Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-eawm-8v9w-yfap
Summary
Improper Authentication in Apache Tomcat
The autodeployment process in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20, when autoDeploy is enabled, deploys appBase files that remain from a failed undeploy, which might allow remote attackers to bypass intended authentication requirements via HTTP requests.
Aliases
0
alias CVE-2009-2901
1
alias GHSA-hjfh-7c4v-7q8h
Fixed_packages
0
url pkg:apache/tomcat@5.5.29
purl pkg:apache/tomcat@5.5.29
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-pzkk-4e94-aqag
1
vulnerability VCID-ua64-94fd-ekad
2
vulnerability VCID-yvcg-96dp-r7e6
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@5.5.29
1
url pkg:apache/tomcat@6.0.24
purl pkg:apache/tomcat@6.0.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@6.0.24
2
url pkg:ebuild/www-servers/tomcat@7.0.23
purl pkg:ebuild/www-servers/tomcat@7.0.23
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/www-servers/tomcat@7.0.23
3
url pkg:maven/org.apache.tomcat/tomcat@5.5.29
purl pkg:maven/org.apache.tomcat/tomcat@5.5.29
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-pzkk-4e94-aqag
1
vulnerability VCID-ua64-94fd-ekad
2
vulnerability VCID-yvcg-96dp-r7e6
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@5.5.29
4
url pkg:maven/org.apache.tomcat/tomcat@6.0.24
purl pkg:maven/org.apache.tomcat/tomcat@6.0.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@6.0.24
Affected_packages
0
url pkg:apache/tomcat@5.5.0
purl pkg:apache/tomcat@5.5.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-19dy-a2qt-9qdt
1
vulnerability VCID-24v5-jpna-rqg9
2
vulnerability VCID-2af1-rv9j-jugv
3
vulnerability VCID-2jws-wtvg-2khf
4
vulnerability VCID-4t2h-jjhm-y7fq
5
vulnerability VCID-7787-4bwm-efgq
6
vulnerability VCID-89e9-m968-vfhe
7
vulnerability VCID-96kt-5j22-pqg7
8
vulnerability VCID-9j31-459b-4qbm
9
vulnerability VCID-aar2-398x-p3d8
10
vulnerability VCID-cqz2-4njt-g3da
11
vulnerability VCID-crhe-rt8j-wycu
12
vulnerability VCID-eawm-8v9w-yfap
13
vulnerability VCID-eygg-nt7y-qubh
14
vulnerability VCID-fu9h-e3jx-abe2
15
vulnerability VCID-hmqa-jhuf-hfe2
16
vulnerability VCID-jfhv-r8ep-ykbm
17
vulnerability VCID-jw6e-g8z9-43ej
18
vulnerability VCID-kaem-zczd-pyhu
19
vulnerability VCID-kua1-kn4q-7kd2
20
vulnerability VCID-kxc3-vz2c-wqca
21
vulnerability VCID-nmvx-w2sz-2kge
22
vulnerability VCID-pzkk-4e94-aqag
23
vulnerability VCID-qdvn-uc56-6fds
24
vulnerability VCID-qrbz-jgfy-qqhm
25
vulnerability VCID-qz87-x4zb-rud7
26
vulnerability VCID-rbvf-c791-e7cg
27
vulnerability VCID-rdr4-db3y-p3cz
28
vulnerability VCID-rp5z-q8an-e3az
29
vulnerability VCID-t4mh-zvhq-27du
30
vulnerability VCID-ua64-94fd-ekad
31
vulnerability VCID-uwuf-vukf-cqck
32
vulnerability VCID-w6ay-nzvg-zbff
33
vulnerability VCID-w8uj-zy2r-fyca
34
vulnerability VCID-wg7f-pjmn-uudk
35
vulnerability VCID-y9yv-u4jh-mqew
36
vulnerability VCID-ypuq-2mr2-sybb
37
vulnerability VCID-yvcg-96dp-r7e6
38
vulnerability VCID-zam7-79x3-ekg3
39
vulnerability VCID-zm75-zwps-h3fv
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@5.5.0
1
url pkg:apache/tomcat@5.5.28
purl pkg:apache/tomcat@5.5.28
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-9j31-459b-4qbm
1
vulnerability VCID-eawm-8v9w-yfap
2
vulnerability VCID-jfhv-r8ep-ykbm
3
vulnerability VCID-y9yv-u4jh-mqew
