgq"},{"vulnerability":"VCID-7fh9-36qs-jfg5"},{"vulnerability":"VCID-89e9-m968-vfhe"},{"vulnerability":"VCID-937w-2w2q-7fdy"},{"vulnerability":"VCID-9hm5-e4dw-6ffe"},{"vulnerability":"VCID-9j31-459b-4qbm"},{"vulnerability":"VCID-aar2-398x-p3d8"},{"vulnerability":"VCID-atus-ryef-17h1"},{"vulnerability":"VCID-axzz-cadr-b7fv"},{"vulnerability":"VCID-bv96-e6r9-xka7"},{"vulnerability":"VCID-crhe-rt8j-wycu"},{"vulnerability":"VCID-eawm-8v9w-yfap"},{"vulnerability":"VCID-eygg-nt7y-qubh"},{"vulnerability":"VCID-f4ka-47dk-zffs"},{"vulnerability":"VCID-fu9h-e3jx-abe2"},{"vulnerability":"VCID-fuxz-fqw3-ufa9"},{"vulnerability":"VCID-hmqa-jhuf-hfe2"},{"vulnerability":"VCID-hqzu-shyu-j3hp"},{"vulnerability":"VCID-jfhv-r8ep-ykbm"},{"vulnerability":"VCID-jw6e-g8z9-43ej"},{"vulnerability":"VCID-jzta-navk-87bn"},{"vulnerability":"VCID-kaem-zczd-pyhu"},{"vulnerability":"VCID-kua1-kn4q-7kd2"},{"vulnerability":"VCID-kxc3-vz2c-wqca"},{"vulnerability":"VCID-mj47-ya6v-9kd3"},{"vulnerability":"VCID-n4zk-mdyw-3fcz"},{"vulnerability":"VCID-nmvx-w2sz-2kge"},{"vulnerability":"VCID-nnye-4xbb-kuf5"},{"vulnerability":"VCID-pq53-6deg-abfx"},{"vulnerability":"VCID-pzkk-4e94-aqag"},{"vulnerability":"VCID-qdvn-uc56-6fds"},{"vulnerability":"VCID-qrbz-jgfy-qqhm"},{"vulnerability":"VCID-qz87-x4zb-rud7"},{"vulnerability":"VCID-qzyq-d6qk-67ag"},{"vulnerability":"VCID-rbvf-c791-e7cg"},{"vulnerability":"VCID-rdr4-db3y-p3cz"},{"vulnerability":"VCID-redv-2x5y-8khx"},{"vulnerability":"VCID-s37s-p75k-27e6"},{"vulnerability":"VCID-sk1w-8yt4-93cv"},{"vulnerability":"VCID-t3ya-1w1r-h3dv"},{"vulnerability":"VCID-t4mh-zvhq-27du"},{"vulnerability":"VCID-t57j-pu79-dbbn"},{"vulnerability":"VCID-tc66-7b7t-k7h3"},{"vulnerability":"VCID-tcmv-6ftg-fqen"},{"vulnerability":"VCID-tmjv-jvfy-judb"},{"vulnerability":"VCID-ua64-94fd-ekad"},{"vulnerability":"VCID-uwuf-vukf-cqck"},{"vulnerability":"VCID-vsta-e8jg-4qa8"},{"vulnerability":"VCID-w8uj-zy2r-fyca"},{"vulnerability":"VCID-wg7f-pjmn-uudk"},{"vulnerability":"VCID-wtke-y2cx-x3et"},{"vulnerability":"VCID-xjj5-fy4e-e7ha"},{"vulnerability":"VCID-xra9-q91u-rfd5"},{"vulnerability":"VCID-y9hs-ymcm-3ucx"},{"vulnerability":"VCID-y9yv-u4jh-mqew"},{"vulnerability":"VCID-ypuq-2mr2-sybb"},{"vulnerability":"VCID-yswq-hnqg-sycs"},{"vulnerability":"VCID-yusx-ncpv-sfhg"},{"vulnerability":"VCID-yvcg-96dp-r7e6"},{"vulnerability":"VCID-zam7-79x3-ekg3"},{"vulnerability":"VCID-zm75-zwps-h3fv"},{"vulnerability":"VCID-zrc5-bf77-aygn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@6.0.0"},{"url":"http://public2.vulnerablecode.io/api/packages/61744?format=json","purl":"pkg:maven/org.apache.tomcat/tomcat@6.0.15","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-bv96-e6r9-xka7"},{"vulnerability":"VCID-qzyq-d6qk-67ag"},{"vulnerability":"VCID-t3ya-1w1r-h3dv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@6.0.15"},{"url":"http://public2.vulnerablecode.io/api/packages/61775?format=json","purl":"pkg:maven/org.apache.tomcat/tomcat-juli@5.5.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-bv96-e6r9-xka7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-juli@5.5.9"},{"url":"http://public2.vulnerablecode.io/api/packages/61776?format=json","purl":"pkg:maven/org.apache.tomcat/tomcat-juli@5.5.25","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-bv96-e6r9-xka7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-juli@5.5.25"},{"url":"http://public2.vulnerablecode.io/api/packages/61777?format=json","purl":"pkg:maven/org.apache.tomcat/tomcat-juli@6.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-bv96-e6r9-xka7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-juli@6.0.0"},{"url":"http://public2.vulnerablecode.io/api/packages/61778?format=json","purl":"pkg:maven/org.apache.tomcat/tomcat-juli@6.0.15","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-bv96-e6r9-xka7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat-juli@6.0.15"},{"url":"http://public2.vulnerablecode.io/api/packages/186060?format=json","purl":"pkg:rpm/redhat/glassfish-jaf@1.1.0-0jpp.ep1.12.el5?arch=1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-bv96-e6r9-xka7"},{"vulnerability":"VCID-hews-beze-73bt"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