[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2018-11784":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T20:55:29.923Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":24,"aliases":39,"duplicate_of":9,"upstream":41,"downstream":42,"duplicates":83,"related":84,"reserved_at":9,"published_at":96,"modified_at":97,"state":98,"summary":99,"references_raw":107,"kevs":396,"epss":397,"epss_history":400,"metrics":618,"affected":630},"CVE-2018-11784","When the default servlet in Apache Tomcat versions 9.0.0.M1 to 9.0.11, 8.5.0 to 8.5.33 and 7.0.23 to 7.0.90 returned a redirect to a directory (e.g. redirecting to '/foo/' when the user requested '/foo') a specially crafted URL could be used to cause the redirect to be generated to any URI of the attackers choice.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-601","URL Redirection to Untrusted Site ('Open Redirect')","The web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a redirect.","weakness","Draft","Base","Low",[20],{"id":21,"name":22,"techniques":23},"CAPEC-178","Cross-Site Flashing",[],[25],{"_key":26,"name":27,"source":28,"url":29,"maturity":30,"reliability_score":31,"verified":32,"type":9,"platforms":33,"requires_auth":9,"exploitdb":35,"metasploit":9},"50118","Apache Tomcat 9.0.0.M1 - Open Redirect","exploit-database","https://www.exploit-db.com/exploits/50118","poc",0.5,false,[34],"multiple",{"verified":32,"type":36,"platform":34,"file":37,"codes":38},"webapps","exploits/multiple/webapps/50118.txt",[7],[40],"GHSA-5q99-f34m-67gc",[],[43,45,47,49,51,53,55,57,59,61,63,65,67,69,71,73,75,77,79,81],{"_key":44},"SUSE-SU-2018:3261-1",{"_key":46},"SUSE-SU-2018:3388-1",{"_key":48},"SUSE-SU-2018:3393-1",{"_key":50},"SUSE-SU-2018:3935-1",{"_key":52},"SUSE-SU-2018:3968-1",{"_key":54},"OPENSUSE-SU-2019:1547-1",{"_key":56},"OPENSUSE-SU-2019:1814-1",{"_key":58},"OPENSUSE-SU-2024:11468-1",{"_key":60},"OPENSUSE-SU-2024:11501-1",{"_key":62},"OPENSUSE-SU-2024:13441-1",{"_key":64},"DLA-1544-1",{"_key":66},"DLA-1545-1",{"_key":68},"DSA-4596-1",{"_key":70},"MGASA-2018-0479",{"_key":72},"USN-3787-1",{"_key":74},"RHSA-2018:2868",{"_key":76},"RHSA-2019:0131",{"_key":78},"RHSA-2019:0485",{"_key":80},"RHSA-2019:1529",{"_key":82},"UBUNTU-CVE-2018-11784",[],[85,86,87,88,89,90,91,92,93,94,95],{"_key":44},{"_key":46},{"_key":48},{"_key":50},{"_key":52},{"_key":54},{"_key":56},{"_key":58},{"_key":60},{"_key":62},{"_key":70},"2018-10-04T13:00:00.000Z","2024-09-16T17:04:04.205Z","Modified",{"cisa_kev":32,"cisa_ransomware":32,"cisa_vendor":9,"epss_severity":100,"epss_score":101,"severity":102,"severity_score":103,"severity_version":104,"severity_source":105,"severity_vector":106,"severity_status":98},"critical",0.82624,"medium",4.3,"v3.0","nvd","CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",[108,118,124,128,134,140,144,148,152,157,161,165,169,173,177,181,186,190,194,198,202,206,210,215,220,224,228,232,236,240,245,250,254,258,262,266,270,274,278,282,287,291,295,299,303,307,311,315,319,323,327,331,335,339,343,347,352,356,360,364,368,372,376,380,384,388,392],{"url":109,"sources":110,"tags":113},"https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html",[111,105,112],"cve.org","osv_maven",[114,115,116,117],"X Refsource CONFIRM","Patch","Third Party Advisory","WEB",{"url":119,"sources":120,"tags":121},"https://lists.apache.org/thread.html/23134c9b5a23892a205dc140cdd8c9c0add233600f76b313dda6bd75%40%3Cannounce.tomcat.apache.org%3E",[111,105,112],[122,123,117],"Mailing List","X Refsource MLIST",{"url":125,"sources":126,"tags":127},"https://security.netapp.com/advisory/ntap-20181014-0002/",[111,105],[114,116],{"url":129,"sources":130,"tags":131},"http://www.securityfocus.com/bid/105524",[111,105],[132,133,116],"VDB Entry","X Refsource BID",{"url":135,"sources":136,"tags":137},"https://access.redhat.com/errata/RHSA-2019:0131",[111,105,112],[138,139,116,117],"Vendor Advisory","X Refsource