VulnerableCode Vulnerability Details

Search for vulnerabilities

Vulnerability details: VCID-7jzs-4ayu-aaar

Essentials
Severities (190)
References (152)
Severity details (101)
Exploits (0)
EPSS
History (0)

Vulnerability ID	VCID-7jzs-4ayu-aaar
Aliases	CVE-2016-0763 GHSA-9hjv-9h75-xmpp
Summary	The setGlobalContext method in org/apache/naming/factory/ResourceLinkFactory.java in Apache Tomcat 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M3 does not consider whether ResourceLinkFactory.setGlobalContext callers are authorized, which allows remote authenticated users to bypass intended SecurityManager restrictions and read or write to arbitrary application data, or cause a denial of service (application disruption), via a web application that sets a crafted global context.
Status	Published
Exploitability	0.5
Weighted Severity	8.0
Risk	4.0
Affected and Fixed Packages	Package Details

Weaknesses (5)

CWE-264	Permissions, Privileges, and Access Controls
CWE-940	Improper Verification of Source of a Communication Channel
CWE-1035	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-937	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
CWE-287	Improper Authentication

System	Score	Found at
cvssv3.1	6.3	http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179356.html
generic_textual	MODERATE	http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179356.html
cvssv3.1	6.3	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00047.html
generic_textual	MODERATE	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00047.html
cvssv3.1	6.3	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00069.html
generic_textual	MODERATE	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00069.html
cvssv3.1	6.3	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00085.html
generic_textual	MODERATE	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00085.html
generic_textual	Medium	http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-0763.html
cvssv3.1	6.3	http://rhn.redhat.com/errata/RHSA-2016-1089.html
generic_textual	MODERATE	http://rhn.redhat.com/errata/RHSA-2016-1089.html
cvssv3.1	7.5	http://rhn.redhat.com/errata/RHSA-2016-2599.html
generic_textual	HIGH	http://rhn.redhat.com/errata/RHSA-2016-2599.html
cvssv3.1	7.5	http://rhn.redhat.com/errata/RHSA-2016-2807.html
generic_textual	HIGH	http://rhn.redhat.com/errata/RHSA-2016-2807.html
cvssv3.1	7.5	http://rhn.redhat.com/errata/RHSA-2016-2808.html
generic_textual	HIGH	http://rhn.redhat.com/errata/RHSA-2016-2808.html
rhas	Moderate	https://access.redhat.com/errata/RHSA-2016:1087
rhas	Moderate	https://access.redhat.com/errata/RHSA-2016:1088
rhas	Moderate	https://access.redhat.com/errata/RHSA-2016:1089
rhas	Moderate	https://access.redhat.com/errata/RHSA-2016:2599
rhas	Important	https://access.redhat.com/errata/RHSA-2016:2807
rhas	Important	https://access.redhat.com/errata/RHSA-2016:2808
cvssv3	6.3	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0763.json
epss	0.00129	https://api.first.org/data/v1/epss?cve=CVE-2016-0763
epss	0.00183	https://api.first.org/data/v1/epss?cve=CVE-2016-0763
epss	0.00183	https://api.first.org/data/v1/epss?cve=CVE-2016-0763
epss	0.00183	https://api.first.org/data/v1/epss?cve=CVE-2016-0763
epss	0.00183	https://api.first.org/data/v1/epss?cve=CVE-2016-0763
epss	0.00183	https://api.first.org/data/v1/epss?cve=CVE-2016-0763
epss	0.00183	https://api.first.org/data/v1/epss?cve=CVE-2016-0763
epss	0.00183	https://api.first.org/data/v1/epss?cve=CVE-2016-0763
epss	0.00183	https://api.first.org/data/v1/epss?cve=CVE-2016-0763
epss	0.00183	https://api.first.org/data/v1/epss?cve=CVE-2016-0763
epss	0.00183	https://api.first.org/data/v1/epss?cve=CVE-2016-0763
epss	0.00205	https://api.first.org/data/v1/epss?cve=CVE-2016-0763
epss	0.00205	https://api.first.org/data/v1/epss?cve=CVE-2016-0763
epss	0.00205	https://api.first.org/data/v1/epss?cve=CVE-2016-0763
epss	0.00205	https://api.first.org/data/v1/epss?cve=CVE-2016-0763
epss	0.00223	https://api.first.org/data/v1/epss?cve=CVE-2016-0763
epss	0.00223	https://api.first.org/data/v1/epss?cve=CVE-2016-0763
epss	0.00223	https://api.first.org/data/v1/epss?cve=CVE-2016-0763
epss	0.00223	https://api.first.org/data/v1/epss?cve=CVE-2016-0763
epss	0.00223	https://api.first.org/data/v1/epss?cve=CVE-2016-0763
epss	0.00223	https://api.first.org/data/v1/epss?cve=CVE-2016-0763
epss	0.00223	https://api.first.org/data/v1/epss?cve=CVE-2016-0763
epss	0.00223	https://api.first.org/data/v1/epss?cve=CVE-2016-0763
epss	0.00223	https://api.first.org/data/v1/epss?cve=CVE-2016-0763
epss	0.00223	https://api.first.org/data/v1/epss?cve=CVE-2016-0763
epss	0.00223	https://api.first.org/data/v1/epss?cve=CVE-2016-0763
epss	0.00223	https://api.first.org/data/v1/epss?cve=CVE-2016-0763
epss	0.00223	https://api.first.org/data/v1/epss?cve=CVE-2016-0763