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@5.5.28
2
url pkg:apache/tomcat@6.0.0
purl pkg:apache/tomcat@6.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1a1b-3pdg-jbfq
1
vulnerability VCID-2jws-wtvg-2khf
2
vulnerability VCID-2kjh-4r2g-rqe6
3
vulnerability VCID-4qcn-52ug-mbd5
4
vulnerability VCID-4t2h-jjhm-y7fq
5
vulnerability VCID-5m85-3zyu-7qak
6
vulnerability VCID-6umz-z8db-kqcy
7
vulnerability VCID-6uuq-2a39-yubx
8
vulnerability VCID-7787-4bwm-efgq
9
vulnerability VCID-7fh9-36qs-jfg5
10
vulnerability VCID-89e9-m968-vfhe
11
vulnerability VCID-937w-2w2q-7fdy
12
vulnerability VCID-9j31-459b-4qbm
13
vulnerability VCID-aar2-398x-p3d8
14
vulnerability VCID-axzz-cadr-b7fv
15
vulnerability VCID-bv96-e6r9-xka7
16
vulnerability VCID-crhe-rt8j-wycu
17
vulnerability VCID-eawm-8v9w-yfap
18
vulnerability VCID-eygg-nt7y-qubh
19
vulnerability VCID-f4ka-47dk-zffs
20
vulnerability VCID-fu9h-e3jx-abe2
21
vulnerability VCID-hmqa-jhuf-hfe2
22
vulnerability VCID-hqzu-shyu-j3hp
23
vulnerability VCID-jfhv-r8ep-ykbm
24
vulnerability VCID-jw6e-g8z9-43ej
25
vulnerability VCID-jzta-navk-87bn
26
vulnerability VCID-kaem-zczd-pyhu
27
vulnerability VCID-kua1-kn4q-7kd2
28
vulnerability VCID-kxc3-vz2c-wqca
29
vulnerability VCID-mj47-ya6v-9kd3
30
vulnerability VCID-n4zk-mdyw-3fcz
31
vulnerability VCID-nmvx-w2sz-2kge
32
vulnerability VCID-nnye-4xbb-kuf5
33
vulnerability VCID-pq53-6deg-abfx
34
vulnerability VCID-pzkk-4e94-aqag
35
vulnerability VCID-qdvn-uc56-6fds
36
vulnerability VCID-qrbz-jgfy-qqhm
37
vulnerability VCID-qz87-x4zb-rud7
38
vulnerability VCID-qzyq-d6qk-67ag
39
vulnerability VCID-rbvf-c791-e7cg
40
vulnerability VCID-rdr4-db3y-p3cz
41
vulnerability VCID-s37s-p75k-27e6
42
vulnerability VCID-sk1w-8yt4-93cv
43
vulnerability VCID-t4mh-zvhq-27du
44
vulnerability VCID-t57j-pu79-dbbn
45
vulnerability VCID-tc66-7b7t-k7h3
46
vulnerability VCID-tcmv-6ftg-fqen
47
vulnerability VCID-tmjv-jvfy-judb
48
vulnerability VCID-ua64-94fd-ekad
49
vulnerability VCID-uwuf-vukf-cqck
50
vulnerability VCID-vsta-e8jg-4qa8
51
vulnerability VCID-w8uj-zy2r-fyca
52
vulnerability VCID-wg7f-pjmn-uudk
53
vulnerability VCID-xjj5-fy4e-e7ha
54
vulnerability VCID-xra9-q91u-rfd5
55
vulnerability VCID-y9hs-ymcm-3ucx
56
vulnerability VCID-y9yv-u4jh-mqew
57
vulnerability VCID-ypuq-2mr2-sybb
58
vulnerability VCID-yswq-hnqg-sycs
59
vulnerability VCID-yusx-ncpv-sfhg
60
vulnerability VCID-yvcg-96dp-r7e6
61
vulnerability VCID-zam7-79x3-ekg3
62
vulnerability VCID-zm75-zwps-h3fv
63
vulnerability VCID-zrc5-bf77-aygn
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@6.0.0
3
url pkg:apache/tomcat@6.0.20
purl pkg:apache/tomcat@6.0.20
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-9j31-459b-4qbm
1
vulnerability VCID-eawm-8v9w-yfap
2
vulnerability VCID-jfhv-r8ep-ykbm
3
vulnerability VCID-y9yv-u4jh-mqew
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@6.0.20
4
url pkg:maven/org.apache.tomcat/tomcat@5.5.0
purl pkg:maven/org.apache.tomcat/tomcat@5.5.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-19dy-a2qt-9qdt
1
vulnerability VCID-24v5-jpna-rqg9
2
vulnerability VCID-2af1-rv9j-jugv
3
vulnerability VCID-2jws-wtvg-2khf
4
vulnerability VCID-46sr-9kr3-1ubw
5
vulnerability VCID-4t2h-jjhm-y7fq
6
vulnerability VCID-74c7-a56p-kufz
7
vulnerability VCID-7787-4bwm-efgq
8
vulnerability VCID-89e9-m968-vfhe
9
vulnerability VCID-96kt-5j22-pqg7
10
vulnerability VCID-9hm5-e4dw-6ffe
11
