{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4862?format=json","vulnerability_id":"VCID-fvvt-kufu-k3a6","summary":"Apache Tomcat 5.5.0 and 4.1.0 through 4.1.31 allows remote attackers to bypass an IP address restriction and obtain sensitive information via a request that is processed concurrently with another request but in a different thread, leading to an instance-variable overwrite associated with a \"synchronization problem\" and lack of thread safety, and related to RemoteFilterValve, RemoteAddrValve, and RemoteHostValve.","aliases":[{"alias":"CVE-2008-3271"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1528?format=json","purl":"pkg:apache/tomcat@4.1.32","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8w1a-ww52-x7em"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@4.1.32"},{"url":"http://public2.vulnerablecode.io/api/packages/1504?format=json","purl":"pkg:apache/tomcat@5.5.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@5.5.1"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1510?format=json","purl":"pkg:apache/tomcat@4.1.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18j8-kwdv-dyak"},{"vulnerability":"VCID-27q8-96un-9fbk"},{"vulnerability":"VCID-2jnv-segx-zkfd"},{"vulnerability":"VCID-4rcx-xfn5-7kdb"},{"vulnerability":"VCID-6epr-2hbd-skcz"},{"vulnerability":"VCID-6p3e-4u8s-17ep"},{"vulnerability":"VCID-7969-7a8h-zyhh"},{"vulnerability":"VCID-87p8-zvvf-y7dm"},{"vulnerability":"VCID-88v7-kc2y-bfd7"},{"vulnerability":"VCID-99es-8ecb-uub8"},{"vulnerability":"VCID-a9cu-fxqw-xkdg"},{"vulnerability":"VCID-acmu-9eqb-fya5"},{"vulnerability":"VCID-afg3-t31c-ffgp"},{"vulnerability":"VCID-bhq7-d545-27bj"},{"vulnerability":"VCID-bung-pa58-ayfv"},{"vulnerability":"VCID-dcrp-rae1-zfcm"},{"vulnerability":"VCID-fvvt-kufu-k3a6"},{"vulnerability":"VCID-j2sv-62js-xbav"},{"vulnerability":"VCID-mnf8-t3ew-4fgb"},{"vulnerability":"VCID-mp3r-5531-uqg5"},{"vulnerability":"VCID-p45v-qpgg-qqfj"},{"vulnerability":"VCID-peya-mr7j-vugf"},{"vulnerability":"VCID-q7jp-hn4a-4kec"},{"vulnerability":"VCID-qdck-q54n-rkcv"},{"vulnerability":"VCID-qxkf-4ddv-j3b7"},{"vulnerability":"VCID-r1bk-cqhx-ebc5"},{"vulnerability":"VCID-r84b-7ay9-ekcm"},{"vulnerability":"VCID-ssnx-gz8e-87ab"},{"vulnerability":"VCID-tcju-3rvu-wkht"},{"vulnerability":"VCID-v94p-bxm3-akfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@4.1.0"},{"url":"http://public2.vulnerablecode.io/api/packages/1532?format=json","purl":"pkg:apache/tomcat@4.1.31","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18j8-kwdv-dyak"},{"vulnerability":"VCID-2jnv-segx-zkfd"},{"vulnerability":"VCID-86ur-vudp-4yc2"},{"vulnerability":"VCID-bhq7-d545-27bj"},{"vulnerability":"VCID-fvvt-kufu-k3a6"},{"vulnerability":"VCID-q7jp-hn4a-4kec"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@4.1.31"},{"url":"http://public2.vulnerablecode.io/api/packages/1433?format=json","purl":"pkg:apache/tomcat@5.5.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18j8-kwdv-dyak"},{"vulnerability":"VCID-1qt3-ctae-sfgw"},{"vulnerability":"VCID-241m-q6vd-kudk"},{"vulnerability":"VCID-27q8-96un-9fbk"},{"vulnerability":"VCID-2jnv-segx-zkfd"},{"vulnerability":"VCID-4rcx-xfn5-7kdb"},{"vulnerability":"VCID-6epr-2hbd-skcz"},{"vulnerability":"VCID-6p3e-4u8s-17ep"},{"vulnerability":"VCID-7969-7a8h-zyhh"},{"vulnerability":"VCID-7kjm-p97s-zuh8"},{"vulnerability":"VCID-86ur-vudp-4yc2"},{"vulnerability":"VCID-87p8-zvvf-y7dm"},{"vulnerability":"VCID-88v7-kc2y-bfd7"},{"vulnerability":"VCID-a9cu-fxqw-xkdg"},{"vulnerability":"VCID-acmu-9eqb-fya5"},{"vulnerability":"VCID-bhq7-d545-27bj"},{"vulnerability":"VCID-bung-pa58-ayfv"},{"vulnerability":"VCID-d9ys-kxh6-nkgr"},{"vulnerability":"VCID-dcrp-rae1-zfcm"},{"vulnerability":"VCID-dhun-hj5q-dfch"},{"vulnerability":"VCID-f2zy-gq57-ufat"},{"vulnerability":"VCID-fvvt-kufu-k3a6"},{"vulnerability":"VCID-g998-xymt-fudu"},{"vulnerability":"VCID-hhk9-cr54-8fgc"},{"vulnerability":"VCID-mctd-9zgv-5qgp"},{"vulnerability":"VCID-mnf8-t3ew-4fgb"},