{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/47896?format=json","vulnerability_id":"VCID-bk88-51w4-mfcn","summary":"Multiple vulnerabilities have been found in Apache Tomcat, the\n    worst of which could lead to privilege escalation.","aliases":[{"alias":"CVE-2016-1240"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035997?format=json","purl":"pkg:deb/debian/tomcat7@7.0.56-3%2Bdeb8u11","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat7@7.0.56-3%252Bdeb8u11"},{"url":"http://public2.vulnerablecode.io/api/packages/1035659?format=json","purl":"pkg:deb/debian/tomcat8@8.0.14-1%2Bdeb8u11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2sbh-sy57-3uez"},{"vulnerability":"VCID-aeeu-fpay-wufz"},{"vulnerability":"VCID-arkn-bca7-hqam"},{"vulnerability":"VCID-dzpn-w4b3-vbcm"},{"vulnerability":"VCID-eb37-mkxf-7fgw"},{"vulnerability":"VCID-enaj-f97c-jbh7"},{"vulnerability":"VCID-f77q-v5xp-e7dy"},{"vulnerability":"VCID-fyfz-6tr5-2fc7"},{"vulnerability":"VCID-g7bk-891a-uufy"},{"vulnerability":"VCID-m2zn-ja8d-7kg8"},{"vulnerability":"VCID-n3zn-tuck-gkfe"},{"vulnerability":"VCID-rq42-qvsy-hue6"},{"vulnerability":"VCID-ruuh-g3fa-m7d8"},{"vulnerability":"VCID-wbaq-j85q-y3c6"},{"vulnerability":"VCID-xshb-a2kb-c7gs"},{"vulnerability":"VCID-yfx4-4gsc-2kgh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat8@8.0.14-1%252Bdeb8u11"},{"url":"http://public2.vulnerablecode.io/api/packages/77284?format=json","purl":"pkg:ebuild/www-servers/tomcat@7.0.70","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-servers/tomcat@7.0.70"},{"url":"http://public2.vulnerablecode.io/api/packages/77285?format=json","purl":"pkg:ebuild/www-servers/tomcat@8.0.36","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-servers/tomcat@8.0.36"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035994?format=json","purl":"pkg:deb/debian/tomcat7@7.0.28-4%2Bdeb7u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18q4-zark-s7a7"},{"vulnerability":"VCID-1k8f-vsg1-k3d6"},{"vulnerability":"VCID-3cr9-g81m-4ugy"},{"vulnerability":"VCID-3n4t-bvb1-5qer"},{"vulnerability":"VCID-3r3s-q21j-c3au"},{"vulnerability":"VCID-68fk-4g86-ekbp"},{"vulnerability":"VCID-7cpu-h5fr-8ffd"},{"vulnerability":"VCID-866s-u6mh-1qh2"},{"vulnerability":"VCID-95d1-arxd-hkd1"},{"vulnerability":"VCID-9exq-fhv6-bbea"},{"vulnerability":"VCID-bk88-51w4-mfcn"},{"vulnerability":"VCID-ce78-p29q-4khb"},{"vulnerability":"VCID-fyfz-6tr5-2fc7"},{"vulnerability":"VCID-g45v-nvj6-ekat"},{"vulnerability":"VCID-hmbm-5ysw-77bu"},{"vulnerability":"VCID-hves-r5bg-yfes"},{"vulnerability":"VCID-kagr-74d9-kyhx"},{"vulnerability":"VCID-kyb8-rvyw-s7b1"},{"vulnerability":"VCID-m1zd-uytj-3bej"},{"vulnerability":"VCID-p6ch-pc73-b3ck"},{"vulnerability":"VCID-pqxe-tfhk-47b7"},{"vulnerability":"VCID-qrpd-nsdz-3ba5"},{"vulnerability":"VCID-tfrs-d458-tfaq"},{"vulnerability":"VCID-vhjj-dnft-kkf4"},{"vulnerability":"VCID-xf8r-kqxb-7qdy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat7@7.0.28-4%252Bdeb7u4"},{"url":"http://public2.vulnerablecode.io/api/packages/1035995?format=json","purl":"pkg:deb/debian/tomcat7@7.0.56-1~bpo70%2B3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18q4-zark-s7a7"},{"vulnerability":"VCID-1k8f-vsg1-k3d6"},{"vulnerability":"VCID-3cr9-g81m-4ugy"},{"vulnerability":"VCID-3n4t-bvb1-5qer"},{"vulnerability":"VCID-3r3s-q21j-c3au"},{"vulnerability":"VCID-68fk-4g86-ekbp"},{"vulnerability":"VCID-7cpu-h5fr-8ffd"},{"vulnerability":"VCID-866s-u6mh-1qh2"},{"vulnerability":"VCID-95d1-arxd-hkd1"},