epss	0.00223	https://api.first.org/data/v1/epss?cve=CVE-2016-0763
epss	0.00223	https://api.first.org/data/v1/epss?cve=CVE-2016-0763
epss	0.00223	https://api.first.org/data/v1/epss?cve=CVE-2016-0763
epss	0.00223	https://api.first.org/data/v1/epss?cve=CVE-2016-0763
epss	0.00223	https://api.first.org/data/v1/epss?cve=CVE-2016-0763
epss	0.00223	https://api.first.org/data/v1/epss?cve=CVE-2016-0763
epss	0.00223	https://api.first.org/data/v1/epss?cve=CVE-2016-0763
epss	0.00223	https://api.first.org/data/v1/epss?cve=CVE-2016-0763
epss	0.00223	https://api.first.org/data/v1/epss?cve=CVE-2016-0763
epss	0.00223	https://api.first.org/data/v1/epss?cve=CVE-2016-0763
epss	0.00223	https://api.first.org/data/v1/epss?cve=CVE-2016-0763
epss	0.00223	https://api.first.org/data/v1/epss?cve=CVE-2016-0763
epss	0.00223	https://api.first.org/data/v1/epss?cve=CVE-2016-0763
epss	0.00223	https://api.first.org/data/v1/epss?cve=CVE-2016-0763
epss	0.00223	https://api.first.org/data/v1/epss?cve=CVE-2016-0763
epss	0.00223	https://api.first.org/data/v1/epss?cve=CVE-2016-0763
epss	0.00223	https://api.first.org/data/v1/epss?cve=CVE-2016-0763
epss	0.00223	https://api.first.org/data/v1/epss?cve=CVE-2016-0763
epss	0.00223	https://api.first.org/data/v1/epss?cve=CVE-2016-0763
epss	0.00223	https://api.first.org/data/v1/epss?cve=CVE-2016-0763
epss	0.00223	https://api.first.org/data/v1/epss?cve=CVE-2016-0763
epss	0.00223	https://api.first.org/data/v1/epss?cve=CVE-2016-0763
epss	0.00223	https://api.first.org/data/v1/epss?cve=CVE-2016-0763
epss	0.00223	https://api.first.org/data/v1/epss?cve=CVE-2016-0763
epss	0.00223	https://api.first.org/data/v1/epss?cve=CVE-2016-0763
epss	0.00223	https://api.first.org/data/v1/epss?cve=CVE-2016-0763
epss	0.00223	https://api.first.org/data/v1/epss?cve=CVE-2016-0763
epss	0.00223	https://api.first.org/data/v1/epss?cve=CVE-2016-0763
epss	0.00223	https://api.first.org/data/v1/epss?cve=CVE-2016-0763
epss	0.00223	https://api.first.org/data/v1/epss?cve=CVE-2016-0763
epss	0.00223	https://api.first.org/data/v1/epss?cve=CVE-2016-0763
epss	0.00223	https://api.first.org/data/v1/epss?cve=CVE-2016-0763
epss	0.00223	https://api.first.org/data/v1/epss?cve=CVE-2016-0763
epss	0.00223	https://api.first.org/data/v1/epss?cve=CVE-2016-0763
epss	0.00223	https://api.first.org/data/v1/epss?cve=CVE-2016-0763
epss	0.00223	https://api.first.org/data/v1/epss?cve=CVE-2016-0763
epss	0.00223	https://api.first.org/data/v1/epss?cve=CVE-2016-0763
epss	0.00223	https://api.first.org/data/v1/epss?cve=CVE-2016-0763
epss	0.00223	https://api.first.org/data/v1/epss?cve=CVE-2016-0763
epss	0.00223	https://api.first.org/data/v1/epss?cve=CVE-2016-0763
epss	0.00223	https://api.first.org/data/v1/epss?cve=CVE-2016-0763
epss	0.00223	https://api.first.org/data/v1/epss?cve=CVE-2016-0763
epss	0.00223	https://api.first.org/data/v1/epss?cve=CVE-2016-0763
epss	0.00223	https://api.first.org/data/v1/epss?cve=CVE-2016-0763
epss	0.00223	https://api.first.org/data/v1/epss?cve=CVE-2016-0763
epss	0.00223	https://api.first.org/data/v1/epss?cve=CVE-2016-0763
epss	0.00223	https://api.first.org/data/v1/epss?cve=CVE-2016-0763
epss	0.00223	https://api.first.org/data/v1/epss?cve=CVE-2016-0763
epss	0.00223	https://api.first.org/data/v1/epss?cve=CVE-2016-0763
epss	0.00340	https://api.first.org/data/v1/epss?cve=CVE-2016-0763
epss	0.00340	https://api.first.org/data/v1/epss?cve=CVE-2016-0763
epss	0.00340	https://api.first.org/data/v1/epss?cve=CVE-2016-0763
epss	0.00340	https://api.first.org/data/v1/epss?cve=CVE-2016-0763
epss	0.00556	https://api.first.org/data/v1/epss?cve=CVE-2016-0763
cvssv3.1	6.3	https://bto.bluecoat.com/security-advisory/sa118
generic_textual	MODERATE	https://bto.bluecoat.com/security-advisory/sa118
rhbs	medium	https://bugzilla.redhat.com/show_bug.cgi?id=1311093
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4286
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4322
generic_textual	Low	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4590
generic_textual	Low	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0033
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0075
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0096
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0099
generic_textual	Low	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0119
generic_textual	Low	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0227
generic_textual	Low	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0230
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7810
generic_textual	Low	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5174
generic_textual	Low	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5345
generic_textual	Low	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5346
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5351
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0706
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0714
apache_tomcat	Moderate	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0763
apache_tomcat	Moderate	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0763
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0763
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3092
cvssv3.1	6.3	http://seclists.org/bugtraq/2016/Feb/147
generic_textual	MODERATE	http://seclists.org/bugtraq/2016/Feb/147
cvssv3.1_qr	MODERATE	https://github.com/advisories/GHSA-9hjv-9h75-xmpp
cvssv3.1	7.5	https://github.com/apache/tomcat
generic_textual	HIGH	https://github.com/apache/tomcat
cvssv3.1	6.3	https://github.com/apache/tomcat80/commit/0531f7aeff1999d362e0a68512a3517f2cf1a6ae
generic_textual	MODERATE	https://github.com/apache/tomcat80/commit/0531f7aeff1999d362e0a68512a3517f2cf1a6ae
cvssv3.1	6.3	https://github.com/apache/tomcat/commit/76ebc9007567c8326217dd94844540e1e27d8468
generic_textual	MODERATE	https://github.com/apache/tomcat/commit/76ebc9007567c8326217dd94844540e1e27d8468
cvssv3.1	6.3	https://github.com/apache/tomcat/commit/c08641da04d31f730b56b8675301e55db97dfe88
generic_textual	MODERATE	https://github.com/apache/tomcat/commit/c08641da04d31f730b56b8675301e55db97dfe88
cvssv3.1	6.3	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150442
generic_textual	MODERATE	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150442
cvssv3.1	6.3	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158626
generic_textual	MODERATE	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158626
cvssv3.1	6.3	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755
generic_textual	MODERATE	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755
cvssv3.1	5.9	https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E
generic_textual	MODERATE	https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E
cvssv3.1	5.9	https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E
generic_textual	MODERATE	https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E
cvssv3.1	7.5	https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E
generic_textual	HIGH	https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E
cvssv3.1	8.1	https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E
generic_textual	HIGH	https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E
cvssv2	6.5	https://nvd.nist.gov/vuln/detail/CVE-2016-0763
cvssv3	6.3	https://nvd.nist.gov/vuln/detail/CVE-2016-0763
cvssv3.1	9.8	https://security.gentoo.org/glsa/201705-09
generic_textual	CRITICAL	https://security.gentoo.org/glsa/201705-09
cvssv3.1	6.3	https://security.netapp.com/advisory/ntap-20180531-0001
generic_textual	MODERATE	https://security.netapp.com/advisory/ntap-20180531-0001
generic_textual	Medium	https://ubuntu.com/security/notices/USN-3024-1
cvssv3.1	6.3	http://svn.apache.org/viewvc?view=revision&revision=1725926
generic_textual	MODERATE	http://svn.apache.org/viewvc?view=revision&revision=1725926
cvssv3.1	6.3	http://svn.apache.org/viewvc?view=revision&revision=1725929
generic_textual	MODERATE	http://svn.apache.org/viewvc?view=revision&revision=1725929
cvssv3.1	6.3	http://svn.apache.org/viewvc?view=revision&revision=1725931
generic_textual	MODERATE	http://svn.apache.org/viewvc?view=revision&revision=1725931
cvssv3.1	6.3	https://web.archive.org/web/20160314101138/http://www.securityfocus.com/bid/83326
generic_textual	MODERATE	https://web.archive.org/web/20160314101138/http://www.securityfocus.com/bid/83326
cvssv3.1	6.3	https://web.archive.org/web/20160404202803/http://www.securitytracker.com/id/1035069
generic_textual	MODERATE	https://web.archive.org/web/20160404202803/http://www.securitytracker.com/id/1035069
cvssv3.1	9.8	http://tomcat.apache.org/security-7.html
generic_textual	CRITICAL	http://tomcat.apache.org/security-7.html
cvssv3.1	9.8	http://tomcat.apache.org/security-8.html
generic_textual	CRITICAL	http://tomcat.apache.org/security-8.html
cvssv3.1	9.8	http://tomcat.apache.org/security-9.html
generic_textual	CRITICAL	http://tomcat.apache.org/security-9.html
cvssv3.1	6.3	http://www.debian.org/security/2016/dsa-3530
generic_textual	MODERATE	http://www.debian.org/security/2016/dsa-3530
cvssv3.1	6.3	http://www.debian.org/security/2016/dsa-3552
generic_textual	MODERATE	http://www.debian.org/security/2016/dsa-3552
cvssv3.1	7.5	http://www.debian.org/security/2016/dsa-3609
generic_textual	HIGH	http://www.debian.org/security/2016/dsa-3609
cvssv3.1	8.1	http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
generic_textual	HIGH	http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
cvssv3.1	7.5	http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
generic_textual	HIGH	http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
cvssv3.1	7.5	http://www.ubuntu.com/usn/USN-3024-1
generic_textual	HIGH	http://www.ubuntu.com/usn/USN-3024-1