REDHAT",{"url":141,"sources":142,"tags":143},"https://access.redhat.com/errata/RHSA-2019:0485",[111,105,112],[138,139,116,117],{"url":145,"sources":146,"tags":147},"https://access.redhat.com/errata/RHSA-2019:0130",[111,105,112],[138,139,116,117],{"url":149,"sources":150,"tags":151},"https://lists.debian.org/debian-lts-announce/2018/10/msg00005.html",[111,105,112],[122,123,116,117],{"url":153,"sources":154,"tags":155},"https://usn.ubuntu.com/3787-1/",[111,105],[138,156,116],"X Refsource UBUNTU",{"url":158,"sources":159,"tags":160},"https://lists.debian.org/debian-lts-announce/2018/10/msg00006.html",[111,105,112],[122,123,116,117],{"url":162,"sources":163,"tags":164},"https://lists.apache.org/thread.html/eb6efa8d59c45a7a9eff94c4b925467d3b3fec8ba7697f3daa314b04%40%3Cdev.tomcat.apache.org%3E",[111,105,112],[122,123,117],{"url":166,"sources":167,"tags":168},"https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E",[111,105,112],[122,123,117],{"url":170,"sources":171,"tags":172},"https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E",[111,105,112],[122,123,117],{"url":174,"sources":175,"tags":176},"https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb%40%3Cdev.tomcat.apache.org%3E",[111,105,112],[122,123,117],{"url":178,"sources":179,"tags":180},"https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E",[111,105,112],[122,123,117],{"url":182,"sources":183,"tags":184},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BZ4PX4B3QTKRM35VJAVIEOPZAF76RPBP/",[111,105],[138,185],"X Refsource FEDORA",{"url":187,"sources":188,"tags":189},"https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a%40%3Cdev.tomcat.apache.org%3E",[111,105,112],[122,123,117],{"url":191,"sources":192,"tags":193},"https://lists.apache.org/thread.html/e85e83e9954f169bbb77b44baae5a33d8de878df557bb32b7f793661%40%3Cdev.tomcat.apache.org%3E",[111,105,112],[122,123,117],{"url":195,"sources":196,"tags":197},"https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E",[111,105,112],[122,123,117],{"url":199,"sources":200,"tags":201},"https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba%40%3Cdev.tomcat.apache.org%3E",[111,105,112],[122,123,117],{"url":203,"sources":204,"tags":205},"https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E",[111,105,112],[122,123,117],{"url":207,"sources":208,"tags":209},"https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3E",[111,105,112],[122,123,117],{"url":211,"sources":212,"tags":213},"https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",[111,105,112],[214,115,116,117],"X Refsource MISC",{"url":216,"sources":217,"tags":218},"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00030.html",[111,105,112],[138,219,117],"X Refsource SUSE",{"url":221,"sources":222,"tags":223},"https://access.redhat.com/errata/RHSA-2019:1529",[111,105,112],[138,139,117],{"url":225,"sources":226,"tags":227},"https://kc.mcafee.com/corporate/index?page=content&id=SB10284",[111,105,112],[114,117],{"url":229,"sources":230,"tags":231},"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",[111,105,112],[214,117],{"url":233,"sources":234,"tags":235},"http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00056.html",[111,105,112],[138,219,117],{"url":237,"sources":238,"tags":239},"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html",[111,105,112],[214,117],{"url":241,"sources":242,"tags":243},"https://www.debian.org/security/2019/dsa-4596",[111,105,112],[138,244,117],"X Refsource DEBIAN",{"url":246,"sources":247,"tags":248},"https://seclists.org/bugtraq/2019/Dec/43",[111,105,112],[122,249,117],"X Refsource BUGTRAQ",{"url":251,"sources":252,"tags":253},"https://www.oracle.com/security-alerts/cpujan2020.html",[111,105,112],[214,117],{"url":255,"sources":256,"tags":257},"https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9%40%3Cdev.tomcat.apache.org%3E",[111,105,112],[122,123,117],{"url":259,"sources":260,"tags":261},"https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d%40%3Cdev.tomcat.apache.org%3E",[111,105,112],[122,123,117],{"url":263,"sources":264,"tags":265},"https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E",[111,105,112],[122,123,117],{"url":267,"sources":268,"tags":269},"https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a%40%3Cdev.tomcat.apache.org%3E",[111,105,112],[122,123,117],{"url":271,"sources":272,"tags":273},"https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