[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2021-30640":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":36,"aliases":37,"duplicate_of":9,"upstream":40,"downstream":41,"duplicates":74,"related":75,"reserved_at":9,"published_at":86,"modified_at":87,"state":88,"summary":89,"references_raw":98,"kevs":156,"epss":157,"epss_history":160,"metrics":426,"affected":438},"CVE-2021-30640","A vulnerability in the JNDI Realm of Apache Tomcat allows an attacker to authenticate using variations of a valid user name and/or to bypass some of the protection provided by the LockOut Realm. This issue affects Apache Tomcat 10.0.0-M1 to 10.0.5; 9.0.0.M1 to 9.0.45; 8.5.0 to 8.5.65.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-116","Improper Encoding or Escaping of Output","The product prepares a structured message for communication with another component, but encoding or escaping of the data is either missing or done incorrectly. As a result, the intended structure of the message is not preserved.","weakness","Draft","Class","High",[20,24,28,32],{"id":21,"name":22,"techniques":23},"CAPEC-104","Cross Zone Scripting",[],{"id":25,"name":26,"techniques":27},"CAPEC-73","User-Controlled Filename",[],{"id":29,"name":30,"techniques":31},"CAPEC-81","Web Server Logs Tampering",[],{"id":33,"name":34,"techniques":35},"CAPEC-85","AJAX Footprinting",[],[],[38,39],"GHSA-36qh-35cm-5w2w","BIT-tomcat-2021-30640",[],[42,44,46,48,50,52,54,56,58,60,62,64,66,68,70,72],{"_key":43},"SUSE-SU-2021:3672-1",{"_key":45},"SUSE-SU-2021:3602-1",{"_key":47},"SUSE-SU-2021:3669-1",{"_key":49},"SUSE-SU-2021:3670-1",{"_key":51},"OPENSUSE-SU-2021:1490-1",{"_key":53},"OPENSUSE-SU-2021:3672-1",{"_key":55},"OPENSUSE-SU-2024:11618-1",{"_key":57},"OPENSUSE-SU-2024:13441-1",{"_key":59},"DLA-2733-1",{"_key":61},"DSA-4952-1",{"_key":63},"SUSE-SU-2026:1058-1",{"_key":65},"MGASA-2021-0485",{"_key":67},"USN-5360-1",{"_key":69},"DEBIAN-CVE-2021-30640",{"_key":71},"RHSA-2021:4861",{"_key":73},"UBUNTU-CVE-2021-30640",[],[76,77,78,79,80,81,82,83,84,85],{"_key":43},{"_key":45},{"_key":47},{"_key":49},{"_key":51},{"_key":53},{"_key":55},{"_key":57},{"_key":63},{"_key":65},"2021-07-12T14:55:13.000Z","2024-08-03T22:40:31.832Z","Modified",{"cisa_kev":90,"cisa_ransomware":90,"cisa_vendor":9,"epss_severity":91,"epss_score":92,"severity":93,"severity_score":94,"severity_version":95,"severity_source":96,"severity_vector":97,"severity_status":88},false,"low",0.00123,"medium",6.5,"v3.1","nvd","CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N",[99,109,114,119,124,128,133,138,142,147,152],{"url":100,"sources":101,"tags":104},"https://lists.apache.org/thread.html/r59f9ef03929d32120f91f4ea7e6e79edd5688d75d0a9b65fd26d1fe8%40%3Cannounce.tomcat.apache.org%3E",[102,96,103],"cve.org","osv_maven",[105,106,107,108],"X Refsource MISC","Mailing List","Vendor Advisory","WEB",{"url":110,"sources":111,"tags":112},"https://www.oracle.com//security-alerts/cpujul2021.html",[102,96,103],[105,113,108],"Third Party Advisory",{"url":115,"sources":116,"tags":117},"https://lists.debian.org/debian-lts-announce/2021/08/msg00009.html",[102,96,103],[106,118,113,108],"X Refsource MLIST",{"url":120,"sources":121,"tags":122},"https://www.debian.org/security/2021/dsa-4952",[102,96,103],[107,123,113,108],"X Refsource DEBIAN",{"url":125,"sources":126,"tags":127},"https://www.debian.org/security/2021/dsa-4986",[102,96,103],[107,123,113,108],{"url":129,"sources":130,"tags":131},"https://www.oracle.com/security-alerts/cpuoct2021.html",[102,96,103],[105,132,113,108],"Patch",{"url":134,"sources":135,"tags":136},"https://security.netapp.com/advisory/ntap-20210827-0007/",[102,96],[137,113],"X Refsource CONFIRM",{"url":139,"sources":140,"tags":141},"https://www.oracle.com/security-alerts/cpujan2022.html",[102,96,103],[105,132,113,108],{"url":143,"sources":144,"tags":145},"https://security.gentoo.org/glsa/202208-34",[102,96,103],[107,146,113,108],"X Refsource GENTOO",{"url":148,"sources":149,"tags":150},"https://nvd.nist.gov/vuln/detail/CVE-2021-30640",[103],[151],"Advisory",{"url":153,"sources":154,"tags":155},"https://security.netapp.com/advisory/ntap-20210827-0007",[103],[108],[],{"date":158,"score":92,"percentile":159},"2026-06-04",0.30925,[161,165,168,171,174,177,180,183,186,189,191,194,197,200,203,207,210,213,215,218,221,224,227,230,233,236,239,242,246,249,252,255,258,261,264,267,270,273,276,279,281,284,287,290,293,296,299,302,304,306,309,312,315,318,321,324,326,329,332,335,338,341,343,345,347,349,352,355,359,362,365,368,371,374,377,380,383,386,389,392,395,398,401,404,407,410,413,416,419,422],{"date":162,"score":163,"percentile":164},"2025-11-04",0.00184,0.40394,{"date":166,"score":163,"percentile":167},"2025-11-05",0.40389,{"date":169,"score":163,"percentile":170},"2025-11-06",0.40395,{"date":172,"score":163,"percentile":173},"2025-11-07",0.40425,{"date":175,"score":163,"percentile":176},"2025-11-08",0.40418,{"date":178,"score":163,"percentile":179},"2025-11-09",0.40397,{"date":181,"score":163,"percentile":182},"2025-11-10",0.40361,{"date":184,"score":163,"percentile":185},"2025-11-11",0.40376,{"date":187,"score":163,"percentile":188},"2025-11-12",0.40406,{"date":190,"score":163,"percentile":176},"2025-11-13",{"date":192,"score":163,"percentile":193},"2025-11-14",0.40419,{"date":195,"score":163,"percentile":196},"2025-11-15",0.40415,{"date":198,"score":163,"percentile":199},"2025-11-16",0.40398,{"date":201,"score":163,"percentile":202},"2025-11-17",0.4037,{"date":204,"score":205,"percentile":206},"2025-11-18",0.03355,0.86109,{"date":208,"score":205,"percentile":209},"2025-11-19",0.8611,{"date":211,"score":205,"percentile":212},"2025-11-20",0.86111,{"date":214,"score":163,"percentile":202},"2025-11-21",{"date":216,"score":163,"percentile":217},"2025-11-22",0.40371,{"date":219,"score":163,"percentile":220},"2025-11-23",0.40343,{"date":222,"score":163,"percentile":223},"2025-11-24",0.40333,{"date":225,"score":163,"percentile":226},"2025-11-25",0.40344,{"date":228,"score":163,"percentile":229},"2025-11-26",0.40338,{"date":231,"score":163,"percentile":232},"2025-11-27",0.40346,{"date":234,"score":163,"percentile":235},"2025-11-28",0.4032,{"date":237,"score":163,"percentile":238},"2025-11-29",0.40295,{"date":240,"score":163,"percentile":241},"2025-11-30",0.40276,{"date":243,"score":244,"percentile":245},"2025-12-01",0.00228,0.45545,{"date":247,"score":244,"percentile":248},"2025-12-02",0.4556,{"date":250,"score":244,"percentile":251},"2025-12-03",0.45553,{"date":253,"score":163,"percentile":254},"2025-12-04",0.40273,{"date":256,"score":163,"percentile":257},"2025-12-05",0.40302,{"date":259,"score":163,"percentile":260},"2025-12-06",0.40299,{"date":262,"score":163,"percentile":263},"2025-12-07",0.40277,{"date":265,"score":163,"percentile":266},"2025-12-08",0.40289,{"date":268,"score":163,"percentile":269},"2025-12-09",0.40328,{"date":271,"score":163,"percentile":272},"2025-12-10",0.40384,{"date":274,"score":163,"percentile":275},"2025-12-11",0.40411,{"date":277,"score":163,"percentile":278},"2025-12-12",0.40446,{"date":280,"score":163,"percentile":173},"2025-12-13",{"date":282,"score":163,"percentile":283},"2025-12-14",0.40386,{"date":285,"score":163,"percentile":286},"2025-12-15",0.40367,{"date":288,"score":163,"percentile":289},"2025-12-16",0.404,{"date":291,"score":163,"percentile":292},"2025-12-17",0.40441,{"date":294,"score":163,"percentile":295},"2025-12-18",0.40488,{"date":297,"score":163,"percentile":298},"2025-12-19",0.40504,{"date":300,"score":163,"percentile":301},"2025-12-20",0.40485,{"date":303,"score":163,"percentile":278},"2025-12-21",{"date":305,"score":163,"percentile":176},"2025-12-22",{"date":307,"score":163,"percentile":308},"2025-12-23",0.40424,{"date":310,"score":163,"percentile":311},"2025-12-24",0.40442,{"date":313,"score":163,"percentile":314},"2025-12-25",0.40494,{"date":316,"score