[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2013-4286":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":531,"aliases":532,"duplicate_of":9,"upstream":534,"downstream":535,"duplicates":560,"related":563,"reserved_at":9,"published_at":566,"modified_at":567,"state":568,"summary":569,"references_raw":578,"kevs":887,"epss":888,"epss_history":891,"metrics":1138,"affected":1143},"CVE-2013-4286","Apache Tomcat before 6.0.39, 7.x before 7.0.47, and 8.x before 8.0.0-RC3, when an HTTP connector or AJP connector is used, does not properly handle certain inconsistent HTTP request headers, which allows remote attackers to trigger incorrect identification of a request's length and conduct request-smuggling attacks via (1) multiple Content-Length headers or (2) a Content-Length header and a \"Transfer-Encoding: chunked\" header.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2005-2090.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-20","Improper Input Validation","The product receives input or data, but it does\n        not validate or incorrectly validates that the input has the\n        properties that are required to process the data safely and\n        correctly.","weakness","Stable","Class","High",[20,24,28,32,36,40,44,48,232,236,240,244,248,252,256,260,264,268,272,276,280,284,325,329,333,381,385,389,393,397,401,451,455,459,463,467,471,475,479,483,487,491,495,499,503,507,511,515,519,523,527],{"id":21,"name":22,"techniques":23},"CAPEC-10","Buffer Overflow via Environment Variables",[],{"id":25,"name":26,"techniques":27},"CAPEC-101","Server Side Include (SSI) Injection",[],{"id":29,"name":30,"techniques":31},"CAPEC-104","Cross Zone Scripting",[],{"id":33,"name":34,"techniques":35},"CAPEC-108","Command Line Execution through SQL Injection",[],{"id":37,"name":38,"techniques":39},"CAPEC-109","Object Relational Mapping Injection",[],{"id":41,"name":42,"techniques":43},"CAPEC-110","SQL Injection through SOAP Parameter Tampering",[],{"id":45,"name":46,"techniques":47},"CAPEC-120","Double Encoding",[],{"id":49,"name":50,"techniques":51},"CAPEC-13","Subverting Environment Variable Values",[52,150,192],{"id":53,"name":54,"tactics":55,"countermeasures":62},"T1562.003","Impair Command History Logging",[56,59],{"id":57,"name":58},"TA0030","Defense Evasion",{"id":60,"name":61},"TA0005","Stealth",[63,68,73,77,81,85,90,94,99,104,108,112,117,121,126,130,134,138,142,146],{"id":64,"name":65,"tactic":66},"D3-CI","Configuration Inventory",{"name":67},"Model",{"id":69,"name":70,"tactic":71},"D3-FA","File Analysis",{"name":72},"Detect",{"id":74,"name":75,"tactic":76},"D3-FIM","File Integrity Monitoring",{"name":72},{"id":78,"name":79,"tactic":80},"D3-DA","Dynamic Analysis",{"name":72},{"id":82,"name":83,"tactic":84},"D3-EFA","Emulated File Analysis",{"name":72},{"id":86,"name":87,"tactic":88},"D3-FEV","File Eviction",{"name":89},"Evict",{"id":91,"name":92,"tactic":93},"D3-RKD","Registry Key Deletion",{"name":89},{"id":95,"name":96,"tactic":97},"D3-DF","Decoy File",{"name":98},"Deceive",{"id":100,"name":101,"tactic":102},"D3-DRA","Disable Remote Access",{"name":103},"Harden",{"id":105,"name":106,"tactic":107},"D3-ACH","Application Configuration Hardening",{"name":103},{"id":109,"name":110,"tactic":111},"D3-FE","File Encryption",{"name":103},{"id":113,"name":114,"tactic":115},"D3-RC","Restore Configuration",{"name":116},"Restore",{"id":118,"name":119,"tactic":120},"D3-RF","Restore File",{"name":116},{"id":122,"name":123,"tactic":124},"D3-CQ","Content Quarantine",{"name":125},"Isolate",{"id":127,"name":128,"tactic":129},"D3-CF","Content Filtering",{"name":125},{"id":131,"name":132,"tactic":133},"D3-LFP","Local File Permissions",{"name":125},{"id":135,"name":136,"tactic":137},"D3-RFAM","Remote File Access Mediation",{"name":125},{"id":139,"name":140,"tactic":141},"D3-CM","Content Modification",{"name":125},{"id":143,"name":144,"tactic":145},"D3-EAL","Executable Allowlisting",{"name":125},{"id":147,"name":148,"tactic":149},"D3-EDL","Executable Denylisting",{"name":125},{"id":151,"name":152,"tactics":153,"countermeasures":165},"T1574.006","Dynamic Linker Hijacking",[154,157,160,161,162],{"id":155,"name":156},"TA0110","Persistence",{"id":158,"name":159},"TA0111","Privilege Escalation",{"id":57,"name":58},{"id":60,"name":61},{"id":163,"name":164},"TA0104","Execution",[166,170,172,174,176,178,180,182,184,186,188,190],{"id":167,"name":168,"tactic":169},"D3-SFA","System File Analysis",{"name":72},{"id":69,"name":70,"tactic":171},{"name":72},{"id":74,"name":75,"tactic":173},{"name":72},{"id":86,"name":87,"tactic":175},{"name":89},{"id":95,"name":96,"tactic":177},{"name":98},{"id":109,"name":110,"tactic":179},{"name":103},{"id":118,"name":119,"tactic":181},{"name":116},{"id":127,"name":128,"tactic":183},{"name":125},{"id":131,"name":132,"tactic":185},{"name":125},{"id":135,"name":136,"tactic":187},{"name":125},{"id":122,"name":123,"tactic":189},{"name":125},{"id":139,"name":140,"tactic":191},{"name":125},{"id":193,"name":194,"tactics":195,"countermeasures":201},"T1574.007","Path Interception by PATH Environment Variable",[196,197,198,199,200],{"id":155,"name":156},{"id":158,"name":159},{"id":57,"name":58},{"id":60,"name":61},{"id":163,"name":164},[202,204,206,208,210,212,214,216,218,220,222,224,226,228,230],{"id":69,"name":70,"tactic":203},{"name":72},{"id":74,"name":75,"tactic":205},{"name":72},{"id":78,"name":79,"tactic":207},{"name":72},{"id":82,"name":83,"tactic":209},{"name":72},{"id":86,"name":87,"tactic":211},{"name":89},{"id":95,"name":96,"tactic":213},{"name":98},{"id":109,"name":110,"tactic":215},{"name":103},{"id":118,"name":119,"tactic":217},{"name":116},{"id":127,"name":128,"tactic":219},{"name":125},{"id":131,"name":132,"tactic":221},{"name":125},{"id":135,"name":136,"tactic":223},{"name":125},{"id":122,"name":123,"tactic":225},{"name":125},{"id":139,"name":140,"tactic":227},{"name":125},{"id":143,"name":144,"tactic":229},{"name":125},{"id":147,"name":148,"tactic":231},{"name":125},{"id":233,"name":234,"techniques":235},"CAPEC-135","Format