vulnerability VCID-9j31-459b-4qbm
12
vulnerability VCID-aar2-398x-p3d8
13
vulnerability VCID-cqz2-4njt-g3da
14
vulnerability VCID-crhe-rt8j-wycu
15
vulnerability VCID-eawm-8v9w-yfap
16
vulnerability VCID-eygg-nt7y-qubh
17
vulnerability VCID-fu9h-e3jx-abe2
18
vulnerability VCID-hmqa-jhuf-hfe2
19
vulnerability VCID-jfhv-r8ep-ykbm
20
vulnerability VCID-jw6e-g8z9-43ej
21
vulnerability VCID-kaem-zczd-pyhu
22
vulnerability VCID-kua1-kn4q-7kd2
23
vulnerability VCID-kxc3-vz2c-wqca
24
vulnerability VCID-nmvx-w2sz-2kge
25
vulnerability VCID-pzkk-4e94-aqag
26
vulnerability VCID-qdvn-uc56-6fds
27
vulnerability VCID-qrbz-jgfy-qqhm
28
vulnerability VCID-qz87-x4zb-rud7
29
vulnerability VCID-rbvf-c791-e7cg
30
vulnerability VCID-rdr4-db3y-p3cz
31
vulnerability VCID-rp5z-q8an-e3az
32
vulnerability VCID-t4mh-zvhq-27du
33
vulnerability VCID-ua64-94fd-ekad
34
vulnerability VCID-uwuf-vukf-cqck
35
vulnerability VCID-w6ay-nzvg-zbff
36
vulnerability VCID-w8uj-zy2r-fyca
37
vulnerability VCID-wg7f-pjmn-uudk
38
vulnerability VCID-wtke-y2cx-x3et
39
vulnerability VCID-y9yv-u4jh-mqew
40
vulnerability VCID-ypuq-2mr2-sybb
41
vulnerability VCID-yvcg-96dp-r7e6
42
vulnerability VCID-zam7-79x3-ekg3
43
vulnerability VCID-zm75-zwps-h3fv
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@5.5.0
5
url pkg:maven/org.apache.tomcat/tomcat@5.5.28
purl pkg:maven/org.apache.tomcat/tomcat@5.5.28
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-9j31-459b-4qbm
1
vulnerability VCID-eawm-8v9w-yfap
2
vulnerability VCID-jfhv-r8ep-ykbm
3
vulnerability VCID-y9yv-u4jh-mqew
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@5.5.28
6
url pkg:maven/org.apache.tomcat/tomcat@6.0.0
purl pkg:maven/org.apache.tomcat/tomcat@6.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1a1b-3pdg-jbfq
1
vulnerability VCID-2jws-wtvg-2khf
2
vulnerability VCID-2kjh-4r2g-rqe6
3
vulnerability VCID-46sr-9kr3-1ubw
4
vulnerability VCID-4qcn-52ug-mbd5
5
vulnerability VCID-4t2h-jjhm-y7fq
6
vulnerability VCID-5m85-3zyu-7qak
7
vulnerability VCID-6umz-z8db-kqcy
8
vulnerability VCID-6uuq-2a39-yubx
9
vulnerability VCID-74c7-a56p-kufz
10
vulnerability VCID-7787-4bwm-efgq
11
vulnerability VCID-7fh9-36qs-jfg5
12
vulnerability VCID-89e9-m968-vfhe
13
vulnerability VCID-937w-2w2q-7fdy
14
vulnerability VCID-9hm5-e4dw-6ffe
15
vulnerability VCID-9j31-459b-4qbm
16
vulnerability VCID-aar2-398x-p3d8
17
vulnerability VCID-atus-ryef-17h1
18
vulnerability VCID-axzz-cadr-b7fv
19
vulnerability VCID-bv96-e6r9-xka7
20
vulnerability VCID-crhe-rt8j-wycu
21
vulnerability VCID-eawm-8v9w-yfap
22
vulnerability VCID-eygg-nt7y-qubh
23
vulnerability VCID-f4ka-47dk-zffs
24
vulnerability VCID-fu9h-e3jx-abe2
25
vulnerability VCID-fuxz-fqw3-ufa9
26
vulnerability VCID-hmqa-jhuf-hfe2
27
vulnerability VCID-hqzu-shyu-j3hp
28
vulnerability VCID-jfhv-r8ep-ykbm
29
vulnerability VCID-jw6e-g8z9-43ej
30
vulnerability VCID-jzta-navk-87bn
31
vulnerability VCID-kaem-zczd-pyhu
32
vulnerability VCID-kua1-kn4q-7kd2
33
vulnerability VCID-kxc3-vz2c-wqca
34
vulnerability VCID-mj47-ya6v-9kd3
35
vulnerability VCID-n4zk-mdyw-3fcz
36
vulnerability VCID-nmvx-w2sz-2kge
37
vulnerability VCID-nnye-4xbb-kuf5
38
vulnerability VCID-pq53-6deg-abfx
39
vulnerability VCID-pzkk-4e94-aqag
40
vulnerability VCID-qdvn-uc56-6fds
41
vulnerability VCID-qrbz-jgfy-qqhm
42
vulnerability VCID-qz87-x4zb-rud7
43
vulnerability VCID-qzyq-d6qk-67ag
44