Reference id	Reference type	URL
		http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179356.html
		http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00047.html
		http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00069.html
		http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00085.html
		http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-0763.html
		http://rhn.redhat.com/errata/RHSA-2016-1089.html
		http://rhn.redhat.com/errata/RHSA-2016-2599.html
		http://rhn.redhat.com/errata/RHSA-2016-2807.html
		http://rhn.redhat.com/errata/RHSA-2016-2808.html
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0763.json
		https://api.first.org/data/v1/epss?cve=CVE-2016-0763
		https://bto.bluecoat.com/security-advisory/sa118
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4286
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4322
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4590
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0033
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0075
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0096
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0099
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0119
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0227
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0230
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7810
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5174
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5345
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5346
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5351
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0706
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0714
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0763
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3092
		http://seclists.org/bugtraq/2016/Feb/147
		https://github.com/apache/tomcat
		https://github.com/apache/tomcat70/commit/c08641da04d31f730b56b8675301e55db97dfe88
		https://github.com/apache/tomcat80/commit/0531f7aeff1999d362e0a68512a3517f2cf1a6ae
		https://github.com/apache/tomcat/commit/76ebc9007567c8326217dd94844540e1e27d8468
		https://github.com/apache/tomcat/commit/c08641da04d31f730b56b8675301e55db97dfe88
		https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150442
		https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158626
		https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755
		https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E
		https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E
		https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E
		https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E
		https://security.gentoo.org/glsa/201705-09
		https://security.netapp.com/advisory/ntap-20180531-0001
		https://security.netapp.com/advisory/ntap-20180531-0001/
		https://svn.apache.org/viewvc?view=rev&rev=1725926
		https://svn.apache.org/viewvc?view=rev&rev=1725929
		https://svn.apache.org/viewvc?view=rev&rev=1725931
		https://ubuntu.com/security/notices/USN-3024-1
		http://svn.apache.org/viewvc?view=revision&revision=1725926
		http://svn.apache.org/viewvc?view=revision&revision=1725929
		http://svn.apache.org/viewvc?view=revision&revision=1725931
		https://web.archive.org/web/20160314101138/http://www.securityfocus.com/bid/83326
		https://web.archive.org/web/20160404202803/http://www.securitytracker.com/id/1035069
		http://tomcat.apache.org/security-7.html
		http://tomcat.apache.org/security-8.html
		http://tomcat.apache.org/security-9.html
		http://www.debian.org/security/2016/dsa-3530
		http://www.debian.org/security/2016/dsa-3552
		http://www.debian.org/security/2016/dsa-3609
		http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
		http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
		http://www.securityfocus.com/bid/83326
		http://www.securitytracker.com/id/1035069
		http://www.ubuntu.com/usn/USN-3024-1
1311093		https://bugzilla.redhat.com/show_bug.cgi?id=1311093
cpe:2.3:a:apache:tomcat:7.0.0:beta::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.0:beta::::::
cpe:2.3:a:apache:tomcat:7.0.10:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.10:::::::*
cpe:2.3:a:apache:tomcat:7.0.11:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.11:::::::*
cpe:2.3:a:apache:tomcat:7.0.12:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.12:::::::*
cpe:2.3:a:apache:tomcat:7.0.14:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.14:::::::*
cpe:2.3:a:apache:tomcat:7.0.16:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.16:::::::*
cpe:2.3:a:apache:tomcat:7.0.19:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.19:::::::*
cpe:2.3:a:apache:tomcat:7.0.20:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.20:::::::*
cpe:2.3:a:apache:tomcat:7.0.21:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.21:::::::*
cpe:2.3:a:apache:tomcat:7.0.22:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.22:::::::*
cpe:2.3:a:apache:tomcat:7.0.23:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.23:::::::*
cpe:2.3:a:apache:tomcat:7.0.25:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.25:::::::*
cpe:2.3:a:apache:tomcat:7.0.26:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.26:::::::*
cpe:2.3:a:apache:tomcat:7.0.27:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.27:::::::*
cpe:2.3:a:apache:tomcat:7.0.28:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.28:::::::*
cpe:2.3:a:apache:tomcat:7.0.29:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.29:::::::*
cpe:2.3:a:apache:tomcat:7.0.2:beta::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.2:beta::::::
cpe:2.3:a:apache:tomcat:7.0.30:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.30:::::::*
cpe:2.3:a:apache:tomcat:7.0.32:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.32:::::::*
