{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63819?format=json","vulnerability_id":"VCID-r94g-m96h-k3e6","summary":"","aliases":[{"alias":"CVE-2012-4431"},{"alias":"GHSA-76vr-72mv-mf3q"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1057?format=json","purl":"pkg:apache/tomcat@6.0.36","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1xhq-fftg-ufd2"},{"vulnerability":"VCID-t9tx-g25k-wfe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@6.0.36"},{"url":"http://public2.vulnerablecode.io/api/packages/986?format=json","purl":"pkg:apache/tomcat@7.0.32","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-t9tx-g25k-wfe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@7.0.32"},{"url":"http://public2.vulnerablecode.io/api/packages/7258?format=json","purl":"pkg:ebuild/www-servers/tomcat@7.0.56","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-servers/tomcat@7.0.56"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1062?format=json","purl":"pkg:apache/tomcat@6.0.30","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8av4-cm9e-4kh9"},{"vulnerability":"VCID-e9dg-8439-nucb"},{"vulnerability":"VCID-f6dc-5wps-z3ax"},{"vulnerability":"VCID-r94g-m96h-k3e6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@6.0.30"},{"url":"http://public2.vulnerablecode.io/api/packages/1060?format=json","purl":"pkg:apache/tomcat@6.0.35","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-74c9-hu6z-8kg4"},{"vulnerability":"VCID-a4k2-q92y-7khb"},{"vulnerability":"VCID-fje8-2ajy-kyb4"},{"vulnerability":"VCID-r94g-m96h-k3e6"},{"vulnerability":"VCID-y97x-xaq8-h3bu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@6.0.35"},{"url":"http://public2.vulnerablecode.io/api/packages/876?format=json","purl":"pkg:apache/tomcat@7.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1f31-et57-5qbx"},{"vulnerability":"VCID-1xhq-fftg-ufd2"},{"vulnerability":"VCID-3cvx-fuuh-ybf9"},{"vulnerability":"VCID-3p2v-jj5g-qbbp"},{"vulnerability":"VCID-4c8y-tn9d-v3d5"},{"vulnerability":"VCID-4tdx-52h3-bkfj"},{"vulnerability":"VCID-5hp9-mbcu-2bdt"},{"vulnerability":"VCID-5nu4-5ude-4yhc"},{"vulnerability":"VCID-5uvn-j8na-kuf7"},{"vulnerability":"VCID-62hn-sj8p-9fgs"},{"vulnerability":"VCID-65td-2enz-63hf"},{"vulnerability":"VCID-6tzd-v653-9bdq"},{"vulnerability":"VCID-74c9-hu6z-8kg4"},{"vulnerability":"VCID-824z-m36f-87ea"},{"vulnerability":"VCID-8aty-dfqt-ufe1"},{"vulnerability":"VCID-8av4-cm9e-4kh9"},{"vulnerability":"VCID-9a2q-ujcy-u3dx"},{"vulnerability":"VCID-9gs9-4vzf-uqbu"},{"vulnerability":"VCID-a4k2-q92y-7khb"},{"vulnerability":"VCID-b25a-4gka-5yhr"},{"vulnerability":"VCID-b2j2-rqat-3yhq"},{"vulnerability":"VCID-bwn2-ebxb-xqbm"},{"vulnerability":"VCID-cpun-p57h-2fc7"},{"vulnerability":"VCID-dt1c-w14g-2fbd"},{"vulnerability":"VCID-e9dg-8439-nucb"},{"vulnerability":"VCID-f6dc-5wps-z3ax"},{"vulnerability":"VCID-fje8-2ajy-kyb4"},{"vulnerability":"VCID-fp1r-r3sv-wbfp"},{"vulnerability":"VCID-fwgq-vmfm-j7bh"},{"vulnerability":"VCID-fy3t-qn64-bkhn"},{"vulnerability":"VCID-g2x3-6kx1-x7bg"},{"vulnerability":"VCID-k7n8-grbj-dbbr"},{"vulnerability":"VCID-kfs5-k8h6-afa6"},{"vulnerability":"VCID-kv5j-8eqv-7bhy"},{"vulnerability":"VCID-m7b3-kxzn-t7hj"},{"vulnerability":"VCID-mbz3-479y-ruey"},{"vulnerability":"VCID-mu17-2uxr-4kd5"},{"vulnerability":"VCID-n5t6-xtd3-hfa7"},{"vulnerability":"VCID-ncxb-rxhz-u3eu"},{"vulnerability":"VCID-nz4k-nfug-tufw"},{"vulnerability":"VCID-q1pv-h34q-7ufy"},{"vulnerability":"VCID-q8sq-kpxp-3bb4"},{"vulnerability":"VCID-qe1e-a1yz-wubq"},{"vulnerability":"VCID-qvgx-r4rr-xugp"},{"vulnerability":"VCID-qxbw-zvw5-ckdp"},{"vulnerability":"VCID-qxfb-yg6b-nfda"},{"vulnerability":"VCID-r94g-m96h-k3e6"},{"vulnerability":"VCID-rfbc-9e8h-gfhr"},{"vulnerability":"VCID-rrb9-d3a6-q3bz"},{"vulnerability":"VCID-rwqs-mabh-17c9"},{"vulnerability":"VCID-rxdf-fjd8-6yhk"},{"vulnerability":"VCID-s3gw-mg9k-mfg2"},{"vulnerability":"VCID-s4fd-atmc-qkcz"},{"vulnerability":"VCID-snut-ece8-sbfv"},{"vulnerability":"VCID-swxs-3ua6-3yfn"},{"vulnerability":"VCID-t7xw-r7rz-u3g5"},{"vulnerability":"VCID-t9tx-g25k-wfe9"},{"vulnerability":"VCID-va9j-s3bx-nycu"},{"vulnerability":"VCID-vfh6-rc99-e3bf"},{"vulnerability":"VCID-vyf9-rzw1-sffy"},{"vulnerability":"VCID-wkxm-2pd8-vqg9"},{"vulnerability":"VCID-wu55-n9ff-sbbf"},{"vulnerability":"VCID-x6m9-ka8g-sbdc"},{"vulnerability":"VCID-xjen-b9ss-33by"},{"vulnerability":"VCID-y97x-xaq8-h3bu"},{"vulnerability":"VCID-yqd8-3j9e-cken"},{"vulnerability":"VCID-zby8-fvjf-afde"},{"vulnerability":"VCID-znw1-bajd-7yfp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@7.0.0"},{"url":"http://public2.vulnerablecode.io/api/packages/990?format=json","purl":"pkg:apache/tomcat@7.0.31","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-r94g-m96h-k3e6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@7.0.31"},{"url":"http://public2.vulnerablecode.io/api/packages/1031?format=json","purl":"pkg:maven/org.apache.tomcat/tomcat@6.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1ckp-gbvu-2bdy"},{"vulnerability":"VCID-1xhq-fftg-ufd2"},{"vulnerability":"VCID-3evg-7vy4-47a4"},{"vulnerability":"VCID-3p2v-jj5g-qbbp"},{"vulnerability":"VCID-3urp-gu8z-fke3"},{"vulnerability":"VCID-46g2-sepj-guhe"},{"vulnerability":"VCID-4y66-yu6h-a3cy"},{"vulnerability":"VCID-62hn-sj8p-9fgs"},{"vulnerability":"VCID-6tzd-v653-9bdq"},{"vulnerability":"VCID-74c9-hu6z-8kg4"},{"vulnerability":"VCID-7bth-46rq-d3h2"},{"vulnerability":"VCID-8q8c-3e7u-qbc5"},{"vulnerability":"VCID-8tk5-k5f1-g3fb"},{"vulnerability":"VCID-9a2q-ujcy-u3dx"},{"vulnerability":"VCID-9rur-fz8a-p3d7"},{"vulnerability":"VCID-a4k2-q92y-7khb"},{"vulnerability":"VCID-awrq-9r93-vyhd"},{"vulnerability":"VCID-bwn2-ebxb-xqbm"},{"vulnerability":"VCID-bxjq-2fp7-h7g4"},{"vulnerability":"VCID-cphz-3xr3-z7be"},{"vulnerability":"VCID-cpun-p57h-2fc7"},{"vulnerability":"VCID-czgs-upje-kffn"},{"vulnerability":"VCID-dap4-dpmg-wbad"},{"vulnerability":"VCID-dt1c-w14g-2fbd"},{"vulnerability":"VCID-f269-zjt1-7ke4"},{"vulnerability":"VCID-f6dc-5wps-z3ax"},{"vulnerability":"VCID-f8ne-yqzk-jbds"},{"vulnerability":"VCID-fje8-2ajy-kyb4"},{"vulnerability":"VCID-fy3t-qn64-bkhn"},{"vulnerability":"VCID-g2x3-6kx1-x7bg"},{"vulnerability":"VCID-hn9b-5btp-v3fn"},{"vulnerability":"VCID-jjcq-qzpr-r3g9"},{"vulnerability":"VCID-kv5j-8eqv-7bhy"},{"vulnerability":"VCID-m5jb-76rf-d7fx"},{"vulnerability":"VCID-m7b3-kxzn-t7hj"},{"vulnerability":"VCID-mbz3-479y-ruey"},{"vulnerability":"VCID-mgjy-sbfz-1ueu"},{"vulnerability":"VCID-mu17-2uxr-4kd5"},{"vulnerability":"VCID-ncxb-rxhz-u3eu"},{"vulnerability":"VCID-npzg-ew7t-zff1"},{"vulnerability":"VCID-nt3f-snfk-vuh7"},{"vulnerability":"VCID-q1pv-h34q-7ufy"},{"vulnerability":"VCID-q8sq-kpxp-3bb4"},{"vulnerability":"VCID-qham-w946-67h8"},{"vulnerability":"VCID-qxj8-c1gm-f7ep"},{"vulnerability":"VCID-r94g-m96h-k3e6"},{"vulnerability":"VCID-rfbc-9e8h-gfhr"},{"vulnerability":"VCID-rrb9-d3a6-q3bz"},{"vulnerability":"VCID-s3gw-mg9k-mfg2"},{"vulnerability":"VCID-s4fd-atmc-qkcz"},{"vulnerability":"VCID-snut-ece8-sbfv"},{"vulnerability":"VCID-ssqj-d96y-y3hc"},{"vulnerability":"VCID-suth-x23g-rbdf"},{"vulnerability":"VCID-swxs-3ua6-3yfn"},{"vulnerability":"VCID