[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2013-1976":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T02:55:30.529Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":195,"aliases":196,"duplicate_of":9,"upstream":197,"downstream":198,"duplicates":219,"related":220,"reserved_at":9,"published_at":227,"modified_at":228,"state":229,"summary":230,"references_raw":239,"kevs":269,"epss":270,"epss_history":273,"metrics":538,"affected":543},"CVE-2013-1976","The (1) tomcat5, (2) tomcat6, and (3) tomcat7 init scripts, as used in the RPM distribution of Tomcat for JBoss Enterprise Web Server 1.0.2 and 2.0.0, and Red Hat Enterprise Linux 5 and 6, allow local users to change the ownership of arbitrary files via a symlink attack on (a) tomcat5-initd.log, (b) tomcat6-initd.log, (c) catalina.out, or (d) tomcat7-initd.log.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-59","Improper Link Resolution Before File Access ('Link Following')","The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.","weakness","Draft","Base","Medium",[20,101,162,191],{"id":21,"name":22,"techniques":23},"CAPEC-132","Symlink Attack",[24],{"id":25,"name":26,"tactics":27,"countermeasures":34},"T1547.009","Shortcut Modification",[28,31],{"id":29,"name":30},"TA0110","Persistence",{"id":32,"name":33},"TA0111","Privilege Escalation",[35,40,44,48,52,57,62,67,72,77,81,85,89,93,97],{"id":36,"name":37,"tactic":38},"D3-FA","File Analysis",{"name":39},"Detect",{"id":41,"name":42,"tactic":43},"D3-FIM","File Integrity Monitoring",{"name":39},{"id":45,"name":46,"tactic":47},"D3-DA","Dynamic Analysis",{"name":39},{"id":49,"name":50,"tactic":51},"D3-EFA","Emulated File Analysis",{"name":39},{"id":53,"name":54,"tactic":55},"D3-FEV","File Eviction",{"name":56},"Evict",{"id":58,"name":59,"tactic":60},"D3-DF","Decoy File",{"name":61},"Deceive",{"id":63,"name":64,"tactic":65},"D3-FE","File Encryption",{"name":66},"Harden",{"id":68,"name":69,"tactic":70},"D3-RF","Restore File",{"name":71},"Restore",{"id":73,"name":74,"tactic":75},"D3-CF","Content Filtering",{"name":76},"Isolate",{"id":78,"name":79,"tactic":80},"D3-LFP","Local File Permissions",{"name":76},{"id":82,"name":83,"tactic":84},"D3-RFAM","Remote File Access Mediation",{"name":76},{"id":86,"name":87,"tactic":88},"D3-CQ","Content Quarantine",{"name":76},{"id":90,"name":91,"tactic":92},"D3-CM","Content Modification",{"name":76},{"id":94,"name":95,"tactic":96},"D3-EAL","Executable Allowlisting",{"name":76},{"id":98,"name":99,"tactic":100},"D3-EDL","Executable Denylisting",{"name":76},{"id":102,"name":103,"techniques":104},"CAPEC-17","Using Malicious Files",[105,142],{"id":106,"name":107,"tactics":108,"countermeasures":120},"T1574.005","Executable Installer File Permissions Weakness",[109,110,111,114,117],{"id":29,"name":30},{"id":32,"name":33},{"id":112,"name":113},"TA0030","Defense Evasion",{"id":115,"name":116},"TA0005","Stealth",{"id":118,"name":119},"TA0104","Execution",[121,126,130,134,138],{"id":122,"name":123,"tactic":124},"D3-SWI","Software Inventory",{"name":125},"Model",{"id":127,"name":128,"tactic":129},"D3-AVE","Asset Vulnerability Enumeration",{"name":125},{"id":131,"name":132,"tactic":133},"D3-SBV","Service Binary Verification",{"name":39},{"id":135,"name":136,"tactic":137},"D3-SU","Software Update",{"name":66},{"id":139,"name":140,"tactic":141},"D3-RS","Restore