Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-nmvx-w2sz-2kge

Summary

Aliases

alias	CVE-2007-3386

Fixed_packages

url pkg:apache/tomcat@5.5.25

purl pkg:apache/tomcat@5.5.25

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-bv96-e6r9-xka7

vulnerability	VCID-kxc3-vz2c-wqca

vulnerability	VCID-qdvn-uc56-6fds

vulnerability	VCID-qzyq-d6qk-67ag

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@5.5.25

url pkg:apache/tomcat@6.0.14

purl pkg:apache/tomcat@6.0.14

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-kxc3-vz2c-wqca

vulnerability	VCID-qdvn-uc56-6fds

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@6.0.14

Affected_packages

url pkg:apache/tomcat@5.5.0

purl pkg:apache/tomcat@5.5.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-19dy-a2qt-9qdt

vulnerability	VCID-24v5-jpna-rqg9

vulnerability	VCID-2af1-rv9j-jugv

vulnerability	VCID-2jws-wtvg-2khf

vulnerability	VCID-4t2h-jjhm-y7fq

vulnerability	VCID-7787-4bwm-efgq

vulnerability	VCID-89e9-m968-vfhe

vulnerability	VCID-96kt-5j22-pqg7

vulnerability	VCID-9j31-459b-4qbm

vulnerability	VCID-aar2-398x-p3d8

vulnerability	VCID-cqz2-4njt-g3da

vulnerability	VCID-crhe-rt8j-wycu

vulnerability	VCID-eawm-8v9w-yfap

vulnerability	VCID-eygg-nt7y-qubh

vulnerability	VCID-fu9h-e3jx-abe2

vulnerability	VCID-hmqa-jhuf-hfe2

vulnerability	VCID-jfhv-r8ep-ykbm

vulnerability	VCID-jw6e-g8z9-43ej

vulnerability	VCID-kaem-zczd-pyhu

vulnerability	VCID-kua1-kn4q-7kd2

vulnerability	VCID-kxc3-vz2c-wqca

vulnerability	VCID-nmvx-w2sz-2kge

vulnerability	VCID-pzkk-4e94-aqag

vulnerability	VCID-qdvn-uc56-6fds

vulnerability	VCID-qrbz-jgfy-qqhm

vulnerability	VCID-qz87-x4zb-rud7

vulnerability	VCID-rbvf-c791-e7cg

vulnerability	VCID-rdr4-db3y-p3cz

vulnerability	VCID-rp5z-q8an-e3az

vulnerability	VCID-t4mh-zvhq-27du

vulnerability	VCID-ua64-94fd-ekad

vulnerability	VCID-uwuf-vukf-cqck

vulnerability	VCID-w6ay-nzvg-zbff

vulnerability	VCID-w8uj-zy2r-fyca

vulnerability	VCID-wg7f-pjmn-uudk

vulnerability	VCID-y9yv-u4jh-mqew

vulnerability	VCID-ypuq-2mr2-sybb

vulnerability	VCID-yvcg-96dp-r7e6

vulnerability	VCID-zam7-79x3-ekg3

vulnerability	VCID-zm75-zwps-h3fv

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@5.5.0

url pkg:apache/tomcat@5.5.24

purl pkg:apache/tomcat@5.5.24

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-kaem-zczd-pyhu

vulnerability	VCID-nmvx-w2sz-2kge

vulnerability	VCID-qz87-x4zb-rud7

vulnerability	VCID-uwuf-vukf-cqck

vulnerability	VCID-w8uj-zy2r-fyca

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@5.5.24

url pkg:apache/tomcat@6.0.0

purl pkg:apache/tomcat@6.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1a1b-3pdg-jbfq

