[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2016-9775":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T14:55:33.319Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":18,"aliases":19,"duplicate_of":9,"upstream":20,"downstream":21,"duplicates":34,"related":35,"reserved_at":9,"published_at":36,"modified_at":37,"state":38,"summary":39,"references_raw":48,"kevs":100,"epss":101,"epss_history":104,"metrics":367,"affected":378},"CVE-2016-9775","The postrm script in the tomcat6 package before 6.0.45+dfsg-1~deb7u3 on Debian wheezy, before 6.0.45+dfsg-1~deb8u1 on Debian jessie, before 6.0.35-1ubuntu3.9 on Ubuntu 12.04 LTS and on Ubuntu 14.04 LTS; the tomcat7 package before 7.0.28-4+deb7u7 on Debian wheezy, before 7.0.56-3+deb8u6 on Debian jessie, before 7.0.52-1ubuntu0.8 on Ubuntu 14.04 LTS, and on Ubuntu 12.04 LTS, 16.04 LTS, and 16.10; and the tomcat8 package before 8.0.14-1+deb8u5 on Debian jessie, before 8.0.32-1ubuntu1.3 on Ubuntu 16.04 LTS, before 8.0.37-1ubuntu0.1 on Ubuntu 16.10, and before 8.0.38-2ubuntu1 on Ubuntu 17.04 might allow local users with access to the tomcat account to gain root privileges via a setgid program in the Catalina directory, as demonstrated by /etc/tomcat8/Catalina/attack.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":9,"likelihood_of_exploit":9,"capec":17},"CWE-264","Permissions, Privileges, and Access Controls","Weaknesses in this category are related to the management of permissions, privileges, and other security features that are used to perform access control.","category","Obsolete",[],[],[],[],[22,24,26,28,30,32],{"_key":23},"DLA-728-1",{"_key":25},"DLA-729-1",{"_key":27},"DSA-3738-1",{"_key":29},"DSA-3739-1",{"_key":31},"USN-3177-1",{"_key":33},"UBUNTU-CVE-2016-9775",[],[],"2017-03-23T16:00:00.000Z","2024-08-06T02:59:03.584Z","Modified",{"cisa_kev":40,"cisa_ransomware":40,"cisa_vendor":9,"epss_severity":41,"epss_score":42,"severity":43,"severity_score":44,"severity_version":45,"severity_source":46,"severity_vector":47,"severity_status":38},false,"low",0.0011,"high",7.8,"v3.0","nvd","CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",[49,57,63,68,72,78,82,86,91,96],{"url":50,"sources":51,"tags":53},"http://www.ubuntu.com/usn/USN-3177-2",[52,46],"cve.org",[54,55,56],"Vendor Advisory","X Refsource UBUNTU","Third Party Advisory",{"url":58,"sources":59,"tags":60},"http://www.securityfocus.com/bid/94643",[52,46],[61,62,56],"VDB Entry","X Refsource BID",{"url":64,"sources":65,"tags":66},"http://www.debian.org/security/2016/dsa-3739",[52,46],[54,67,56],"X Refsource DEBIAN",{"url":69,"sources":70,"tags":71},"http://www.debian.org/security/2016/dsa-3738",[52,46],[54,67,56],{"url":73,"sources":74,"tags":75},"http://www.openwall.com/lists/oss-security/2016/12/02/5",[52,46],[76,77,56],"Mailing List","X Refsource MLIST",{"url":79,"sources":80,"tags":81},"http://www.openwall.com/lists/oss-security/2016/12/02/10",[52,46],[76,77,56],{"url":83,"sources":84,"tags":85},"http://www.ubuntu.com/usn/USN-3177-1",[52,46],[54,55,56],{"url":87,"sources":88,"tags":89},"https://www.oracle.com/security-alerts/cpuApr2021.html",[52,46],[90],"X Refsource MISC",{"url":92,"sources":93,"tags":94},"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=845385",[52,46],[95,76,56],"X Refsource