/glassfish-jaf@1.1.0-0jpp.ep1.12.el5%3Farch=1"},{"url":"http://public2.vulnerablecode.io/api/packages/186073?format=json","purl":"pkg:rpm/redhat/glassfish-javamail@1.4.0-0jpp.ep1.10?arch=el4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-bv96-e6r9-xka7"},{"vulnerability":"VCID-hews-beze-73bt"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/glassfish-javamail@1.4.0-0jpp.ep1.10%3Farch=el4"},{"url":"http://public2.vulnerablecode.io/api/packages/186074?format=json","purl":"pkg:rpm/redhat/glassfish-javamail@1.4.0-0jpp.ep1.10?arch=el5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-bv96-e6r9-xka7"},{"vulnerability":"VCID-hews-beze-73bt"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/glassfish-javamail@1.4.0-0jpp.ep1.10%3Farch=el5"},{"url":"http://public2.vulnerablecode.io/api/packages/186059?format=json","purl":"pkg:rpm/redhat/glassfish-jaxb@2.1.4-1jpp.ep1.2?arch=el4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-bv96-e6r9-xka7"},{"vulnerability":"VCID-hews-beze-73bt"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/glassfish-jaxb@2.1.4-1jpp.ep1.2%3Farch=el4"},{"url":"http://public2.vulnerablecode.io/api/packages/186066?format=json","purl":"pkg:rpm/redhat/glassfish-jaxb@2.1.4-1jpp.ep1.4.el5?arch=2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-bv96-e6r9-xka7"},{"vulnerability":"VCID-hews-beze-73bt"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/glassfish-jaxb@2.1.4-1jpp.ep1.4.el5%3Farch=2"},{"url":"http://public2.vulnerablecode.io/api/packages/186090?format=json","purl":"pkg:rpm/redhat/glassfish-jaxws@2.1.1-1jpp.ep1.3?arch=el5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-bv96-e6r9-xka7"},{"vulnerability":"VCID-hews-beze-73bt"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/glassfish-jaxws@2.1.1-1jpp.ep1.3%3Farch=el5"},{"url":"http://public2.vulnerablecode.io/api/packages/186091?format=json","purl":"pkg:rpm/redhat/glassfish-jaxws@2.1.1-1jpp.ep1.3?arch=el4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-bv96-e6r9-xka7"},{"vulnerability":"VCID-hews-beze-73bt"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/glassfish-jaxws@2.1.1-1jpp.ep1.3%3Farch=el4"},{"url":"http://public2.vulnerablecode.io/api/packages/186083?format=json","purl":"pkg:rpm/redhat/glassfish-jstl@1.2.0-0jpp.ep1.10?arch=el5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-bv96-e6r9-xka7"},{"vulnerability":"VCID-hews-beze-73bt"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/glassfish-jstl@1.2.0-0jpp.ep1.10%3Farch=el5"},{"url":"http://public2.vulnerablecode.io/api/packages/186063?format=json","purl":"pkg:rpm/redhat/hibernate3@1:3.2.4-1.SP1_CP04.0jpp.ep1.3?arch=el4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-bv96-e6r9-xka7"},{"vulnerability":"VCID-hews-beze-73bt"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/hibernate3@1:3.2.4-1.SP1_CP04.0jpp.ep1.3%3Farch=el4"},{"url":"http://public2.vulnerablecode.io/api/packages/186067?format=json","purl":"pkg:rpm/redhat/hibernate3@1:3.2.4-1.SP1_CP04.0jpp.ep1.3?arch=el5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-bv96-e6r9-xka7"},{"vulnerability":"VCID-hews-beze-73bt"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/hibernate3@1:3.2.4-1.SP1_CP04.0jpp.ep1.3%3Farch=el5"},{"url":"http://public2.vulnerablecode.io/api/packages/186096?format=json","purl":"pkg:rpm/redhat/hibernate3-annotations@3.2.1-4.GA_CP02.1jpp.ep1.7?arch=el4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-bv96-e6r9-xka7"},{"vulnerability":"VCID-hews-beze-73bt"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/hibernate3-annotations@3.2.1-4.GA_CP02.1jpp.ep1.7%3Farch=el4"},{"url":"http://public2.vulnerablecode.io/api/packages/186095?format=json","purl":"pkg:rpm/redhat/hibernate3-annotations@3.2.1-4.GA_CP02.1jpp.ep1.7.el5?arch=1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-bv96-e6r9-xka7"},{"vulnerability":"VCID-hews-beze-73bt"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/hibernate3-annotations@3.2.1-4.GA_CP02.1jpp.ep1.7.el5%3Farch=1"},{"url":"http://public2.vulnerablecode.io/api/packages/186097?format=json","purl":"pkg:rpm/redhat/hibernate3-commons-annotations@0.0.0-1.1jpp.ep1.1?arch=el5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