vulnerability	VCID-2jws-wtvg-2khf

vulnerability	VCID-2kjh-4r2g-rqe6

vulnerability	VCID-4qcn-52ug-mbd5

vulnerability	VCID-4t2h-jjhm-y7fq

vulnerability	VCID-5m85-3zyu-7qak

vulnerability	VCID-6umz-z8db-kqcy

vulnerability	VCID-6uuq-2a39-yubx

vulnerability	VCID-7787-4bwm-efgq

vulnerability	VCID-7fh9-36qs-jfg5

vulnerability	VCID-89e9-m968-vfhe

vulnerability	VCID-937w-2w2q-7fdy

vulnerability	VCID-9j31-459b-4qbm

vulnerability	VCID-aar2-398x-p3d8

vulnerability	VCID-axzz-cadr-b7fv

vulnerability	VCID-bv96-e6r9-xka7

vulnerability	VCID-crhe-rt8j-wycu

vulnerability	VCID-eawm-8v9w-yfap

vulnerability	VCID-eygg-nt7y-qubh

vulnerability	VCID-f4ka-47dk-zffs

vulnerability	VCID-fu9h-e3jx-abe2

vulnerability	VCID-hmqa-jhuf-hfe2

vulnerability	VCID-hqzu-shyu-j3hp

vulnerability	VCID-jfhv-r8ep-ykbm

vulnerability	VCID-jw6e-g8z9-43ej

vulnerability	VCID-jzta-navk-87bn

vulnerability	VCID-kaem-zczd-pyhu

vulnerability	VCID-kua1-kn4q-7kd2

vulnerability	VCID-kxc3-vz2c-wqca

vulnerability	VCID-mj47-ya6v-9kd3

vulnerability	VCID-n4zk-mdyw-3fcz

vulnerability	VCID-nmvx-w2sz-2kge

vulnerability	VCID-nnye-4xbb-kuf5

vulnerability	VCID-pq53-6deg-abfx

vulnerability	VCID-pzkk-4e94-aqag

vulnerability	VCID-qdvn-uc56-6fds

vulnerability	VCID-qrbz-jgfy-qqhm

vulnerability	VCID-qz87-x4zb-rud7

vulnerability	VCID-qzyq-d6qk-67ag

vulnerability	VCID-rbvf-c791-e7cg

vulnerability	VCID-rdr4-db3y-p3cz

vulnerability	VCID-s37s-p75k-27e6

vulnerability	VCID-sk1w-8yt4-93cv

vulnerability	VCID-t4mh-zvhq-27du

vulnerability	VCID-t57j-pu79-dbbn

vulnerability	VCID-tc66-7b7t-k7h3

vulnerability	VCID-tcmv-6ftg-fqen

vulnerability	VCID-tmjv-jvfy-judb

vulnerability	VCID-ua64-94fd-ekad

vulnerability	VCID-uwuf-vukf-cqck

vulnerability	VCID-vsta-e8jg-4qa8

vulnerability	VCID-w8uj-zy2r-fyca

vulnerability	VCID-wg7f-pjmn-uudk

vulnerability	VCID-xjj5-fy4e-e7ha

vulnerability	VCID-xra9-q91u-rfd5

vulnerability	VCID-y9hs-ymcm-3ucx

vulnerability	VCID-y9yv-u4jh-mqew

vulnerability	VCID-ypuq-2mr2-sybb

vulnerability	VCID-yswq-hnqg-sycs

vulnerability	VCID-yusx-ncpv-sfhg

vulnerability	VCID-yvcg-96dp-r7e6

vulnerability	VCID-zam7-79x3-ekg3

vulnerability	VCID-zm75-zwps-h3fv

vulnerability	VCID-zrc5-bf77-aygn

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@6.0.0

url pkg:apache/tomcat@6.0.13

purl pkg:apache/tomcat@6.0.13

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-kaem-zczd-pyhu

vulnerability	VCID-nmvx-w2sz-2kge

vulnerability	VCID-qz87-x4zb-rud7

vulnerability	VCID-uwuf-vukf-cqck

vulnerability	VCID-w8uj-zy2r-fyca

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@6.0.13

url pkg:maven/org.apache.tomcat/tomcat@5.5.0

purl pkg:maven/org.apache.tomcat/tomcat@5.5.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-19dy-a2qt-9qdt