0%40%3Cdev.tomcat.apache.org%3E",[111,105,112],[122,123,117],{"url":275,"sources":276,"tags":277},"https://www.oracle.com/security-alerts/cpuapr2020.html",[111,105,112],[214,117],{"url":279,"sources":280,"tags":281},"http://packetstormsecurity.com/files/163456/Apache-Tomcat-9.0.0M1-Open-Redirect.html",[111,105,112],[214,117],{"url":283,"sources":284,"tags":285},"https://nvd.nist.gov/vuln/detail/CVE-2018-11784",[112],[286],"Advisory",{"url":288,"sources":289,"tags":290},"https://github.com/apache/tomcat/commit/b76e1dfb3dec3789cc700f8d022c872eb947a221",[112],[117],{"url":292,"sources":293,"tags":294},"https://github.com/apache/tomcat/commit/efb860b3ff8ebcf606199b8d0d432f76898040da",[112],[117],{"url":296,"sources":297,"tags":298},"https://github.com/apache/tomcat/commit/f9f147359b7c95511b64cd99bbc47917c01b3879",[112],[117],{"url":300,"sources":301,"tags":302},"https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a@%3Cdev.tomcat.apache.org%3E",[112],[117],{"url":304,"sources":305,"tags":306},"https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E",[112],[117],{"url":308,"sources":309,"tags":310},"https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9@%3Cdev.tomcat.apache.org%3E",[112],[117],{"url":312,"sources":313,"tags":314},"https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E",[112],[117],{"url":316,"sources":317,"tags":318},"https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E",[112],[117],{"url":320,"sources":321,"tags":322},"https://lists.apache.org/thread.html/eb6efa8d59c45a7a9eff94c4b925467d3b3fec8ba7697f3daa314b04@%3Cdev.tomcat.apache.org%3E",[112],[117],{"url":324,"sources":325,"tags":326},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BZ4PX4B3QTKRM35VJAVIEOPZAF76RPBP",[112],[117],{"url":328,"sources":329,"tags":330},"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BZ4PX4B3QTKRM35VJAVIEOPZAF76RPBP",[112],[117],{"url":332,"sources":333,"tags":334},"https://security.netapp.com/advisory/ntap-20181014-0002",[112],[117],{"url":336,"sources":337,"tags":338},"https://usn.ubuntu.com/3787-1",[112],[117],{"url":340,"sources":341,"tags":342},"https://web.archive.org/web/20200227030058/http://www.securityfocus.com/bid/105524",[112],[117],{"url":344,"sources":345,"tags":346},"https://github.com/advisories/GHSA-5q99-f34m-67gc",[112],[286],{"url":348,"sources":349,"tags":350},"https://github.com/apache/tomcat",[112],[351],"PACKAGE",{"url":353,"sources":354,"tags":355},"https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba@%3Cdev.tomcat.apache.org%3E",[112],[117],{"url":357,"sources":358,"tags":359},"https://lists.apache.org/thread.html/23134c9b5a23892a205dc140cdd8c9c0add233600f76b313dda6bd75@%3Cannounce.tomcat.apache.org%3E",[112],[117],{"url":361,"sources":362,"tags":363},"https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E",[112],[117],{"url":365,"sources":366,"tags":367},"https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E",[112],[117],{"url":369,"sources":370,"tags":371},"https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E",[112],[117],{"url":373,"sources":374,"tags":375},"https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb@%3Cdev.tomcat.apache.org%3E",[112],[117],{"url":377,"sources":378,"tags":379},"https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E",[112],[117],{"url":381,"sources":382,"tags":383},"https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424@%3Cdev.tomcat.apache.org%3E",[112],[117],{"url":385,"sources":386,"tags":387},"https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E",[112],[117],{"url":389,"sources":390,"tags":391},"https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E",[112],[117],{"url":393,"sources":394,"tags":395},"https://lists.apache.org/thread.html/e85e83e9954f169bbb77b44baae5a33d8de878df557bb32b7f793661@%3Cdev.tomcat.apache.org%3E",[112],[117],[],{"date":398,"score":101,"percentile":399},"2026-06-04",0.99254,[401,404,406,408,411,413,415,417,420,422,424,426,428,430,432,436,438,441,443,445,447,449,452,455,457,459,461,463,467,470,472,475,478,480,483,485,488,491,494,496,498,500,502,504,508,512,515,517,519,522,524,528,531