-tdx3-4btg-j7ez"},{"vulnerability":"VCID-tqfw-77hy-ykg5"},{"vulnerability":"VCID-u477-kb4d-uuh7"},{"vulnerability":"VCID-uuw9-dvzz-mqgj"},{"vulnerability":"VCID-va9j-s3bx-nycu"},{"vulnerability":"VCID-vupj-tk3j-vfdf"},{"vulnerability":"VCID-vvzb-u4yd-fueg"},{"vulnerability":"VCID-vyf9-rzw1-sffy"},{"vulnerability":"VCID-vyhc-nkpu-a3dh"},{"vulnerability":"VCID-wkxm-2pd8-vqg9"},{"vulnerability":"VCID-wu55-n9ff-sbbf"},{"vulnerability":"VCID-x78g-4vth-xyde"},{"vulnerability":"VCID-xjen-b9ss-33by"},{"vulnerability":"VCID-xkr7-rzu4-rfc1"},{"vulnerability":"VCID-y1dr-6adg-93ee"},{"vulnerability":"VCID-y97x-xaq8-h3bu"},{"vulnerability":"VCID-yqd8-3j9e-cken"},{"vulnerability":"VCID-zby8-fvjf-afde"},{"vulnerability":"VCID-znw1-bajd-7yfp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@6.0.0"},{"url":"http://public2.vulnerablecode.io/api/packages/1063?format=json","purl":"pkg:maven/org.apache.tomcat/tomcat@6.0.30","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8av4-cm9e-4kh9"},{"vulnerability":"VCID-e9dg-8439-nucb"},{"vulnerability":"VCID-f6dc-5wps-z3ax"},{"vulnerability":"VCID-r94g-m96h-k3e6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@6.0.30"},{"url":"http://public2.vulnerablecode.io/api/packages/1061?format=json","purl":"pkg:maven/org.apache.tomcat/tomcat@6.0.35","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-74c9-hu6z-8kg4"},{"vulnerability":"VCID-a4k2-q92y-7khb"},{"vulnerability":"VCID-fje8-2ajy-kyb4"},{"vulnerability":"VCID-r94g-m96h-k3e6"},{"vulnerability":"VCID-y97x-xaq8-h3bu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@6.0.35"},{"url":"http://public2.vulnerablecode.io/api/packages/879?format=json","purl":"pkg:maven/org.apache.tomcat/tomcat@7.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1f31-et57-5qbx"},{"vulnerability":"VCID-1xhq-fftg-ufd2"},{"vulnerability":"VCID-3cvx-fuuh-ybf9"},{"vulnerability":"VCID-3p2v-jj5g-qbbp"},{"vulnerability":"VCID-3urp-gu8z-fke3"},{"vulnerability":"VCID-46g2-sepj-guhe"},{"vulnerability":"VCID-4c8y-tn9d-v3d5"},{"vulnerability":"VCID-4tdx-52h3-bkfj"},{"vulnerability":"VCID-5hp9-mbcu-2bdt"},{"vulnerability":"VCID-5nu4-5ude-4yhc"},{"vulnerability":"VCID-5uvn-j8na-kuf7"},{"vulnerability":"VCID-62hn-sj8p-9fgs"},{"vulnerability":"VCID-65td-2enz-63hf"},{"vulnerability":"VCID-6tzd-v653-9bdq"},{"vulnerability":"VCID-74c9-hu6z-8kg4"},{"vulnerability":"VCID-824z-m36f-87ea"},{"vulnerability":"VCID-8aty-dfqt-ufe1"},{"vulnerability":"VCID-8av4-cm9e-4kh9"},{"vulnerability":"VCID-8q8c-3e7u-qbc5"},{"vulnerability":"VCID-9a2q-ujcy-u3dx"},{"vulnerability":"VCID-9gs9-4vzf-uqbu"},{"vulnerability":"VCID-a4k2-q92y-7khb"},{"vulnerability":"VCID-b25a-4gka-5yhr"},{"vulnerability":"VCID-b2j2-rqat-3yhq"},{"vulnerability":"VCID-bwn2-ebxb-xqbm"},{"vulnerability":"VCID-cpun-p57h-2fc7"},{"vulnerability":"VCID-dt1c-w14g-2fbd"},{"vulnerability":"VCID-e9dg-8439-nucb"},{"vulnerability":"VCID-f6dc-5wps-z3ax"},{"vulnerability":"VCID-fje8-2ajy-kyb4"},{"vulnerability":"VCID-fp1r-r3sv-wbfp"},{"vulnerability":"VCID-fwgq-vmfm-j7bh"},{"vulnerability":"VCID-fy3t-qn64-bkhn"},{"vulnerability":"VCID-g2x3-6kx1-x7bg"},{"vulnerability":"VCID-hn9b-5btp-v3fn"},{"vulnerability":"VCID-k7n8-grbj-dbbr"},{"vulnerability":"VCID-kfs5-k8h6-afa6"},{"vulnerability":"VCID-kv5j-8eqv-7bhy"},{"vulnerability":"VCID-m7b3-kxzn-t7hj"},{"vulnerability":"VCID-mbz3-479y-ruey"},{"vulnerability":"VCID-mdsb-pema-d3ds"},{"vulnerability":"VCID-mu17-2uxr-4kd5"},{"vulnerability":"VCID-n5t6-xtd3-hfa7"},{"vulnerability":"VCID-ncxb-rxhz-u3eu"},{"vulnerability":"VCID-nz4k-nfug-tufw"},{"vulnerability":"VCID-q1pv-h34