-bv96-e6r9-xka7"},{"vulnerability":"VCID-hews-beze-73bt"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/hibernate3-commons-annotations@0.0.0-1.1jpp.ep1.1%3Farch=el5"},{"url":"http://public2.vulnerablecode.io/api/packages/186072?format=json","purl":"pkg:rpm/redhat/hibernate3-entitymanager@3.2.1-2.GA_CP03.1jpp.ep1.9?arch=el5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-bv96-e6r9-xka7"},{"vulnerability":"VCID-hews-beze-73bt"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/hibernate3-entitymanager@3.2.1-2.GA_CP03.1jpp.ep1.9%3Farch=el5"},{"url":"http://public2.vulnerablecode.io/api/packages/186058?format=json","purl":"pkg:rpm/redhat/hibernate3-validator@0.0.0-1.1jpp.ep1.1?arch=el4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-bv96-e6r9-xka7"},{"vulnerability":"VCID-hews-beze-73bt"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/hibernate3-validator@0.0.0-1.1jpp.ep1.1%3Farch=el4"},{"url":"http://public2.vulnerablecode.io/api/packages/186061?format=json","purl":"pkg:rpm/redhat/hibernate3-validator@0.0.0-1.1jpp.ep1.1?arch=el5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-bv96-e6r9-xka7"},{"vulnerability":"VCID-hews-beze-73bt"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/hibernate3-validator@0.0.0-1.1jpp.ep1.1%3Farch=el5"},{"url":"http://public2.vulnerablecode.io/api/packages/186080?format=json","purl":"pkg:rpm/redhat/javassist@3.8.0-1.ep1?arch=el4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-bv96-e6r9-xka7"},{"vulnerability":"VCID-hews-beze-73bt"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/javassist@3.8.0-1.ep1%3Farch=el4"},{"url":"http://public2.vulnerablecode.io/api/packages/186076?format=json","purl":"pkg:rpm/redhat/javassist@3.8.0-1jpp.ep1.2?arch=el5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-bv96-e6r9-xka7"},{"vulnerability":"VCID-hews-beze-73bt"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/javassist@3.8.0-1jpp.ep1.2%3Farch=el5"},{"url":"http://public2.vulnerablecode.io/api/packages/186062?format=json","purl":"pkg:rpm/redhat/jboss-aop@1.5.5-2.CP02.0jpp.ep1.2?arch=el5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-bv96-e6r9-xka7"},{"vulnerability":"VCID-hews-beze-73bt"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jboss-aop@1.5.5-2.CP02.0jpp.ep1.2%3Farch=el5"},{"url":"http://public2.vulnerablecode.io/api/packages/186064?format=json","purl":"pkg:rpm/redhat/jboss-aop@1.5.5-2.CP02.0jpp.ep1.2?arch=el4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-bv96-e6r9-xka7"},{"vulnerability":"VCID-hews-beze-73bt"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jboss-aop@1.5.5-2.CP02.0jpp.ep1.2%3Farch=el4"},{"url":"http://public2.vulnerablecode.io/api/packages/186094?format=json","purl":"pkg:rpm/redhat/jbossas@4.2.0-3.GA_CP04.ep1.8?arch=el4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-bv96-e6r9-xka7"},{"vulnerability":"VCID-hews-beze-73bt"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jbossas@4.2.0-3.GA_CP04.ep1.8%3Farch=el4"},{"url":"http://public2.vulnerablecode.io/api/packages/186087?format=json","purl":"pkg:rpm/redhat/jbossas@4.2.0-4.GA_CP04.ep1.7.el5?arch=6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-bv96-e6r9-xka7"},{"vulnerability":"VCID-hews-beze-73bt"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jbossas@4.2.0-4.GA_CP04.ep1.7.el5%3Farch=6"},{"url":"http://public2.vulnerablecode.io/api/packages/186092?format=json","purl":"pkg:rpm/redhat/jbossas@4.3.0-2.GA_CP02.ep1.10?arch=el4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-bv96-e6r9-xka7"},{"vulnerability":"VCID-hews-beze-73bt"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jbossas@4.3.0-2.GA_CP02.ep1.10%3Farch=el4"},{"url":"http://public2.vulnerablecode.io/api/packages/186082?format=json","purl":"pkg:rpm/redhat/jbossas@4.3.0-2.GA_CP02.ep1.10.el5?arch=2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-bv96-e6r9-xka7"},{"vulnerability":"VCID-hews-beze-73bt"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jbossas@4.3.0-2.GA_CP02.ep1.10.el5%3Farch=2"},{"url":"http://public2.vulnerablecode.io/api/packages/186078?format=json","purl":"pkg:rpm/redhat/jboss-jaxr@1.2.0-SP1.0jpp.ep1.4?arch=el5