String Injection",[],{"id":237,"name":238,"techniques":239},"CAPEC-136","LDAP Injection",[],{"id":241,"name":242,"techniques":243},"CAPEC-14","Client-side Injection-induced Buffer Overflow",[],{"id":245,"name":246,"techniques":247},"CAPEC-153","Input Data Manipulation",[],{"id":249,"name":250,"techniques":251},"CAPEC-182","Flash Injection",[],{"id":253,"name":254,"techniques":255},"CAPEC-209","XSS Using MIME Type Mismatch",[],{"id":257,"name":258,"techniques":259},"CAPEC-22","Exploiting Trust in Client",[],{"id":261,"name":262,"techniques":263},"CAPEC-23","File Content Injection",[],{"id":265,"name":266,"techniques":267},"CAPEC-230","Serialized Data with Nested Payloads",[],{"id":269,"name":270,"techniques":271},"CAPEC-231","Oversized Serialized Data Payloads",[],{"id":273,"name":274,"techniques":275},"CAPEC-24","Filter Failure through Buffer Overflow",[],{"id":277,"name":278,"techniques":279},"CAPEC-250","XML Injection",[],{"id":281,"name":282,"techniques":283},"CAPEC-261","Fuzzing for garnering other adjacent user/sensitive data",[],{"id":285,"name":286,"techniques":287},"CAPEC-267","Leverage Alternate Encoding",[288],{"id":289,"name":290,"tactics":291,"countermeasures":294},"T1027","Obfuscated Files or Information",[292,293],{"id":57,"name":58},{"id":60,"name":61},[295,297,299,301,303,305,307,309,311,313,315,317,319,321,323],{"id":69,"name":70,"tactic":296},{"name":72},{"id":74,"name":75,"tactic":298},{"name":72},{"id":78,"name":79,"tactic":300},{"name":72},{"id":82,"name":83,"tactic":302},{"name":72},{"id":86,"name":87,"tactic":304},{"name":89},{"id":95,"name":96,"tactic":306},{"name":98},{"id":109,"name":110,"tactic":308},{"name":103},{"id":118,"name":119,"tactic":310},{"name":116},{"id":127,"name":128,"tactic":312},{"name":125},{"id":131,"name":132,"tactic":314},{"name":125},{"id":135,"name":136,"tactic":316},{"name":125},{"id":122,"name":123,"tactic":318},{"name":125},{"id":139,"name":140,"tactic":320},{"name":125},{"id":143,"name":144,"tactic":322},{"name":125},{"id":147,"name":148,"tactic":324},{"name":125},{"id":326,"name":327,"techniques":328},"CAPEC-28","Fuzzing",[],{"id":330,"name":331,"techniques":332},"CAPEC-3","Using Leading 'Ghost' Character Sequences to Bypass Input Filters",[],{"id":334,"name":335,"techniques":336},"CAPEC-31","Accessing/Intercepting/Modifying HTTP Cookies",[337],{"id":338,"name":339,"tactics":340,"countermeasures":344},"T1539","Steal Web Session Cookie",[341],{"id":342,"name":343},"TA0031","Credential Access",[345,349,353,357,361,365,369,373,377],{"id":346,"name":347,"tactic":348},"D3-CCSA","Credential Compromise Scope Analysis",{"name":72},{"id":350,"name":351,"tactic":352},"D3-CR","Credential Revocation",{"name":89},{"id":354,"name":355,"tactic":356},"D3-ANCI","Authentication Cache Invalidation",{"name":89},{"id":358,"name":359,"tactic":360},"D3-DUC","Decoy User Credential",{"name":98},{"id":362,"name":363,"tactic":364},"D3-CH","Credential Hardening",{"name":103},{"id":366,"name":367,"tactic":368},"D3-MFA","Multi-factor Authentication",{"name":103},{"id":370,"name":371,"tactic":372},"D3-CRO","Credential Rotation",{"name":103},{"id":374,"name":375,"tactic":376},"D3-RIC","Reissue Credential",{"name":116},{"id":378,"name":379,"tactic":380},"D3-CTS","Credential Transmission Scoping",{"name":125},{"id":382,"name":383,"techniques":384},"CAPEC-42","MIME Conversion",[],{"id":386,"name":387,"techniques":388},"CAPEC-43","Exploiting Multiple Input Interpretation Layers",[],{"id":390,"name":391,"techniques":392},"CAPEC-45","Buffer Overflow via Symbolic Links",[],{"id":394,"name":395,"techniques":396},"CAPEC-46","Overflow Variables and Tags",[],{"id":398,"name":399,"techniques":400},"CAPEC-47","Buffer Overflow via Parameter Expansion",[],{"id":402,"name":403,"techniques":404},"CAPEC-473","Signature Spoof",[405,442],{"id":406,"name":407,"tactics":408,"countermeasures":411},"T1036.001","Invalid Code Signature",[409,410],{"id":57,"name":58},{"id":60,"name":61},[412,414,416,418,420,422,424,426,428,430,432,434,436,438,440],{"id":69,"name":70,"tactic":413},{"name":72},{"id":74,"name":75,"tactic":415},{"name":72},{"id":78,"name":79,"tactic":417},{"name":72},{"id":82,"name":83,"tactic":419},{"name":72},{"id":86,"name":87,"tactic":421},{"name":89},{"id":95,"name":96,"tactic":423},{"name":98},{"id":109,"name":110,"tactic":425},{"name":103},{"id":118,"name":119,"tactic":427},{"name":116},{"id":127,"name":128,"tactic":429},{"name":125},{"id":131,"name":132,"tactic":431},{"name":125},{"id":135,"name":136,"tactic":433},{"name":125},{"id":122,"name":123,"tactic":435},{"name":125},{"id":139,"name":140,"tactic":437},{"name":125},{"id":143,"name":144,"tactic":439},{"name":125},{"id":147,"name":148,"tactic":441},{"name":125},{"id":443,"name":444,"tactics":445,"countermeasures":450},"T1553.002","Code Signing",[446,447],{"id":57,"name":58},{"id":448,"name":449},"TA0112","Defense Impairment",[],{"id":452,"name":453,"techniques":454},"CAPEC-52","Embedding NULL Bytes",[],{"id":456,"name":457,"techniques":458},"CAPEC-53","Postfix, Null Terminate, and Backslash",[],{"id":460,"name":461,"techniques":462},"CAPEC-588","DOM-Based XSS",[],{"id":464,"name":465,"techniques":466},"CAPEC-63","Cross-Site