Software",{"name":71},{"id":143,"name":144,"tactics":145,"countermeasures":151},"T1574.010","Services File Permissions Weakness",[146,147,148,149,150],{"id":29,"name":30},{"id":32,"name":33},{"id":112,"name":113},{"id":115,"name":116},{"id":118,"name":119},[152,154,156,158,160],{"id":122,"name":123,"tactic":153},{"name":125},{"id":127,"name":128,"tactic":155},{"name":125},{"id":131,"name":132,"tactic":157},{"name":39},{"id":135,"name":136,"tactic":159},{"name":66},{"id":139,"name":140,"tactic":161},{"name":71},{"id":163,"name":164,"techniques":165},"CAPEC-35","Leverage Executable Code in Non-Executable Files",[166,173,180],{"id":167,"name":168,"tactics":169,"countermeasures":172},"T1027.006","HTML Smuggling",[170,171],{"id":112,"name":113},{"id":115,"name":116},[],{"id":174,"name":175,"tactics":176,"countermeasures":179},"T1027.009","Embedded Payloads",[177,178],{"id":112,"name":113},{"id":115,"name":116},[],{"id":181,"name":182,"tactics":183,"countermeasures":186},"T1564.009","Resource Forking",[184,185],{"id":112,"name":113},{"id":115,"name":116},[187],{"id":188,"name":189,"tactic":190},"D3-FFV","File Format Verification",{"name":76},{"id":192,"name":193,"techniques":194},"CAPEC-76","Manipulating Web Input to File System Calls",[],[],[],[],[199,201,203,205,207,209,211,213,215,217],{"_key":200},"RHSA-2013:0869",{"_key":202},"RHSA-2013:0870",{"_key":204},"RHSA-2013:0871",{"_key":206},"RHSA-2013:0872",{"_key":208},"SUSE-RU-2023:3956-1",{"_key":210},"SUSE-RU-2023:4991-1",{"_key":212},"OPENSUSE-SU-2024:10153-1",{"_key":214},"OPENSUSE-SU-2024:10446-1",{"_key":216},"OPENSUSE-SU-2024:13441-1",{"_key":218},"MGASA-2014-0082",[],[221,222,223,224,225,226],{"_key":208},{"_key":210},{"_key":212},{"_key":214},{"_key":216},{"_key":218},"2013-07-09T17:00:00.000Z","2024-08-06T15:20:37.484Z","Modified",{"cisa_kev":231,"cisa_ransomware":231,"cisa_vendor":9,"epss_severity":232,"epss_score":233,"severity":234,"severity_score":235,"severity_version":236,"severity_source":237,"severity_vector":238,"severity_status":229},false,"low",0.00033,"medium",6.9,"v2.0","nvd","AV:L/AC:M/Au:N/C:C/I:C/A:C",[240,247,251,256,260,264],{"url":241,"sources":242,"tags":244},"http://rhn.redhat.com/errata/RHSA-2013-0871.html",[243,237],"cve.org",[245,246],"Vendor Advisory","X Refsource REDHAT",{"url":248,"sources":249,"tags":250},"http://rhn.redhat.com/errata/RHSA-2013-0869.html",[243,237],[245,246],{"url":252,"sources":253,"tags":254},"https://bugzilla.redhat.com/show_bug.cgi?id=927622",[243,237],[255,245],"X Refsource CONFIRM",{"url":257,"sources":258,"tags":259},"http://rhn.redhat.com/errata/RHSA-2013-0870.html",[243,237],[245,246],{"url":261,"sources":262,"tags":263},"http://rhn.redhat.com/errata/RHSA-2013-0872.html",[243,237],[245,246],{"url":265,"sources":266,"tags":267},"http://lists.opensuse.org/opensuse-updates/2013-08/msg00013.html",[243,237],[245,268],"X Refsource