vulnerability VCID-rbvf-c791-e7cg
45
vulnerability VCID-rdr4-db3y-p3cz
46
vulnerability VCID-redv-2x5y-8khx
47
vulnerability VCID-s37s-p75k-27e6
48
vulnerability VCID-sk1w-8yt4-93cv
49
vulnerability VCID-t3ya-1w1r-h3dv
50
vulnerability VCID-t4mh-zvhq-27du
51
vulnerability VCID-t57j-pu79-dbbn
52
vulnerability VCID-tc66-7b7t-k7h3
53
vulnerability VCID-tcmv-6ftg-fqen
54
vulnerability VCID-tmjv-jvfy-judb
55
vulnerability VCID-ua64-94fd-ekad
56
vulnerability VCID-uwuf-vukf-cqck
57
vulnerability VCID-vsta-e8jg-4qa8
58
vulnerability VCID-w8uj-zy2r-fyca
59
vulnerability VCID-wg7f-pjmn-uudk
60
vulnerability VCID-wtke-y2cx-x3et
61
vulnerability VCID-xjj5-fy4e-e7ha
62
vulnerability VCID-xra9-q91u-rfd5
63
vulnerability VCID-y9hs-ymcm-3ucx
64
vulnerability VCID-y9yv-u4jh-mqew
65
vulnerability VCID-ypuq-2mr2-sybb
66
vulnerability VCID-yswq-hnqg-sycs
67
vulnerability VCID-yusx-ncpv-sfhg
68
vulnerability VCID-yvcg-96dp-r7e6
69
vulnerability VCID-zam7-79x3-ekg3
70
vulnerability VCID-zm75-zwps-h3fv
71
vulnerability VCID-zrc5-bf77-aygn
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@6.0.0
7
url pkg:maven/org.apache.tomcat/tomcat@6.0.20
purl pkg:maven/org.apache.tomcat/tomcat@6.0.20
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-9j31-459b-4qbm
1
vulnerability VCID-eawm-8v9w-yfap
2
vulnerability VCID-jfhv-r8ep-ykbm
3
vulnerability VCID-y9yv-u4jh-mqew
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@6.0.20
References
0
reference_url http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html
reference_id
reference_type
scores
url http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html
2
reference_url http://lists.opensuse.org/opensuse-updates/2012-12/msg00089.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2012-12/msg00089.html
3
reference_url http://lists.opensuse.org/opensuse-updates/2012-12/msg00090.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2012-12/msg00090.html
4
reference_url http://lists.opensuse.org/opensuse-updates/2013-01/msg00037.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2013-01/msg00037.html
5
reference_url http://marc.info/?l=bugtraq&m=127420533226623&w=2
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://marc.info/?l=bugtraq&m=127420533226623&w=2
6
reference_url http://marc.info/?l=bugtraq&m=133469267822771&w=2
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://marc.info/?l=bugtraq&m=133469267822771&w=2
7
reference_url http://marc.info/?l=bugtraq&m=139344343412337&w=2
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://marc.info/?l=bugtraq&m=139344343412337&w=2
8
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2901.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2901.json
9
reference_url https://api.first.org/data/v1/epss?cve=CVE-2009-2901
reference_id
reference_type
scores
0
value 0.07107
scoring_system epss
scoring_elements 0.91682
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2009-2901
10
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/55856
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/55856
11
reference_url https://github.com/apache/tomcat
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat
12
reference_url https://github.com/apache/tomcat55/commit/0299cb724ea71f304d54adfcdb950f59b01fb421
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat55/commit/0299cb724ea71f304d54adfcdb950f59b01fb421
13
