Search for vulnerabilities
| Vulnerability ID | VCID-9rpn-zb26-yfdk |
| Aliases |
CVE-2003-0045
GHSA-w97x-xfxf-f9xj |
| Summary | Jakarta Tomcat before 3.3.1a on certain Windows systems may allow remote attackers to cause a denial of service (thread hang and resource consumption) via a request for a JSP page containing an MS-DOS device name, such as aux.jsp. |
| Status | Published |
| Exploitability | 0.5 |
| Weighted Severity | 8.0 |
| Risk | 4.0 |
| Affected and Fixed Packages | Package Details |
| System | Score | Found at |
|---|---|---|
| generic_textual | MODERATE | http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/RELEASE-NOTES-3.3.1a.txt |
| epss | 0.01508 | https://api.first.org/data/v1/epss?cve=CVE-2003-0045 |
| epss | 0.01508 | https://api.first.org/data/v1/epss?cve=CVE-2003-0045 |
| epss | 0.01508 | https://api.first.org/data/v1/epss?cve=CVE-2003-0045 |
| epss | 0.01508 | https://api.first.org/data/v1/epss?cve=CVE-2003-0045 |
| epss | 0.01508 | https://api.first.org/data/v1/epss?cve=CVE-2003-0045 |
| epss | 0.01508 | https://api.first.org/data/v1/epss?cve=CVE-2003-0045 |
| epss | 0.01508 | https://api.first.org/data/v1/epss?cve=CVE-2003-0045 |
| epss | 0.01508 | https://api.first.org/data/v1/epss?cve=CVE-2003-0045 |
| apache_tomcat | Important | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0045 |
| generic_textual | MODERATE | https://exchange.xforce.ibmcloud.com/vulnerabilities/12102 |
| cvssv3.1_qr | MODERATE | https://github.com/advisories/GHSA-w97x-xfxf-f9xj |
| generic_textual | MODERATE | https://nvd.nist.gov/vuln/detail/CVE-2003-0045 |
| Percentile | 0.81119 |
| EPSS Score | 0.01508 |
| Published At | April 1, 2026, 12:55 p.m. |
| Date | Actor | Action | Source | VulnerableCode Version |
|---|---|---|---|---|
| 2026-04-01T12:38:21.013874+00:00 | Apache Tomcat Importer | Import | https://tomcat.apache.org/security-3.html | 38.0.0 |