q-7ufy"},{"vulnerability":"VCID-q8sq-kpxp-3bb4"},{"vulnerability":"VCID-qe1e-a1yz-wubq"},{"vulnerability":"VCID-qvgx-r4rr-xugp"},{"vulnerability":"VCID-qxbw-zvw5-ckdp"},{"vulnerability":"VCID-qxfb-yg6b-nfda"},{"vulnerability":"VCID-r94g-m96h-k3e6"},{"vulnerability":"VCID-rfbc-9e8h-gfhr"},{"vulnerability":"VCID-rrb9-d3a6-q3bz"},{"vulnerability":"VCID-rwqs-mabh-17c9"},{"vulnerability":"VCID-rxdf-fjd8-6yhk"},{"vulnerability":"VCID-s3gw-mg9k-mfg2"},{"vulnerability":"VCID-s4fd-atmc-qkcz"},{"vulnerability":"VCID-snut-ece8-sbfv"},{"vulnerability":"VCID-swxs-3ua6-3yfn"},{"vulnerability":"VCID-t7xw-r7rz-u3g5"},{"vulnerability":"VCID-t9tx-g25k-wfe9"},{"vulnerability":"VCID-va9j-s3bx-nycu"},{"vulnerability":"VCID-vfh6-rc99-e3bf"},{"vulnerability":"VCID-vvzb-u4yd-fueg"},{"vulnerability":"VCID-vyf9-rzw1-sffy"},{"vulnerability":"VCID-wkxm-2pd8-vqg9"},{"vulnerability":"VCID-wu55-n9ff-sbbf"},{"vulnerability":"VCID-x6m9-ka8g-sbdc"},{"vulnerability":"VCID-xjen-b9ss-33by"},{"vulnerability":"VCID-y97x-xaq8-h3bu"},{"vulnerability":"VCID-yqd8-3j9e-cken"},{"vulnerability":"VCID-zby8-fvjf-afde"},{"vulnerability":"VCID-znw1-bajd-7yfp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@7.0.0"},{"url":"http://public2.vulnerablecode.io/api/packages/991?format=json","purl":"pkg:maven/org.apache.tomcat/tomcat@7.0.31","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-r94g-m96h-k3e6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@7.0.31"},{"url":"http://public2.vulnerablecode.io/api/packages/366436?format=json","purl":"pkg:rpm/redhat/jbossweb@7.0.17-4.Final_redhat_3.ep6?arch=el5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-c3qy-96ka-pucw"},{"vulnerability":"VCID-j5g2-s3ps-eqem"},{"vulnerability":"VCID-ptqm-vybp-xbdc"},{"vulnerability":"VCID-r94g-m96h-k3e6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jbossweb@7.0.17-4.Final_redhat_3.ep6%3Farch=el5"},{"url":"http://public2.vulnerablecode.io/api/packages/366437?format=json","purl":"pkg:rpm/redhat/jbossweb@7.0.17-4.Final_redhat_3.ep6?arch=el6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-c3qy-96ka-pucw"},{"vulnerability":"VCID-j5g2-s3ps-eqem"},{"vulnerability":"VCID-ptqm-vybp-xbdc"},{"vulnerability":"VCID-r94g-m96h-k3e6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jbossweb@7.0.17-4.Final_redhat_3.ep6%3Farch=el6"},{"url":"http://public2.vulnerablecode.io/api/packages/366438?format=json","purl":"pkg:rpm/redhat/tomcat6@6.0.35-6_patch_06.ep6?arch=el5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-a4k2-q92y-7khb"},{"vulnerability":"VCID-c3qy-96ka-pucw"},{"vulnerability":"VCID-j5g2-s3ps-eqem"},{"vulnerability":"VCID-ptqm-vybp-xbdc"},{"vulnerability":"VCID-r94g-m96h-k3e6"},{"vulnerability":"VCID-y97x-xaq8-h3bu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/tomcat6@6.0.35-6_patch_06.ep6%3Farch=el5"},{"url":"http://public2.vulnerablecode.io/api/packages/366440?format=json","purl":"pkg:rpm/redhat/tomcat6@6.0.35-29_patch_06.ep6?arch=el6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-a4k2-q92y-7khb"},{"vulnerability":"VCID-c3qy-96ka-pucw"},{"vulnerability":"VCID-j5g2-s3ps-eqem"},{"vulnerability":"VCID-ptqm-vybp-xbdc"},{"vulnerability":"VCID-r94g-m96h-k3e6"},{"vulnerability":"VCID-y97x-xaq8-h3bu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/tomcat6@6.0.35-29_patch_06.ep6%3Farch=el6"},{"url":"http://public2.vulnerablecode.io/api/packages/366435?format=json","purl":"pkg:rpm/redhat/tomcat7@7.0.30-3_patch_02.ep6?arch=el5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-r94g-m96h-k3e6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/tomcat7@7.0.30-3_patch_02.ep6%3Farch=el5"},{"url":"http://public2.vulnerablecode.io/api/packages/366439?format=json","purl":"pkg:rpm/redhat/tomcat7@7.0.30-5_patch_02.ep6?arch=el6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-r94g-m96h-k3e6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/tomcat7@7.0.30-5_patch_02.ep6%3Farch=el6"}],"references":[{"reference_url":"http://lists.opensuse.org/opensuse-updates/2012-12/msg00089.