[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2005-2090":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T02:55:30.529Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":18,"aliases":28,"duplicate_of":9,"upstream":30,"downstream":31,"duplicates":50,"related":51,"reserved_at":9,"published_at":52,"modified_at":53,"state":54,"summary":55,"references_raw":63,"kevs":325,"epss":326,"epss_history":329,"metrics":540,"affected":545},"CVE-2005-2090","Jakarta Tomcat 5.0.19 (Coyote/1.1) and Tomcat 4.1.24 (Coyote/1.0) allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a \"Transfer-Encoding: chunked\" header and a Content-Length header, which causes Tomcat to incorrectly handle and forward the body of the request in a way that causes the receiving server to process it as a separate HTTP request, aka \"HTTP Request Smuggling.\"",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":9,"likelihood_of_exploit":9,"capec":17},"NVD-CWE-OTHER","Other","NVD uses this CWE ID when the weakness does not map to any existing CWE entry.","placeholder","NVD-Reserved",[],[19],{"_key":20,"name":21,"source":22,"url":23,"maturity":24,"reliability_score":25,"verified":26,"type":9,"platforms":27,"requires_auth":9,"exploitdb":9,"metasploit":9},"REF_50B4D9AD1F75DCD4","Exploit Reference (securiteam.com)","reference","http://www.securiteam.com/securityreviews/5GP0220G0U.html","unknown",0.2,false,[],[29],"GHSA-f2gq-p6qv-ccw4",[],[32,34,36,38,40,42,44,46,48],{"_key":33},"RHSA-2007:0326",{"_key":35},"RHSA-2007:0327",{"_key":37},"RHSA-2007:0328",{"_key":39},"RHSA-2007:0340",{"_key":41},"RHSA-2007:0360",{"_key":43},"RHSA-2007:1069",{"_key":45},"RHSA-2008:0261",{"_key":47},"RHSA-2008:0524",{"_key":49},"RHSA-2010:0602",[],[],"2005-06-30T04:00:00.000Z","2024-08-07T22:15:37.335Z","Modified",{"cisa_kev":26,"cisa_ransomware":26,"cisa_vendor":9,"epss_severity":56,"epss_score":57,"severity":58,"severity_score":59,"severity_version":60,"severity_source":61,"severity_vector":62,"severity_status":54},"critical",0.71377,"medium",4.3,"v2.0","nvd","AV:N/AC:M/Au:N/C:N/I:P/A:N",[64,73,78,84,90,96,101,107,111,115,119,123,128,132,137,142,146,150,154,159,163,169,173,177,181,185,190,194,198,202,207,211,216,220,224,228,232,236,240,244,248,252,256,260,264,268,272,276,280,284,289,293,297,301,305,309,313,317,321],{"url":65,"sources":66,"tags":69},"http://www.fujitsu.com/global/support/software/security/products-f/interstage-200703e.html",[67,61,68],"cve.org","osv_maven",[70,71,72],"X Refsource CONFIRM","Third Party Advisory","WEB",{"url":74,"sources":75,"tags":76},"http://tomcat.apache.org/security-4.html",[67,61,68],[70,77,72],"Vendor Advisory",{"url":79,"sources":80,"tags":81},"http://secunia.com/advisories/30908",[67,61],[71,82,83],"X Refsource SECUNIA","Permissions Required",{"url":85,"sources":86,"tags":87},"http://lists.vmware.com/pipermail/security-announce/2008/000003.html",[67,61,68],[88,89,71,72],"Mailing List","X Refsource MLIST",{"url":91,"sources":92,"tags":93},"http://www.vupen.com/english/advisories/2007/2732",[67,61],[94,95,83],"VDB Entry","X Refsource VUPEN",{"url":97,"sources":98,"tags":99},"http://www.securityfocus.com/bid/13873",[67,61,68],[94,100,71,72],"X Refsource BID",{"url":102,"sources":103,"tags":104},"http://sunsolve.sun.com/search/document.do?assetkey=1-26-239312-1",[67,61,68],[77,105,106,72],"X Refsource SUNALERT","Broken Link",{"url":108,"sources":109,"tags":110},"http://www.vupen.com/english/advisories/2007/3087",[67,61],[94,95,83],{"url":112,"sources":113,"tags":114},"http://secunia.com/advisories/30899",[67,61],[71,82,83],{"url":116,"sources":117,"tags":118},"http://secunia.com/advisories/29242",[67,61],[71,82,83],{"url":120,"sources":121,"tags":122},"http://www.vupen.com/english/advisories/2008/1979/references",[67,61],[94,95,83],{"url":124,"sources":125,"tags":126},"http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html",[67,61,68],[77,127,88,71,72],"X Refsource