Scripting (XSS)",[],{"id":468,"name":469,"techniques":470},"CAPEC-64","Using Slashes and URL Encoding Combined to Bypass Validation Logic",[],{"id":472,"name":473,"techniques":474},"CAPEC-664","Server Side Request Forgery",[],{"id":476,"name":477,"techniques":478},"CAPEC-67","String Format Overflow in syslog()",[],{"id":480,"name":481,"techniques":482},"CAPEC-7","Blind SQL Injection",[],{"id":484,"name":485,"techniques":486},"CAPEC-71","Using Unicode Encoding to Bypass Validation Logic",[],{"id":488,"name":489,"techniques":490},"CAPEC-72","URL Encoding",[],{"id":492,"name":493,"techniques":494},"CAPEC-73","User-Controlled Filename",[],{"id":496,"name":497,"techniques":498},"CAPEC-78","Using Escaped Slashes in Alternate Encoding",[],{"id":500,"name":501,"techniques":502},"CAPEC-79","Using Slashes in Alternate Encoding",[],{"id":504,"name":505,"techniques":506},"CAPEC-8","Buffer Overflow in an API Call",[],{"id":508,"name":509,"techniques":510},"CAPEC-80","Using UTF-8 Encoding to Bypass Validation Logic",[],{"id":512,"name":513,"techniques":514},"CAPEC-81","Web Server Logs Tampering",[],{"id":516,"name":517,"techniques":518},"CAPEC-83","XPath Injection",[],{"id":520,"name":521,"techniques":522},"CAPEC-85","AJAX Footprinting",[],{"id":524,"name":525,"techniques":526},"CAPEC-88","OS Command Injection",[],{"id":528,"name":529,"techniques":530},"CAPEC-9","Buffer Overflow in Local Command-Line Utilities",[],[],[533],"GHSA-j448-j653-r3vj",[],[536,538,540,542,544,546,548,550,552,554,556,558],{"_key":537},"RHSA-2014:0343",{"_key":539},"RHSA-2014:0344",{"_key":541},"RHSA-2014:0686",{"_key":543},"UBUNTU-CVE-2013-4286",{"_key":545},"DLA-91-1",{"_key":547},"DSA-2897-1",{"_key":549},"DSA-3530-1",{"_key":551},"MGASA-2014-0148",{"_key":553},"MGASA-2014-0149",{"_key":555},"RHSA-2014:0429",{"_key":557},"RHSA-2014:0525",{"_key":559},"RHSA-2014:0526",[561],{"_key":562},"CVE-2014-4286",[564,565],{"_key":551},{"_key":553},"2014-02-26T11:00:00.000Z","2024-08-06T16:38:01.900Z","Modified",{"cisa_kev":570,"cisa_ransomware":570,"cisa_vendor":9,"epss_severity":571,"epss_score":572,"severity":573,"severity_score":574,"severity_version":575,"severity_source":576,"severity_vector":577,"severity_status":568},false,"high",0.23601,"medium",5.8,"v2.0","nvd","AV:N/AC:M/Au:N/C:P/I:P/A:N",[579,588,594,599,603,608,612,617,621,625,631,635,639,643,648,652,656,660,664,668,672,676,680,684,688,692,697,701,705,709,714,718,722,726,730,734,738,742,748,752,757,761,765,769,773,777,782,786,790,794,798,802,806,810,814,818,822,826,830,834,838,842,846,850,854,858,862,866,870,874,878,882],{"url":580,"sources":581,"tags":584},"http://rhn.redhat.com/errata/RHSA-2014-0345.html",[582,576,583],"cve.org","osv_maven",[585,586,587],"Vendor Advisory","X Refsource REDHAT","WEB",{"url":589,"sources":590,"tags":591},"http://secunia.com/advisories/59733",[582,576],[592,593],"Third Party Advisory","X Refsource SECUNIA",{"url":595,"sources":596,"tags":597},"http://www.vmware.com/security/advisories/VMSA-2014-0012.html",[582,576,583],[598,587],"X Refsource CONFIRM",{"url":600,"sources":601,"tags":602},"https://rhn.redhat.com/errata/RHSA-2014-0686.html",[582,576,583],[585,586,587],{"url":604,"sources":605,"tags":606},"http://www.mandriva.com/security/advisories?name=MDVSA-2015:052",[582,576,583],[585,607,587],"X Refsource MANDRIVA",{"url":609,"sources":610,"tags":611},"http://secunia.com/advisories/59724",[582,576],[592,593],{"url":613,"sources":614,"tags":615},"http://www.debian.org/security/2016/dsa-3530",[582,576,583],[585,616,587],"X Refsource DEBIAN",{"url":618,"sources":619,"tags":620},"http://tomcat.apache.org/security-7.html",[582,576,583],[598,585,587],{"url":622,"sources":623,"tags":624},"http://secunia.com/advisories/57675",[582,576],[592,593],{"url":626,"sources":627,"tags":628},"http://www.securityfocus.com/archive/1/534161/100/0/threaded",[582,576],[629,630],"Mailing List","X Refsource BUGTRAQ",{"url":632,"sources":633,"tags":634},"http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html",[582,576,583],[598,587],{"url":636,"sources":637,"tags":638},"http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",[582,576,583],[598,587],{"url":640,"sources":641,"tags":642},"http://rhn.redhat.com/errata/RHSA-2014-0344.html",[582,576,583],[585,586,587],{"url":644,"sources":645,"tags":646},"http://marc.info/?l=bugtraq&m=141390017113542&w=2",[582,576,583],[585,647,587],"X Refsource HP",{"url":649,"sources":650,"tags":651},"http://www-01.ibm.com/support/docview.wss?uid=swg21678113",[582,576],[598],{"url":653,"sources":654,"tags":655},"http://tomcat.apache.org/security-8.html",[582,576,583],[598,585,587],{"url":657,"sources":658,"tags":659},"http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html",[582,576,583],[598,587],{"url":661,"sources":662,"tags":663},"http://www-01.ibm.com/support/docview.wss?uid=swg21677147",[582,576],[598],{"url":665,"sources":666,"tags":667},"http://www-01.ibm.com/support/docview.wss?uid=swg21678231",[582,576],[598],{"url":669,"sources":670,"tags":671},"http://advisories.mageia.org/MGASA-2014-0148.html",[582,576,583],[598,587],{"url":673,"sources":674,"tags":675},"http://secunia.com/advisories/59722",[582,576],[592,593],{"url":677,"sources":678,"tags":679},"http://tomcat.apache.org/security-6.html",[582,576,583],[598,585,587],{"url":681,"sources":682,"tags":683},"https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013",[582,576,583],[598,587],{"url":685,"sources":686,"tags":687},"http://secunia.com/advisories/59675",[582,576],[592,593],{"url":689,"sources":690,"tags":691},"http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html",[582,576,583],[598,587],{"url":693,"sources":694,"tags":695},"http://www.ubuntu.com/usn/USN-2130-1",[582,576,583],[585,696,587],"X