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-bv96-e6r9-xka7"},{"vulnerability":"VCID-hews-beze-73bt"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jboss-jaxr@1.2.0-SP1.0jpp.ep1.4%3Farch=el5"},{"url":"http://public2.vulnerablecode.io/api/packages/186056?format=json","purl":"pkg:rpm/redhat/jboss-messaging@1.4.0-1.SP3_CP03.0jpp.ep1.3?arch=el5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-bv96-e6r9-xka7"},{"vulnerability":"VCID-hews-beze-73bt"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jboss-messaging@1.4.0-1.SP3_CP03.0jpp.ep1.3%3Farch=el5"},{"url":"http://public2.vulnerablecode.io/api/packages/186057?format=json","purl":"pkg:rpm/redhat/jboss-messaging@1.4.0-1.SP3_CP03.0jpp.ep1.3?arch=el4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-bv96-e6r9-xka7"},{"vulnerability":"VCID-hews-beze-73bt"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jboss-messaging@1.4.0-1.SP3_CP03.0jpp.ep1.3%3Farch=el4"},{"url":"http://public2.vulnerablecode.io/api/packages/186069?format=json","purl":"pkg:rpm/redhat/jboss-remoting@2.2.2-3.SP9.0jpp.ep1.1?arch=el4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-bv96-e6r9-xka7"},{"vulnerability":"VCID-hews-beze-73bt"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jboss-remoting@2.2.2-3.SP9.0jpp.ep1.1%3Farch=el4"},{"url":"http://public2.vulnerablecode.io/api/packages/186098?format=json","purl":"pkg:rpm/redhat/jboss-remoting@2.2.2-3.SP9.0jpp.ep1.2?arch=el5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-bv96-e6r9-xka7"},{"vulnerability":"VCID-hews-beze-73bt"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jboss-remoting@2.2.2-3.SP9.0jpp.ep1.2%3Farch=el5"},{"url":"http://public2.vulnerablecode.io/api/packages/186079?format=json","purl":"pkg:rpm/redhat/jboss-seam@1.2.1-1.ep1.9?arch=el5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-bv96-e6r9-xka7"},{"vulnerability":"VCID-hews-beze-73bt"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jboss-seam@1.2.1-1.ep1.9%3Farch=el5"},{"url":"http://public2.vulnerablecode.io/api/packages/186088?format=json","purl":"pkg:rpm/redhat/jboss-seam@1.2.1-1.ep1.10?arch=el4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-bv96-e6r9-xka7"},{"vulnerability":"VCID-hews-beze-73bt"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jboss-seam@1.2.1-1.ep1.10%3Farch=el4"},{"url":"http://public2.vulnerablecode.io/api/packages/186070?format=json","purl":"pkg:rpm/redhat/jboss-seam@1.2.1-3.JBPAPP_4_3_0_GA.ep1.7.el5?arch=1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-bv96-e6r9-xka7"},{"vulnerability":"VCID-hews-beze-73bt"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jboss-seam@1.2.1-3.JBPAPP_4_3_0_GA.ep1.7.el5%3Farch=1"},{"url":"http://public2.vulnerablecode.io/api/packages/186093?format=json","purl":"pkg:rpm/redhat/jboss-seam@1.2.1-3.JBPAPP_4_3_0_GA.ep1.10?arch=el4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-bv96-e6r9-xka7"},{"vulnerability":"VCID-hews-beze-73bt"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jboss-seam@1.2.1-3.JBPAPP_4_3_0_GA.ep1.10%3Farch=el4"},{"url":"http://public2.vulnerablecode.io/api/packages/186065?format=json","purl":"pkg:rpm/redhat/jbossts@1:4.2.3-1.SP5_CP02.1jpp.ep1.1?arch=el4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-bv96-e6r9-xka7"},{"vulnerability":"VCID-hews-beze-73bt"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jbossts@1:4.2.3-1.SP5_CP02.1jpp.ep1.1%3Farch=el4"},{"url":"http://public2.vulnerablecode.io/api/packages/186103?format=json","purl":"pkg:rpm/redhat/jbossts@1:4.2.3-1.SP5_CP02.1jpp.ep1.2?arch=el5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-bv96-e6r9-xka7"},{"vulnerability":"VCID-hews-beze-73bt"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jbossts@1:4.2.3-1.SP5_CP02.1jpp.ep1.2%3Farch=el5"},{"url":"http://public2.vulnerablecode.io/api/packages/186071?format=json","purl":"pkg:rpm/redhat/jbossweb@2.0.0-4.CP06.0jpp.ep1.1?arch=el4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-bv96-e6r9-xka7"},{"vulnerability":"VCID-hews-beze-73bt"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jbossweb@2.0.0-4.CP06.0jpp.ep1.1%3Farch=el4"},{"url":"http://public2.vulnerablecode.io/api/packages/186075?format=json","purl":"pkg:rpm/redhat/jbossweb