{"vulnerability":"VCID-n76n-ywja-rbhh"},{"vulnerability":"VCID-peya-mr7j-vugf"},{"vulnerability":"VCID-q7jp-hn4a-4kec"},{"vulnerability":"VCID-qdck-q54n-rkcv"},{"vulnerability":"VCID-quwu-ep21-cyew"},{"vulnerability":"VCID-qxkf-4ddv-j3b7"},{"vulnerability":"VCID-r84b-7ay9-ekcm"},{"vulnerability":"VCID-skar-qk57-qkdv"},{"vulnerability":"VCID-su1y-2bxh-9qe2"},{"vulnerability":"VCID-tcju-3rvu-wkht"},{"vulnerability":"VCID-tfn5-6ckq-wyce"},{"vulnerability":"VCID-v94p-bxm3-akfd"},{"vulnerability":"VCID-vm4b-26sq-tfev"},{"vulnerability":"VCID-wsn2-pd9b-b3g8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@5.5.0"},{"url":"http://public2.vulnerablecode.io/api/packages/1513?format=json","purl":"pkg:maven/org.apache.tomcat/tomcat@4.1.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18j8-kwdv-dyak"},{"vulnerability":"VCID-27q8-96un-9fbk"},{"vulnerability":"VCID-2jnv-segx-zkfd"},{"vulnerability":"VCID-4rcx-xfn5-7kdb"},{"vulnerability":"VCID-6epr-2hbd-skcz"},{"vulnerability":"VCID-6p3e-4u8s-17ep"},{"vulnerability":"VCID-7969-7a8h-zyhh"},{"vulnerability":"VCID-87p8-zvvf-y7dm"},{"vulnerability":"VCID-88v7-kc2y-bfd7"},{"vulnerability":"VCID-99es-8ecb-uub8"},{"vulnerability":"VCID-a9cu-fxqw-xkdg"},{"vulnerability":"VCID-acmu-9eqb-fya5"},{"vulnerability":"VCID-afg3-t31c-ffgp"},{"vulnerability":"VCID-bhq7-d545-27bj"},{"vulnerability":"VCID-bung-pa58-ayfv"},{"vulnerability":"VCID-dcrp-rae1-zfcm"},{"vulnerability":"VCID-fvvt-kufu-k3a6"},{"vulnerability":"VCID-j2sv-62js-xbav"},{"vulnerability":"VCID-mnf8-t3ew-4fgb"},{"vulnerability":"VCID-mp3r-5531-uqg5"},{"vulnerability":"VCID-p45v-qpgg-qqfj"},{"vulnerability":"VCID-peya-mr7j-vugf"},{"vulnerability":"VCID-q7jp-hn4a-4kec"},{"vulnerability":"VCID-qdck-q54n-rkcv"},{"vulnerability":"VCID-qxkf-4ddv-j3b7"},{"vulnerability":"VCID-r1bk-cqhx-ebc5"},{"vulnerability":"VCID-r84b-7ay9-ekcm"},{"vulnerability":"VCID-rwvj-tq6x-2ubs"},{"vulnerability":"VCID-ssnx-gz8e-87ab"},{"vulnerability":"VCID-tcju-3rvu-wkht"},{"vulnerability":"VCID-v94p-bxm3-akfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@4.1.0"},{"url":"http://public2.vulnerablecode.io/api/packages/1533?format=json","purl":"pkg:maven/org.apache.tomcat/tomcat@4.1.31","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18j8-kwdv-dyak"},{"vulnerability":"VCID-2jnv-segx-zkfd"},{"vulnerability":"VCID-86ur-vudp-4yc2"},{"vulnerability":"VCID-bhq7-d545-27bj"},{"vulnerability":"VCID-fvvt-kufu-k3a6"},{"vulnerability":"VCID-g5zu-bvtd-vua4"},{"vulnerability":"VCID-q7jp-hn4a-4kec"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@4.1.31"},{"url":"http://public2.vulnerablecode.io/api/packages/1436?format=json","purl":"pkg:maven/org.apache.tomcat/tomcat@5.5.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-12du-1vyt-bkgx"},{"vulnerability":"VCID-18j8-kwdv-dyak"},{"vulnerability":"VCID-1qt3-ctae-sfgw"},{"vulnerability":"VCID-1v6c-f56v-hqh1"},{"vulnerability":"VCID-241m-q6vd-kudk"},{"vulnerability":"VCID-27q8-96un-9fbk"},{"vulnerability":"VCID-2jnv-segx-zkfd"},{"vulnerability":"VCID-4rcx-xfn5-7kdb"},{"vulnerability":"VCID-6epr-2hbd-skcz"},{"vulnerability":"VCID-6p3e-4u8s-17ep"},{"vulnerability":"VCID-7969-7a8h-zyhh"},{"vulnerability":"VCID-7kjm-p97s-zuh8"},{"vulnerability":"VCID-86ur-vudp-4yc2"},{"vulnerability":"VCID-87p8-zvvf-y7dm"},{"vulnerability":"VCID-88v7-kc2y-bfd7"},{"vulnerability":"VCID-8ebv-6941-jqdy"},{"vulnerability":"VCID-a9cu-fxqw-xkdg"},{"vulnerability":"VCID-acmu-9eqb-fya5"},{"vulnerability":"VCID-bhq7-d545-27bj"},{"vulnerability":"VCID-bung-pa58-ayfv"},{"vulnerability":"VCID-d9ys-kxh6-nkgr"},{"vulnerability":"VCID-dcrp-rae1-zfcm"},{"vulnerability":"VCID-dhun-hj5q-dfch"},{"vulnerability":"VCID-egye-da2v-4ybh"},{"vulnerability":"VCID-f2zy-gq57-ufat"},{"vulnerability":"VCID-fvvt-kufu-k3a6"},{"vulnerability":"VCID-g7eg-s99s-xqe7"},{"vulnerability":"VCID-g998-xymt-fudu"},{"vulnerability":"VCID-hhk9-cr54-8fgc"},{"vulnerability":"VCID-mctd-9zgv-5qgp"},{"vulnerability":"VCID-mnf8-t3ew-4fgb"},{"vulnerability":"VCID-