[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2023-41080":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T02:55:30.529Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":24,"aliases":25,"duplicate_of":9,"upstream":28,"downstream":29,"duplicates":62,"related":63,"reserved_at":9,"published_at":74,"modified_at":75,"state":76,"summary":77,"references_raw":85,"kevs":145,"epss":146,"epss_history":149,"metrics":401,"affected":409},"CVE-2023-41080","URL Redirection to Untrusted Site ('Open Redirect') vulnerability in FORM authentication feature Apache Tomcat.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.0.12, from 9.0.0-M1 through 9.0.79 and from 8.5.0 through 8.5.92.\nOlder, EOL versions may also be affected.\n\n\nThe vulnerability is limited to the ROOT (default) web application.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-601","URL Redirection to Untrusted Site ('Open Redirect')","The web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a redirect.","weakness","Draft","Base","Low",[20],{"id":21,"name":22,"techniques":23},"CAPEC-178","Cross-Site Flashing",[],[],[26,27],"GHSA-q3mw-pvr8-9ggc","BIT-tomcat-2023-41080",[],[30,32,34,36,38,40,42,44,46,48,50,52,54,56,58,60],{"_key":31},"SUSE-SU-2023:3987-1",{"_key":33},"SUSE-SU-2023:4129-1",{"_key":35},"SUSE-SU-2023:4423-1",{"_key":37},"OPENSUSE-SU-2024:13256-1",{"_key":39},"OPENSUSE-SU-2024:13441-1",{"_key":41},"DLA-3617-1",{"_key":43},"DSA-5521-1",{"_key":45},"DSA-5522-1",{"_key":47},"SUSE-SU-2026:1058-1",{"_key":49},"USN-7106-1",{"_key":51},"DEBIAN-CVE-2023-41080",{"_key":53},"RHSA-2024:0125",{"_key":55},"RHSA-2024:0474",{"_key":57},"RHSA-2024:1324",{"_key":59},"RHSA-2023:7622",{"_key":61},"UBUNTU-CVE-2023-41080",[],[64,65,66,67,68,69,70,72],{"_key":31},{"_key":33},{"_key":35},{"_key":37},{"_key":39},{"_key":47},{"_key":71},"CGA-CHC4-69MH-93G6",{"_key":73},"CGA-WPFJ-6GVF-94PP","2023-08-25T20:39:36.584Z","2025-10-29T12:04:40.271Z","Modified",{"cisa_kev":78,"cisa_ransomware":78,"cisa_vendor":9,"epss_severity":79,"epss_score":80,"severity":79,"severity_score":81,"severity_version":82,"severity_source":83,"severity_vector":84,"severity_status":76},false,"medium",0.11586,6.1,"v3.1","nvd","CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",[86,96,102,106,110,115,120,124,128,132,136,141],{"url":87,"sources":88,"tags":91},"https://lists.apache.org/thread/71wvwprtx2j2m54fovq9zr7gbm2wow2f",[89,83,90],"cve.org","osv_maven",[92,93,94,95],"Vendor Advisory","Issue Tracking","Patch","WEB",{"url":97,"sources":98,"tags":99},"https://security.netapp.com/advisory/ntap-20230921-0006/",[89,83],[100,101],"X Transferred","Third Party Advisory",{"url":103,"sources":104,"tags":105},"https://www.debian.org/security/2023/dsa-5522",[89,83,90],[100,101,95],{"url":107,"sources":108,"tags":109},"https://www.debian.org/security/2023/dsa-5521",[89,83,90],[100,101,95],{"url":111,"sources":112,"tags":113},"https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html",[89,83,90],[100,114,101,95],"Mailing List",{"url":116,"sources":117,"tags":118},"https://nvd.nist.gov/vuln/detail/CVE-2023-41080",[90],[119],"Advisory",{"url":121,"sources":122,"tags":123},"https://github.com/apache/tomcat/commit/4998ad745b67edeadefe541c94ed029b53933d3b",[90],[95],{"url":125,"sources":126,"tags":127},"https://github.com/apache/tomcat/commit/77c0ce2d169efa248b64b992e547aad549ec906b",[90],[95],{"url":129,"sources":130,"tags":131},"https://github.com/apache/tomcat/commit/bb4624a9f3e69d495182ebfa68d7983076407a27",[90],[95],{"url":133,"sources":134,"tags":135},"https://github.com/apache/tomcat/commit/e3703c9abb8fe0d5602f6ba8a8f11d4b6940815a",[90],[95],{"url":137,"sources":138,"tags":139},"https://github.com/apache/tomcat",[90],[140],"PACKAGE",{"url":142,"sources":143,"tags":144},"https://security.netapp.com/advisory/ntap-20230921-0006",[90],[95],