@2.0.0-4.CP06.0jpp.ep1.1?arch=el5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-bv96-e6r9-xka7"},{"vulnerability":"VCID-hews-beze-73bt"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jbossweb@2.0.0-4.CP06.0jpp.ep1.1%3Farch=el5"},{"url":"http://public2.vulnerablecode.io/api/packages/186089?format=json","purl":"pkg:rpm/redhat/jbossws@2.0.1-2.SP2_CP03.0jpp.ep1.1?arch=el4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-bv96-e6r9-xka7"},{"vulnerability":"VCID-hews-beze-73bt"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jbossws@2.0.1-2.SP2_CP03.0jpp.ep1.1%3Farch=el4"},{"url":"http://public2.vulnerablecode.io/api/packages/186068?format=json","purl":"pkg:rpm/redhat/jbossws@2.0.1-2.SP2_CP03.0jpp.ep1.1.el5?arch=1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-bv96-e6r9-xka7"},{"vulnerability":"VCID-hews-beze-73bt"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jbossws@2.0.1-2.SP2_CP03.0jpp.ep1.1.el5%3Farch=1"},{"url":"http://public2.vulnerablecode.io/api/packages/186086?format=json","purl":"pkg:rpm/redhat/jbossws-common@1.0.0-1.GA_CP01.0jpp.ep1.3?arch=el5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-bv96-e6r9-xka7"},{"vulnerability":"VCID-hews-beze-73bt"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jbossws-common@1.0.0-1.GA_CP01.0jpp.ep1.3%3Farch=el5"},{"url":"http://public2.vulnerablecode.io/api/packages/186084?format=json","purl":"pkg:rpm/redhat/jbossws-common@1.0.0-1.GA_CP01.0jpp.ep1.3?arch=el4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-bv96-e6r9-xka7"},{"vulnerability":"VCID-hews-beze-73bt"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jbossws-common@1.0.0-1.GA_CP01.0jpp.ep1.3%3Farch=el4"},{"url":"http://public2.vulnerablecode.io/api/packages/186099?format=json","purl":"pkg:rpm/redhat/jbossws-framework@2.0.1-0jpp.ep1.11?arch=el5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-bv96-e6r9-xka7"},{"vulnerability":"VCID-hews-beze-73bt"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jbossws-framework@2.0.1-0jpp.ep1.11%3Farch=el5"},{"url":"http://public2.vulnerablecode.io/api/packages/186101?format=json","purl":"pkg:rpm/redhat/jbossws-framework@2.0.1-0jpp.ep1.11?arch=el4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-bv96-e6r9-xka7"},{"vulnerability":"VCID-hews-beze-73bt"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jbossws-framework@2.0.1-0jpp.ep1.11%3Farch=el4"},{"url":"http://public2.vulnerablecode.io/api/packages/186077?format=json","purl":"pkg:rpm/redhat/jbossxb@1.0.0-2.SP3.0jpp.ep1.3.el5?arch=1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-bv96-e6r9-xka7"},{"vulnerability":"VCID-hews-beze-73bt"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jbossxb@1.0.0-2.SP3.0jpp.ep1.3.el5%3Farch=1"},{"url":"http://public2.vulnerablecode.io/api/packages/186102?format=json","purl":"pkg:rpm/redhat/rh-eap-docs@4.2.0-4.GA_CP04.ep1.3?arch=el5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-bv96-e6r9-xka7"},{"vulnerability":"VCID-hews-beze-73bt"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-eap-docs@4.2.0-4.GA_CP04.ep1.3%3Farch=el5"},{"url":"http://public2.vulnerablecode.io/api/packages/186081?format=json","purl":"pkg:rpm/redhat/rh-eap-docs@4.2.0-4.GA_CP04.ep1.5?arch=el4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-bv96-e6r9-xka7"},{"vulnerability":"VCID-hews-beze-73bt"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-eap-docs@4.2.0-4.GA_CP04.ep1.5%3Farch=el4"},{"url":"http://public2.vulnerablecode.io/api/packages/186100?format=json","purl":"pkg:rpm/redhat/rh-eap-docs@4.3.0-2.GA_CP02.ep1.6?arch=el5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-bv96-e6r9-xka7"},{"vulnerability":"VCID-hews-beze-73bt"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-eap-docs@4.3.0-2.GA_CP02.ep1.6%3Farch=el5"},{"url":"http://public2.vulnerablecode.io/api/packages/186085?format=json","purl":"pkg:rpm/redhat/rh-eap-docs@4.3.0-3.GA_CP02.ep1.9?arch=el4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-bv96-e6r9-xka7"},{"vulnerability":"VCID-hews-beze-73bt"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-eap-docs@4.3.0-3.GA_CP02.ep1.9%3Farch=el4"},{"url":"http://public2.vulnerablecode.io/api/packages/186716?format=json","