n76n-ywja-rbhh"},{"vulnerability":"VCID-peya-mr7j-vugf"},{"vulnerability":"VCID-q7jp-hn4a-4kec"},{"vulnerability":"VCID-qdck-q54n-rkcv"},{"vulnerability":"VCID-quwu-ep21-cyew"},{"vulnerability":"VCID-qxkf-4ddv-j3b7"},{"vulnerability":"VCID-r5rc-rdd9-bfbk"},{"vulnerability":"VCID-r84b-7ay9-ekcm"},{"vulnerability":"VCID-rrdj-ssn7-zfdj"},{"vulnerability":"VCID-rwvj-tq6x-2ubs"},{"vulnerability":"VCID-skar-qk57-qkdv"},{"vulnerability":"VCID-su1y-2bxh-9qe2"},{"vulnerability":"VCID-tcju-3rvu-wkht"},{"vulnerability":"VCID-tfn5-6ckq-wyce"},{"vulnerability":"VCID-v94p-bxm3-akfd"},{"vulnerability":"VCID-vm4b-26sq-tfev"},{"vulnerability":"VCID-wsn2-pd9b-b3g8"},{"vulnerability":"VCID-zbbr-wded-9ffj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@5.5.0"}],"references":[{"reference_url":"http://jvndb.jvn.jp/en/contents/2008/JVNDB-2008-000069.html","reference_id":"","reference_type":"","scores":[],"url":"http://jvndb.jvn.jp/en/contents/2008/JVNDB-2008-000069.html"},{"reference_url":"http://jvn.jp/en/jp/JVN30732239/index.html","reference_id":"","reference_type":"","scores":[],"url":"http://jvn.jp/en/jp/JVN30732239/index.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00012.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00012.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3271.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3271.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-3271","reference_id":"","reference_type":"","scores":[{"value":"0.043","scoring_system":"epss","scoring_elements":"0.88966","published_at":"2026-05-14T12:55:00Z"},{"value":"0.043","scoring_system":"epss","scoring_elements":"0.8882","published_at":"2026-04-01T12:55:00Z"},{"value":"0.043","scoring_system":"epss","scoring_elements":"0.88938","published_at":"2026-05-11T12:55:00Z"},{"value":"0.043","scoring_system":"epss","scoring_elements":"0.88947","published_at":"2026-05-12T12:55:00Z"},{"value":"0.043","scoring_system":"epss","scoring_elements":"0.88829","published_at":"2026-04-02T12:55:00Z"},{"value":"0.043","scoring_system":"epss","scoring_elements":"0.88845","published_at":"2026-04-04T12:55:00Z"},{"value":"0.043","scoring_system":"epss","scoring_elements":"0.88847","published_at":"2026-04-07T12:55:00Z"},{"value":"0.043","scoring_system":"epss","scoring_elements":"0.88864","published_at":"2026-04-08T12:55:00Z"},{"value":"0.043","scoring_system":"epss","scoring_elements":"0.8887","published_at":"2026-04-09T12:55:00Z"},{"value":"0.043","scoring_system":"epss","scoring_elements":"0.88881","published_at":"2026-04-11T12:55:00Z"},{"value":"0.043","scoring_system":"epss","scoring_elements":"0.88876","published_at":"2026-04-13T12:55:00Z"},{"value":"0.043","scoring_system":"epss","scoring_elements":"0.88889","published_at":"2026-04-16T12:55:00Z"},{"value":"0.043","scoring_system":"epss","scoring_elements":"0.88887","published_at":"2026-04-18T12:55:00Z"},{"value":"0.043","scoring_system":"epss","scoring_elements":"0.88884","published_at":"2026-04-21T12:55:00Z"},{"value":"0.043","scoring_system":"epss","scoring_elements":"0.88901","published_at":"2026-04-24T12:55:00Z"},{"value":"0.043","scoring_system":"epss","scoring_elements":"0.88907","published_at":"2026-04-26T12:55:00Z"},{"value":"0.043","scoring_system":"epss","scoring_elements":"0.88908","published_at":"2026-04-29T12:55:00Z"},{"value":"0.043","scoring_system":"epss","scoring_elements":"0.88916","published_at":"2026-05-05T12:55:00Z"},{"value":"0.043","scoring_system":"epss","scoring_elements":"0.88932","published_at":"2026-05-07T12:55:00Z"},{"value":"0.043","scoring_system":"epss","scoring_elements":"0.88944","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-3271"},{"reference_url":"http://secunia.com/advisories/32213","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32213"},{"reference_url":"http://secunia.com/advisories/32234","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32234"},{"reference_url":"http://secunia.com/advisories/32398","