cpe:2.3:a:apache:tomcat:7.0.33:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.33:::::::*
cpe:2.3:a:apache:tomcat:7.0.34:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.34:::::::*
cpe:2.3:a:apache:tomcat:7.0.35:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.35:::::::*
cpe:2.3:a:apache:tomcat:7.0.37:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.37:::::::*
cpe:2.3:a:apache:tomcat:7.0.39:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.39:::::::*
cpe:2.3:a:apache:tomcat:7.0.40:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.40:::::::*
cpe:2.3:a:apache:tomcat:7.0.41:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.41:::::::*
cpe:2.3:a:apache:tomcat:7.0.42:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.42:::::::*
cpe:2.3:a:apache:tomcat:7.0.47:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.47:::::::*
cpe:2.3:a:apache:tomcat:7.0.4:beta::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.4:beta::::::
cpe:2.3:a:apache:tomcat:7.0.50:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.50:::::::*
cpe:2.3:a:apache:tomcat:7.0.52:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.52:::::::*
cpe:2.3:a:apache:tomcat:7.0.53:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.53:::::::*
cpe:2.3:a:apache:tomcat:7.0.54:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.54:::::::*
cpe:2.3:a:apache:tomcat:7.0.55:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.55:::::::*
cpe:2.3:a:apache:tomcat:7.0.56:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.56:::::::*
cpe:2.3:a:apache:tomcat:7.0.57:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.57:::::::*
cpe:2.3:a:apache:tomcat:7.0.59:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.59:::::::*
cpe:2.3:a:apache:tomcat:7.0.5:beta::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.5:beta::::::
cpe:2.3:a:apache:tomcat:7.0.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.6:::::::*
cpe:2.3:a:apache:tomcat:7.0.61:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.61:::::::*
cpe:2.3:a:apache:tomcat:7.0.62:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.62:::::::*
cpe:2.3:a:apache:tomcat:7.0.63:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.63:::::::*
cpe:2.3:a:apache:tomcat:7.0.64:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.64:::::::*
cpe:2.3:a:apache:tomcat:7.0.65:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.65:::::::*
cpe:2.3:a:apache:tomcat:7.0.67:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.67:::::::*
cpe:2.3:a:apache:tomcat:8.0.0:rc1::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:8.0.0:rc1::::::
cpe:2.3:a:apache:tomcat:8.0.0:rc10::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:8.0.0:rc10::::::
cpe:2.3:a:apache:tomcat:8.0.0:rc3::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:8.0.0:rc3::::::
cpe:2.3:a:apache:tomcat:8.0.0:rc5::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:8.0.0:rc5::::::
cpe:2.3:a:apache:tomcat:8.0.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:8.0.1:::::::*
cpe:2.3:a:apache:tomcat:8.0.11:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:8.0.11:::::::*
cpe:2.3:a:apache:tomcat:8.0.12:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:8.0.12:::::::*
cpe:2.3:a:apache:tomcat:8.0.14:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:8.0.14:::::::*
cpe:2.3:a:apache:tomcat:8.0.15:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:8.0.15:::::::*
cpe:2.3:a:apache:tomcat:8.0.17:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:8.0.17:::::::*
cpe:2.3:a:apache:tomcat:8.0.18:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:8.0.18:::::::*
cpe:2.3:a:apache:tomcat:8.0.20:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:8.0.20:::::::*
cpe:2.3:a:apache:tomcat:8.0.21:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:8.0.21:::::::*
cpe:2.3:a:apache:tomcat:8.0.22:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:8.0.22:::::::*
cpe:2.3:a:apache:tomcat:8.0.23:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:8.0.23:::::::*
cpe:2.3:a:apache:tomcat:8.0.24:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:8.0.24:::::::*
cpe:2.3:a:apache:tomcat:8.0.26:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:8.0.26:::::::*
cpe:2.3:a:apache:tomcat:8.0.27:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:8.0.27:::::::*
cpe:2.3:a:apache:tomcat:8.0.28:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:8.0.28:::::::*
cpe:2.3:a:apache:tomcat:8.0.29:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:8.0.29:::::::*
cpe:2.3:a:apache:tomcat:8.0.3:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:8.0.3:::::::*
cpe:2.3:a:apache:tomcat:8.0.30:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:8.0.30:::::::*
cpe:2.3:a:apache:tomcat:9.0.0:m1::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:9.0.0:m1::::::
cpe:2.3:a:apache:tomcat:9.0.0:milestone1::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:9.0.0:milestone1::::::
cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts:::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts:::
cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*
cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
cpe:2.3:o:debian:debian_linux:7.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
cpe:2.3:o:debian:debian_linux:8.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
CVE-2016-0763		https://nvd.nist.gov/vuln/detail/CVE-2016-0763
GHSA-9hjv-9h75-xmpp		https://github.com/advisories/GHSA-9hjv-9h75-xmpp
RHSA-2016:1087		https://access.redhat.com/errata/RHSA-2016:1087
RHSA-2016:1088		https://access.redhat.com/errata/RHSA-2016:1088
RHSA-2016:1089		https://access.redhat.com/errata/RHSA-2016:1089
RHSA-2016:2599		https://access.redhat.com/errata/RHSA-2016:2599
RHSA-2016:2807		https://access.redhat.com/errata/RHSA-2016:2807
RHSA-2016:2808		https://access.redhat.com/errata/RHSA-2016:2808
USN-3024-1		https://usn.ubuntu.com/3024-1/