vulnerability	VCID-24v5-jpna-rqg9

vulnerability	VCID-2af1-rv9j-jugv

vulnerability	VCID-2jws-wtvg-2khf

vulnerability	VCID-46sr-9kr3-1ubw

vulnerability	VCID-4t2h-jjhm-y7fq

vulnerability	VCID-74c7-a56p-kufz

vulnerability	VCID-7787-4bwm-efgq

vulnerability	VCID-89e9-m968-vfhe

vulnerability	VCID-96kt-5j22-pqg7

vulnerability	VCID-9hm5-e4dw-6ffe

vulnerability	VCID-9j31-459b-4qbm

vulnerability	VCID-9tsr-9tv5-5kb7

vulnerability	VCID-aar2-398x-p3d8

vulnerability	VCID-cqz2-4njt-g3da

vulnerability	VCID-crhe-rt8j-wycu

vulnerability	VCID-dnsu-tqgt-audm

vulnerability	VCID-eawm-8v9w-yfap

vulnerability	VCID-eygg-nt7y-qubh

vulnerability	VCID-fu9h-e3jx-abe2

vulnerability	VCID-hmqa-jhuf-hfe2

vulnerability	VCID-jfhv-r8ep-ykbm

vulnerability	VCID-jw6e-g8z9-43ej

vulnerability	VCID-kaem-zczd-pyhu

vulnerability	VCID-kua1-kn4q-7kd2

vulnerability	VCID-kxc3-vz2c-wqca

vulnerability	VCID-nmvx-w2sz-2kge

vulnerability	VCID-phm8-b2ym-rqd5

vulnerability	VCID-pzkk-4e94-aqag

vulnerability	VCID-qdvn-uc56-6fds

vulnerability	VCID-qrbz-jgfy-qqhm

vulnerability	VCID-qz87-x4zb-rud7

vulnerability	VCID-rbvf-c791-e7cg

vulnerability	VCID-rdr4-db3y-p3cz

vulnerability	VCID-rp5z-q8an-e3az

vulnerability	VCID-t4mh-zvhq-27du

vulnerability	VCID-ua64-94fd-ekad

vulnerability	VCID-uwuf-vukf-cqck

vulnerability	VCID-w6ay-nzvg-zbff

vulnerability	VCID-w8uj-zy2r-fyca

vulnerability	VCID-wg7f-pjmn-uudk

vulnerability	VCID-wtke-y2cx-x3et

vulnerability	VCID-y9yv-u4jh-mqew

vulnerability	VCID-ypuq-2mr2-sybb

vulnerability	VCID-yvcg-96dp-r7e6

vulnerability	VCID-zam7-79x3-ekg3

vulnerability	VCID-zm75-zwps-h3fv

vulnerability	VCID-zuee-5t4z-47he

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@5.5.0

url pkg:maven/org.apache.tomcat/tomcat@5.5.24

purl pkg:maven/org.apache.tomcat/tomcat@5.5.24

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-kaem-zczd-pyhu

vulnerability	VCID-nmvx-w2sz-2kge

vulnerability	VCID-qz87-x4zb-rud7

vulnerability	VCID-uwuf-vukf-cqck

vulnerability	VCID-w8uj-zy2r-fyca

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@5.5.24

url pkg:maven/org.apache.tomcat/tomcat@6.0.0

purl pkg:maven/org.apache.tomcat/tomcat@6.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1a1b-3pdg-jbfq