{"vulnerability":"VCID-9exq-fhv6-bbea"},{"vulnerability":"VCID-bk88-51w4-mfcn"},{"vulnerability":"VCID-ce78-p29q-4khb"},{"vulnerability":"VCID-fyfz-6tr5-2fc7"},{"vulnerability":"VCID-g45v-nvj6-ekat"},{"vulnerability":"VCID-hmbm-5ysw-77bu"},{"vulnerability":"VCID-hves-r5bg-yfes"},{"vulnerability":"VCID-kagr-74d9-kyhx"},{"vulnerability":"VCID-kyb8-rvyw-s7b1"},{"vulnerability":"VCID-m1zd-uytj-3bej"},{"vulnerability":"VCID-p6ch-pc73-b3ck"},{"vulnerability":"VCID-pqxe-tfhk-47b7"},{"vulnerability":"VCID-qrpd-nsdz-3ba5"},{"vulnerability":"VCID-tfrs-d458-tfaq"},{"vulnerability":"VCID-vhjj-dnft-kkf4"},{"vulnerability":"VCID-xf8r-kqxb-7qdy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat7@7.0.56-1~bpo70%252B3"},{"url":"http://public2.vulnerablecode.io/api/packages/1035996?format=json","purl":"pkg:deb/debian/tomcat7@7.0.56-3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18q4-zark-s7a7"},{"vulnerability":"VCID-1k8f-vsg1-k3d6"},{"vulnerability":"VCID-3cr9-g81m-4ugy"},{"vulnerability":"VCID-3n4t-bvb1-5qer"},{"vulnerability":"VCID-3r3s-q21j-c3au"},{"vulnerability":"VCID-68fk-4g86-ekbp"},{"vulnerability":"VCID-7cpu-h5fr-8ffd"},{"vulnerability":"VCID-866s-u6mh-1qh2"},{"vulnerability":"VCID-95d1-arxd-hkd1"},{"vulnerability":"VCID-9exq-fhv6-bbea"},{"vulnerability":"VCID-bk88-51w4-mfcn"},{"vulnerability":"VCID-ce78-p29q-4khb"},{"vulnerability":"VCID-fyfz-6tr5-2fc7"},{"vulnerability":"VCID-g45v-nvj6-ekat"},{"vulnerability":"VCID-hmbm-5ysw-77bu"},{"vulnerability":"VCID-hves-r5bg-yfes"},{"vulnerability":"VCID-kagr-74d9-kyhx"},{"vulnerability":"VCID-kyb8-rvyw-s7b1"},{"vulnerability":"VCID-m1zd-uytj-3bej"},{"vulnerability":"VCID-p6ch-pc73-b3ck"},{"vulnerability":"VCID-pqxe-tfhk-47b7"},{"vulnerability":"VCID-qrpd-nsdz-3ba5"},{"vulnerability":"VCID-tfrs-d458-tfaq"},{"vulnerability":"VCID-vhjj-dnft-kkf4"},{"vulnerability":"VCID-xf8r-kqxb-7qdy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat7@7.0.56-3"},{"url":"http://public2.vulnerablecode.io/api/packages/1035657?format=json","purl":"pkg:deb/debian/tomcat8@8.0.14-1~bpo70%2B2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18q4-zark-s7a7"},{"vulnerability":"VCID-1k8f-vsg1-k3d6"},{"vulnerability":"VCID-2sbh-sy57-3uez"},{"vulnerability":"VCID-3cr9-g81m-4ugy"},{"vulnerability":"VCID-3n4t-bvb1-5qer"},{"vulnerability":"VCID-3r3s-q21j-c3au"},{"vulnerability":"VCID-68fk-4g86-ekbp"},{"vulnerability":"VCID-7cpu-h5fr-8ffd"},{"vulnerability":"VCID-95d1-arxd-hkd1"},{"vulnerability":"VCID-9exq-fhv6-bbea"},{"vulnerability":"VCID-aeeu-fpay-wufz"},{"vulnerability":"VCID-arkn-bca7-hqam"},{"vulnerability":"VCID-bk88-51w4-mfcn"},{"vulnerability":"VCID-ce78-p29q-4khb"},{"vulnerability":"VCID-dzpn-w4b3-vbcm"},{"vulnerability":"VCID-eb37-mkxf-7fgw"},{"vulnerability":"VCID-enaj-f97c-jbh7"},{"vulnerability":"VCID-f77q-v5xp-e7dy"},{"vulnerability":"VCID-fyfz-6tr5-2fc7"},{"vulnerability":"VCID-g45v-nvj6-ekat"},{"vulnerability":"VCID-g7bk-891a-uufy"},{"vulnerability":"VCID-hmbm-5ysw-77bu"},{"vulnerability":"VCID-hves-r5bg-yfes"},{"vulnerability":"VCID-kagr-74d9-kyhx"},{"vulnerability":"VCID-kp65-9ap8-yuau"},{"vulnerability":"VCID-kyb8-rvyw-s7b1"},{"vulnerability":"VCID-m1zd-uytj-3bej"},{"vulnerability":"VCID-m2zn-ja8d-7kg8"},{"vulnerability":"VCID-n3zn-tuck-gkfe"},{"vulnerability":"VCID-p6ch-pc73-b3ck"},{"vulnerability":"VCID-pqxe-tfhk-47b7"},{"vulnerability":"VCID-qrpd-nsdz-3ba5"},{"vulnerability":"VCID-rq42-qvsy-hue6"},{"vulnerability":"VCID-ruuh-g3fa-m7d8"},{"vulnerability":"VCID-tfrs-d458-tfaq"},{"vulnerability":"VCID-vhjj-dnft-kkf4"},{"vulnerability":"VCID-wbaq-j85q-y3c6"},{"vulnerability":"VCID-xf8r-kqxb-7qdy"},{"vulnerability":"VCID-xshb-a2kb-c7gs"},{"vulnerability":"VCID-yfx4-4gsc-2kgh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat8@8.0.14-1~bpo70%252B2"},{"url":"http://public2.vulnerablecode.io/api/packages/1035658?format=json","purl":"pkg:deb/debian/tomcat8@8.0.14-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18q4-zark-s7a7"},{"vulnerability":"VCID-1k8f-vsg1-k3d6"},{"vulnerability":"VCID-2sbh-sy57-3uez"},{"vulnerability":"VCID-3cr9-g81m-4ugy"},{"vulnerability":"VCID-3n4t-bvb1-5qer"},{"vulnerability":"VCID-3r3s-q21j-c3au"},{"vulnerability":"VCID-68fk-4g86-ekbp"},{"vulnerability":"VCID-7cpu-h5fr-8ffd"},{"vulnerability":"VCID-95d1-arxd-hkd1"},{"vulnerability":"VCID-9exq-fhv6-bbea"},{"vulnerability":"VCID-aeeu-fpay-wufz"},{"vulnerability":"VCID-arkn-bca7-hqam"},{"vulnerability":"VCID-bk88-51w4-mfcn"},{"vulnerability":"VCID-ce78-p29q-4khb"},{"vulnerability":"VCID-dzpn-w4b3-vbcm"},{"vulnerability":"VCID-eb37-mkxf-7fgw"},{"vulnerability":"VCID-enaj-f97c-jbh7"},{"vulnerability":"VCID-f77q-v5xp-e7dy"},{"vulnerability":"VCID-fyfz-6tr5-2fc7"},{"vulnerability":"VCID-g45v-nvj6-ekat"},{"vulnerability":"VCID-g7bk-891a-uufy"},{"vulnerability":"VCID-hmbm-5ysw-77bu"},{"vulnerability":"VCID-hves-r5bg-yfes"},{"vulnerability":"VCID-kagr-74d9-kyhx"},{"vulnerability":"VCID-kp65-9ap8-yuau"},{"vulnerability":"VCID-kyb8-rvyw-s7b1"},{"vulnerability":"VCID-m1zd-uytj-3bej"},{"vulnerability":"VCID-m2zn-ja8d-7kg8"},{"vulnerability":"VCID-n3zn-tuck-gkfe"},{"vulnerability":"VCID-p6ch-pc73-b3ck"},{"vulnerability":"VCID-pqxe-tfhk-47b7"},{"vulnerability":"VCID-qrpd-nsdz-3ba5"},{"vulnerability":"VCID-rq42-qvsy-hue6"},{"vulnerability":"VCID-ruuh-g3fa-m7d8"},{"vulnerability":"VCID-tfrs-d458-tfaq"},{"vulnerability":"VCID-vhjj-dnft-kkf4"},{"vulnerability":"VCID-wbaq-j85q-y3c6"},{"vulnerability":"VCID-xf8r-kqxb-7qdy"},{"vulnerability":"VCID-xshb-a2kb-c7gs"},{"vulnerability":"VCID-yfx4-4gsc-2kgh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tomcat8@8.0.14-1"},{"url":"http://public2.vulnerablecode.io/api/packages/113490?format=json","purl":"pkg:rpm/redhat/hibernate4-eap6@4.2.23-1.Final_redhat_1.1.ep6?arch=el6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18q4-zark-s7a7"},{"vulnerability":"VCID-3cr9-g81m-4ugy"},{"vulnerability":"VCID-3n4t-bvb1-5qer"},{"vulnerability":"VCID-3r3s-q21j-c3au"},{"vulnerability":"VCID-95d1-arxd-hkd1"},{"vulnerability":"VCID-bk88-51w4-mfcn"},{"vulnerability":"VCID-hves-r5bg-yfes"},{"vulnerability":"VCID-kagr-74d9-kyhx"},{"vulnerability":"VCID-msy8-g5w8-afbd"},{"vulnerability":"VCID-pqxe-tfhk-47b7"},{"vulnerability":"VCID-xf8r-kqxb-7qdy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/hibernate4-eap6@4.2.23-1.Final_redhat_1.1.ep6%3Farch=el6"},{"url":"http://public2.vulnerablecode.io/api/packages/113493?format=json","purl":"pkg:rpm/redhat/hibernate4-eap6@4.2.23-1.Final_redhat_1.1.ep6?arch=el7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18q4-zark-s7a7"},{"vulnerability":"VCID-3cr9-g81m-4ugy"},{"vulnerability":"VCID-3n4t-bvb1-5qer"},{"vulnerability":"VCID-3r3s-q21j-c3au"},{"vulnerability":"VCID-95d1-arxd-hkd1"},{"vulnerability":"VCID-bk88-51w4-mfcn"},{"vulnerability":"VCID-hves-r5bg-yfes"},{"vulnerability":"VCID-kagr-74d9-kyhx"},{"vulnerability":"VCID-msy8-g5w8-afbd"},{"vulnerability":"VCID-pqxe-tfhk-47b7"},{"vulnerability":"VCID-xf8r-kqxb-7qdy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/hibernate4-eap6@4.2.23-1.Final_redhat_1.1.ep6%3Farch=el7"},{"url":"http://public2.vulnerablecode.io/api/packages/113487?format=json","purl":"pkg:rpm/redhat/jbcs-httpd24@1-3.jbcs?arch=el6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18q4-zark-s7a7"},{"vulnerability":"VCID-2xc4-7zg9-y7fw"},{"vulnerability":"VCID-33f9-ps96-9bfz"},{"vulnerability":"VCID-3cr9-g81m-4ugy"},{"vulnerability":"VCID-3n4t-bvb1-5qer"},{"vulnerability":"VCID-3r3s-q21j-c3au"},{"vulnerability":"VCID-95d1-arxd-hkd1"},{"vulnerability":"VCID-bk88-51w4-mfcn"},{"vulnerability":"VCID-hves-r5bg-yfes"},{"vulnerability":"VCID-k4kb-21tp-4kc8"},{"vulnerability":"VCID-kagr-74d9-kyhx"},{"vulnerability":"VCID-msy8-g5w8-afbd"},{"vulnerability":"VCID-pqxe-tfhk-47b7"},{"vulnerability":"VCID-snj8-2smt-3kdv"},{"vulnerability":"VCID-vqe4-4q4r-aybe"},{"vulnerability":"VCID-xf8r-kqxb-7qdy"},{"vulnerability":"VCID-y2dr-h2d9-xbaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jbcs-httpd24@1-3.jbcs%3Farch=el6"},{"url":"http://public2.vulnerablecode.io/api/packages/113486?format=json","purl":"pkg:rpm/redhat/jbcs-httpd24@1-3.jbcs?arch=el7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18q4-zark-s7a7"},{"vulnerability":"VCID-2xc4-7zg9-y7fw"},{"vulnerability":"VCID-33f9-ps96-9bfz"},{"vulnerability":"VCID-3cr9-g81m-4ugy"},{"vulnerability":"VCID-3n4t-bvb1-5qer"},{"vulnerability":"VCID-3r3s-q21j-c3au"},{"vulnerability":"VCID-95d1-arxd-hkd1"},{"vulnerability":"VCID-bk88-51w4-mfcn"},{"vulnerability":"VCID-hves-r5bg-yfes"},{"vulnerability":"VCID-k4kb-21tp-4kc8"},{"vulnerability":"VCID-kagr-74d9-kyhx"},{"vulnerability":"VCID-msy8-g5w8-afbd"},{"vulnerability":"VCID-pqxe-tfhk-47b7"},{"vulnerability":"VCID-snj8-2smt-3kdv"},{"vulnerability":"VCID-vqe4-4q4r-aybe"},{"vulnerability":"VCID-xf8r-kqxb-7qdy"},{"vulnerability":"VCID-y2dr-h2d9-xbaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jbcs-httpd24@1-3.jbcs%3Farch=el7"},{"url":"http://public2.vulnerablecode.io/api/packages/113489?format=json","purl":"pkg:rpm/redhat/jbcs-httpd24-apache-commons-daemon@1.0.15-1.redhat_2.1.jbcs?arch=el6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18q4-zark-s7a7"},{"vulnerability":"VCID-3cr9-g81m-4ugy"},{"vulnerability":"VCID-3n4t-bvb1-5qer"},{"vulnerability":"VCID-3r3s-q21j-c3au"},{"vulnerability":"VCID-95d1-arxd-hkd1"},{"vulnerability":"VCID-bk88-51w4-mfcn"},{"vulnerability":"VCID-hves-r5bg-yfes"},{"vulnerability":"VCID-kagr-74d9-kyhx"},{"vulnerability":"VCID-msy8-g5w8-afbd"},{"vulnerability":"VCID-pqxe-tfhk-47b7"},{"vulnerability":"VCID-xf8r-kqxb-7qdy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jbcs-httpd24-apache-commons-daemon@1.0.15-1.redhat_2.1.jbcs%3Farch=el6"},{"url":"http://public2.vulnerablecode.io/api/packages/113488?format=json","purl":"pkg:rpm/redhat/jbcs-httpd24-apache-commons-daemon@1.0.15-1.redhat_2.1.jbcs?arch=el7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18q4-zark-s7a7"},{"vulnerability":"VCID-3cr9-g81m-4ugy"},{"vulnerability":"VCID-3n4t-bvb1-5qer"},{"vulnerability":"VCID-3r3s-q21j-c3au"},{"vulnerability":"VCID-95d1-arxd-hkd1"},{"vulnerability":"VCID-bk88-51w4-mfcn"},{"vulnerability":"VCID-hves-r5bg-yfes"},{"vulnerability":"VCID-kagr-74d9-kyhx"},{"vulnerability":"VCID-msy8-g5w8-afbd"},{"vulnerability":"VCID-pqxe-tfhk-47b7"},{"vulnerability":"VCID-xf8r-kqxb-7qdy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jbcs-httpd24-apache-commons-daemon@1.0.15-1.redhat_2.1.jbcs%3Farch=el7"},{"url":"http://public2.vulnerablecode.io/api/packages/113499?format=json","purl":"pkg:rpm/redhat/jbcs-httpd24-apache-commons-daemon-jsvc@1:1.0.15-17.redhat_2.jbcs?arch=el6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18q4-zark-s7a7"},{"vulnerability":"VCID-3cr9-g81m-4ugy"},{"vulnerability":"VCID-3n4t-bvb1-5qer"},{"vulnerability":"VCID-3r3s-q21j-c3au"},{"vulnerability":"VCID-95d1-arxd-hkd1"},{"vulnerability":"VCID-bk88-51w4-mfcn"},{"vulnerability":"VCID-hves-r5bg-yfes"},{"vulnerability":"VCID-kagr-74d9-kyhx"},{"vulnerability":"VCID-msy8-g5w8-afbd"},{"vulnerability":"VCID-pqxe-tfhk-47b7"},{"vulnerability":"VCID-xf8r-kqxb-7qdy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jbcs-httpd24-apache-commons-daemon-jsvc@1:1.0.15-17.redhat_2.jbcs%3Farch=el6"},{"url":"http://public2.vulnerablecode.io/api/packages/113498?format=json","purl":"pkg:rpm/redhat/jbcs-httpd24-apache-commons-daemon-jsvc@1:1.0.15-17.redhat_2.jbcs?arch=el7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18q4-zark-s7a7"},{"vulnerability":"VCID-3cr9-g81m-4ugy"},{"vulnerability":"VCID-3n4t-bvb1-5qer"},{"vulnerability":"VCID-3r3s-q21j-c3au"},{"vulnerability":"VCID-95d1-arxd-hkd1"},{"vulnerability":"VCID-bk88-51w4-mfcn"},{"vulnerability":"VCID-hves-r5bg-yfes"},{"vulnerability":"VCID-kagr-74d9-kyhx"},{"vulnerability":"VCID-msy8-g5w8-afbd"},{"vulnerability":"VCID-pqxe-tfhk-47b7"},{"vulnerability":"VCID-xf8r-kqxb-7qdy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jbcs-httpd24-apache-commons-daemon-jsvc@1:1.0.15-17.redhat_2.jbcs%3Farch=el7"},{"url":"http://public2.vulnerablecode.io/api/packages/113496?format=json","purl":"pkg:rpm/redhat/mod_cluster@1.3.5-2.Final_redhat_2.1.ep7?arch=el7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18q4-zark-s7a7"},{"vulnerability":"VCID-3cr9-g81m-4ugy"},{"vulnerability":"VCID-3n4t-bvb1-5qer"},{"vulnerability":"VCID-3r3s-q21j-c3au"},{"vulnerability":"VCID-95d1-arxd-hkd1"},{"vulnerability":"VCID-bk88-51w4-mfcn"},{"vulnerability":"VCID-hves-r5bg-yfes"},{"vulnerability":"VCID-kagr-74d9-kyhx"},{"vulnerability":"VCID-msy8-g5w8-afbd"},{"vulnerability":"VCID-pqxe-tfhk-47b7"},{"vulnerability":"VCID-xf8r-kqxb-7qdy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/mod_cluster@1.3.5-2.Final_redhat_2.1.ep7%3Farch=el7"},{"url":"http://public2.vulnerablecode.io/api/packages/113494?format=json","purl":"pkg:rpm/redhat/mod_cluster@1.3.5-2.Final_redhat_2.1.ep7?arch=el6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18q4-zark-s7a7"},{"vulnerability":"VCID-3cr9-g81m-4ugy"},{"vulnerability":"VCID-3n4t-bvb1-5qer"},{"vulnerability":"VCID-3r3s-q21j-c3au"},{"vulnerability":"VCID-95d1-arxd-hkd1"},{"vulnerability":"VCID-bk88-51w4-mfcn"},{"vulnerability":"VCID-hves-r5bg-yfes"},{"vulnerability":"VCID-kagr-74d9-kyhx"},{"vulnerability":"VCID-msy8-g5w8-afbd"},{"vulnerability":"VCID-pqxe-tfhk-47b7"},{"vulnerability":"VCID-xf8r-kqxb-7qdy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/mod_cluster@1.3.5-2.Final_redhat_2.1.ep7%3Farch=el6"},{"url":"http://public2.vulnerablecode.io/api/packages/113492?format=json","purl":"pkg:rpm/redhat/tomcat7@7.0.70-16.ep7?arch=el6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18q4-zark-s7a7"},{"vulnerability":"VCID-3cr9-g81m-4ugy"},{"vulnerability":"VCID-3n4t-bvb1-5qer"},{"vulnerability":"VCID-3r3s-q21j-c3au"},{"vulnerability":"VCID-95d1-arxd-hkd1"},{"vulnerability":"VCID-bk88-51w4-mfcn"},{"vulnerability":"VCID-hves-r5bg-yfes"},{"vulnerability":"VCID-kagr-74d9-kyhx"},{"vulnerability":"VCID-msy8-g5w8-afbd"},{"vulnerability":"VCID-pqxe-tfhk-47b7"},{"vulnerability":"VCID-xf8r-kqxb-7qdy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/tomcat7@7.0.70-16.ep7%3Farch=el6"},{"url":"http://public2.vulnerablecode.io/api/packages/113491?format=json","purl":"pkg:rpm/redhat/tomcat7@7.0.70-16.ep7?arch=el7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18q4-zark-s7a7"},{"vulnerability":"VCID-3cr9-g81m-4ugy"},{"vulnerability":"VCID-3n4t-bvb1-5qer"},{"vulnerability":"VCID-3r3s-q21j-c3au"},{"vulnerability":"VCID-95d1-arxd-hkd1"},{"vulnerability":"VCID-bk88-51w4-mfcn"},{"vulnerability":"VCID-hves-r5bg-yfes"},{"vulnerability":"VCID-kagr-74d9-kyhx"},{"vulnerability":"VCID-msy8-g5w8-afbd"},{"vulnerability":"VCID-pqxe-tfhk-47b7"},{"vulnerability":"VCID-xf8r-kqxb-7qdy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/tomcat7@7.0.70-16.ep7%3Farch=el7"},{"url":"http://public2.vulnerablecode.io/api/packages/113481?format=json","purl":"pkg:rpm/redhat/tomcat8@8.0.36-17.ep7?arch=el7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18q4-zark-s7a7"},{"vulnerability":"VCID-3cr9-g81m-4ugy"},{"vulnerability":"VCID-3n4t-bvb1-5qer"},{"vulnerability":"VCID-3r3s-q21j-c3au"},{"vulnerability":"VCID-95d1-arxd-hkd1"},{"vulnerability":"VCID-bk88-51w4-mfcn"},{"vulnerability":"VCID-hves-r5bg-yfes"},{"vulnerability":"VCID-kagr-74d9-kyhx"},{"vulnerability":"VCID-msy8-g5w8-afbd"},{"vulnerability":"VCID-pqxe-tfhk-47b7"},{"vulnerability":"VCID-xf8r-kqxb-7qdy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/tomcat8@8.0.36-17.ep7%3Farch=el7"},{"url":"http://public2.vulnerablecode.io/api/packages/113495?format=json","purl":"pkg:rpm/redhat/tomcat8@8.0.36-17.ep7?arch=el6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18q4-zark-s7a7"},{"vulnerability":"VCID-3cr9-g81m-4ugy"},{"vulnerability":"VCID-3n4t-bvb1-5qer"},{"vulnerability":"VCID-3r3s-q21j-c3au"},{"vulnerability":"VCID-95d1-arxd-hkd1"},{"vulnerability":"VCID-bk88-51w4-mfcn"},{"vulnerability":"VCID-hves-r5bg-yfes"},{"vulnerability":"VCID-kagr-74d9-kyhx"},{"vulnerability":"VCID-msy8-g5w8-afbd"},{"vulnerability":"VCID-pqxe-tfhk-47b7"},{"vulnerability":"VCID-xf8r-kqxb-7qdy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/tomcat8@8.0.36-17.ep7%3Farch=el6"},{"url":"http://public2.vulnerablecode.io/api/packages/113482?format=json","purl":"pkg:rpm/redhat/tomcat-native@1.2.8-9.redhat_9.ep7?arch=el7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18q4-zark-s7a7"},{"vulnerability":"VCID-3cr9-g81m-4ugy"},{"vulnerability":"VCID-3n4t-bvb1-5qer"},{"vulnerability":"VCID-3r3s-q21j-c3au"},{"vulnerability":"VCID-95d1-arxd-hkd1"},{"vulnerability":"VCID-bk88-51w4-mfcn"},{"vulnerability":"VCID-hves-r5bg-yfes"},{"vulnerability":"VCID-kagr-74d9-kyhx"},{"vulnerability":"VCID-msy8-g5w8-afbd"},{"vulnerability":"VCID-pqxe-tfhk-47b7"},{"vulnerability":"VCID-xf8r-kqxb-7qdy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/tomcat-native@1.2.8-9.redhat_9.ep7%3Farch=el7"},{"url":"http://public2.vulnerablecode.io/api/packages/113484?format=json","purl":"pkg:rpm/redhat/tomcat-native@1.2.8-9.redhat_9.ep7?arch=el6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18q4-zark-s7a7"},{"vulnerability":"VCID-3cr9-g81m-4ugy"},{"vulnerability":"VCID-3n4t-bvb1-5qer"},{"vulnerability":"VCID-3r3s-q21j-c3au"},{"vulnerability":"VCID-95d1-arxd-hkd1"},{"vulnerability":"VCID-bk88-51w4-mfcn"},{"vulnerability":"VCID-hves-r5bg-yfes"},{"vulnerability":"VCID-kagr-74d9-kyhx"},{"vulnerability":"VCID-msy8-g5w8-afbd"},{"vulnerability":"VCID-pqxe-tfhk-47b7"},{"vulnerability":"VCID-xf8r-kqxb-7qdy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