[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2008-0128":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":18,"aliases":19,"duplicate_of":9,"upstream":20,"downstream":21,"duplicates":32,"related":33,"reserved_at":9,"published_at":34,"modified_at":35,"state":36,"summary":37,"references_raw":46,"kevs":151,"epss":152,"epss_history":155,"metrics":406,"affected":411},"CVE-2008-0128","The SingleSignOn Valve (org.apache.catalina.authenticator.SingleSignOn) in Apache Tomcat before 5.5.21 does not set the secure flag for the JSESSIONIDSSO cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":9,"likelihood_of_exploit":9,"capec":17},"CWE-16","Configuration","Weaknesses in this category are typically introduced during the configuration of the software.","category","Obsolete",[],[],[],[],[22,24,26,28,30],{"_key":23},"RHSA-2008:0261",{"_key":25},"RHSA-2008:0524",{"_key":27},"RHSA-2008:0630",{"_key":29},"RHSA-2010:0602",{"_key":31},"DSA-1468-1",[],[],"2008-01-23T01:00:00.000Z","2024-08-07T07:32:23.929Z","Modified",{"cisa_kev":38,"cisa_ransomware":38,"cisa_vendor":9,"epss_severity":39,"epss_score":40,"severity":41,"severity_score":42,"severity_version":43,"severity_source":44,"severity_vector":45,"severity_status":36},false,"low",0.03966,"medium",5,"v2.0","nvd","AV:N/AC:L/Au:N/C:P/I:N/A:N",[47,54,60,65,71,75,81,86,91,95,99,103,108,113,117,122,126,130,134,138,143,147],{"url":48,"sources":49,"tags":51},"http://rhn.redhat.com/errata/RHSA-2008-0630.html",[50,44],"cve.org",[52,53],"Vendor Advisory","X Refsource REDHAT",{"url":55,"sources":56,"tags":57},"http://www.securityfocus.com/bid/27365",[50,44],[58,59],"VDB Entry","X Refsource BID",{"url":61,"sources":62,"tags":63},"http://security-tracker.debian.net/tracker/CVE-2008-0128",[50,44],[64],"X Refsource CONFIRM",{"url":66,"sources":67,"tags":68},"http://secunia.com/advisories/31493",[50,44],[69,70],"Third Party Advisory","X Refsource SECUNIA",{"url":72,"sources":73,"tags":74},"http://secunia.com/advisories/29242",[50,44],[69,70],{"url":76,"sources":77,"tags":78},"http://www.securityfocus.com/archive/1/500412/100/0/threaded",[50,44],[79,80],"Mailing List","X Refsource BUGTRAQ",{"url":82,"sources":83,"tags":84},"http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html",[50,44],[52,85],"X Refsource SUSE",{"url":87,"sources":88,"tags":89},"http://issues.apache.org/bugzilla/show_bug.cgi?id=41217",[50,44],[64,90],"Patch",{"url":92,"sources":93,"tags":94},"http://secunia.com/advisories/33668",[50,44],[69,70],{"url":96,"sources":97,"tags":98},"http://www.securityfocus.com/archive/1/500396/100/0/threaded",[50,44],[79,80],{"url":100,"sources":101,"tags":102},"http://secunia.com/advisories/28549",[50,44],[69,70,52],{"url":104,"sources":105,"tags":106},"https://exchange.xforce.ibmcloud.com/vulnerabilities/39804",[50,44],[58,107],"X Refsource XF",{"url":109,"sources":110,"tags":111},"http://www.vupen.com/english/advisories/2008/0192",[50,44],[58,112],"X Refsource VUPEN",{"url":114,"sources":115,"tags":116},"http://www.vupen.com/english/advisories/2009/0233",[50,44],[58,112],{"url":118,"sources":119,"tags":120},"http://www.debian.org/security/2008/dsa-1468",[50,44],[52,121],"X Refsource DEBIAN",{"url":123,"sources":124,"tags":125},"http://www.redhat.com/support/errata/RHSA-2008-0261.html",[50,44],[52,53],{"url":127,"sources":128,"tags":129},"http://secunia.com/advisories/28552",[50,44],[69,70,52],{"url":131,"sources":132,"tags":133},"http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx",[50,44],[64],{"url":135,"sources":136,"tags":137},"http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540",[50,44],[64],{"url":139,"sources":140,"tags":141},"https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E",[50,44],[79,142],"X