CONFIRM",{"url":97,"sources":98,"tags":99},"https://security.netapp.com/advisory/ntap-20180731-0002/",[52,46],[95],[],{"date":102,"score":42,"percentile":103},"2026-06-04",0.28896,[105,108,111,114,117,120,123,126,129,132,135,138,141,144,147,150,153,156,159,161,164,167,170,173,176,179,182,185,188,191,194,197,200,203,206,209,211,214,217,220,223,226,229,232,235,238,241,244,247,250,253,256,259,262,264,267,269,272,275,278,281,284,287,290,293,295,298,301,304,307,310,313,316,319,322,325,328,331,333,336,339,342,344,347,350,353,356,359,362,365],{"date":106,"score":42,"percentile":107},"2025-11-04",0.30007,{"date":109,"score":42,"percentile":110},"2025-11-05",0.29984,{"date":112,"score":42,"percentile":113},"2025-11-06",0.29995,{"date":115,"score":42,"percentile":116},"2025-11-07",0.3,{"date":118,"score":42,"percentile":119},"2025-11-08",0.30004,{"date":121,"score":42,"percentile":122},"2025-11-09",0.29983,{"date":124,"score":42,"percentile":125},"2025-11-10",0.29963,{"date":127,"score":42,"percentile":128},"2025-11-11",0.29982,{"date":130,"score":42,"percentile":131},"2025-11-12",0.30025,{"date":133,"score":42,"percentile":134},"2025-11-13",0.30042,{"date":136,"score":42,"percentile":137},"2025-11-14",0.3004,{"date":139,"score":42,"percentile":140},"2025-11-15",0.30035,{"date":142,"score":42,"percentile":143},"2025-11-16",0.30008,{"date":145,"score":42,"percentile":146},"2025-11-17",0.29981,{"date":148,"score":42,"percentile":149},"2025-11-18",0.25013,{"date":151,"score":42,"percentile":152},"2025-11-19",0.25039,{"date":154,"score":42,"percentile":155},"2025-11-20",0.25047,{"date":157,"score":42,"percentile":158},"2025-11-21",0.30018,{"date":160,"score":42,"percentile":131},"2025-11-22",{"date":162,"score":42,"percentile":163},"2025-11-23",0.29991,{"date":165,"score":42,"percentile":166},"2025-11-24",0.29968,{"date":168,"score":42,"percentile":169},"2025-11-25",0.29957,{"date":171,"score":42,"percentile":172},"2025-11-26",0.29955,{"date":174,"score":42,"percentile":175},"2025-11-27",0.29969,{"date":177,"score":42,"percentile":178},"2025-11-28",0.29946,{"date":180,"score":42,"percentile":181},"2025-11-29",0.29935,{"date":183,"score":42,"percentile":184},"2025-11-30",0.29911,{"date":186,"score":42,"percentile":187},"2025-12-01",0.2998,{"date":189,"score":42,"percentile":190},"2025-12-02",0.30009,{"date":192,"score":42,"percentile":193},"2025-12-03",0.30014,{"date":195,"score":42,"percentile":196},"2025-12-04",0.29923,{"date":198,"score":42,"percentile":199},"2025-12-05",0.29959,{"date":201,"score":42,"percentile":202},"2025-12-06",0.2996,{"date":204,"score":42,"percentile":205},"2025-12-07",0.29934,{"date":207,"score":42,"percentile":208},"2025-12-08",0.29941,{"date":210,"score":42,"percentile":116},"2025-12-09",{"date":212,"score":42,"percentile":213},"2025-12-10",0.30064,{"date":215,"score":42,"percentile":216},"2025-12-11",0.30093,{"date":218,"score":42,"percentile":219},"2025-12-12",0.30114,{"date":221,"score":42,"percentile":222},"2025-12-13",0.30118,{"date":224,"score":42,"percentile":225},"2025-12-14",0.30094,{"date":227,"score":42,"percentile":228},"2025-12-15",0.30063,{"date":230,"score":42,"percentile":231},"2025-12-16",0.3008,{"date":233,"score":42,"percentile":234},"2025-12-17",0.30128,{"date":236,"score":42,"percentile":237},"2025-12-18",0.30178,{"date":239,"score":42,"percentile":240},"2025-12-19",0.30191,{"date":242,"score":42,"percentile":243},"2025-12-20",0.30169,{"date":245,"score":42,"percentile":246},"2025-12-21",0.30121,{"date":248,"score":42,"percentile":249},"2025-12-22",0.30081,{"date":251,"score":42,"percentile":252},"2025-12-23",0.30055,{"date":254,"score":42,"percentile":255},"2025-12-24",0.30061,{"date":257,"score":42,"percentile":258},"2025-12-25",0.30133,{"date":260,"score":42,"percentile":261},"2025-12-26",0.3013,{"date":263,"score":42,"percentile":258},"2025-12-27",{"date":265,"score":42,"percentile":266},"2025-12-28",0.30053,{"date":268,"score":42,"percentile":131},"2025-12-29",{"date":270,"score":42,"percentile":271},"2025-12-30",0.30026,{"date":273,"score":42,"percentile":274},"2025-12-31",0.30078,{"date":276,"score":42,"percentile":277},"2026-01-01",