,533,537,540,543,545,547,550,552,554,557,559,561,564,566,568,570,572,574,576,578,580,582,585,587,589,591,594,596,598,600,602,604,606,608,610,612,615],{"date":402,"score":101,"percentile":403},"2025-11-04",0.99184,{"date":405,"score":101,"percentile":403},"2025-11-05",{"date":407,"score":101,"percentile":403},"2025-11-06",{"date":409,"score":101,"percentile":410},"2025-11-07",0.99183,{"date":412,"score":101,"percentile":403},"2025-11-08",{"date":414,"score":101,"percentile":403},"2025-11-09",{"date":416,"score":101,"percentile":403},"2025-11-10",{"date":418,"score":101,"percentile":419},"2025-11-11",0.99182,{"date":421,"score":101,"percentile":410},"2025-11-12",{"date":423,"score":101,"percentile":403},"2025-11-13",{"date":425,"score":101,"percentile":410},"2025-11-14",{"date":427,"score":101,"percentile":410},"2025-11-15",{"date":429,"score":101,"percentile":410},"2025-11-16",{"date":431,"score":101,"percentile":419},"2025-11-17",{"date":433,"score":434,"percentile":435},"2025-11-18",0.7654,0.99019,{"date":437,"score":434,"percentile":435},"2025-11-19",{"date":439,"score":434,"percentile":440},"2025-11-20",0.9902,{"date":442,"score":101,"percentile":403},"2025-11-21",{"date":444,"score":101,"percentile":410},"2025-11-22",{"date":446,"score":101,"percentile":410},"2025-11-23",{"date":448,"score":101,"percentile":410},"2025-11-24",{"date":450,"score":101,"percentile":451},"2025-11-25",0.99185,{"date":453,"score":101,"percentile":454},"2025-11-26",0.99186,{"date":456,"score":101,"percentile":454},"2025-11-27",{"date":458,"score":101,"percentile":454},"2025-11-28",{"date":460,"score":101,"percentile":454},"2025-11-29",{"date":462,"score":101,"percentile":454},"2025-11-30",{"date":464,"score":465,"percentile":466},"2025-12-01",0.82015,0.9917,{"date":468,"score":465,"percentile":469},"2025-12-02",0.99171,{"date":471,"score":465,"percentile":469},"2025-12-03",{"date":473,"score":101,"percentile":474},"2025-12-04",0.99187,{"date":476,"score":101,"percentile":477},"2025-12-05",0.99188,{"date":479,"score":101,"percentile":477},"2025-12-06",{"date":481,"score":101,"percentile":482},"2025-12-07",0.99189,{"date":484,"score":101,"percentile":482},"2025-12-08",{"date":486,"score":101,"percentile":487},"2025-12-09",0.9919,{"date":489,"score":101,"percentile":490},"2025-12-10",0.99191,{"date":492,"score":101,"percentile":493},"2025-12-11",0.99192,{"date":495,"score":101,"percentile":490},"2025-12-12",{"date":497,"score":101,"percentile":493},"2025-12-13",{"date":499,"score":101,"percentile":493},"2025-12-14",{"date":501,"score":101,"percentile":493},"2025-12-15",{"date":503,"score":101,"percentile":493},"2025-12-16",{"date":505,"score":506,"percentile":507},"2025-12-17",0.84371,0.99276,{"date":509,"score":510,"percentile":511},"2025-12-18",0.88634,0.99479,{"date":513,"score":510,"percentile":514},"2025-12-19",0.9948,{"date":516,"score":510,"percentile":511},"2025-12-20",{"date":518,"score":510,"percentile":514},"2025-12-21",{"date":520,"score":510,"percentile":521},"2025-12-22",0.99481,{"date":523,"score":510,"percentile":521},"2025-12-23",{"date":525,"score":526,"percentile":527},"2025-12-24",0.85117,0.99315,{"date":529,"score":526,"percentile":530},"2025-12-25",0.99316,{"date":532,"score":526,"percentile":530},"2025-12-26",{"date":534,"score":535,"percentile":536},"2025-12-27",0.86926,0.99403,{"date":538,"score":526,"percentile":539},"2025-12-28",0.99317,{"date":541,"score":526,"percentile":542},"2025-12-29",0.99318,{"date":544,"score":526,"percentile":542},"2025-12-30",{"date":546,"score":526,"percentile":542},"2025-12-31",{"date":548,"score":549,"percentile":474},"2026-01-01",0.8217,{"date":551,"score":549,"percentile":474},"2026-01-02",{"date":553,"score":549,"percentile":477},"2026-01-03",{"date":555,"score":526,"percentile":556},"2026-01-04",0.9932,{"date":558,"score":526,"percentile":556},"2026-01-05",{"date":560,"score":526,"percentile":556},"2026-01-06",{"date":562,"score":526,"percentile":563},"2026-01-07",0.99319,{"date":565,"score":526,"percentile":563},"2026-01-08",{"date":567,"score":526,"percentile":556},"2026-01-09",{"date":569,"score":526,"percentile":563},"2026-01-10