[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2022-34305":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":44,"aliases":45,"duplicate_of":9,"upstream":48,"downstream":49,"duplicates":56,"related":57,"reserved_at":9,"published_at":59,"modified_at":60,"state":61,"summary":62,"references_raw":70,"kevs":107,"epss":108,"epss_history":111,"metrics":373,"affected":386},"CVE-2022-34305","In Apache Tomcat 10.1.0-M1 to 10.1.0-M16, 10.0.0-M1 to 10.0.22, 9.0.30 to 9.0.64 and 8.5.50 to 8.5.81 the Form authentication example in the examples web application displayed user provided data without filtering, exposing a XSS vulnerability.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-79","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.","weakness","Stable","Base","High",[20,24,28,32,36,40],{"id":21,"name":22,"techniques":23},"CAPEC-209","XSS Using MIME Type Mismatch",[],{"id":25,"name":26,"techniques":27},"CAPEC-588","DOM-Based XSS",[],{"id":29,"name":30,"techniques":31},"CAPEC-591","Reflected XSS",[],{"id":33,"name":34,"techniques":35},"CAPEC-592","Stored XSS",[],{"id":37,"name":38,"techniques":39},"CAPEC-63","Cross-Site Scripting (XSS)",[],{"id":41,"name":42,"techniques":43},"CAPEC-85","AJAX Footprinting",[],[],[46,47],"GHSA-6j88-6whg-x687","BIT-tomcat-2022-34305",[],[50,52,54],{"_key":51},"MGASA-2023-0138",{"_key":53},"DEBIAN-CVE-2022-34305",{"_key":55},"UBUNTU-CVE-2022-34305",[],[58],{"_key":51},"2022-06-23T10:30:16.000Z","2024-08-03T09:07:16.126Z","Modified",{"cisa_kev":63,"cisa_ransomware":63,"cisa_vendor":9,"epss_severity":64,"epss_score":65,"severity":64,"severity_score":66,"severity_version":67,"severity_source":68,"severity_vector":69,"severity_status":61},false,"medium",0.17371,6.1,"v3.1","nvd","CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",[71,82,87,92,98,103],{"url":72,"sources":73,"tags":76},"https://lists.apache.org/thread/k04zk0nq6w57m72w5gb0r6z9ryhmvr4k",[74,68,75],"cve.org","osv_maven",[77,78,79,80,81],"X Refsource MISC","Mailing List","Release Notes","Third Party Advisory","WEB",{"url":83,"sources":84,"tags":85},"http://www.openwall.com/lists/oss-security/2022/06/23/1",[74,68,75],[78,86,80,81],"X Refsource MLIST",{"url":88,"sources":89,"tags":90},"https://security.netapp.com/advisory/ntap-20220729-0006/",[74,68],[91,80],"X Refsource CONFIRM",{"url":93,"sources":94,"tags":95},"https://security.gentoo.org/glsa/202208-34",[74,68,75],[96,97,80,81],"Vendor Advisory","X Refsource GENTOO",{"url":99,"sources":100,"tags":101},"https://nvd.nist.gov/vuln/detail/CVE-2022-34305",[75],[102],"Advisory",{"url":104,"sources":105,"tags":106},"https://security.netapp.com/advisory/ntap-20220729-0006",[75],[81],[],{"date":109,"score":65,"percentile":110},"2026-06-04",0.95185,[112,116,119,121,124,127,130,133,137,140,143,146,149,151,153,157,160,163,166,169,172,174,177,180,183,186,189,193,197,200,203,206,209,212,215,218,221,224,227,230,233,236,239,242,246,250,252,256,258,260,262,265,268,271,274,277,279,281,284,288,290,292,294,296,299,301,303,306,308,311,313,315,318,320,322,325,329,333,336,339,342,345,348,351,354,357,360,363,366,369],{"date":113,"score":114,"percentile":115},"2025-11-04",0.01673,0.81513,{"date":117,"score":114,"percentile":118},"2025-11-05",0.81515,{"date":120,"score":114,"percentile":118},"2025-11-06",{"date":122,"score":114,"percentile":123},"2025-11-07",0.81524,{"date":125,"score":114,"percentile":126},"2025-11-08",0.81531,{"date":128,"score":114,"percentile":129},"2025-11-09