Refsource MLIST",{"url":144,"sources":145,"tags":146},"https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E",[50,44],[79,142],{"url":148,"sources":149,"tags":150},"https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E",[50,44],[79,142],[],{"date":153,"score":40,"percentile":154},"2026-06-04",0.88585,[156,160,163,166,169,172,175,178,181,184,187,190,193,196,198,201,204,207,210,213,216,218,221,223,226,229,232,235,238,241,244,247,250,252,254,256,259,262,265,268,270,273,276,278,281,284,287,289,292,294,296,299,302,305,309,312,314,317,319,322,325,328,331,333,336,339,341,343,346,348,350,352,355,358,361,364,366,369,372,375,378,381,384,387,390,393,396,399,401,403],{"date":157,"score":158,"percentile":159},"2025-11-04",0.03858,0.87705,{"date":161,"score":158,"percentile":162},"2025-11-05",0.87707,{"date":164,"score":158,"percentile":165},"2025-11-06",0.87696,{"date":167,"score":158,"percentile":168},"2025-11-07",0.87701,{"date":170,"score":158,"percentile":171},"2025-11-08",0.87704,{"date":173,"score":158,"percentile":174},"2025-11-09",0.87699,{"date":176,"score":158,"percentile":177},"2025-11-10",0.87698,{"date":179,"score":158,"percentile":180},"2025-11-11",0.87703,{"date":182,"score":158,"percentile":183},"2025-11-12",0.87709,{"date":185,"score":158,"percentile":186},"2025-11-13",0.87714,{"date":188,"score":158,"percentile":189},"2025-11-14",0.87718,{"date":191,"score":158,"percentile":192},"2025-11-15",0.87712,{"date":194,"score":158,"percentile":195},"2025-11-16",0.87717,{"date":197,"score":158,"percentile":186},"2025-11-17",{"date":199,"score":158,"percentile":200},"2025-11-18",0.87085,{"date":202,"score":158,"percentile":203},"2025-11-19",0.87088,{"date":205,"score":158,"percentile":206},"2025-11-20",0.87091,{"date":208,"score":158,"percentile":209},"2025-11-21",0.87731,{"date":211,"score":158,"percentile":212},"2025-11-22",0.87727,{"date":214,"score":158,"percentile":215},"2025-11-23",0.87723,{"date":217,"score":158,"percentile":215},"2025-11-24",{"date":219,"score":158,"percentile":220},"2025-11-25",0.87725,{"date":222,"score":158,"percentile":215},"2025-11-26",{"date":224,"score":158,"percentile":225},"2025-11-27",0.87724,{"date":227,"score":158,"percentile":228},"2025-11-28",0.87711,{"date":230,"score":158,"percentile":231},"2025-11-29",0.87785,{"date":233,"score":158,"percentile":234},"2025-11-30",0.87783,{"date":236,"score":158,"percentile":237},"2025-12-01",0.87844,{"date":239,"score":158,"percentile":240},"2025-12-02",0.87847,{"date":242,"score":158,"percentile":243},"2025-12-03",0.87846,{"date":245,"score":158,"percentile":246},"2025-12-04",0.87782,{"date":248,"score":158,"percentile":249},"2025-12-05",0.87784,{"date":251,"score":158,"percentile":246},"2025-12-06",{"date":253,"score":158,"percentile":246},"2025-12-07",{"date":255,"score":158,"percentile":234},"2025-12-08",{"date":257,"score":158,"percentile":258},"2025-12-09",0.87797,{"date":260,"score":158,"percentile":261},"2025-12-10",0.87812,{"date":263,"score":158,"percentile":264},"2025-12-11",0.87817,{"date":266,"score":158,"percentile":267},"2025-12-12",0.87824,{"date":269,"score":158,"percentile":267},"2025-12-13",{"date":271,"score":158,"percentile":272},"2025-12-14",0.87821,{"date":274,"score