/tomcat-native@1.2.8-9.redhat_9.ep7%3Farch=el6"},{"url":"http://public2.vulnerablecode.io/api/packages/113483?format=json","purl":"pkg:rpm/redhat/tomcat-vault@1.0.8-9.Final_redhat_2.1.ep7?arch=el7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18q4-zark-s7a7"},{"vulnerability":"VCID-3cr9-g81m-4ugy"},{"vulnerability":"VCID-3n4t-bvb1-5qer"},{"vulnerability":"VCID-3r3s-q21j-c3au"},{"vulnerability":"VCID-95d1-arxd-hkd1"},{"vulnerability":"VCID-bk88-51w4-mfcn"},{"vulnerability":"VCID-hves-r5bg-yfes"},{"vulnerability":"VCID-kagr-74d9-kyhx"},{"vulnerability":"VCID-msy8-g5w8-afbd"},{"vulnerability":"VCID-pqxe-tfhk-47b7"},{"vulnerability":"VCID-xf8r-kqxb-7qdy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/tomcat-vault@1.0.8-9.Final_redhat_2.1.ep7%3Farch=el7"},{"url":"http://public2.vulnerablecode.io/api/packages/113485?format=json","purl":"pkg:rpm/redhat/tomcat-vault@1.0.8-9.Final_redhat_2.1.ep7?arch=el6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18q4-zark-s7a7"},{"vulnerability":"VCID-3cr9-g81m-4ugy"},{"vulnerability":"VCID-3n4t-bvb1-5qer"},{"vulnerability":"VCID-3r3s-q21j-c3au"},{"vulnerability":"VCID-95d1-arxd-hkd1"},{"vulnerability":"VCID-bk88-51w4-mfcn"},{"vulnerability":"VCID-hves-r5bg-yfes"},{"vulnerability":"VCID-kagr-74d9-kyhx"},{"vulnerability":"VCID-msy8-g5w8-afbd"},{"vulnerability":"VCID-pqxe-tfhk-47b7"},{"vulnerability":"VCID-xf8r-kqxb-7qdy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/tomcat-vault@1.0.8-9.Final_redhat_2.1.ep7%3Farch=el6"}],"references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1240.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1240.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1240","reference_id":"","reference_type":"","scores":[{"value":"0.22085","scoring_system":"epss","scoring_elements":"0.95752","published_at":"2026-04-01T12:55:00Z"},{"value":"0.22085","scoring_system":"epss","scoring_elements":"0.95762","published_at":"2026-04-02T12:55:00Z"},{"value":"0.22085","scoring_system":"epss","scoring_elements":"0.95769","published_at":"2026-04-04T12:55:00Z"},{"value":"0.22085","scoring_system":"epss","scoring_elements":"0.95772","published_at":"2026-04-07T12:55:00Z"},{"value":"0.22085","scoring_system":"epss","scoring_elements":"0.9578","published_at":"2026-04-08T12:55:00Z"},{"value":"0.22085","scoring_system":"epss","scoring_elements":"0.95783","published_at":"2026-04-09T12:55:00Z"},{"value":"0.22085","scoring_system":"epss","scoring_elements":"0.95787","published_at":"2026-04-12T12:55:00Z"},{"value":"0.22085","scoring_system":"epss","scoring_elements":"0.95788","published_at":"2026-04-13T12:55:00Z"},{"value":"0.22085","scoring_system":"epss","scoring_elements":"0.95798","published_at":"2026-04-16T12:55:00Z"},{"value":"0.22085","scoring_system":"epss","scoring_elements":"0.95803","published_at":"2026-04-18T12:55:00Z"},{"value":"0.22085","scoring_system":"epss","scoring_elements":"0.95804","published_at":"2026-04-21T12:55:00Z"},{"value":"0.22085","scoring_system":"epss","scoring_elements":"0.95807","published_at":"2026-04-29T12:55:00Z"},{"value":"0.22085","scoring_system":"epss","scoring_elements":"0.95819","published_at":"2026-05-05T12:55:00Z"},{"value":"0.22085","scoring_system":"epss","scoring_elements":"0.9582","published_at":"2026-05-07T12:55:00Z"},{"value":"0.22085","scoring_system":"epss","scoring_elements":"0.95826","published_at":"2026-05-09T12:55:00Z"},{"value":"0.22085","scoring_system":"epss","scoring_elements":"0.95831","