reference_url https://github.com/apache/tomcat/commit/3e1010b1a2f648581fac3d68afbf18f2979f6bf6
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/3e1010b1a2f648581fac3d68afbf18f2979f6bf6
14
reference_url https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E
15
reference_url https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E
16
reference_url https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@%3Cdev.tomcat.apache.org%3E
17
reference_url https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3Cdev.tomcat.apache.org%3E
18
reference_url https://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html
19
reference_url https://svn.apache.org/viewvc?view=rev&rev=892815
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=892815
20
reference_url https://svn.apache.org/viewvc?view=rev&rev=902650
reference_id
reference_type
scores
url https://svn.apache.org/viewvc?view=rev&rev=902650
21
reference_url http://support.apple.com/kb/HT4077
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://support.apple.com/kb/HT4077
22
reference_url http://svn.apache.org/viewvc?rev=892815&view=rev
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://svn.apache.org/viewvc?rev=892815&view=rev
23
reference_url http://svn.apache.org/viewvc?rev=902650&view=rev
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://svn.apache.org/viewvc?rev=902650&view=rev
24
reference_url http://tomcat.apache.org/security-5.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-5.html
25
reference_url http://tomcat.apache.org/security-6.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-6.html
26
reference_url http://ubuntu.com/usn/usn-899-1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://ubuntu.com/usn/usn-899-1
27
reference_url http://www.vmware.com/security/advisories/VMSA-2011-0003.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.vmware.com/security/advisories/VMSA-2011-0003.html
28
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=559742
reference_id 559742
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=559742
29
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2901
reference_id CVE-2009-2901
reference_type
scores
0
value Low
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2901
30
reference_url https://nvd.nist.gov/vuln/detail/CVE-2009-2901
reference_id CVE-2009-2901
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2009-2901
31
reference_url https://github.com/advisories/GHSA-hjfh-7c4v-7q8h
reference_id GHSA-hjfh-7c4v-7q8h
reference_type
scores
url https://github.com/advisories/GHSA-hjfh-7c4v-7q8h
32
reference_url https://security.gentoo.org/glsa/201206-24
reference_id GLSA-201206-24
reference_type
scores
url https://security.gentoo.org/glsa/201206-24
Weaknesses
0
cwe_id 1035
name OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.
1
cwe_id 264
name Permissions, Privileges, and Access Controls
description Weaknesses in this category are related to the management of permissions, privileges, and other security features that are used to perform access control.
2
cwe_id 937
name OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.
3
cwe_id 287
name Improper Authentication
description When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
Exploits
Severity_range_score0.1 - 6.9
Exploitability0.5
Weighted_severity6.2
Risk_score3.1
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-eawm-8v9w-yfap