":158,"percentile":275},"2025-12-15",0.87819,{"date":277,"score":158,"percentile":267},"2025-12-16",{"date":279,"score":158,"percentile":280},"2025-12-17",0.87827,{"date":282,"score":158,"percentile":283},"2025-12-18",0.87835,{"date":285,"score":158,"percentile":286},"2025-12-19",0.87837,{"date":288,"score":158,"percentile":286},"2025-12-20",{"date":290,"score":158,"percentile":291},"2025-12-21",0.87842,{"date":293,"score":158,"percentile":291},"2025-12-22",{"date":295,"score":158,"percentile":243},"2025-12-23",{"date":297,"score":158,"percentile":298},"2025-12-24",0.8785,{"date":300,"score":158,"percentile":301},"2025-12-25",0.87863,{"date":303,"score":158,"percentile":304},"2025-12-26",0.8786,{"date":306,"score":307,"percentile":308},"2025-12-27",0.02898,0.85971,{"date":310,"score":158,"percentile":311},"2025-12-28",0.87848,{"date":313,"score":158,"percentile":291},"2025-12-29",{"date":315,"score":158,"percentile":316},"2025-12-30",0.87851,{"date":318,"score":158,"percentile":301},"2025-12-31",{"date":320,"score":158,"percentile":321},"2026-01-01",0.87922,{"date":323,"score":158,"percentile":324},"2026-01-02",0.87916,{"date":326,"score":158,"percentile":327},"2026-01-03",0.87914,{"date":329,"score":158,"percentile":330},"2026-01-04",0.87852,{"date":332,"score":158,"percentile":298},"2026-01-05",{"date":334,"score":158,"percentile":335},"2026-01-06",0.87854,{"date":337,"score":158,"percentile":338},"2026-01-07",0.87855,{"date":340,"score":158,"percentile":304},"2026-01-08",{"date":342,"score":158,"percentile":304},"2026-01-09",{"date":344,"score":158,"percentile":345},"2026-01-10",0.87861,{"date":347,"score":158,"percentile":335},"2026-01-11",{"date":349,"score":158,"percentile":330},"2026-01-12",{"date":351,"score":158,"percentile":298},"2026-01-13",{"date":353,"score":158,"percentile":354},"2026-01-14",0.87864,{"date":356,"score":158,"percentile":357},"2026-01-15",0.87865,{"date":359,"score":158,"percentile":360},"2026-01-16",0.87869,{"date":362,"score":158,"percentile":363},"2026-01-17",0.8787,{"date":365,"score":158,"percentile":363},"2026-01-18",{"date":367,"score":158,"percentile":368},"2026-01-19",0.87868,{"date":370,"score":158,"percentile":371},"2026-01-20",0.87867,{"date":373,"score":158,"percentile":374},"2026-01-21",0.87872,{"date":376,"score":158,"percentile":377},"2026-01-22",0.87877,{"date":379,"score":158,"percentile":380},"2026-01-23",0.87889,{"date":382,"score":158,"percentile":383},"2026-01-24",0.87896,{"date":385,"score":158,"percentile":386},"2026-01-25",0.87892,{"date":388,"score":158,"percentile":389},"2026-01-26",0.87891,{"date":391,"score":158,"percentile":392},"2026-01-27",0.87893,{"date":394,"score":158,"percentile":395},"2026-01-28",0.87894,{"date":397,"score":158,"percentile":398},"2026-01-29",0.879,{"date":400,"score":158,"percentile":398},"2026-01-30",{"date":402,"score":158,"percentile":383},"2026-01-31",{"date":404,"score":158,"percentile":405},"2026-02-01",0.87966,[407],{"source":44,"cvss_v2_0":408,"cvss_v3_0":9,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":42,"baseSeverity":9,"vectorString":45,"impactScore":409,"exploitabilityScore":410},2.9,10,[412],{"ecosystem":9,"name":413,"vendor":9,"product":413,"cpe_part":9,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":414},"Tomcat",[415],{"version":416,"is_range":417,"range_type":418,"version_start":9,"version_start_type":9,"version_end":419,"version_end_type":420,"fixed_in":9},"lte5.5.20",true,"cpe","5.5.20","including"]