No exploits are available.

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L Found at http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179356.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L Found at http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00047.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L Found at http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00069.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L Found at http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00085.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L Found at http://rhn.redhat.com/errata/RHSA-2016-1089.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://rhn.redhat.com/errata/RHSA-2016-2599.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://rhn.redhat.com/errata/RHSA-2016-2807.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://rhn.redhat.com/errata/RHSA-2016-2808.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0763.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L Found at https://bto.bluecoat.com/security-advisory/sa118

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L Found at http://seclists.org/bugtraq/2016/Feb/147

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/apache/tomcat

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L Found at https://github.com/apache/tomcat80/commit/0531f7aeff1999d362e0a68512a3517f2cf1a6ae

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L Found at https://github.com/apache/tomcat/commit/76ebc9007567c8326217dd94844540e1e27d8468

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L Found at https://github.com/apache/tomcat/commit/c08641da04d31f730b56b8675301e55db97dfe88

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L Found at https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150442

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L Found at https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158626

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L Found at https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2016-0763

Exploitability (E)	Access Vector (AV)	Access Complexity (AC)	Authentication (Au)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
high functional unproven proof_of_concept not_defined	local adjacent_network network	high medium low	multiple single none	none partial complete	none partial complete	none partial complete

Exploitability (E)

Access Vector (AV)

Access Complexity (AC)

Authentication (Au)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

partial

complete

none

partial

complete

none

partial

complete

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L Found at https://nvd.nist.gov/vuln/detail/CVE-2016-0763

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://security.gentoo.org/glsa/201705-09

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L Found at https://security.netapp.com/advisory/ntap-20180531-0001

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L Found at http://svn.apache.org/viewvc?view=revision&revision=1725926

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L Found at http://svn.apache.org/viewvc?view=revision&revision=1725929

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L Found at http://svn.apache.org/viewvc?view=revision&revision=1725931

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L Found at https://web.archive.org/web/20160314101138/http://www.securityfocus.com/bid/83326

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L Found at https://web.archive.org/web/20160404202803/http://www.securitytracker.com/id/1035069

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at http://tomcat.apache.org/security-7.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at http://tomcat.apache.org/security-8.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at http://tomcat.apache.org/security-9.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L Found at http://www.debian.org/security/2016/dsa-3530

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L Found at http://www.debian.org/security/2016/dsa-3552

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://www.debian.org/security/2016/dsa-3609

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Found at http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://www.ubuntu.com/usn/USN-3024-1

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Exploit Prediction Scoring System (EPSS)

Percentile	0.49471
EPSS Score	0.00129
Published At	Dec. 15, 2024, midnight

Date	Actor	Action	Source	VulnerableCode Version
There are no relevant records.