":163,"percentile":317},"2025-12-26",0.40473,{"date":319,"score":163,"percentile":320},"2025-12-27",0.40498,{"date":322,"score":163,"percentile":323},"2025-12-28",0.40393,{"date":325,"score":163,"percentile":286},"2025-12-29",{"date":327,"score":163,"percentile":328},"2025-12-30",0.40359,{"date":330,"score":163,"percentile":331},"2025-12-31",0.40408,{"date":333,"score":244,"percentile":334},"2026-01-01",0.45674,{"date":336,"score":244,"percentile":337},"2026-01-02",0.4565,{"date":339,"score":244,"percentile":340},"2026-01-03",0.45637,{"date":342,"score":163,"percentile":202},"2026-01-04",{"date":344,"score":163,"percentile":220},"2026-01-05",{"date":346,"score":163,"percentile":232},"2026-01-06",{"date":348,"score":163,"percentile":286},"2026-01-07",{"date":350,"score":163,"percentile":351},"2026-01-08",0.40396,{"date":353,"score":163,"percentile":354},"2026-01-09",0.40381,{"date":356,"score":357,"percentile":358},"2026-01-10",0.00148,0.35896,{"date":360,"score":357,"percentile":361},"2026-01-11",0.35876,{"date":363,"score":357,"percentile":364},"2026-01-12",0.35815,{"date":366,"score":357,"percentile":367},"2026-01-13",0.358,{"date":369,"score":357,"percentile":370},"2026-01-14",0.3585,{"date":372,"score":357,"percentile":373},"2026-01-15",0.35836,{"date":375,"score":357,"percentile":376},"2026-01-16",0.35855,{"date":378,"score":357,"percentile":379},"2026-01-17",0.35839,{"date":381,"score":357,"percentile":382},"2026-01-18",0.3578,{"date":384,"score":357,"percentile":385},"2026-01-19",0.35739,{"date":387,"score":357,"percentile":388},"2026-01-20",0.3572,{"date":390,"score":357,"percentile":391},"2026-01-21",0.35701,{"date":393,"score":357,"percentile":394},"2026-01-22",0.35687,{"date":396,"score":357,"percentile":397},"2026-01-23",0.35745,{"date":399,"score":357,"percentile":400},"2026-01-24",0.35755,{"date":402,"score":357,"percentile":403},"2026-01-25",0.357,{"date":405,"score":357,"percentile":406},"2026-01-26",0.35632,{"date":408,"score":357,"percentile":409},"2026-01-27",0.35626,{"date":411,"score":92,"percentile":412},"2026-01-28",0.31839,{"date":414,"score":92,"percentile":415},"2026-01-29",0.31797,{"date":417,"score":92,"percentile":418},"2026-01-30",0.31787,{"date":420,"score":92,"percentile":421},"2026-01-31",0.31799,{"date":423,"score":424,"percentile":425},"2026-02-01",0.00152,0.36243,[427,436],{"source":96,"cvss_v2_0":428,"cvss_v3_0":9,"cvss_v3_1":433,"cvss_v4_0":9},{"baseScore":429,"baseSeverity":9,"vectorString":430,"impactScore":431,"exploitabilityScore":432},5.8,"AV:N/AC:M/Au:N/C:P/I:P/A:N",4.9,8.6,{"baseScore":94,"baseSeverity":434,"vectorString":97,"impactScore":4,"exploitabilityScore":435},"MEDIUM",5.6,{"source":103,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":437,"cvss_v4_0":9},{"baseScore":94,"baseSeverity":9,"vectorString":97,"impactScore":4,"exploitabilityScore":435},[439,454,476,488,507,514,521,527,533],{"ecosystem":9,"name":440,"vendor":441,"product":442,"cpe_part":443,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":444},"Apache Tomcat","apache software foundation","apache tomcat","a",[445,448,450,452],{"version":446,"is_range":90,"range_type":102,"version_start":446,"version_start_type":447,"version_end":446,"version_end_type":447,"fixed_in":9},"Apache Tomcat 10 10.0.0-M1 to 10.0.5","including",{"version":449,"is_range":90,"range_type":102,"version_start":449,"version_start_type":447,"version_end":449,"version_end_type":447,"fixed_in":9},"Apache Tomcat 9 9.0.0.M1 to 9.0.45",{"version":451,"is_range":90,"range_type":102,"version_start":451,"version_start_type":447,"version_end":451,"version_end_type":447,"fixed_in":9},"Apache Tomcat 8.5 8.5.0 to 8.5.65",{"version":453,"is_range":90,"range_type":102,"version_start":453,"version_start_type":447,"version_end":453,"version_end_type":447,"fixed_in":9},"Apache Tomcat 7 7.0.0 to 