Refsource UBUNTU",{"url":698,"sources":699,"tags":700},"http://secunia.com/advisories/59873",[582,576],[592,593],{"url":702,"sources":703,"tags":704},"http://rhn.redhat.com/errata/RHSA-2014-0343.html",[582,576,583],[585,586,587],{"url":706,"sources":707,"tags":708},"http://svn.apache.org/viewvc?view=revision&revision=1521854",[582,576,583],[598,587],{"url":710,"sources":711,"tags":712},"http://seclists.org/fulldisclosure/2014/Dec/23",[582,576],[629,713],"X Refsource FULLDISC",{"url":715,"sources":716,"tags":717},"http://www-01.ibm.com/support/docview.wss?uid=swg21667883",[582,576],[598],{"url":719,"sources":720,"tags":721},"https://bugzilla.redhat.com/show_bug.cgi?id=1069921",[582,576,583],[598,587],{"url":723,"sources":724,"tags":725},"http://marc.info/?l=bugtraq&m=144498216801440&w=2",[582,576,583],[585,647,587],{"url":727,"sources":728,"tags":729},"http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html",[582,576,583],[598,587],{"url":731,"sources":732,"tags":733},"http://svn.apache.org/viewvc?view=revision&revision=1552565",[582,576,583],[598,587],{"url":735,"sources":736,"tags":737},"http://www-01.ibm.com/support/docview.wss?uid=swg21675886",[582,576,583],[598,587],{"url":739,"sources":740,"tags":741},"http://svn.apache.org/viewvc?view=revision&revision=1521829",[582,576,583],[598,587],{"url":743,"sources":744,"tags":745},"http://www.securityfocus.com/bid/65773",[582,576],[746,747],"VDB Entry","X Refsource BID",{"url":749,"sources":750,"tags":751},"http://secunia.com/advisories/59036",[582,576],[592,593],{"url":753,"sources":754,"tags":755},"https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E",[582,576],[629,756],"X Refsource MLIST",{"url":758,"sources":759,"tags":760},"https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E",[582,576],[629,756],{"url":762,"sources":763,"tags":764},"https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E",[582,576],[629,756],{"url":766,"sources":767,"tags":768},"https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E",[582,576],[629,756],{"url":770,"sources":771,"tags":772},"https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E",[582,576],[629,756],{"url":774,"sources":775,"tags":776},"https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E",[582,576],[629,756],{"url":778,"sources":779,"tags":780},"https://nvd.nist.gov/vuln/detail/CVE-2013-4286",[583],[781],"Advisory",{"url":783,"sources":784,"tags":785},"https://github.com/apache/tomcat/commit/41b90b6ebc3e7f898a5a87d197ddf63790d33315",[583],[587],{"url":787,"sources":788,"tags":789},"https://github.com/apache/tomcat/commit/7c040003f1387795356605566be7870cf70e05dc",[583],[587],{"url":791,"sources":792,"tags":793},"https://github.com/apache/tomcat/commit/bcce3e4997a4ed06fe03e2517443f3ad8ade2dfa",[583],[587],{"url":795,"sources":796,"tags":797},"https://github.com/apache/tomcat/commit/d0b3e252eb168fafbfb4c3efc16d4192fc8fad6c",[583],[587],{"url":799,"sources":800,"tags":801},"https://github.com/apache/tomcat80/commit/ff00954b78e6484e40f323c0cef2e6d95c2882b9",[583],[587],{"url":803,"sources":804,"tags":805},"https://web.archive.org/web/20141230041748/http://seclists.org/fulldisclosure/2014/Dec/23",[583],[587],{"url":807,"sources":808,"tags":809},"https://web.archive.org/web/20160317145515/http://www.securityfocus.com/archive/1/534161/100/0/threaded",[583],[587],{"url":811,"sources":812,"tags":813},"https://web.archive.org/web/20160729061926/http://www.securityfocus.com/bid/65773",[583],[587],{"url":815,"sources":816,"tags":817},"https://web.archive.org/web/20161014054543/http://www-01.ibm.com/support/docview.wss?uid=swg21678231",[583],[587],{"url":819,"sources":820,"tags":821},"https://web.archive.org/web/20161014054838/http://www-01.ibm.com/support/docview.wss?uid=swg21677147",[583],[587],{"url":823,"sources":824,"tags":825},"https://web.archive.org/web/20161014054913/http://www-01.ibm.com/support/docview.wss?uid=swg21678113",[583],[587],{"url":827,"sources":828,"tags":829},"https://web.archive.org/web/20161014054948/http://www-01.ibm.com/support/docview.wss?uid=swg21667883",[583],[587],{"url":831,"sources":832,"tags":833},"https://web.archive.org/web/20161024215453/http://secunia.com/advisories/59873",[583],[587],{"url":835,"sources":836,"tags":837},"https://web.archive.org/web/20161024215639/http://secunia.com/advisories/59722",[583],[587],{"url":839,"sources":840,"tags":841},"https://web.archive.org/web/20161024215804/http://secunia.com/advisories/59675",[583],[587],{"url":843,"sources":844,"tags":845},"https://web.archive.org/web/20161024220018/http://secunia.com/advisories/59724",[583],[587],{"url":847,"sources":848,"tags":849},"https://web.archive.org/web/20161024220034/http://secunia.com/advisories/59733",[583],[587],{"url":851,"sources":852,"tags":853},"https://web.archive.org/web/20140804172142/http://secunia.com/advisories/59036",[583],[587],{"url":855,"sources":856,"tags":857},"https://web.archive.org/web/20140724174205/http://secunia.com/advisories/57675",[583],[587],{"url":859,"sources":860,"tags":861},"https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E",[583],[587],{"url":863,"sources":864,"tags":865},"https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E",[583],[587],{"url":867,"sources":868,"tags":869},"https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E",[583],[587],{"url":871,"sources":872,"tags":873},"https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E",[583],[587],{"url":875,"sources":876,"tags":877},"https