purl":"pkg:rpm/redhat/tomcat5@5.5.23-0jpp.3.0.3?arch=el5_1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-bv96-e6r9-xka7"},{"vulnerability":"VCID-kxc3-vz2c-wqca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/tomcat5@5.5.23-0jpp.3.0.3%3Farch=el5_1"},{"url":"http://public2.vulnerablecode.io/api/packages/186151?format=json","purl":"pkg:rpm/redhat/tomcat5@5.5.23-0jpp_4rh?arch=9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9tsr-9tv5-5kb7"},{"vulnerability":"VCID-bv96-e6r9-xka7"},{"vulnerability":"VCID-kxc3-vz2c-wqca"},{"vulnerability":"VCID-t4mh-zvhq-27du"},{"vulnerability":"VCID-wg7f-pjmn-uudk"},{"vulnerability":"VCID-yswq-hnqg-sycs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/tomcat5@5.5.23-0jpp_4rh%3Farch=9"}],"references":[{"reference_url":"http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html"},{"reference_url":"http://marc.info/?l=bugtraq&m=139344343412337&w=2","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://marc.info/?l=bugtraq&m=139344343412337&w=2"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5342.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5342.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-5342","reference_id":"","reference_type":"","scores":[{"value":"0.18121","scoring_system":"epss","scoring_elements":"0.95303","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-5342"},{"reference_url":"http://security.gentoo.org/glsa/glsa-200804-10.xml","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://security.gentoo.org/glsa/glsa-200804-10.xml"},{"reference_url":"http://securityreason.com/securityalert/3485","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://securityreason.com/securityalert/3485"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/39201","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/39201"},{"reference_url":"https://github.com/apache/tomcat/tree/main/java/org/apache/juli","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/tomcat/tree/main/java/org/apache/juli"},{"reference_url":"https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@%3Cdev.tomcat.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@%3Cdev.tomcat.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3Cdev.tomcat.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3Cdev.tomcat.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10417","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10417"},{"reference_url":"http://support.apple.com/kb/HT3216","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://support.apple.com/kb/HT3216"},{"reference_url":"http://support.avaya.com/elmodocs2/security/ASA-2008-401.htm","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://support.avaya.com/elmodocs2/security/ASA-2008-401.htm"},{"reference_url":"http://svn.apache.org/viewvc?view=rev&revision=606594","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://svn.apache.org/viewvc?view=rev&revision=606594"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00315.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00315.html"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00460.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00460.html"},{"reference_url":"http://tomcat.apache.org/security-5.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://tomcat.apache.org/security-5.html"},{"reference_url":"http://tomcat.apache.org/security-6.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://tomcat.apache.org/security-6.html"},{"reference_url":"http://www.debian.org/security/2008/dsa-1447","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.debian.org/security/2008/dsa-1447"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:188","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:188"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2008-0042.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.redhat.com/support/errata/RHSA-2008-0042.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2008-0195.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.redhat.com/support/errata/RHSA-2008-0195.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2008-0831.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.redhat.com/support/errata/RHSA-2008-0831.