Search for vulnerabilities
Vulnerability details: VCID-hfwt-7637-6qgn
Vulnerability ID VCID-hfwt-7637-6qgn
Aliases CVE-2010-2227
GHSA-cxg2-49rq-8gcr
Summary
Status Published
Exploitability 2.0
Weighted Severity 8.0
Risk 10.0
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
System Score Found at
generic_textual MODERATE http://geronimo.apache.org/21x-security-report.html
generic_textual MODERATE http://geronimo.apache.org/22x-security-report.html
generic_textual MODERATE http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html
generic_textual MODERATE http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050207.html
generic_textual MODERATE http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050214.html
generic_textual MODERATE http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html
generic_textual MODERATE http://marc.info/?l=bugtraq&m=129070310906557&w=2
generic_textual MODERATE http://marc.info/?l=bugtraq&m=136485229118404&w=2
generic_textual MODERATE http://marc.info/?l=bugtraq&m=139344343412337&w=2
generic_textual MODERATE https://access.redhat.com/errata/RHSA-2010:0580
generic_textual MODERATE https://access.redhat.com/errata/RHSA-2010:0581
generic_textual MODERATE https://access.redhat.com/errata/RHSA-2010:0582
generic_textual MODERATE https://access.redhat.com/errata/RHSA-2010:0583
epss 0.64738 https://api.first.org/data/v1/epss?cve=CVE-2010-2227
epss 0.64738 https://api.first.org/data/v1/epss?cve=CVE-2010-2227
epss 0.64738 https://api.first.org/data/v1/epss?cve=CVE-2010-2227
epss 0.64738 https://api.first.org/data/v1/epss?cve=CVE-2010-2227
epss 0.64738 https://api.first.org/data/v1/epss?cve=CVE-2010-2227
epss 0.64738 https://api.first.org/data/v1/epss?cve=CVE-2010-2227
epss 0.64738 https://api.first.org/data/v1/epss?cve=CVE-2010-2227
epss 0.64738 https://api.first.org/data/v1/epss?cve=CVE-2010-2227
epss 0.64738 https://api.first.org/data/v1/epss?cve=CVE-2010-2227
epss 0.64738 https://api.first.org/data/v1/epss?cve=CVE-2010-2227
epss 0.64738 https://api.first.org/data/v1/epss?cve=CVE-2010-2227
epss 0.64738 https://api.first.org/data/v1/epss?cve=CVE-2010-2227
epss 0.64738 https://api.first.org/data/v1/epss?cve=CVE-2010-2227
epss 0.64738 https://api.first.org/data/v1/epss?cve=CVE-2010-2227
epss 0.64738 https://api.first.org/data/v1/epss?cve=CVE-2010-2227
epss 0.64738 https://api.first.org/data/v1/epss?cve=CVE-2010-2227
epss 0.64738 https://api.first.org/data/v1/epss?cve=CVE-2010-2227
apache_tomcat Important https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2227
generic_textual MODERATE https://exchange.xforce.ibmcloud.com/vulnerabilities/60264
cvssv3.1_qr MODERATE https://github.com/advisories/GHSA-cxg2-49rq-8gcr
generic_textual MODERATE https://github.com/apache/tomcat
generic_textual MODERATE https://github.com/apache/tomcat55/commit/4faaca9353e5e3f963c7a674b3ac6a0bd1c3757e
generic_textual MODERATE https://github.com/apache/tomcat/commit/40e5880dfc51517334acda5f12beacdec52ca283
generic_textual MODERATE https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E
generic_textual MODERATE https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E
generic_textual MODERATE https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@%3Cdev.tomcat.apache.org%3E
generic_textual MODERATE https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3Cdev.tomcat.apache.org%3E
generic_textual MODERATE https://nvd.nist.gov/vuln/detail/CVE-2010-2227
generic_textual MODERATE https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18532
generic_textual MODERATE http://support.apple.com/kb/HT5002
generic_textual MODERATE http://svn.apache.org/viewvc?view=revision&revision=958911
generic_textual MODERATE http://svn.apache.org/viewvc?view=revision&revision=958977
generic_textual MODERATE http://svn.apache.org/viewvc?view=revision&revision=959428
generic_textual MODERATE https://web.archive.org/web/20110213053623/http://secunia.com/advisories/43310
generic_textual MODERATE https://web.archive.org/web/20110220095703/http://secunia.com/advisories/42079
generic_textual MODERATE https://web.archive.org/web/20110220104410/http://secunia.com/advisories/40813
generic_textual MODERATE https://web.archive.org/web/20110220104426/http://secunia.com/advisories/41025
generic_textual MODERATE https://web.archive.org/web/20110220104430/http://secunia.com/advisories/42454
generic_textual MODERATE https://web.archive.org/web/20110712000328/http://secunia.com/advisories/42368
generic_textual MODERATE https://web.archive.org/web/20110713184518/http://secunia.com/advisories/44183
generic_textual MODERATE https://web.archive.org/web/20110716102842/http://www.securityfocus.com/archive/1/512272/100/0/threaded
generic_textual MODERATE https://web.archive.org/web/20110906004746/http://www.securityfocus.com/bid/41544
generic_textual MODERATE https://web.archive.org/web/20111119150528/http://www.securityfocus.com/archive/1/516397/100/0/threaded
generic_textual MODERATE https://web.archive.org/web/20140723000733/http://secunia.com/advisories/57126
generic_textual MODERATE https://web.archive.org/web/20161107200417/http://securitytracker.com/id?1024180
generic_textual MODERATE http://tomcat.apache.org/security-5.html
generic_textual MODERATE http://tomcat.apache.org/security-6.html