APPLE",{"url":129,"sources":130,"tags":131},"http://www.vupen.com/english/advisories/2008/0065",[67,61],[94,95,83],{"url":133,"sources":134,"tags":135},"http://www.securityfocus.com/archive/1/500412/100/0/threaded",[67,61,68],[88,136,71,94,72],"X Refsource BUGTRAQ",{"url":138,"sources":139,"tags":140},"http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html",[67,61,68],[77,141,71,72],"X Refsource SUSE",{"url":143,"sources":144,"tags":145},"http://secunia.com/advisories/33668",[67,61],[71,82,83],{"url":147,"sources":148,"tags":149},"http://www.securityfocus.com/archive/1/485938/100/0/threaded",[67,61,68],[88,136,71,94,72],{"url":151,"sources":152,"tags":153},"http://www.securityfocus.com/archive/1/500396/100/0/threaded",[67,61,68],[88,136,71,94,72],{"url":155,"sources":156,"tags":157},"http://www.redhat.com/support/errata/RHSA-2007-0360.html",[67,61,68],[77,158,71,72],"X Refsource REDHAT",{"url":160,"sources":161,"tags":162},"http://www.vupen.com/english/advisories/2009/0233",[67,61],[94,95,83],{"url":164,"sources":165,"tags":166},"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10499",[67,61,68],[94,167,168,71,72],"Signature","X Refsource OVAL",{"url":170,"sources":171,"tags":172},"http://secunia.com/advisories/28365",[67,61],[71,82,83],{"url":174,"sources":175,"tags":176},"http://support.avaya.com/elmodocs2/security/ASA-2007-206.htm",[67,61,68],[70,71,72],{"url":178,"sources":179,"tags":180},"http://tomcat.apache.org/security-6.html",[67,61,68],[70,77,72],{"url":182,"sources":183,"tags":184},"http://www.vupen.com/english/advisories/2007/3386",[67,61],[94,95,83],{"url":23,"sources":186,"tags":187},[67,61,68],[188,189,71,72],"X Refsource MISC","Exploit",{"url":191,"sources":192,"tags":193},"http://www.watchfire.com/resources/HTTP-Request-Smuggling.pdf",[67,61],[188,71],{"url":195,"sources":196,"tags":197},"http://www.redhat.com/support/errata/RHSA-2007-0327.html",[67,61,68],[77,158,71,72],{"url":199,"sources":200,"tags":201},"http://secunia.com/advisories/27037",[67,61],[71,82,83],{"url":203,"sources":204,"tags":205},"http://securitytracker.com/id?1014365",[67,61,68],[94,206,71,72],"X Refsource SECTRACK",{"url":208,"sources":209,"tags":210},"http://docs.info.apple.com/article.html?artnum=306172",[67,61,68],[70,106,72],{"url":212,"sources":213,"tags":214},"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795",[67,61],[77,215,106],"X Refsource HP",{"url":217,"sources":218,"tags":219},"http://tomcat.apache.org/security-5.html",[67,61,68],[70,77,72],{"url":221,"sources":222,"tags":223},"http://www.securityfocus.com/bid/25159",[67,61,68],[94,100,71,72],{"url":225,"sources":226,"tags":227},"http://secunia.com/advisories/26660",[67,61],[71,82,83],{"url":229,"sources":230,"tags":231},"http://www.redhat.com/support/errata/RHSA-2008-0261.html",[67,61,68],[77,158,71,72],{"url":233,"sources":234,"tags":235},"http://seclists.org/lists/bugtraq/2005/Jun/0025.html",[67,61,68],[88,136,71,72],{"url":237,"sources":238,"tags":239},"http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx",[67,61,68],[70,106,72],{"url":241,"sources":242,"tags":243},"http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540",[67,61,68],[70,106,71,72],{"url":245,"sources":246,"tags":247},"http://secunia.com/advisories/26235",[67,61],[71,82,83],{"url":249,"sources":250,"tags":251},"https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E",[67,61],[88,89],{"url":253,"sources":254,"tags":255},"https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E",[67,61],[88,89],{"url":257,"sources":258,"tags":259},"https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E",[67,61],[88,89],{"url":261,"sources":262,"tags":263},"https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E",[67,61],[88,89],{"url":265,"sources":266,"tags":267},"https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E",[67,61],[88,89],{"url":269,"sources":270,"tags":271},"https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E",[67,61],[88,89],{"url":273,"sources":274,"tags":275},"https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E",[67,61],[88,89],{"url":277,"sources":278,"tags":279},"https