[],{"date":147,"score":80,"percentile":148},"2026-06-04",0.93779,[150,154,157,160,163,166,169,171,174,177,180,183,186,189,192,196,199,201,204,206,209,212,215,217,219,221,224,227,231,234,237,240,243,245,248,251,254,257,260,263,266,269,272,274,277,280,283,286,288,291,293,296,299,302,305,308,311,313,316,319,322,324,326,329,332,334,337,339,342,344,346,349,352,354,357,360,363,366,368,370,373,376,379,382,385,387,390,392,395,398],{"date":151,"score":152,"percentile":153},"2025-11-04",0.11344,0.93227,{"date":155,"score":152,"percentile":156},"2025-11-05",0.93226,{"date":158,"score":152,"percentile":159},"2025-11-06",0.93228,{"date":161,"score":152,"percentile":162},"2025-11-07",0.93234,{"date":164,"score":152,"percentile":165},"2025-11-08",0.93233,{"date":167,"score":152,"percentile":168},"2025-11-09",0.93232,{"date":170,"score":152,"percentile":168},"2025-11-10",{"date":172,"score":152,"percentile":173},"2025-11-11",0.93236,{"date":175,"score":152,"percentile":176},"2025-11-12",0.93242,{"date":178,"score":152,"percentile":179},"2025-11-13",0.93246,{"date":181,"score":152,"percentile":182},"2025-11-14",0.93248,{"date":184,"score":152,"percentile":185},"2025-11-15",0.93241,{"date":187,"score":152,"percentile":188},"2025-11-16",0.93247,{"date":190,"score":152,"percentile":191},"2025-11-17",0.93245,{"date":193,"score":194,"percentile":195},"2025-11-18",0.68095,0.98615,{"date":197,"score":194,"percentile":198},"2025-11-19",0.98616,{"date":200,"score":194,"percentile":198},"2025-11-20",{"date":202,"score":152,"percentile":203},"2025-11-21",0.93258,{"date":205,"score":152,"percentile":203},"2025-11-22",{"date":207,"score":152,"percentile":208},"2025-11-23",0.93263,{"date":210,"score":152,"percentile":211},"2025-11-24",0.93264,{"date":213,"score":152,"percentile":214},"2025-11-25",0.93265,{"date":216,"score":152,"percentile":208},"2025-11-26",{"date":218,"score":152,"percentile":214},"2025-11-27",{"date":220,"score":152,"percentile":203},"2025-11-28",{"date":222,"score":152,"percentile":223},"2025-11-29",0.93267,{"date":225,"score":152,"percentile":226},"2025-11-30",0.93266,{"date":228,"score":229,"percentile":230},"2025-12-01",0.10812,0.93115,{"date":232,"score":229,"percentile":233},"2025-12-02",0.93119,{"date":235,"score":229,"percentile":236},"2025-12-03",0.93123,{"date":238,"score":152,"percentile":239},"2025-12-04",0.93269,{"date":241,"score":152,"percentile":242},"2025-12-05",0.93272,{"date":244,"score":152,"percentile":242},"2025-12-06",{"date":246,"score":152,"percentile":247},"2025-12-07",0.93273,{"date":249,"score":152,"percentile":250},"2025-12-08",0.93277,{"date":252,"score":152,"percentile":253},"2025-12-09",0.93278,{"date":255,"score":152,"percentile":256},"2025-12-10",0.93282,{"date":258,"score":152,"percentile":259},"2025-12-11",0.93287,{"date":261,"score":152,"percentile":262},"2025-12-12",0.9329,{"date":264,"score":152,"percentile":265},"2025-12-13",0.93295,{"date":267,"score":152,"percentile":268},"2025-12-14",0.93293,{"date":270,"score":152,"percentile":271},"2025-12-15",0.93296,{"date":273,"score":152,"percentile":268},"2025-12-16",{"date":275,"score":152,"percentile":276},"2025-12-17",0.93299,{"date":278,"score":152,"percentile":279},"2025-12-18",0.93302,{"date":281,"score":152,"percentile":282},"2025-12-19",0.93303,{"date":284,"score":152,"percentile":285},"2025-12-20",0.933,{"date":287,"score":152,"percentile":279},"2025-12-21",{"date":289,"score":152,"percentile":290},"2025-12-22",0.9331,{"date":292,"score":152,"percentile":282},"2025-12-23",{"date":294,"score":152,"percentile":295},"2025-12-24",0.93307,{"date":297,"score":152,"percentile":298},"2025-12-25",0.93322,{"date":300,"score":152,"percentile":301},"2025-12-26",0.9332,{"date":303,"score":152,"percentile":304},"2025-12-27",0.93356,{"date":306,"score":152,"percentile":307},"2025-12-28",0.93318,{"date":309,"score":152,"percentile":310},"2025-12-29",0.93316,{"date":312,"score":152,"percentile":307},"2025-12-30",{"date":314,"score":152,"percentile":315},"2025-12-31",0.93324,{"date":317,"score":229,"percentile":318},"2026-01-01",0.93168,{"date":320,"score":229,"percentile":321},"2026-01-02",0.93162,{"date":323,"score":229,"percentile":321},"2026-01-03",{"date":325,"score":152,"percentile":310},"2026-01-04",{"date":327,"score":152,"percentile":328},"2026-01-05",0.93312,{"date":330,"score":152,"percentile":331},"2026-01-06",0.93314,{"date":333,"score":152,"percentile":331},"2026-01-07",{"date":335,"score":152,"percentile":336},"2026-01-08",0.93317,{"date":338,"score":152,"percentile":298},"2026-01-09",{"date":340,"score":152,"percentile":341},"2026-01-10",0.93323,{"date":343,"score":152,"percentile":298},"2026-01-11",{"date":345,"score":152,"percentile":301},"2026-01-12",{"date":347,"score":152,"percentile":348},"2026-01-13",0.93319,{"date":350,"score":152,"percentile":351},"2026-01-14",0.93328,{"date":353,"score":152,"percentile":351},"2026-01-15",{"date":355,"score":152,"percentile":356},"2026-01-16",0.93333,{"date":358,"score":152,"percentile":359},"2026-01-17",0.93337,{"date":361,"score":152,"percentile":362},"2026-01-18",0.93331,{"date":364,"score":152,"percentile":365},"2026-01-19",0.93332,{"date":367,"score":152,"percentile":365},"2026-01-20",{"date":369,"score":152,"percentile":359},"2026-01-21",{"date":371,"score":152,"percentile":372},"2026-01-22",0.9334,{"date":374,"score":152,"percentile":375},"2026-01-23",0.93344,{"date":377,"score":152,"percentile":378},"2026-01-24",0.93349,{"date":380,"score":152,"percentile":381},"2026-01-25",0.93351,{"date":383,"score":152,"percentile":384},"2026-01-26",0.93354,{"date":386,"score":152,"percentile":304},"2026-01-27",{"date":388,"score":152,"percentile":389},"2026-01-28",0.9336,{"date":391,"score":152,"percentile":389},"2026-01-29",{"date":393,"score":152,"percentile":394},"2026-01-30",0.93359,{"date":396,"score":152,"percentile":397},"2026-01-31",0.93361,{"date":399,"score":229,"percentile":400},"2026-02-01",0.93204,[402,407],{"source":83,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":403,"cvss_v4_0":9},{"baseScore":81,"baseSeverity":404,"vectorString":84,"impactScore":405,"exploitabilityScore":406},"MEDIUM",4.5,7.2,{"source":90,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":408,"cvss_v4_0":9},{"baseScore":81,"baseSeverity":9,"vectorString":84,"impactScore":405,"exploitabilityScore":406},[410,434,467,477,498],{"ecosystem":9,"name":411,"vendor":412,"product":413,"cpe_part":414,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":415},"Apache Tomcat","apache software foundation","apache tomcat","a",[416,422,426,430],{"version":417,"is_range":418,"range_type":89,"version_start":419,"version_start_type":420,"version_end":421,"version_end_type":420,"fixed_in":9},">= 11.0.0-M1, \u003C= 11.0.0-M10",true,"11.0.0-M1","including","11.0.0-M10",{"version":423,"is_range":418,"range_type":89,"version_start":424,"version_start_type":420,"version_end":425,"version_end_type":420,"fixed_in":9},">= 10.1.0-M1, \u003C= 10.0.12","10.1.0-M1","10.0.12",{"version":427,"is_range":418,"range_type":89,"version_start":428,"version_start_type":420,"version_end":429,"version_end_type":420,"fixed_in":9},">= 9.0.0-M1, \u003C= 9.0.79","9.0.0-M1","9.0.79",{"version":431,"is_range":418,"range_type":89,"version_start":432,"version_start_type":420,"version_end":433,"version_end_type":420,"fixed_in":9},">= 8.5.0, \u003C= 