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E",[583],[587],{"url":879,"sources":880,"tags":881},"https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E",[583],[587],{"url":883,"sources":884,"tags":885},"https://github.com/apache/tomcat",[583],[886],"PACKAGE",[],{"date":889,"score":572,"percentile":890},"2026-06-04",0.96086,[892,896,899,901,904,907,909,911,913,916,919,922,924,926,929,932,935,937,940,942,945,948,951,954,957,959,962,964,968,970,973,976,979,981,983,986,989,992,995,998,1001,1004,1007,1010,1013,1016,1019,1021,1023,1025,1027,1030,1033,1036,1040,1043,1045,1047,1050,1053,1056,1059,1062,1065,1067,1069,1072,1075,1078,1080,1082,1084,1087,1090,1093,1096,1099,1101,1103,1106,1109,1112,1115,1118,1121,1124,1127,1130,1133,1135],{"date":893,"score":894,"percentile":895},"2025-11-04",0.26065,0.96056,{"date":897,"score":894,"percentile":898},"2025-11-05",0.96054,{"date":900,"score":894,"percentile":895},"2025-11-06",{"date":902,"score":894,"percentile":903},"2025-11-07",0.96058,{"date":905,"score":894,"percentile":906},"2025-11-08",0.96057,{"date":908,"score":894,"percentile":906},"2025-11-09",{"date":910,"score":894,"percentile":906},"2025-11-10",{"date":912,"score":894,"percentile":903},"2025-11-11",{"date":914,"score":894,"percentile":915},"2025-11-12",0.96061,{"date":917,"score":894,"percentile":918},"2025-11-13",0.96062,{"date":920,"score":894,"percentile":921},"2025-11-14",0.96064,{"date":923,"score":894,"percentile":921},"2025-11-15",{"date":925,"score":894,"percentile":921},"2025-11-16",{"date":927,"score":894,"percentile":928},"2025-11-17",0.96063,{"date":930,"score":894,"percentile":931},"2025-11-18",0.95962,{"date":933,"score":894,"percentile":934},"2025-11-19",0.95963,{"date":936,"score":894,"percentile":934},"2025-11-20",{"date":938,"score":894,"percentile":939},"2025-11-21",0.96071,{"date":941,"score":894,"percentile":939},"2025-11-22",{"date":943,"score":894,"percentile":944},"2025-11-23",0.9607,{"date":946,"score":894,"percentile":947},"2025-11-24",0.96073,{"date":949,"score":894,"percentile":950},"2025-11-25",0.96075,{"date":952,"score":894,"percentile":953},"2025-11-26",0.96077,{"date":955,"score":894,"percentile":956},"2025-11-27",0.96079,{"date":958,"score":894,"percentile":950},"2025-11-28",{"date":960,"score":894,"percentile":961},"2025-11-29",0.96078,{"date":963,"score":894,"percentile":956},"2025-11-30",{"date":965,"score":966,"percentile":967},"2025-12-01",0.3665,0.96975,{"date":969,"score":966,"percentile":967},"2025-12-02",{"date":971,"score":966,"percentile":972},"2025-12-03",0.96977,{"date":974,"score":894,"percentile":975},"2025-12-04",0.96082,{"date":977,"score":894,"percentile":978},"2025-12-05",0.96084,{"date":980,"score":894,"percentile":978},"2025-12-06",{"date":982,"score":894,"percentile":978},"2025-12-07",{"date":984,"score":894,"percentile":985},"2025-12-08",0.96085,{"date":987,"score":894,"percentile":988},"2025-12-09",0.96087,{"date":990,"score":894,"percentile":991},"2025-12-10",0.96091,{"date":993,"score":894,"percentile":994},"2025-12-11",0.96093,{"date":996,"score":894,"percentile":997},"2025-12-12",0.96094,{"date":999,"score":894,"percentile":1000},"2025-12-13",0.96096,{"date":1002,"score":894,"percentile":1003},"2025-12-14",0.96092,{"date":1005,"score":894,"percentile":1006},"2025-12-15",0.96095,{"date":1008,"score":894,"percentile":1009},"2025-12-16",0.96099,{"date":1011,"score":894,"percentile":1012},"2025-12-17",0.96101,{"date":1014,"score":894,"percentile":1015},"2025-12-18",0.96103,{"date":1017,"score":894,"percentile":1018},"2025-12-19",0.96102,{"date":1020,"score":894,"percentile":1015},"2025-12-20",{"date":1022,"score":894,"percentile":1018},"2025-12-21",{"date":1024,"score":894,"percentile":1015},"2025-12-22",{"date":1026,"score":894,"percentile":1018},"2025-12-23",{"date":1028,"score":894,"percentile":1029},"2025-12-24",0.96106,{"date":1031,"score":894,"percentile":1032},"2025-12-25",0.96111,{"date":1034,"score":894,"percentile":1035},"2025-12-26",0.96109,{"date":1037,"score":1038,"percentile":1039},"2025-12-27",0.24915,0.95988,{"date":1041,"score":894,"percentile":1042},"2025-12-28",0.96108,{"date":1044,"score":894,"percentile":1042},"2025-12-29",{"date":1046,"score":894,"percentile":1035},"2025-12-30",{"date":1048,"score":894,"percentile":1049},"2025-12-31",0.96113,{"date":1051,"score":966,"percentile":1052},"2026-01-01",0.97017,{"date":1054,"score":966,"percentile":1055},"2026-01-02",0.97018,{"date":1057,"score":966,"percentile":1058},"2026-01-03",0.97019,{"date":1060,"score":894,"percentile":1061},"2026-01-04",0.96105,{"date":1063,"score":894,"percentile":1064},"2026-01-05",0.96104,{"date":1066,"score":894,"percentile":1061},"2026-01-06",{"date":1068,"score":894,"percentile":1029},"2026-01-07",{"date":1070,"score":894,"percentile":1071},"2026-01-08",0.96107,{"date":1073,"score":894,"percentile":1074},"2026-01-09",0.9611,{"date":1076,"score":894,"percentile":1077},"2026-01-10",0.96112,{"date":1079,"score":894,"percentile":1074},"2026-01-11",{"date":1081,"score":894,"percentile":1032},"2026-01-12",{"date":1083,"score":894,"percentile":1074},"2026-01-13",{"date":1085,"score":894,"percentile":1086},"2026-01-14",0.96116,{"date":1088,"score":894,"percentile":1089},"2026-01-15",0.96117,{"date":1091,"score":894,"percentile":1092},"2026-01-16",0.96119,{"date":1094,"score":894,"percentile":1095},"2026-01-17",0.96122,{"date":1097,"score":894,"percentile":1098},"2026-01-18",0.96124,{"date":1100,"score":894,"percentile":1098},"2026-01-19",{"date":1102,"score":894,"percentile":1098},"2026-01-20",{"date":1104,"score":894,"percentile":1105},"2026-01-21",0.96