published_at":"2026-05-11T12:55:00Z"},{"value":"0.22085","scoring_system":"epss","scoring_elements":"0.95835","published_at":"2026-05-12T12:55:00Z"},{"value":"0.22216","scoring_system":"epss","scoring_elements":"0.95866","published_at":"2026-05-14T12:55:00Z"},{"value":"0.22216","scoring_system":"epss","scoring_elements":"0.95867","published_at":"2026-05-15T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1240"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1240","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1240"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1376712","reference_id":"1376712","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1376712"},{"reference_url":"http://legalhackers.com/advisories/Tomcat-DebPkgs-Root-Privilege-Escalation-Exploit-CVE-2016-1240.html","reference_id":"CVE-2016-1240","reference_type":"exploit","scores":[],"url":"http://legalhackers.com/advisories/Tomcat-DebPkgs-Root-Privilege-Escalation-Exploit-CVE-2016-1240.html"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/40450.txt","reference_id":"CVE-2016-1240","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/40450.txt"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0457","reference_id":"RHSA-2017:0457","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0457"},{"reference_url":"https://usn.ubuntu.com/3081-1/","reference_id":"USN-3081-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3081-1/"},{"reference_url":"https://usn.ubuntu.com/3081-2/","reference_id":"USN-3081-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3081-2/"}],"weaknesses":[{"cwe_id":284,"name":"Improper Access Control","description":"The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor."}],"exploits":[{"date_added":"2016-10-03","description":"Apache Tomcat 8/7/6 (Debian-Based Distros) - Local Privilege Escalation","required_action":null,"due_date":null,"notes":null,"known_ransomware_campaign_use":true,"source_date_published":"2016-10-03","exploit_type":"local","platform":"linux","source_date_updated":"2016-10-03","data_source":"Exploit-DB","source_url":"http://legalhackers.com/advisories/Tomcat-DebPkgs-Root-Privilege-Escalation-Exploit-CVE-2016-1240.html"},{"date_added":null,"description":"Tomcat (6, 7, 8) packages provided by default repositories on Debian-based\n          distributions (including Debian, Ubuntu etc.) provide a vulnerable\n          tomcat init script that allows local attackers who have already gained access\n          to the tomcat account (for example, by exploiting an RCE vulnerability\n          in a java web application hosted on Tomcat, uploading a webshell etc.) to\n          escalate their privileges from tomcat user to root and fully compromise the\n          target system.\n\n          Tested against Tomcat 8.0.32-1ubuntu1.1 on Ubuntu 16.04","required_action":null,"due_date":null,"notes":"Stability:\n  - crash-safe\nReliability:\n  - repeatable-session\nSideEffects:\n  - artifacts-on-disk\n  - config-changes\n  - ioc-in-logs\n","known_ransomware_campaign_use":false,"source_date_published":"2016-09-30","exploit_type":null,"platform":"Linux","source_date_updated":null,"data_source":"Metasploit","source_url":"https://github.com/rapid7/metasploit-framework/tree/master/modules/exploits/linux/local/tomcat_ubuntu_log_init_priv_esc.rb"}],"severity_range_score":"7.0 - 7.0","exploitability":"2.0","weighted_severity":"6.3","risk_score":10.0,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bk88-51w4-mfcn"}