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-updates/2012-12/msg00089.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2012-12/msg00090.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-updates/2012-12/msg00090.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2013-01/msg00037.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-updates/2013-01/msg00037.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2013-01/msg00051.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-updates/2013-01/msg00051.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2013-01/msg00080.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-updates/2013-01/msg00080.html"},{"reference_url":"http://marc.info/?l=bugtraq&m=136612293908376&w=2","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://marc.info/?l=bugtraq&m=136612293908376&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=139344343412337&w=2","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://marc.info/?l=bugtraq&m=139344343412337&w=2"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-0267.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2013-0267.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-0268.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2013-0268.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-0647.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2013-0647.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-0648.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2013-0648.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-1853.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2013-1853.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4431.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4431.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-4431","reference_id":"","reference_type":"","scores":[{"value":"0.09824","scoring_system":"epss","scoring_elements":"0.93146","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-4431"},{"reference_url":"https://github.com/apache/tomcat","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/tomcat"},{"reference_url":"https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03748878","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03748878"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2012-4431","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2012-4431"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18541","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18541"},{"reference_url":"https://svn.apache.org/viewvc?view=rev&rev=1393088","reference_id":"","reference_type":"","scores":[],"url":"https://svn.apache.org/viewvc?view=rev&rev=1393088"},{"reference_url":"https://svn.apache.org/viewvc?view=rev&rev=1394456","reference_id":"","reference_type":"","scores":[],"url":"https://svn.apache.org/viewvc?view=rev&rev=1394456"},{"reference_url":"http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/catalina/filters/CsrfPreventionFilter.java?r1=1393088&r2=1393087&pathrev=1393088","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/catalina/filters/CsrfPreventionFilter.java?r1