0.30204,{"date":279,"score":42,"percentile":280},"2026-01-02",0.30197,{"date":282,"score":42,"percentile":283},"2026-01-03",0.30181,{"date":285,"score":42,"percentile":286},"2026-01-04",0.30057,{"date":288,"score":42,"percentile":289},"2026-01-05",0.30051,{"date":291,"score":42,"percentile":292},"2026-01-06",0.30062,{"date":294,"score":42,"percentile":216},"2026-01-07",{"date":296,"score":42,"percentile":297},"2026-01-08",0.3012,{"date":299,"score":42,"percentile":300},"2026-01-09",0.30115,{"date":302,"score":42,"percentile":303},"2026-01-10",0.3011,{"date":305,"score":42,"percentile":306},"2026-01-11",0.30086,{"date":308,"score":42,"percentile":309},"2026-01-12",0.30028,{"date":311,"score":42,"percentile":312},"2026-01-13",0.30005,{"date":314,"score":42,"percentile":315},"2026-01-14",0.3005,{"date":317,"score":42,"percentile":318},"2026-01-15",0.30047,{"date":320,"score":42,"percentile":321},"2026-01-16",0.30076,{"date":323,"score":42,"percentile":324},"2026-01-17",0.30066,{"date":326,"score":42,"percentile":327},"2026-01-18",0.3001,{"date":329,"score":42,"percentile":330},"2026-01-19",0.29976,{"date":332,"score":42,"percentile":125},"2026-01-20",{"date":334,"score":42,"percentile":335},"2026-01-21",0.2991,{"date":337,"score":42,"percentile":338},"2026-01-22",0.29883,{"date":340,"score":42,"percentile":341},"2026-01-23",0.2995,{"date":343,"score":42,"percentile":169},"2026-01-24",{"date":345,"score":42,"percentile":346},"2026-01-25",0.29885,{"date":348,"score":42,"percentile":349},"2026-01-26",0.29808,{"date":351,"score":42,"percentile":352},"2026-01-27",0.29792,{"date":354,"score":42,"percentile":355},"2026-01-28",0.29776,{"date":357,"score":42,"percentile":358},"2026-01-29",0.29734,{"date":360,"score":42,"percentile":361},"2026-01-30",0.29726,{"date":363,"score":42,"percentile":364},"2026-01-31",0.29725,{"date":366,"score":42,"percentile":352},"2026-02-01",[368],{"source":46,"cvss_v2_0":369,"cvss_v3_0":374,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":370,"baseSeverity":9,"vectorString":371,"impactScore":372,"exploitabilityScore":373},7.2,"AV:L/AC:L/Au:N/C:C/I:C/A:C",10,3.9,{"baseScore":44,"baseSeverity":375,"vectorString":47,"impactScore":376,"exploitabilityScore":377},"HIGH",9.8,4.6,[379,389,403],{"ecosystem":9,"name":380,"vendor":9,"product":380,"cpe_part":9,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":381},"Tomcat",[382,385,387],{"version":383,"is_range":40,"range_type":384,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.0","cpe",{"version":386,"is_range":40,"range_type":384,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.0",{"version":388,"is_range":40,"range_type":384,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"8.0",{"ecosystem":9,"name":390,"vendor":391,"product":392,"cpe_part":393,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":394},"ubuntu linux","canonical","ubuntu_linux","o",[395,397,399,401],{"version":396,"is_range":40,"range_type":384,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"12.04",{"version":398,"is_range":40,"range_type":384,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"14.04",{"version":400,"is_range":40,"range_type":384,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"16.04",{"version":402,"is_range":40,"range_type":384,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"16.10",{"ecosystem":9,"name":404,"vendor":405,"product":406,"cpe_part":393,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":407},"debian linux","debian","debian_linux",[408,409],{"version":386,"is_range":40,"range_type":384,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"version":388,"is_range":40,"range_type":384,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9}]