8.5.92","8.5.0","8.5.92",{"ecosystem":9,"name":435,"vendor":9,"product":435,"cpe_part":9,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":436},"Tomcat",[437,440,443,447,449,451,453,455,457,459,461,463,465],{"version":438,"is_range":418,"range_type":439,"version_start":432,"version_start_type":420,"version_end":433,"version_end_type":420,"fixed_in":9},"gte8.5.0_lte8.5.92","cpe",{"version":441,"is_range":418,"range_type":439,"version_start":442,"version_start_type":420,"version_end":429,"version_end_type":420,"fixed_in":9},"gte9.0.0_lte9.0.79","9.0.0",{"version":444,"is_range":418,"range_type":439,"version_start":445,"version_start_type":420,"version_end":446,"version_end_type":420,"fixed_in":9},"gte10.1.0_lte10.1.12","10.1.0","10.1.12",{"version":448,"is_range":78,"range_type":439,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"11.0.0:milestone1",{"version":450,"is_range":78,"range_type":439,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"11.0.0:milestone10",{"version":452,"is_range":78,"range_type":439,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"11.0.0:milestone2",{"version":454,"is_range":78,"range_type":439,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"11.0.0:milestone3",{"version":456,"is_range":78,"range_type":439,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"11.0.0:milestone4",{"version":458,"is_range":78,"range_type":439,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"11.0.0:milestone5",{"version":460,"is_range":78,"range_type":439,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"11.0.0:milestone6",{"version":462,"is_range":78,"range_type":439,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"11.0.0:milestone7",{"version":464,"is_range":78,"range_type":439,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"11.0.0:milestone8",{"version":466,"is_range":78,"range_type":439,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"11.0.0:milestone9",{"ecosystem":9,"name":468,"vendor":469,"product":470,"cpe_part":471,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":472},"debian linux","debian","debian_linux","o",[473,475],{"version":474,"is_range":78,"range_type":439,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"10.0",{"version":476,"is_range":78,"range_type":439,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"11.0",{"ecosystem":478,"name":479,"vendor":480,"product":481,"cpe_part":9,"purl_type":482,"purl_namespace":480,"purl_name":481,"source":9,"versions":483},"Maven","org.apache.tomcat:tomcat","org.apache.tomcat","tomcat","maven",[484,489,492,495],{"version":485,"is_range":418,"range_type":486,"version_start":419,"version_start_type":420,"version_end":487,"version_end_type":488,"fixed_in":9},"gte11_0_0_M1_lt11_0_0_M11","ecosystem","11.0.0-M11","excluding",{"version":490,"is_range":418,"range_type":486,"version_start":424,"version_start_type":420,"version_end":491,"version_end_type":488,"fixed_in":9},"gte10_1_0_M1_lt10_1_13","10.1.13",{"version":493,"is_range":418,"range_type":486,"version_start":428,"version_start_type":420,"version_end":494,"version_end_type":488,"fixed_in":9},"gte9_0_0_M1_lt9_0_80","9.0.80",{"version":496,"is_range":418,"range_type":486,"version_start":432,"version_start_type":420,"version_end":497,"version_end_type":488,"fixed_in":9},"gte8_5_0_lt8_5_93","8.5.93",{"ecosystem":478,"name":499,"vendor":500,"product":501,"cpe_part":9,"purl_type":482,"purl_namespace":500,"purl_name":501,"source":9,"versions":502},"org.apache.tomcat.embed:tomcat-embed-core","org.apache.tomcat.embed","tomcat-embed-core",[503,504,505,506],{"version":496,"is_range":418,"range_type":486,"version_start":432,"version_start_type":420,"version_end":497,"version_end_type":488,"fixed_in":9},{"version":493,"is_range":418,"range_type":486,"version_start":428,"version_start_type":420,"version_end":494,"version_end_type":488,"fixed_in":9},{"version":490,"is_range":418,"range_type":486,"version_start":424,"version_start_type":420,"version_end":491,"version_end_type":488,"fixed_in":9},{"version":485,"is_range":418,"range_type":486,"version_start":419,"version_start_type":420,"version_end":487,"version_end_type":488,"fixed_in":9}]