",{"date":571,"score":526,"percentile":542},"2026-01-11",{"date":573,"score":526,"percentile":542},"2026-01-12",{"date":575,"score":526,"percentile":563},"2026-01-13",{"date":577,"score":526,"percentile":563},"2026-01-14",{"date":579,"score":526,"percentile":563},"2026-01-15",{"date":581,"score":526,"percentile":556},"2026-01-16",{"date":583,"score":526,"percentile":584},"2026-01-17",0.99321,{"date":586,"score":526,"percentile":584},"2026-01-18",{"date":588,"score":526,"percentile":584},"2026-01-19",{"date":590,"score":526,"percentile":584},"2026-01-20",{"date":592,"score":526,"percentile":593},"2026-01-21",0.99322,{"date":595,"score":526,"percentile":584},"2026-01-22",{"date":597,"score":526,"percentile":593},"2026-01-23",{"date":599,"score":526,"percentile":584},"2026-01-24",{"date":601,"score":526,"percentile":584},"2026-01-25",{"date":603,"score":526,"percentile":584},"2026-01-26",{"date":605,"score":526,"percentile":584},"2026-01-27",{"date":607,"score":526,"percentile":593},"2026-01-28",{"date":609,"score":526,"percentile":593},"2026-01-29",{"date":611,"score":526,"percentile":593},"2026-01-30",{"date":613,"score":526,"percentile":614},"2026-01-31",0.99323,{"date":616,"score":549,"percentile":617},"2026-02-01",0.99195,[619,628],{"source":105,"cvss_v2_0":620,"cvss_v3_0":624,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":103,"baseSeverity":9,"vectorString":621,"impactScore":622,"exploitabilityScore":623},"AV:N/AC:M/Au:N/C:N/I:P/A:N",2.9,8.6,{"baseScore":103,"baseSeverity":625,"vectorString":106,"impactScore":626,"exploitabilityScore":627},"MEDIUM",2.3,7.2,{"source":112,"cvss_v2_0":9,"cvss_v3_0":629,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":103,"baseSeverity":9,"vectorString":106,"impactScore":626,"exploitabilityScore":627},[631,644,717,727,734,752,759,768,776,786,796,802,809,816,821,826,831],{"ecosystem":9,"name":632,"vendor":633,"product":634,"cpe_part":635,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":636},"Apache Tomcat","apache software foundation","apache tomcat","a",[637,640,642],{"version":638,"is_range":32,"range_type":111,"version_start":638,"version_start_type":639,"version_end":638,"version_end_type":639,"fixed_in":9},"9.0.0.M1 to 9.0.11","including",{"version":641,"is_range":32,"range_type":111,"version_start":641,"version_start_type":639,"version_end":641,"version_end_type":639,"fixed_in":9},"8.5.0 to 8.5.33",{"version":643,"is_range":32,"range_type":111,"version_start":643,"version_start_type":639,"version_end":643,"version_end_type":639,"fixed_in":9},"7.0.23 to 7.0.90",{"ecosystem":9,"name":645,"vendor":9,"product":645,"cpe_part":9,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":646},"Tomcat",[647,653,657,661,663,665,667,669,671,673,675,677,679,681,683,685,687,689,691,693,695,697,699,701,703,705,707,709,711,713,715],{"version":648,"is_range":649,"range_type":650,"version_start":651,"version_start_type":639,"version_end":652,"version_end_type":639,"fixed_in":9},"gte7.0.23_lte7.0.90",true,"cpe","7.0.23","7.0.90",{"version":654,"is_range":649,"range_type":650,"version_start":655,"version_start_type":639,"version_end":656,"version_end_type":639,"fixed_in":9},"gte8.5.0_lte8.5.33","8.5.0","8.5.33",{"version":658,"is_range":649,"range_type":650,"version_start":659,"version_start_type":639,"version_end":660,"version_end_type":639,"fixed_in":9},"gte9.0.1_lte9.0.11","9.0.1","9.0.11",{"version":662,"is_range":32,"range_type":650,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0.0",{"version":664,"is_range":32,"range_type":650,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0.0:milestone1",{"version":666,"is_range":32,"range_type":650,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0.0:milestone10",{"version":668,"is_range":32,"range_type":650,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0.0:milestone11",{"version":670,"is_range":32,"range_type":650,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0.0:milestone12",{"version":672,"is_range":32,"range_type":650,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0.0:milestone13",{"version":674,"is_range":32,"range_type":650,