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32398"},{"reference_url":"http://secunia.com/advisories/35684","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/35684"},{"reference_url":"http://securityreason.com/securityalert/4396","reference_id":"","reference_type":"","scores":[],"url":"http://securityreason.com/securityalert/4396"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/45791","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/45791"},{"reference_url":"https://issues.apache.org/bugzilla/show_bug.cgi?id=25835","reference_id":"","reference_type":"","scores":[],"url":"https://issues.apache.org/bugzilla/show_bug.cgi?id=25835"},{"reference_url":"https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E"},{"reference_url":"http://tomcat.apache.org/security-4.html","reference_id":"","reference_type":"","scores":[],"url":"http://tomcat.apache.org/security-4.html"},{"reference_url":"http://tomcat.apache.org/security-5.html","reference_id":"","reference_type":"","scores":[],"url":"http://tomcat.apache.org/security-5.html"},{"reference_url":"http://www.fujitsu.com/global/support/software/security/products-f/interstage-200806e.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.fujitsu.com/global/support/software/security/products-f/interstage-200806e.html"},{"reference_url":"http://www.nec.co.jp/security-info/secinfo/nv09-006.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.nec.co.jp/security-info/secinfo/nv09-006.html"},{"reference_url":"http://www.securityfocus.com/archive/1/497220/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/497220/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/bid/31698","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/31698"},{"reference_url":"http://www.securitytracker.com/id?1021039","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1021039"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2793","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2793"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2800","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2800"},{"reference_url":"http://www.vupen.com/english/advisories/2009/1818","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2009/1818"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=466875","reference_id":"466875","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=466875"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:tomcat:4.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:tomcat:4.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:tomcat:4.1.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.11:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:tomcat:4.1.11:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.11:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:tomcat:4.1.12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.13:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:tomcat:4.1.13:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.13:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.14:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:tomcat:4.1.14:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.14:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.15:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:tomcat:4.1.15:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.15:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.16:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:tomcat:4.1.16:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.16:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.17:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:tomcat:4.1.17:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.17:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.18:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:tomcat:4.1.18:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.18:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.19:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:tomcat:4.1.19:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.19:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:tomcat:4.1.