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2008-0832.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.redhat.com/support/errata/RHSA-2008-0832.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2008-0833.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.redhat.com/support/errata/RHSA-2008-0833.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2008-0834.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.redhat.com/support/errata/RHSA-2008-0834.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2008-0862.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.redhat.com/support/errata/RHSA-2008-0862.html"},{"reference_url":"http://www.securityfocus.com/archive/1/485481/100/0/threaded","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.securityfocus.com/archive/1/485481/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/archive/1/507985/100/0/threaded","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.securityfocus.com/archive/1/507985/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/bid/27006","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.securityfocus.com/bid/27006"},{"reference_url":"http://www.securityfocus.com/bid/31681","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.securityfocus.com/bid/31681"},{"reference_url":"http://www.vmware.com/security/advisories/VMSA-2008-0010.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.vmware.com/security/advisories/VMSA-2008-0010.html"},{"reference_url":"http://www.vmware.com/security/advisories/VMSA-2009-0016.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.vmware.com/security/advisories/VMSA-2009-0016.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=427216","reference_id":"427216","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=427216"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5342","reference_id":"CVE-2007-5342","reference_type":"","scores":[{"value":"Low","scoring_system":"apache_tomcat","scoring_elements":""}],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5342"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2007-5342","reference_id":"CVE-2007-5342","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2007-5342"},{"reference_url":"https://github.com/advisories/GHSA-w65j-cmqc-37p2","reference_id":"GHSA-w65j-cmqc-37p2","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-w65j-cmqc-37p2"},{"reference_url":"https://security.gentoo.org/glsa/200804-10","reference_id":"GLSA-200804-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200804-10"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0042","reference_id":"RHSA-2008:0042","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0042"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0195","reference_id":"RHSA-2008:0195","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0195"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0831","reference_id":"RHSA-2008:0831","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0831"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0832","reference_id":"RHSA-2008:0832","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0832"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0833","reference_id":"RHSA-2008:0833","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0833"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0834","reference_id":"RHSA-2008:0834","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0834"}],"weaknesses":[{"cwe_id":1035,"name":"OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017."},{"cwe_id":264,"name":"Permissions, Privileges, and Access Controls","description":"Weaknesses in this category are related to the management of permissions, privileges, and other security features that are used to perform access control."},{"cwe_id":937,"name":"OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013."},{"cwe_id":284,"name":"Improper Access Control","description":"The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor."}],"exploits":[],"severity_range_score":"0.1 - 6.9","exploitability":"0.5","weighted_severity":"6.2","risk_score":3.1,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bv96-e6r9-xka7"}