generic_textual MODERATE http://tomcat.apache.org/security-7.html
generic_textual MODERATE http://www.debian.org/security/2011/dsa-2207
generic_textual MODERATE http://www.mandriva.com/security/advisories?name=MDVSA-2010:176
generic_textual MODERATE http://www.mandriva.com/security/advisories?name=MDVSA-2010:177
generic_textual MODERATE http://www.novell.com/support/viewContent.do?externalId=7007274
generic_textual MODERATE http://www.novell.com/support/viewContent.do?externalId=7007275
generic_textual MODERATE http://www.vmware.com/security/advisories/VMSA-2011-0003.html
generic_textual MODERATE http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html
Reference id Reference type URL
http://geronimo.apache.org/21x-security-report.html
http://geronimo.apache.org/22x-security-report.html
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050207.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050214.html
http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html
http://marc.info/?l=bugtraq&m=129070310906557&w=2
http://marc.info/?l=bugtraq&m=136485229118404&w=2
http://marc.info/?l=bugtraq&m=139344343412337&w=2
https://access.redhat.com/errata/RHSA-2010:0580
https://access.redhat.com/errata/RHSA-2010:0581
https://access.redhat.com/errata/RHSA-2010:0582
https://access.redhat.com/errata/RHSA-2010:0583
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2227.json
https://api.first.org/data/v1/epss?cve=CVE-2010-2227
https://exchange.xforce.ibmcloud.com/vulnerabilities/60264
https://github.com/apache/tomcat
https://github.com/apache/tomcat55/commit/4faaca9353e5e3f963c7a674b3ac6a0bd1c3757e
https://github.com/apache/tomcat/commit/40e5880dfc51517334acda5f12beacdec52ca283
https://github.com/apache/tomcat/commit/4e97b367a97a356d2f8bb9986875e20d0807d32c
https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3Cdev.tomcat.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2010-2227
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18532
https://svn.apache.org/viewvc?view=rev&rev=958911
https://svn.apache.org/viewvc?view=rev&rev=959428
http://support.apple.com/kb/HT5002
http://svn.apache.org/viewvc?view=revision&revision=958911
http://svn.apache.org/viewvc?view=revision&revision=958977
http://svn.apache.org/viewvc?view=revision&revision=959428
https://web.archive.org/web/20110213053623/http://secunia.com/advisories/43310
https://web.archive.org/web/20110220095703/http://secunia.com/advisories/42079
https://web.archive.org/web/20110220104410/http://secunia.com/advisories/40813
https://web.archive.org/web/20110220104426/http://secunia.com/advisories/41025
https://web.archive.org/web/20110220104430/http://secunia.com/advisories/42454
https://web.archive.org/web/20110712000328/http://secunia.com/advisories/42368
https://web.archive.org/web/20110713184518/http://secunia.com/advisories/44183
https://web.archive.org/web/20110716102842/http://www.securityfocus.com/archive/1/512272/100/0/threaded
https://web.archive.org/web/20110906004746/http://www.securityfocus.com/bid/41544
https://web.archive.org/web/20111119150528/http://www.securityfocus.com/archive/1/516397/100/0/threaded
https://web.archive.org/web/20140723000733/http://secunia.com/advisories/57126
https://web.archive.org/web/20161107200417/http://securitytracker.com/id?1024180
http://tomcat.apache.org/security-5.html
http://tomcat.apache.org/security-6.html
http://tomcat.apache.org/security-7.html
http://www.debian.org/security/2011/dsa-2207
http://www.mandriva.com/security/advisories?name=MDVSA-2010:176
http://www.mandriva.com/security/advisories?name=MDVSA-2010:177
http://www.novell.com/support/viewContent.do?externalId=7007274
http://www.novell.com/support/viewContent.do?externalId=7007275
http://www.vmware.com/security/advisories/VMSA-2011-0003.html
http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html
612799 https://bugzilla.redhat.com/show_bug.cgi?id=612799
CVE-2010-2227 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2227
GHSA-cxg2-49rq-8gcr https://github.com/advisories/GHSA-cxg2-49rq-8gcr
RHSA-2010:0584 https://access.redhat.com/errata/RHSA-2010:0584
RHSA-2010:0693 https://access.redhat.com/errata/RHSA-2010:0693
USN-976-1 https://usn.ubuntu.com/976-1/
Data source Metasploit
Description Slowloris tries to keep many connections to the target web server open and hold them open as long as possible. It accomplishes this by opening connections to the target web server and sending a partial request. Periodically, it will send subsequent HTTP headers, adding to-but never completing-the request. Affected servers will keep these connections open, filling their maximum concurrent connection pool, eventually denying additional connection attempts from clients.
Note 
{}
Ransomware campaign use Unknown
Source publication date June 17, 2009
Source URL https://github.com/rapid7/metasploit-framework/tree/master/modules/auxiliary/dos/http/slowloris.py
Exploit Prediction Scoring System (EPSS)
Percentile 0.98376
EPSS Score 0.64738
Published At July 31, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2025-07-31T07:58:39.246525+00:00 ProjectKB MSRImporter Import https://raw.githubusercontent.com/SAP/project-kb/master/MSR2019/dataset/vulas_db_msr2019_release.csv 37.0.0