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.20:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:tomcat:4.1.20:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.20:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.21:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:tomcat:4.1.21:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.21:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.22:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:tomcat:4.1.22:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.22:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.23:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:tomcat:4.1.23:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.23:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.24:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:tomcat:4.1.24:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.24:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.25:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:tomcat:4.1.25:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.25:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.26:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:tomcat:4.1.26:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.26:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.27:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:tomcat:4.1.27:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.27:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.28:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:tomcat:4.1.28:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.28:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.29:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:tomcat:4.1.29:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.29:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:tomcat:4.1.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.30:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:tomcat:4.1.30:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.30:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.31:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:tomcat:4.1.31:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.31:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.3:beta:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:tomcat:4.1.3:beta:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.3:beta:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:tomcat:4.1.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:tomcat:4.1.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:tomcat:4.1.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:tomcat:4.1.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:tomcat:4.1.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:tomcat:4.1.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:tomcat:5.5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.0:*:*:*:*:*:*:*"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3271","reference_id":"CVE-2008-3271","reference_type":"","scores":[{"value":"Low","scoring_system":"apache_tomcat","scoring_elements":""}],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3271"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2008-3271","reference_id":"CVE-2008-3271","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2008-3271"}],"weaknesses":[{"cwe_id":264,"name":"Permissions, Privileges, and Access Controls","description":"Weaknesses in this category are related to the management of permissions, privileges, and other security features that are used to perform access control."}],"exploits":[],"severity_range_score":"0.1 - 4.3","exploitability":"0.5","weighted_severity":"3.9","risk_score":1.9,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fvvt-kufu-k3a6"}