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E",[67,61],[88,89],{"url":281,"sources":282,"tags":283},"https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E",[67,61],[88,89],{"url":285,"sources":286,"tags":287},"https://nvd.nist.gov/vuln/detail/CVE-2005-2090",[68],[288],"Advisory",{"url":290,"sources":291,"tags":292},"https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E",[68],[72],{"url":294,"sources":295,"tags":296},"https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E",[68],[72],{"url":298,"sources":299,"tags":300},"https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E",[68],[72],{"url":302,"sources":303,"tags":304},"https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E",[68],[72],{"url":306,"sources":307,"tags":308},"https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E",[68],[72],{"url":310,"sources":311,"tags":312},"https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E",[68],[72],{"url":314,"sources":315,"tags":316},"https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E",[68],[72],{"url":318,"sources":319,"tags":320},"https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E",[68],[72],{"url":322,"sources":323,"tags":324},"https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E",[68],[72],[],{"date":327,"score":57,"percentile":328},"2026-06-04",0.98739,[330,334,337,339,342,344,346,348,350,352,354,356,358,360,362,365,367,369,372,374,376,378,380,383,385,387,389,392,396,399,402,404,407,409,411,413,416,419,421,423,425,428,430,432,435,438,440,442,444,447,449,451,454,456,459,461,464,466,468,471,473,476,479,481,483,485,487,489,492,494,496,498,500,502,504,506,509,511,513,515,517,520,522,524,526,528,530,532,535,537],{"date":331,"score":332,"percentile":333},"2025-11-04",0.8199,0.99154,{"date":335,"score":332,"percentile":336},"2025-11-05",0.99153,{"date":338,"score":332,"percentile":336},"2025-11-06",{"date":340,"score":332,"percentile":341},"2025-11-07",0.99152,{"date":343,"score":332,"percentile":336},"2025-11-08",{"date":345,"score":332,"percentile":336},"2025-11-09",{"date":347,"score":332,"percentile":336},"2025-11-10",{"date":349,"score":332,"percentile":341},"2025-11-11",{"date":351,"score":332,"percentile":336},"2025-11-12",{"date":353,"score":332,"percentile":336},"2025-11-13",{"date":355,"score":332,"percentile":341},"2025-11-14",{"date":357,"score":332,"percentile":341},"2025-11-15",{"date":359,"score":332,"percentile":341},"2025-11-16",{"date":361,"score":332,"percentile":341},"2025-11-17",{"date":363,"score":332,"percentile":364},"2025-11-18",0.99282,{"date":366,"score":332,"percentile":364},"2025-11-19",{"date":368,"score":332,"percentile":364},"2025-11-20",{"date":370,"score":332,"percentile":371},"2025-11-21",0.99155,{"date":373,"score":332,"percentile":371},"2025-11-22",{"date":375,"score":332,"percentile":333},"2025-11-23",{"date":377,"score":332,"percentile":333},"2025-11-24",{"date":379,"score":332,"percentile":371},"2025-11-25",{"date":381,"score":332,"percentile":382},"2025-11-26",0.99156,{"date":384,"score":332,"percentile":382},"2025-11-27",{"date":386,"score":332,"percentile":382},"2025-11-28",{"date":388,"score":332,"percentile":382},"2025-11-29",{"date":390,"score":332,"percentile":391},"2025-11-30",0.99157,{"date":393,"score":394,"percentile":395},"2025-12-01",0.67975,0.98522,{"date":397,"score":394,"percentile":398},"2025-12-02",0.98523,{"date":400,"score":394,"percentile":401},"2025-12-03",0.98524,{"date":403,"score":332,"percentile":382},"2025-12-04",{"date":405,"score":332,"percentile":406},"2025-12-05",0.99158,{"date":408,"score":332,"percentile":406},"2025-12-06",{"date":410,"score":332,"percentile":406},"2025-12-07",{"date":412,"score":332,"percentile":406},"2025-12-08",{"date":414,"score":332,"percentile":415},"2025-12-09",0.99159,{"date":417,"score":332,"percentile":418},"2025-12-10",0.9916,{"date":420,"score":332,"percentile":418},"2025-12-11",{"date":422,"score":332,"percentile":418},"2025-12-12",{"date":424,"score":332,"percentile":418},"2025-12-13",{"date":426,"score