",0.81528,{"date":131,"score":114,"percentile":132},"2025-11-10",0.81523,{"date":134,"score":135,"percentile":136},"2025-11-11",0.01607,0.81141,{"date":138,"score":135,"percentile":139},"2025-11-12",0.81153,{"date":141,"score":135,"percentile":142},"2025-11-13",0.8116,{"date":144,"score":135,"percentile":145},"2025-11-14",0.81165,{"date":147,"score":135,"percentile":148},"2025-11-15",0.81162,{"date":150,"score":135,"percentile":148},"2025-11-16",{"date":152,"score":135,"percentile":142},"2025-11-17",{"date":154,"score":155,"percentile":156},"2025-11-18",0.07592,0.9094,{"date":158,"score":155,"percentile":159},"2025-11-19",0.90943,{"date":161,"score":155,"percentile":162},"2025-11-20",0.90949,{"date":164,"score":135,"percentile":165},"2025-11-21",0.81175,{"date":167,"score":135,"percentile":168},"2025-11-22",0.81179,{"date":170,"score":135,"percentile":171},"2025-11-23",0.81171,{"date":173,"score":135,"percentile":171},"2025-11-24",{"date":175,"score":135,"percentile":176},"2025-11-25",0.81176,{"date":178,"score":135,"percentile":179},"2025-11-26",0.81177,{"date":181,"score":135,"percentile":182},"2025-11-27",0.81183,{"date":184,"score":135,"percentile":185},"2025-11-28",0.81173,{"date":187,"score":135,"percentile":188},"2025-11-29",0.81178,{"date":190,"score":191,"percentile":192},"2025-11-30",0.01177,0.78104,{"date":194,"score":195,"percentile":196},"2025-12-01",0.02013,0.8322,{"date":198,"score":195,"percentile":199},"2025-12-02",0.83223,{"date":201,"score":195,"percentile":202},"2025-12-03",0.83226,{"date":204,"score":191,"percentile":205},"2025-12-04",0.781,{"date":207,"score":191,"percentile":208},"2025-12-05",0.78105,{"date":210,"score":191,"percentile":211},"2025-12-06",0.78109,{"date":213,"score":191,"percentile":214},"2025-12-07",0.78102,{"date":216,"score":191,"percentile":217},"2025-12-08",0.78106,{"date":219,"score":191,"percentile":220},"2025-12-09",0.78125,{"date":222,"score":191,"percentile":223},"2025-12-10",0.78148,{"date":225,"score":191,"percentile":226},"2025-12-11",0.78163,{"date":228,"score":191,"percentile":229},"2025-12-12",0.78182,{"date":231,"score":191,"percentile":232},"2025-12-13",0.78183,{"date":234,"score":191,"percentile":235},"2025-12-14",0.78181,{"date":237,"score":191,"percentile":238},"2025-12-15",0.78178,{"date":240,"score":191,"percentile":241},"2025-12-16",0.7819,{"date":243,"score":244,"percentile":245},"2025-12-17",0.01992,0.83148,{"date":247,"score":248,"percentile":249},"2025-12-18",0.1748,0.94846,{"date":251,"score":248,"percentile":249},"2025-12-19",{"date":253,"score":254,"percentile":255},"2025-12-20",0.21613,0.95536,{"date":257,"score":254,"percentile":255},"2025-12-21",{"date":259,"score":254,"percentile":255},"2025-12-22",{"date":261,"score":254,"percentile":255},"2025-12-23",{"date":263,"score":254,"percentile":264},"2025-12-24",0.9554,{"date":266,"score":254,"percentile":267},"2025-12-25",0.95544,{"date":269,"score":254,"percentile":270},"2025-12-26",0.95545,{"date":272,"score":254,"percentile":273},"2025-12-27",0.95566,{"date":275,"score":254,"percentile":276},"2025-12-28",0.95542,{"date":278,"score":254,"percentile":267},"2025-12-29",{"date":280,"score":254,"percentile":267},"2025-12-30",{"date":282,"score":254,"percentile":283},"2025-12-31",0.95547,{"date":285,"score":286,"percentile":287},"2026-01-01",0.3492,0.96902,{"date":289,"score":286,"percentile":287},"2026-01-02",{"date":291,"score":286,"percentile":287},"2026-01-03",{"date":293,"score":254,"percentile":264},"2026-01-04",{"date":295,"score":254,"percentile":255},"2026-01-05",{"date":297,"score":254,"percentile":298},"2026-01-06",0.95537,{"date":300,"score":254,"percentile":298},"2026-01-07",{"date":302,"score":254,"percentile":264},"2026-01-08",{"date":304,"score":254,"percentile":305},"2026-01-09",0.95541,{"date":307,"score":254,"percentile":276},"2026-01-10",{"date":309,"score":254,"percentile":310},"2026-01-11",0.95539,{"date":312,"score":254,"percentile":264},"2026-01-12",{"date":314,"score":254,"percentile":264},"2026-01-13",{"date":316,"score":254,"percentile":317},"2026-01-14",0.95546,{"date":319,"score":254,"percentile":270},"2026-01-15",{"date":321,"score":254,"percentile":283},"2026-01-16",{"date":323,"score":254,"percentile":324},"2026-01-17",0.95549,{"date":326,"score":327,"percentile":328},"2026-01-18",0.21088,0.95472,{"date":330,"score":331,"percentile":332},"2026-01-19",0.20871,0.9544,{"date":334,"score":331,"percentile":335},"2026-01-20",0.95443,{"date":337,"score":331,"percentile":338},"2026-01-21",0.95445,{"date":340,"score":331,"percentile":341},"2026-01-22",0.95448,{"date":343,"score":331,"percentile":344},"2026-01-23",0.95453,{"date":346,"score":331,"percentile":347},"2026-01-24",0.95457,{"date":349,"score":331,"percentile":350},"2026-01-25",0.9546,{"date":352,"score":331,"percentile":353},"2026-01-26",0.95462,{"date":355,"score":331,"percentile":356},"2026-01-27",0.95461,{"date":358,"score":331,"percentile":359},"2026-01-28",0.95463,{"date":361,"score":331,"percentile":362},"2026-01-29",0.95466,{"date":364,"score":331,"percentile":365},"2026-01-30",0.95468,{"date":367,"score":331,"percentile":368},"2026-01-31",0.95471,{"date":370,"score":371,"percentile":372},"2026-02-01",0.36534,0.97035,[374,384],{"source":68,"cvss_v2_0":375,"cvss_v3_0":9,"cvss_v3_1":380,"cvss_v4_0":9},{"baseScore":376,"baseSeverity":9,"vectorString":377,"impactScore":378,"exploitabilityScore":379},4.3,"AV:N/AC:M/Au:N/C:N/I:P/A:N",2.9,8.6,{"baseScore":66,"baseSeverity":381,"vectorString":69,"impactScore":382,"exploitabilityScore":383},"MEDIUM",4.5,7.2,{"source":75,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":385,"cvss_v4_0":9},{"baseScore":66,"baseSeverity":9,"vectorString":69,"impactScore":382,"exploitabilityScore":383},[387,402,451],{"ecosystem":9,"name":388,"vendor":389,"product":390,"cpe_part":391,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":392},"Apache Tomcat","apache software foundation","apache tomcat","a",[393,396,398,400],{"version":394,"is_range":63,"range_type":74,"version_start":394,"version_start_type":395,"version_end":394,"version_end_type":395,"fixed_in":9},"Apache Tomcat 8.5 8.5.50 to 8.5.81","including",{"version":397,"is_range":63,"range_type":74,"version_start":397,"version_start_type":395,"version_end":397,"version_end_type":395,"fixed_in":9},"Apache Tomcat 9 9.0.30 to 9.0.64",{"version":399,"is_range":63,"range_type":74,"version_start":399,"version_start_type":395,"version_end":399,"version_end_type":395,"fixed_in":9},"Apache Tomcat 10.0 10.0.0-M1 to 10.0.22",{"version":401,"is_range":63,"range_type":74,"version_start":401,"version_start_type":395,"version_end":401,"version_end_type":395,"fixed_in":9},"Apache Tomcat 10.1 10.1.0-M1 to 