Reference id	Reference type	URL
		http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179356.html
		http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00047.html
		http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00069.html
		http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00085.html
		http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-0763.html
		http://rhn.redhat.com/errata/RHSA-2016-1089.html
		http://rhn.redhat.com/errata/RHSA-2016-2599.html
		http://rhn.redhat.com/errata/RHSA-2016-2807.html
		http://rhn.redhat.com/errata/RHSA-2016-2808.html
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0763.json
		https://api.first.org/data/v1/epss?cve=CVE-2016-0763
		https://bto.bluecoat.com/security-advisory/sa118
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4286
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4322
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4590
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0033
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0075
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0096
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0099
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0119
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0227
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0230
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7810
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5174
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5345
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5346
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5351
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0706
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0714
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0763
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3092
		http://seclists.org/bugtraq/2016/Feb/147
		https://github.com/apache/tomcat
		https://github.com/apache/tomcat70/commit/c08641da04d31f730b56b8675301e55db97dfe88
		https://github.com/apache/tomcat80/commit/0531f7aeff1999d362e0a68512a3517f2cf1a6ae
		https://github.com/apache/tomcat/commit/76ebc9007567c8326217dd94844540e1e27d8468
		https://github.com/apache/tomcat/commit/c08641da04d31f730b56b8675301e55db97dfe88
		https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150442
		https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158626
		https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755
		https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E
		https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E
		https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E
		https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E
		https://security.gentoo.org/glsa/201705-09
		https://security.netapp.com/advisory/ntap-20180531-0001
		https://security.netapp.com/advisory/ntap-20180531-0001/
		https://svn.apache.org/viewvc?view=rev&rev=1725926
		https://svn.apache.org/viewvc?view=rev&rev=1725929
		https://svn.apache.org/viewvc?view=rev&rev=1725931
		https://ubuntu.com/security/notices/USN-3024-1
		http://svn.apache.org/viewvc?view=revision&revision=1725926
		http://svn.apache.org/viewvc?view=revision&revision=1725929
		http://svn.apache.org/viewvc?view=revision&revision=1725931
		https://web.archive.org/web/20160314101138/http://www.securityfocus.com/bid/83326
		https://web.archive.org/web/20160404202803/http://www.securitytracker.com/id/1035069
		http://tomcat.apache.org/security-7.html
		http://tomcat.apache.org/security-8.html
		http://tomcat.apache.org/security-9.html
		http://www.debian.org/security/2016/dsa-3530
		http://www.debian.org/security/2016/dsa-3552
		http://www.debian.org/security/2016/dsa-3609
		http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
		http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
		http://www.securityfocus.com/bid/83326
		http://www.securitytracker.com/id/1035069
		http://www.ubuntu.com/usn/USN-3024-1
1311093		https://bugzilla.redhat.com/show_bug.cgi?id=1311093
cpe:2.3:a:apache:tomcat:7.0.0:beta::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.0:beta::::::
cpe:2.3:a:apache:tomcat:7.0.10:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.10:::::::*
cpe:2.3:a:apache:tomcat:7.0.11:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.11:::::::*
cpe:2.3:a:apache:tomcat:7.0.12:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.12:::::::*
cpe:2.3:a:apache:tomcat:7.0.14:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.14:::::::*
cpe:2.3:a:apache:tomcat:7.0.16:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.16:::::::*
cpe:2.3:a:apache:tomcat:7.0.19:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.19:::::::*
cpe:2.3:a:apache:tomcat:7.0.20:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.20:::::::*
cpe:2.3:a:apache:tomcat:7.0.21:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.21:::::::*
cpe:2.3:a:apache:tomcat:7.0.22:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.22:::::::*
cpe:2.3:a:apache:tomcat:7.0.23:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.23:::::::*
cpe:2.3:a:apache:tomcat:7.0.25:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.25:::::::*
cpe:2.3:a:apache:tomcat:7.0.26:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.26:::::::*
cpe:2.3:a:apache:tomcat:7.0.27:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.27:::::::*
cpe:2.3:a:apache:tomcat:7.0.28:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.28:::::::*
cpe:2.3:a:apache:tomcat:7.0.29:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.29:::::::*
cpe:2.3:a:apache:tomcat:7.0.2:beta::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.2:beta::::::
cpe:2.3:a:apache:tomcat:7.0.30:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.30:::::::*
cpe:2.3:a:apache:tomcat:7.0.32:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.32:::::::*