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0.0:milestone14",{"version":676,"is_range":32,"range_type":650,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0.0:milestone15",{"version":678,"is_range":32,"range_type":650,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0.0:milestone16",{"version":680,"is_range":32,"range_type":650,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0.0:milestone17",{"version":682,"is_range":32,"range_type":650,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0.0:milestone18",{"version":684,"is_range":32,"range_type":650,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0.0:milestone19",{"version":686,"is_range":32,"range_type":650,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0.0:milestone2",{"version":688,"is_range":32,"range_type":650,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0.0:milestone20",{"version":690,"is_range":32,"range_type":650,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0.0:milestone21",{"version":692,"is_range":32,"range_type":650,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0.0:milestone22",{"version":694,"is_range":32,"range_type":650,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0.0:milestone23",{"version":696,"is_range":32,"range_type":650,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0.0:milestone24",{"version":698,"is_range":32,"range_type":650,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0.0:milestone25",{"version":700,"is_range":32,"range_type":650,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0.0:milestone26",{"version":702,"is_range":32,"range_type":650,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0.0:milestone27",{"version":704,"is_range":32,"range_type":650,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0.0:milestone3",{"version":706,"is_range":32,"range_type":650,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0.0:milestone4",{"version":708,"is_range":32,"range_type":650,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0.0:milestone5",{"version":710,"is_range":32,"range_type":650,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0.0:milestone6",{"version":712,"is_range":32,"range_type":650,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0.0:milestone7",{"version":714,"is_range":32,"range_type":650,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0.0:milestone8",{"version":716,"is_range":32,"range_type":650,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0.0:milestone9",{"ecosystem":9,"name":718,"vendor":719,"product":720,"cpe_part":721,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":722},"ubuntu linux","canonical","ubuntu_linux","o",[723,725],{"version":724,"is_range":32,"range_type":650,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"14.04",{"version":726,"is_range":32,"range_type":650,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"16.04",{"ecosystem":9,"name":728,"vendor":729,"product":730,"cpe_part":721,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":731},"debian linux","debian","debian_linux",[732],{"version":733,"is_range":32,"range_type":650,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"8.0",{"ecosystem":735,"name":736,"vendor":737,"product":738,"cpe_part":9,"purl_type":739,"purl_namespace":737,"purl_name":738,"source":9,"versions":740},"Maven","org.apache.tomcat.embed:tomcat-embed-core","org.apache.tomcat.embed","tomcat-embed-core","maven",[741,746,749],{"version":742,"is_range":649,"range_type":743,"version_start":655,"version_start_type":639,"version_end":744,"version_end_type":745,"fixed_in":9},"gte8_5_0_lt8_5_34","ecosystem","8.5.34","excluding",{"version":747,"is_range":649,"range_type":743,"version_start":651,"version_start_type":639,"version_end":748,"version_end_type":745,"fixed_in":9},"gte7_0_23_lt7_0_91","7.0.91",{"version":750,"is_range":649,"range_type":743,"version_start":662,"version_start_type":639,"version_end":751,"version_end_type":745,"fixed_in":9},"gte9_0_0_lt9_0_12","9.0.12",{"ecosystem":9,"name":753,"vendor":754,"product":755,"cpe_part":635,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":756},"snap creator