SUSE",[],{"date":271,"score":233,"percentile":272},"2026-06-04",0.102,[274,277,280,283,286,289,292,295,298,301,304,307,310,313,316,319,322,325,328,331,334,337,340,343,346,349,351,354,357,360,363,366,369,372,375,378,381,384,387,390,393,396,399,402,405,408,411,414,417,420,423,426,429,432,435,438,441,444,446,449,452,455,457,460,463,466,469,471,474,477,479,482,485,488,491,494,497,500,503,506,509,512,515,518,521,523,526,529,532,535],{"date":275,"score":233,"percentile":276},"2025-11-04",0.0874,{"date":278,"score":233,"percentile":279},"2025-11-05",0.0875,{"date":281,"score":233,"percentile":282},"2025-11-06",0.08872,{"date":284,"score":233,"percentile":285},"2025-11-07",0.0889,{"date":287,"score":233,"percentile":288},"2025-11-08",0.08889,{"date":290,"score":233,"percentile":291},"2025-11-09",0.08859,{"date":293,"score":233,"percentile":294},"2025-11-10",0.08817,{"date":296,"score":233,"percentile":297},"2025-11-11",0.08847,{"date":299,"score":233,"percentile":300},"2025-11-12",0.08886,{"date":302,"score":233,"percentile":303},"2025-11-13",0.08927,{"date":305,"score":233,"percentile":306},"2025-11-14",0.0896,{"date":308,"score":233,"percentile":309},"2025-11-15",0.08989,{"date":311,"score":233,"percentile":312},"2025-11-16",0.08995,{"date":314,"score":233,"percentile":315},"2025-11-17",0.08984,{"date":317,"score":233,"percentile":318},"2025-11-18",0.05338,{"date":320,"score":233,"percentile":321},"2025-11-19",0.05366,{"date":323,"score":233,"percentile":324},"2025-11-20",0.05411,{"date":326,"score":233,"percentile":327},"2025-11-21",0.09066,{"date":329,"score":233,"percentile":330},"2025-11-22",0.09012,{"date":332,"score":233,"percentile":333},"2025-11-23",0.08987,{"date":335,"score":233,"percentile":336},"2025-11-24",0.08975,{"date":338,"score":233,"percentile":339},"2025-11-25",0.08971,{"date":341,"score":233,"percentile":342},"2025-11-26",0.08978,{"date":344,"score":233,"percentile":345},"2025-11-27",0.08985,{"date":347,"score":233,"percentile":348},"2025-11-28",0.08961,{"date":350,"score":233,"percentile":312},"2025-11-29",{"date":352,"score":233,"percentile":353},"2025-11-30",0.09003,{"date":355,"score":233,"percentile":356},"2025-12-01",0.09047,{"date":358,"score":233,"percentile":359},"2025-12-02",0.09062,{"date":361,"score":233,"percentile":362},"2025-12-03",0.09091,{"date":364,"score":233,"percentile":365},"2025-12-04",0.09086,{"date":367,"score":233,"percentile":368},"2025-12-05",0.09141,{"date":370,"score":233,"percentile":371},"2025-12-06",0.09155,{"date":373,"score":233,"percentile":374},"2025-12-07",0.09162,{"date":376,"score":233,"percentile":377},"2025-12-08",0.09166,{"date":379,"score":233,"percentile":380},"2025-12-09",0.09225,{"date":382,"score":233,"percentile":383},"2025-12-10",0.09302,{"date":385,"score":233,"percentile":386},"2025-12-11",0.0934,{"date":388,"score":233,"percentile":389},"2025-12-12",0.09365,{"date":391,"score":233,"percentile":392},"2025-12-13",0.09373,{"date":394,"score":233,"percentile":395},"2025-12-14",0.09366,{"date":397,"score":233,"percentile":398},"2025-12-15",0.09282,{"date":400,"score":233,"percentile":401},"2025-12-16",0.09267,{"date":403,"score":233,"percentile":404},"2025-12-17",0.09353,{"date":406,"score":233,"percentile":407},"2025-12-18",0.09408,{"date":409,"score":233,"percentile":410},"2025-12-19",0.09415,{"date":412,"score":233,"percentile":413},"2025-12-20",0.09411,{"date":415,"score":233,"percentile":416},"2025-12-21",0.09391,{"date":418,"score":233,"percentile":419},"2025-12-22",0.09356,{"date":421,"score":233,"percentile":422},"2025-12-23",0.09328,{"date":424,"score":233,"percentile":425},"2025-12-24",0.09335,{"date":427,"score":233,"percentile":428},"2025-12-25",0.09419,{"date":430,"score":233,"percentile":431},"2025-12-26