cpe:2.3:a:apache:tomcat:7.0.33:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.33:::::::*
cpe:2.3:a:apache:tomcat:7.0.34:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.34:::::::*
cpe:2.3:a:apache:tomcat:7.0.35:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.35:::::::*
cpe:2.3:a:apache:tomcat:7.0.37:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.37:::::::*
cpe:2.3:a:apache:tomcat:7.0.39:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.39:::::::*
cpe:2.3:a:apache:tomcat:7.0.40:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.40:::::::*
cpe:2.3:a:apache:tomcat:7.0.41:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.41:::::::*
cpe:2.3:a:apache:tomcat:7.0.42:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.42:::::::*
cpe:2.3:a:apache:tomcat:7.0.47:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.47:::::::*
cpe:2.3:a:apache:tomcat:7.0.4:beta::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.4:beta::::::
cpe:2.3:a:apache:tomcat:7.0.50:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.50:::::::*
cpe:2.3:a:apache:tomcat:7.0.52:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.52:::::::*
cpe:2.3:a:apache:tomcat:7.0.53:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.53:::::::*
cpe:2.3:a:apache:tomcat:7.0.54:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.54:::::::*
cpe:2.3:a:apache:tomcat:7.0.55:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.55:::::::*
cpe:2.3:a:apache:tomcat:7.0.56:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.56:::::::*
cpe:2.3:a:apache:tomcat:7.0.57:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.57:::::::*
cpe:2.3:a:apache:tomcat:7.0.59:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.59:::::::*
cpe:2.3:a:apache:tomcat:7.0.5:beta::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.5:beta::::::
cpe:2.3:a:apache:tomcat:7.0.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.6:::::::*
cpe:2.3:a:apache:tomcat:7.0.61:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.61:::::::*
cpe:2.3:a:apache:tomcat:7.0.62:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.62:::::::*
cpe:2.3:a:apache:tomcat:7.0.63:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.63:::::::*
cpe:2.3:a:apache:tomcat:7.0.64:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.64:::::::*
cpe:2.3:a:apache:tomcat:7.0.65:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.65:::::::*
cpe:2.3:a:apache:tomcat:7.0.67:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.67:::::::*
cpe:2.3:a:apache:tomcat:8.0.0:rc1::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:8.0.0:rc1::::::
cpe:2.3:a:apache:tomcat:8.0.0:rc10::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:8.0.0:rc10::::::
cpe:2.3:a:apache:tomcat:8.0.0:rc3::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:8.0.0:rc3::::::
cpe:2.3:a:apache:tomcat:8.0.0:rc5::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:8.0.0:rc5::::::
cpe:2.3:a:apache:tomcat:8.0.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:8.0.1:::::::*
cpe:2.3:a:apache:tomcat:8.0.11:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:8.0.11:::::::*
cpe:2.3:a:apache:tomcat:8.0.12:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:8.0.12:::::::*
cpe:2.3:a:apache:tomcat:8.0.14:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:8.0.14:::::::*
cpe:2.3:a:apache:tomcat:8.0.15:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:8.0.15:::::::*
cpe:2.3:a:apache:tomcat:8.0.17:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:8.0.17:::::::*
cpe:2.3:a:apache:tomcat:8.0.18:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:8.0.18:::::::*
cpe:2.3:a:apache:tomcat:8.0.20:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:8.0.20:::::::*
cpe:2.3:a:apache:tomcat:8.0.21:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:8.0.21:::::::*
cpe:2.3:a:apache:tomcat:8.0.22:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:8.0.22:::::::*
cpe:2.3:a:apache:tomcat:8.0.23:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:8.0.23:::::::*
cpe:2.3:a:apache:tomcat:8.0.24:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:8.0.24:::::::*
cpe:2.3:a:apache:tomcat:8.0.26:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:8.0.26:::::::*
cpe:2.3:a:apache:tomcat:8.0.27:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:8.0.27:::::::*
cpe:2.3:a:apache:tomcat:8.0.28:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:8.0.28:::::::*
cpe:2.3:a:apache:tomcat:8.0.29:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:8.0.29:::::::*
cpe:2.3:a:apache:tomcat:8.0.3:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:8.0.3:::::::*
cpe:2.3:a:apache:tomcat:8.0.30:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:8.0.30:::::::*
cpe:2.3:a:apache:tomcat:9.0.0:m1::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:9.0.0:m1::::::
cpe:2.3:a:apache:tomcat:9.0.0:milestone1::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:9.0.0:milestone1::::::
cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts:::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts:::
cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*
cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
cpe:2.3:o:debian:debian_linux:7.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
cpe:2.3:o:debian:debian_linux:8.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
CVE-2016-0763		https://nvd.nist.gov/vuln/detail/CVE-2016-0763
GHSA-9hjv-9h75-xmpp		https://github.com/advisories/GHSA-9hjv-9h75-xmpp
RHSA-2016:1087		https://access.redhat.com/errata/RHSA-2016:1087
RHSA-2016:1088		https://access.redhat.com/errata/RHSA-2016:1088
RHSA-2016:1089		https://access.redhat.com/errata/RHSA-2016:1089
RHSA-2016:2599		https://access.redhat.com/errata/RHSA-2016:2599
RHSA-2016:2807		https://access.redhat.com/errata/RHSA-2016:2807
RHSA-2016:2808		https://access.redhat.com/errata/RHSA-2016:2808
USN-3024-1		https://usn.ubuntu.com/3024-1/