125,{"date":1107,"score":894,"percentile":1108},"2026-01-22",0.96126,{"date":1110,"score":894,"percentile":1111},"2026-01-23",0.96131,{"date":1113,"score":894,"percentile":1114},"2026-01-24",0.96134,{"date":1116,"score":894,"percentile":1117},"2026-01-25",0.96136,{"date":1119,"score":894,"percentile":1120},"2026-01-26",0.96137,{"date":1122,"score":894,"percentile":1123},"2026-01-27",0.96138,{"date":1125,"score":894,"percentile":1126},"2026-01-28",0.96139,{"date":1128,"score":894,"percentile":1129},"2026-01-29",0.9614,{"date":1131,"score":894,"percentile":1132},"2026-01-30",0.96141,{"date":1134,"score":894,"percentile":1132},"2026-01-31",{"date":1136,"score":966,"percentile":1137},"2026-02-01",0.97045,[1139],{"source":576,"cvss_v2_0":1140,"cvss_v3_0":9,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":574,"baseSeverity":9,"vectorString":577,"impactScore":1141,"exploitabilityScore":1142},4.9,8.6,[1144,1517],{"ecosystem":9,"name":1145,"vendor":9,"product":1145,"cpe_part":9,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":1146},"Tomcat",[1147,1150,1152,1154,1156,1158,1160,1162,1164,1166,1168,1170,1172,1174,1176,1178,1180,1182,1184,1186,1188,1190,1192,1194,1196,1198,1200,1202,1204,1206,1208,1210,1212,1214,1216,1218,1220,1222,1224,1226,1228,1230,1232,1234,1236,1238,1240,1242,1247,1249,1251,1253,1255,1257,1259,1261,1263,1265,1267,1269,1271,1273,1275,1277,1279,1281,1283,1285,1287,1289,1291,1293,1295,1297,1299,1301,1303,1305,1307,1309,1311,1313,1315,1317,1319,1321,1323,1325,1327,1329,1331,1333,1335,1337,1339,1341,1343,1345,1347,1349,1351,1353,1355,1357,1359,1361,1363,1365,1367,1369,1371,1373,1375,1377,1379,1381,1383,1385,1387,1389,1391,1393,1395,1397,1399,1401,1403,1405,1407,1409,1411,1413,1415,1417,1419,1421,1423,1425,1427,1429,1431,1433,1435,1437,1439,1441,1443,1445,1447,1449,1451,1453,1455,1457,1459,1461,1463,1465,1467,1469,1471,1473,1475,1477,1479,1481,1483,1485,1487,1489,1491,1493,1495,1497,1499,1501,1503,1505,1507,1509,1511,1513,1515],{"version":1148,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.0.0","cpe",{"version":1151,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.0.0:beta",{"version":1153,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.0.1",{"version":1155,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.0.2",{"version":1157,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.0.2:beta",{"version":1159,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.0.3",{"version":1161,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.0.4",{"version":1163,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.0.4:beta",{"version":1165,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.0.10",{"version":1167,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.0.11",{"version":1169,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.0.12",{"version":1171,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.0.13",{"version":1173,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.0.14",{"version":1175,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.0.15",{"version":1177,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.0.16",{"version":1179,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.0.17",{"version":1181,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.0.18",{"version":1183,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.0.19",{"version":1185,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.0.20",{"version":1187,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.0.21",{"version":1189,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.0.22",{"version":1191,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.0.23",{"version":1193,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.0.24",{"version":1195,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.0.25",{"version":1197,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.0.26",{"version":1199,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.0.27",{"version":1201,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.0.28",{"version":1203,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.0.29",{"version":1205,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.0.30",{"version":1207,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.0.31",{"version":1209,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.0.32",{"version":1211,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.0.33",{"version":1213,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.0.34",{"version":1215,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.0.35",{"version":1217,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.0.36",{"version":1219,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.0.37",{"version":1221,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.0.38",{"version":1223,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.0.39",{"version":1225,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.0.40",{"version":1227,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.0.41",{"version":1229,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.0.42",{"version":1231,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.0.43",{"version":1233,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.0.44",{"version":1235,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.0.45",{"version":1237,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.0.46",{"version":1239,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"8.0.0:rc1",{"version":1241,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"8.0.0:rc2",{"version":1243,"is_range":1244,