10.1.0-M16",{"ecosystem":9,"name":403,"vendor":9,"product":403,"cpe_part":9,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":404},"Tomcat",[405,411,415,419,421,423,425,427,429,431,433,435,437,439,441,443,445,447,449],{"version":406,"is_range":407,"range_type":408,"version_start":409,"version_start_type":395,"version_end":410,"version_end_type":395,"fixed_in":9},"gte8.5.50_lte8.5.81",true,"cpe","8.5.50","8.5.81",{"version":412,"is_range":407,"range_type":408,"version_start":413,"version_start_type":395,"version_end":414,"version_end_type":395,"fixed_in":9},"gte9.0.30_lte9.0.64","9.0.30","9.0.64",{"version":416,"is_range":407,"range_type":408,"version_start":417,"version_start_type":395,"version_end":418,"version_end_type":395,"fixed_in":9},"gte10.0.0_lte10.0.22","10.0.0","10.0.22",{"version":420,"is_range":63,"range_type":408,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"10.1.0:milestone1",{"version":422,"is_range":63,"range_type":408,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"10.1.0:milestone10",{"version":424,"is_range":63,"range_type":408,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"10.1.0:milestone11",{"version":426,"is_range":63,"range_type":408,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"10.1.0:milestone12",{"version":428,"is_range":63,"range_type":408,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"10.1.0:milestone13",{"version":430,"is_range":63,"range_type":408,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"10.1.0:milestone14",{"version":432,"is_range":63,"range_type":408,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"10.1.0:milestone15",{"version":434,"is_range":63,"range_type":408,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"10.1.0:milestone16",{"version":436,"is_range":63,"range_type":408,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"10.1.0:milestone2",{"version":438,"is_range":63,"range_type":408,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"10.1.0:milestone3",{"version":440,"is_range":63,"range_type":408,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"10.1.0:milestone4",{"version":442,"is_range":63,"range_type":408,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"10.1.0:milestone5",{"version":444,"is_range":63,"range_type":408,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"10.1.0:milestone6",{"version":446,"is_range":63,"range_type":408,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"10.1.0:milestone7",{"version":448,"is_range":63,"range_type":408,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"10.1.0:milestone8",{"version":450,"is_range":63,"range_type":408,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"10.1.0:milestone9",{"ecosystem":452,"name":453,"vendor":454,"product":455,"cpe_part":9,"purl_type":456,"purl_namespace":454,"purl_name":455,"source":9,"versions":457},"Maven","org.apache.tomcat:tomcat","org.apache.tomcat","tomcat","maven",[458,464,467,470],{"version":459,"is_range":407,"range_type":460,"version_start":461,"version_start_type":395,"version_end":462,"version_end_type":463,"fixed_in":9},"gte10_1_0_M1_lt10_1_0_M17","ecosystem","10.1.0-M1","10.1.0-M17","excluding",{"version":465,"is_range":407,"range_type":460,"version_start":466,"version_start_type":395,"version_end":418,"version_end_type":463,"fixed_in":9},"gte10_0_0_M1_lt10_0_22","10.0.0-M1",{"version":468,"is_range":407,"range_type":460,"version_start":413,"version_start_type":395,"version_end":469,"version_end_type":463,"fixed_in":9},"gte9_0_30_lt9_0_65","9.0.65",{"version":471,"is_range":407,"range_type":460,"version_start":409,"version_start_type":395,"version_end":472,"version_end_type":463,"fixed_in":9},"gte8_5_50_lt8_5_82","8.5.82"]