framework","netapp","snap_creator_framework",[757],{"version":758,"is_range":32,"range_type":650,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"na",{"ecosystem":9,"name":760,"vendor":761,"product":762,"cpe_part":635,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":763},"communications application session controller","oracle","communications_application_session_controller",[764,766],{"version":765,"is_range":32,"range_type":650,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"3.7.1",{"version":767,"is_range":32,"range_type":650,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"3.8.0",{"ecosystem":9,"name":769,"vendor":761,"product":770,"cpe_part":635,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":771},"hospitality guest access","hospitality_guest_access",[772,774],{"version":773,"is_range":32,"range_type":650,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.2.0",{"version":775,"is_range":32,"range_type":650,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.2.1",{"ecosystem":9,"name":777,"vendor":761,"product":778,"cpe_part":635,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":779},"instantis enterprisetrack","instantis_enterprisetrack",[780,782,784],{"version":781,"is_range":32,"range_type":650,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"17.1",{"version":783,"is_range":32,"range_type":650,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"17.2",{"version":785,"is_range":32,"range_type":650,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"17.3",{"ecosystem":9,"name":787,"vendor":761,"product":788,"cpe_part":635,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":789},"retail order broker","retail_order_broker",[790,792,794],{"version":791,"is_range":32,"range_type":650,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.1",{"version":793,"is_range":32,"range_type":650,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.2",{"version":795,"is_range":32,"range_type":650,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"15.0",{"ecosystem":9,"name":797,"vendor":761,"product":798,"cpe_part":635,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":799},"secure global desktop","secure_global_desktop",[800],{"version":801,"is_range":32,"range_type":650,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.4",{"ecosystem":9,"name":803,"vendor":804,"product":805,"cpe_part":721,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":806},"enterprise linux desktop","redhat","enterprise_linux_desktop",[807],{"version":808,"is_range":32,"range_type":650,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.0",{"ecosystem":9,"name":810,"vendor":804,"product":811,"cpe_part":721,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":812},"enterprise linux server","enterprise_linux_server",[813,814],{"version":808,"is_range":32,"range_type":650,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"version":815,"is_range":32,"range_type":650,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.6",{"ecosystem":9,"name":817,"vendor":804,"product":818,"cpe_part":721,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":819},"enterprise linux server aus","enterprise_linux_server_aus",[820],{"version":815,"is_range":32,"range_type":650,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"ecosystem":9,"name":822,"vendor":804,"product":823,"cpe_part":721,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":824},"enterprise linux server eus","enterprise_linux_server_eus",[825],{"version":815,"is_range":32,"range_type":650,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"ecosystem":9,"name":827,"vendor":804,"product":828,"cpe_part":721,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":829},"enterprise linux server tus","enterprise_linux_server_tus",[830],{"version":815,"is_range":32,"range_type":650,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"ecosystem":9,"name":832,"vendor":804,"product":833,"cpe_part":721,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":834},"enterprise linux workstation","enterprise_linux_workstation",[835],{"version":808,"is_range":32,"range_type":650,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9}]