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":1245,"version_end_type":1246,"fixed_in":9},"lte6.0.37",true,"6.0.37","including",{"version":1248,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"1.1.3",{"version":1250,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"3.0",{"version":1252,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"3.1",{"version":1254,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"3.1.1",{"version":1256,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"3.2",{"version":1258,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"3.2.1",{"version":1260,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"3.2.2",{"version":1262,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"3.2.2:beta2",{"version":1264,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"3.2.3",{"version":1266,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"3.2.4",{"version":1268,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"3.3",{"version":1270,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"3.3.1",{"version":1272,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"3.3.1a",{"version":1274,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"3.3.2",{"version":1276,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4",{"version":1278,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.0.0",{"version":1280,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.0.1",{"version":1282,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.0.2",{"version":1284,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.0.3",{"version":1286,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.0.4",{"version":1288,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.0.5",{"version":1290,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.0.6",{"version":1292,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.1.0",{"version":1294,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.1.1",{"version":1296,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.1.2",{"version":1298,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.1.3",{"version":1300,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.1.3:beta",{"version":1302,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.1.9:beta",{"version":1304,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.1.10",{"version":1306,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.1.12",{"version":1308,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.1.15",{"version":1310,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.1.24",{"version":1312,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.1.28",{"version":1314,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.1.29",{"version":1316,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.1.31",{"version":1318,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.1.36",{"version":1320,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5",{"version":1322,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.0.0",{"version":1324,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.0.1",{"version":1326,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.0.2",{"version":1328,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.0.3",{"version":1330,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.0.4",{"version":1332,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.0.5",{"version":1334,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.0.6",{"version":1336,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.0.7",{"version":1338,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.0.8",{"version":1340,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.0.9",{"version":1342,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.0.10",{"version":1344,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.0.11",{"version":1346,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.0.12",{"version":1348,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.0.13",{"version":1350,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.0.14",{"version":1352,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.0.15",{"version":1354,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.0.16",{"version":1356,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.0.17",{"version":1358,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.0.18",{"version":1360,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.0.19",{"version":1362,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.0.21",{"version":1364,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.0.22",{"version":1366,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.0.23",{"version":1368,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.0.24",{"version":1370,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.0.25",{"version":1372,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.0.26",{"version":1374,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.0.27",{"version":1376,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.0.28",{"version":1378,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.0.29",{"version":1380,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.0.30",{"version":1382,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.5.0",{"version":1384,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.5.1",{"version":1386,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.5.2",{"version":1388,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.5.3",{"version":1390,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.5.4",{"version":1392,