",0.09405,{"date":433,"score":233,"percentile":434},"2025-12-27",0.09367,{"date":436,"score":233,"percentile":437},"2025-12-28",0.09404,{"date":439,"score":233,"percentile":440},"2025-12-29",0.09368,{"date":442,"score":233,"percentile":443},"2025-12-30",0.09351,{"date":445,"score":233,"percentile":437},"2025-12-31",{"date":447,"score":233,"percentile":448},"2026-01-01",0.09442,{"date":450,"score":233,"percentile":451},"2026-01-02",0.09439,{"date":453,"score":233,"percentile":454},"2026-01-03",0.09429,{"date":456,"score":233,"percentile":419},"2026-01-04",{"date":458,"score":233,"percentile":459},"2026-01-05",0.09315,{"date":461,"score":233,"percentile":462},"2026-01-06",0.09292,{"date":464,"score":233,"percentile":465},"2026-01-07",0.09326,{"date":467,"score":233,"percentile":468},"2026-01-08",0.09385,{"date":470,"score":233,"percentile":437},"2026-01-09",{"date":472,"score":233,"percentile":473},"2026-01-10",0.09421,{"date":475,"score":233,"percentile":476},"2026-01-11",0.0937,{"date":478,"score":233,"percentile":443},"2026-01-12",{"date":480,"score":233,"percentile":481},"2026-01-13",0.09322,{"date":483,"score":233,"percentile":484},"2026-01-14",0.09377,{"date":486,"score":233,"percentile":487},"2026-01-15",0.09388,{"date":489,"score":233,"percentile":490},"2026-01-16",0.09428,{"date":492,"score":233,"percentile":493},"2026-01-17",0.09438,{"date":495,"score":233,"percentile":496},"2026-01-18",0.09399,{"date":498,"score":233,"percentile":499},"2026-01-19",0.09357,{"date":501,"score":233,"percentile":502},"2026-01-20",0.09331,{"date":504,"score":233,"percentile":505},"2026-01-21",0.09298,{"date":507,"score":233,"percentile":508},"2026-01-22",0.09285,{"date":510,"score":233,"percentile":511},"2026-01-23",0.09376,{"date":513,"score":233,"percentile":514},"2026-01-24",0.09433,{"date":516,"score":233,"percentile":517},"2026-01-25",0.09354,{"date":519,"score":233,"percentile":520},"2026-01-26",0.09316,{"date":522,"score":233,"percentile":505},"2026-01-27",{"date":524,"score":233,"percentile":525},"2026-01-28",0.09279,{"date":527,"score":233,"percentile":528},"2026-01-29",0.09264,{"date":530,"score":233,"percentile":531},"2026-01-30",0.09274,{"date":533,"score":233,"percentile":534},"2026-01-31",0.09276,{"date":536,"score":233,"percentile":537},"2026-02-01",0.09299,[539],{"source":237,"cvss_v2_0":540,"cvss_v3_0":9,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":235,"baseSeverity":9,"vectorString":238,"impactScore":541,"exploitabilityScore":542},10,3.4,[544,555],{"ecosystem":9,"name":545,"vendor":546,"product":547,"cpe_part":548,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":549},"enterprise linux","redhat","enterprise_linux","o",[550,553],{"version":551,"is_range":231,"range_type":552,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5","cpe",{"version":554,"is_range":231,"range_type":552,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.0",{"ecosystem":9,"name":556,"vendor":546,"product":557,"cpe_part":558,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":559},"jboss enterprise web server","jboss_enterprise_web_server","a",[560,562],{"version":561,"is_range":231,"range_type":552,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"1.0.2",{"version":563,"is_range":231,"range_type":552,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"2.0.0"]