":332,"percentile":427},"2025-12-14",0.99161,{"date":429,"score":332,"percentile":418},"2025-12-15",{"date":431,"score":332,"percentile":427},"2025-12-16",{"date":433,"score":332,"percentile":434},"2025-12-17",0.99163,{"date":436,"score":332,"percentile":437},"2025-12-18",0.99162,{"date":439,"score":332,"percentile":427},"2025-12-19",{"date":441,"score":332,"percentile":434},"2025-12-20",{"date":443,"score":332,"percentile":437},"2025-12-21",{"date":445,"score":332,"percentile":446},"2025-12-22",0.99164,{"date":448,"score":332,"percentile":434},"2025-12-23",{"date":450,"score":332,"percentile":446},"2025-12-24",{"date":452,"score":332,"percentile":453},"2025-12-25",0.99165,{"date":455,"score":332,"percentile":446},"2025-12-26",{"date":457,"score":332,"percentile":458},"2025-12-27",0.99167,{"date":460,"score":332,"percentile":453},"2025-12-28",{"date":462,"score":332,"percentile":463},"2025-12-29",0.99166,{"date":465,"score":332,"percentile":453},"2025-12-30",{"date":467,"score":332,"percentile":463},"2025-12-31",{"date":469,"score":394,"percentile":470},"2026-01-01",0.98538,{"date":472,"score":394,"percentile":470},"2026-01-02",{"date":474,"score":394,"percentile":475},"2026-01-03",0.98537,{"date":477,"score":332,"percentile":478},"2026-01-04",0.99168,{"date":480,"score":332,"percentile":478},"2026-01-05",{"date":482,"score":332,"percentile":458},"2026-01-06",{"date":484,"score":332,"percentile":458},"2026-01-07",{"date":486,"score":332,"percentile":478},"2026-01-08",{"date":488,"score":332,"percentile":478},"2026-01-09",{"date":490,"score":332,"percentile":491},"2026-01-10",0.99169,{"date":493,"score":332,"percentile":463},"2026-01-11",{"date":495,"score":332,"percentile":463},"2026-01-12",{"date":497,"score":332,"percentile":463},"2026-01-13",{"date":499,"score":332,"percentile":478},"2026-01-14",{"date":501,"score":332,"percentile":478},"2026-01-15",{"date":503,"score":332,"percentile":491},"2026-01-16",{"date":505,"score":332,"percentile":478},"2026-01-17",{"date":507,"score":332,"percentile":508},"2026-01-18",0.9917,{"date":510,"score":332,"percentile":491},"2026-01-19",{"date":512,"score":332,"percentile":491},"2026-01-20",{"date":514,"score":332,"percentile":491},"2026-01-21",{"date":516,"score":332,"percentile":491},"2026-01-22",{"date":518,"score":332,"percentile":519},"2026-01-23",0.99171,{"date":521,"score":332,"percentile":508},"2026-01-24",{"date":523,"score":332,"percentile":508},"2026-01-25",{"date":525,"score":332,"percentile":491},"2026-01-26",{"date":527,"score":332,"percentile":508},"2026-01-27",{"date":529,"score":332,"percentile":508},"2026-01-28",{"date":531,"score":332,"percentile":519},"2026-01-29",{"date":533,"score":332,"percentile":534},"2026-01-30",0.99172,{"date":536,"score":332,"percentile":534},"2026-01-31",{"date":538,"score":394,"percentile":539},"2026-02-01",0.98555,[541],{"source":61,"cvss_v2_0":542,"cvss_v3_0":9,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":59,"baseSeverity":9,"vectorString":62,"impactScore":543,"exploitabilityScore":544},2.9,8.6,[546,554],{"ecosystem":9,"name":547,"vendor":9,"product":547,"cpe_part":9,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":548},"Tomcat",[549,552],{"version":550,"is_range":26,"range_type":551,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.1.24","cpe",{"version":553,"is_range":26,"range_type":551,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.0.19",{"ecosystem":555,"name":556,"vendor":557,"product":558,"cpe_part":9,"purl_type":559,"purl_namespace":557,"purl_name":558,"source":9,"versions":560},"Maven","org.apache.tomcat:tomcat","org.apache.tomcat","tomcat","maven",[561,567],{"version":562,"is_range":563,"range_type":564,"version_start":565,"version_start_type":566,"version_end":553,"version_end_type":566,"fixed_in":9},"gte5_0_0_lte5_0_19",true,"ecosystem","5.0.0","including",{"version":568,"is_range":563,"range_type":564,"version_start":569,"version_start_type":566,"version_end":550,"version_end_type":566,"fixed_in":9},"gte4_0_0_lte4_1_24","4.0.0"]