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.5.5",{"version":1394,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.5.6",{"version":1396,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.5.7",{"version":1398,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.5.8",{"version":1400,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.5.9",{"version":1402,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.5.10",{"version":1404,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.5.11",{"version":1406,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.5.12",{"version":1408,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.5.13",{"version":1410,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.5.14",{"version":1412,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.5.15",{"version":1414,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.5.16",{"version":1416,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.5.17",{"version":1418,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.5.18",{"version":1420,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.5.19",{"version":1422,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.5.20",{"version":1424,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.5.21",{"version":1426,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.5.22",{"version":1428,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.5.23",{"version":1430,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.5.24",{"version":1432,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.5.25",{"version":1434,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.5.26",{"version":1436,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.5.27",{"version":1438,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.5.28",{"version":1440,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.5.29",{"version":1442,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.5.30",{"version":1444,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.5.31",{"version":1446,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.5.32",{"version":1448,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.5.33",{"version":1450,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.5.34",{"version":1452,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.5.35",{"version":1454,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6",{"version":1456,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.0",{"version":1458,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.0.0",{"version":1460,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.0.0:alpha",{"version":1462,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.0.1",{"version":1464,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.0.1:alpha",{"version":1466,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.0.2",{"version":1468,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.0.2:alpha",{"version":1470,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.0.2:beta",{"version":1472,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.0.3",{"version":1474,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.0.10",{"version":1476,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.0.11",{"version":1478,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.0.12",{"version":1480,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.0.13",{"version":1482,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.0.14",{"version":1484,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.0.15",{"version":1486,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.0.16",{"version":1488,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.0.17",{"version":1490,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.0.18",{"version":1492,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.0.19",{"version":1494,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.0.20",{"version":1496,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.0.24",{"version":1498,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.0.26",{"version":1500,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.0.27",{"version":1502,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.0.28",{"version":1504,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.0.29",{"version":1506,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.0.30",{"version":1508,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.0.31",{"version":1510,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.0.32",{"version":1512,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.0.33",{"version":1514,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.0.35",{"version":1516,"is_range":570,"range_type":1149,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.0.36",{"ecosystem":1518,"name":1519,"vendor":1520,"product":1521,"cpe_part":9,"purl_type":1522,"purl_namespace":1520,"purl_name":1521,"source":9,"versions":1523},"Maven","org.apache.tomcat:tomcat","org.apache.tomcat","tomcat","maven",[1524,1529,1532],{"version":1525,"is_range":1244,"range_type":1526,"version_start":9,"version_start_type":9,"version_end":1527,"version_end_type":1528,"fixed_in":9},"lt6_0_39","ecosystem","6.0.39","excluding",{"version":1530,"is_range":1244,"range_type":1526,"version_start":1148,"version_start_type":1246,"version_end":1531,"version_end_type":1528,"fixed_in":9},"gte7_0_0_lt7_0_47","7.0.47",{"version":1533,"is_range":1244,"range_type":1526,"version_start":1534,"version_start_type":1246,"version_end":1535,"version_end_type":1528,"fixed_in":9},"gte8_0_0_RC1_lt8_0_0_RC3","8.0.0-RC1","8.0.0-RC3"]