=1393088&r2=1393087&pathrev=1393088"},{"reference_url":"http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml?r1=1393088&r2=1393087&pathrev=1393088","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml?r1=1393088&r2=1393087&pathrev=1393088"},{"reference_url":"http://svn.apache.org/viewvc?view=revision&revision=1393088","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://svn.apache.org/viewvc?view=revision&revision=1393088"},{"reference_url":"http://www.ubuntu.com/usn/USN-1685-1","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.ubuntu.com/usn/USN-1685-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=883636","reference_id":"883636","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=883636"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4431","reference_id":"CVE-2012-4431","reference_type":"","scores":[{"value":"Important","scoring_system":"apache_tomcat","scoring_elements":""}],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4431"},{"reference_url":"https://github.com/advisories/GHSA-76vr-72mv-mf3q","reference_id":"GHSA-76vr-72mv-mf3q","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-76vr-72mv-mf3q"},{"reference_url":"https://security.gentoo.org/glsa/201412-29","reference_id":"GLSA-201412-29","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201412-29"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0265","reference_id":"RHSA-2013:0265","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:0265"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0266","reference_id":"RHSA-2013:0266","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:0266"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0267","reference_id":"RHSA-2013:0267","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:0267"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0268","reference_id":"RHSA-2013:0268","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:0268"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0647","reference_id":"RHSA-2013:0647","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:0647"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0648","reference_id":"RHSA-2013:0648","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:0648"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0665","reference_id":"RHSA-2013:0665","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:0665"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1437","reference_id":"RHSA-2013:1437","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1437"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1853","reference_id":"RHSA-2013:1853","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1853"},{"reference_url":"https://usn.ubuntu.com/1685-1/","reference_id":"USN-1685-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1685-1/"}],"weaknesses":[{"cwe_id":352,"name":"Cross-Site Request Forgery (CSRF)","description":"The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request."},{"cwe_id":1035,"name":"OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017."},{"cwe_id":264,"name":"Permissions, Privileges, and Access Controls","description":"Weaknesses in this category are related to the management of permissions, privileges, and other security features that are used to perform access control."},{"cwe_id":937,"name":"OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013."}],"exploits":[],"severity_range_score":"4.0 - 8.9","exploitability":"0.5","weighted_severity":"8.0","risk_score":4.0,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r94g-m96h-k3e6"}