7.0.108",{"ecosystem":9,"name":455,"vendor":9,"product":455,"cpe_part":9,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":456},"Tomcat",[457,464,468,472],{"version":458,"is_range":459,"range_type":460,"version_start":461,"version_start_type":447,"version_end":462,"version_end_type":463,"fixed_in":9},"gte7.0.0_lt7.0.109",true,"cpe","7.0.0","7.0.109","excluding",{"version":465,"is_range":459,"range_type":460,"version_start":466,"version_start_type":447,"version_end":467,"version_end_type":463,"fixed_in":9},"gte8.5.0_lt8.5.66","8.5.0","8.5.66",{"version":469,"is_range":459,"range_type":460,"version_start":470,"version_start_type":447,"version_end":471,"version_end_type":463,"fixed_in":9},"gte9.0.0_lt9.0.46","9.0.0","9.0.46",{"version":473,"is_range":459,"range_type":460,"version_start":474,"version_start_type":447,"version_end":475,"version_end_type":463,"fixed_in":9},"gte10.0.0_lt10.0.6","10.0.0","10.0.6",{"ecosystem":9,"name":477,"vendor":478,"product":479,"cpe_part":480,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":481},"debian linux","debian","debian_linux","o",[482,484,486],{"version":483,"is_range":90,"range_type":460,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0",{"version":485,"is_range":90,"range_type":460,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"10.0",{"version":487,"is_range":90,"range_type":460,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"11.0",{"ecosystem":489,"name":490,"vendor":491,"product":492,"cpe_part":9,"purl_type":493,"purl_namespace":491,"purl_name":492,"source":9,"versions":494},"Maven","org.apache.tomcat:tomcat","org.apache.tomcat","tomcat","maven",[495,500,504],{"version":496,"is_range":459,"range_type":497,"version_start":498,"version_start_type":447,"version_end":499,"version_end_type":463,"fixed_in":9},"gte10_0_0_M1_lt10_0_5","ecosystem","10.0.0-M1","10.0.5",{"version":501,"is_range":459,"range_type":497,"version_start":502,"version_start_type":447,"version_end":503,"version_end_type":463,"fixed_in":9},"gte9_0_0M1_lt9_0_45","9.0.0M1","9.0.45",{"version":505,"is_range":459,"range_type":497,"version_start":466,"version_start_type":447,"version_end":506,"version_end_type":463,"fixed_in":9},"gte8_5_0_lt8_5_65","8.5.65",{"ecosystem":9,"name":508,"vendor":509,"product":510,"cpe_part":443,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":511},"communications cloud native core policy","oracle","communications_cloud_native_core_policy",[512],{"version":513,"is_range":90,"range_type":460,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"1.14.0",{"ecosystem":9,"name":515,"vendor":509,"product":516,"cpe_part":443,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":517},"communications diameter signaling router","communications_diameter_signaling_router",[518],{"version":519,"is_range":459,"range_type":460,"version_start":520,"version_start_type":447,"version_end":466,"version_end_type":447,"fixed_in":9},"gte8.0.0_lte8.5.0","8.0.0",{"ecosystem":9,"name":522,"vendor":509,"product":523,"cpe_part":443,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":524},"communications pricing design center","communications_pricing_design_center",[525],{"version":526,"is_range":90,"range_type":460,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"12.0.0.3.0",{"ecosystem":9,"name":528,"vendor":509,"product":529,"cpe_part":443,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":530},"hospitality cruise shipboard property management system","hospitality_cruise_shipboard_property_management_system",[531],{"version":532,"is_range":90,"range_type":460,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"20.1.0",{"ecosystem":9,"name":534,"vendor":509,"product":535,"cpe_part":443,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":536},"tekelec platform distribution","tekelec_platform_distribution",[537],{"version":538,"is_range":459,"range_type":460,"version_start":539,"version_start_type":447,"version_end":540,"version_end_type":447,"fixed_in":9},"gte7.4.0_lte7.7.1","7.4.0","7.7.1"]