vulnerability	VCID-2jws-wtvg-2khf

vulnerability	VCID-2kjh-4r2g-rqe6

vulnerability	VCID-46sr-9kr3-1ubw

vulnerability	VCID-4qcn-52ug-mbd5

vulnerability	VCID-4t2h-jjhm-y7fq

vulnerability	VCID-5m85-3zyu-7qak

vulnerability	VCID-6umz-z8db-kqcy

vulnerability	VCID-6uuq-2a39-yubx

vulnerability	VCID-74c7-a56p-kufz

vulnerability	VCID-7787-4bwm-efgq

vulnerability	VCID-7fh9-36qs-jfg5

vulnerability	VCID-89e9-m968-vfhe

vulnerability	VCID-937w-2w2q-7fdy

vulnerability	VCID-9hm5-e4dw-6ffe

vulnerability	VCID-9j31-459b-4qbm

vulnerability	VCID-9tsr-9tv5-5kb7

vulnerability	VCID-aar2-398x-p3d8

vulnerability	VCID-atus-ryef-17h1

vulnerability	VCID-axzz-cadr-b7fv

vulnerability	VCID-bv96-e6r9-xka7

vulnerability	VCID-crhe-rt8j-wycu

vulnerability	VCID-dnsu-tqgt-audm

vulnerability	VCID-eawm-8v9w-yfap

vulnerability	VCID-eygg-nt7y-qubh

vulnerability	VCID-f4ka-47dk-zffs

vulnerability	VCID-fu9h-e3jx-abe2

vulnerability	VCID-fuxz-fqw3-ufa9

vulnerability	VCID-hmqa-jhuf-hfe2

vulnerability	VCID-hqzu-shyu-j3hp

vulnerability	VCID-jfhv-r8ep-ykbm

vulnerability	VCID-jw6e-g8z9-43ej

vulnerability	VCID-jzta-navk-87bn

vulnerability	VCID-kaem-zczd-pyhu

vulnerability	VCID-kua1-kn4q-7kd2

vulnerability	VCID-kxc3-vz2c-wqca

vulnerability	VCID-mj47-ya6v-9kd3

vulnerability	VCID-n4zk-mdyw-3fcz

vulnerability	VCID-nmvx-w2sz-2kge

vulnerability	VCID-nnye-4xbb-kuf5

vulnerability	VCID-phm8-b2ym-rqd5

vulnerability	VCID-pq53-6deg-abfx

vulnerability	VCID-pzkk-4e94-aqag

vulnerability	VCID-qdvn-uc56-6fds

vulnerability	VCID-qrbz-jgfy-qqhm

vulnerability	VCID-qz87-x4zb-rud7

vulnerability	VCID-qzyq-d6qk-67ag

vulnerability	VCID-rbvf-c791-e7cg

vulnerability	VCID-rdr4-db3y-p3cz

vulnerability	VCID-redv-2x5y-8khx

vulnerability	VCID-s37s-p75k-27e6

vulnerability	VCID-sk1w-8yt4-93cv

vulnerability	VCID-t3ya-1w1r-h3dv

vulnerability	VCID-t4mh-zvhq-27du

vulnerability	VCID-t57j-pu79-dbbn

vulnerability	VCID-tc66-7b7t-k7h3

vulnerability	VCID-tcmv-6ftg-fqen

vulnerability	VCID-tmjv-jvfy-judb

vulnerability	VCID-ua64-94fd-ekad

vulnerability	VCID-uwuf-vukf-cqck

vulnerability	VCID-vsta-e8jg-4qa8

vulnerability	VCID-w8uj-zy2r-fyca

vulnerability	VCID-wg7f-pjmn-uudk

vulnerability	VCID-wtke-y2cx-x3et

vulnerability	VCID-xjj5-fy4e-e7ha

vulnerability	VCID-xra9-q91u-rfd5

vulnerability	VCID-y9hs-ymcm-3ucx

vulnerability	VCID-y9yv-u4jh-mqew

vulnerability	VCID-ypuq-2mr2-sybb

vulnerability	VCID-yswq-hnqg-sycs

vulnerability	VCID-yusx-ncpv-sfhg

vulnerability	VCID-yvcg-96dp-r7e6

vulnerability	VCID-zam7-79x3-ekg3

vulnerability	VCID-zm75-zwps-h3fv

vulnerability	VCID-zrc5-bf77-aygn

vulnerability	VCID-zuee-5t4z-47he

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@6.0.0

url pkg:maven/org.apache.tomcat/tomcat@6.0.13

purl pkg:maven/org.apache.tomcat/tomcat@6.0.13

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-kaem-zczd-pyhu

vulnerability	VCID-nmvx-w2sz-2kge

vulnerability	VCID-qz87-x4zb-rud7

vulnerability	VCID-uwuf-vukf-cqck

vulnerability	VCID-w8uj-zy2r-fyca

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@6.0.13

url pkg:rpm/redhat/tomcat5@5.5.23-0jpp.3.0.2?arch=el5

purl pkg:rpm/redhat/tomcat5@5.5.23-0jpp.3.0.2?arch=el5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-nmvx-w2sz-2kge

vulnerability	VCID-qz87-x4zb-rud7

vulnerability	VCID-uwuf-vukf-cqck

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/tomcat5@5.5.23-0jpp.3.0.2%3Farch=el5

url pkg:rpm/redhat/tomcat5@5.5.23-0jpp_4rh?arch=4

purl pkg:rpm/redhat/tomcat5@5.5.23-0jpp_4rh?arch=4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2jws-wtvg-2khf

vulnerability	VCID-kaem-zczd-pyhu

vulnerability	VCID-nmvx-w2sz-2kge

vulnerability	VCID-qz87-x4zb-rud7

vulnerability	VCID-uwuf-vukf-cqck

vulnerability	VCID-w8uj-zy2r-fyca

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/tomcat5@5.5.23-0jpp_4rh%3Farch=4

References

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3386.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3386.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2007-3386

reference_id

reference_type

scores

value	0.73782
scoring_system	epss
scoring_elements	0.98837
published_at	2026-06-04T12:55:00Z

value	0.73782
scoring_system	epss
scoring_elements	0.98839
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2007-3386

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=247994
reference_id	247994
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=247994

reference_url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3386

reference_id

CVE-2007-3386

reference_type

scores

value	Low
scoring_system	apache_tomcat
scoring_elements

url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3386

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/30495.html
reference_id	CVE-2007-3386;OSVDB-36417
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/30495.html

reference_url	https://www.securityfocus.com/bid/25314/info
reference_id	CVE-2007-3386;OSVDB-36417
reference_type	exploit
scores
url	https://www.securityfocus.com/bid/25314/info

reference_url	https://access.redhat.com/errata/RHSA-2007:0871
reference_id	RHSA-2007:0871
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2007:0871

reference_url	https://access.redhat.com/errata/RHSA-2007:0876
reference_id	RHSA-2007:0876
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2007:0876

Weaknesses

cwe_id	79
name	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
description	The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

Exploits

date_added	2007-08-14
description	Apache Tomcat 6.0.13 - Host Manager Servlet Cross-Site Scripting
required_action	`null`
due_date	`null`
notes	`null`
known_ransomware_campaign_use	`true`
source_date_published	2007-08-14
exploit_type	remote
platform	multiple
source_date_updated	2013-12-25
data_source	Exploit-DB
source_url	https://www.securityfocus.com/bid/25314/info

Severity_range_score 0.1 - 3

Exploitability 2.0

Weighted_severity 2.7

Risk_score 5.4

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nmvx-w2sz-2kge

Vulnerability Instance