[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2023-45648":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T02:55:30.529Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":538,"aliases":539,"duplicate_of":9,"upstream":542,"downstream":543,"duplicates":574,"related":575,"reserved_at":9,"published_at":581,"modified_at":582,"state":583,"summary":584,"references_raw":593,"kevs":655,"epss":656,"epss_history":659,"metrics":922,"affected":932},"CVE-2023-45648","Improper Input Validation vulnerability in Apache Tomcat.Tomcat from 11.0.0-M1 through 11.0.0-M11, from 10.1.0-M1 through 10.1.13, from 9.0.0-M1 through 9.0.81 and from 8.5.0 through 8.5.93 did not correctly parse HTTP trailer headers. A specially \ncrafted, invalid trailer header could cause Tomcat to treat a single \nrequest as multiple requests leading to the possibility of request \nsmuggling when behind a reverse proxy.\n\nOlder, EOL versions may also be affected.\n\n\nUsers are recommended to upgrade to version 11.0.0-M12 onwards, 10.1.14 onwards, 9.0.81 onwards or 8.5.94 onwards, which fix the issue.",null,[11,531],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-20","Improper Input Validation","The product receives input or data, but it does\n        not validate or incorrectly validates that the input has the\n        properties that are required to process the data safely and\n        correctly.","weakness","Stable","Class","High",[20,24,28,32,36,40,44,48,232,236,240,244,248,252,256,260,264,268,272,276,280,284,325,329,333,381,385,389,393,397,401,451,455,459,463,467,471,475,479,483,487,491,495,499,503,507,511,515,519,523,527],{"id":21,"name":22,"techniques":23},"CAPEC-10","Buffer Overflow via Environment Variables",[],{"id":25,"name":26,"techniques":27},"CAPEC-101","Server Side Include (SSI) Injection",[],{"id":29,"name":30,"techniques":31},"CAPEC-104","Cross Zone Scripting",[],{"id":33,"name":34,"techniques":35},"CAPEC-108","Command Line Execution through SQL Injection",[],{"id":37,"name":38,"techniques":39},"CAPEC-109","Object Relational Mapping Injection",[],{"id":41,"name":42,"techniques":43},"CAPEC-110","SQL Injection through SOAP Parameter Tampering",[],{"id":45,"name":46,"techniques":47},"CAPEC-120","Double Encoding",[],{"id":49,"name":50,"techniques":51},"CAPEC-13","Subverting Environment Variable Values",[52,150,192],{"id":53,"name":54,"tactics":55,"countermeasures":62},"T1562.003","Impair Command History Logging",[56,59],{"id":57,"name":58},"TA0030","Defense Evasion",{"id":60,"name":61},"TA0005","Stealth",[63,68,73,77,81,85,90,94,99,104,108,112,117,121,126,130,134,138,142,146],{"id":64,"name":65,"tactic":66},"D3-CI","Configuration Inventory",{"name":67},"Model",{"id":69,"name":70,"tactic":71},"D3-FA","File Analysis",{"name":72},"Detect",{"id":74,"name":75,"tactic":76},"D3-FIM","File Integrity Monitoring",{"name":72},{"id":78,"name":79,"tactic":80},"D3-DA","Dynamic Analysis",{"name":72},{"id":82,"name":83,"tactic":84},"D3-EFA","Emulated File Analysis",{"name":72},{"id":86,"name":87,"tactic":88},"D3-FEV","File Eviction",{"name":89},"Evict",{"id":91,"name":92,"tactic":93},"D3-RKD","Registry Key Deletion",{"name":89},{"id":95,"name":96,"tactic":97},"D3-DF","Decoy File",{"name":98},"Deceive",{"id":100,"name":101,"tactic":102},"D3-DRA","Disable Remote Access",{"name":103},"Harden",{"id":105,"name":106,"tactic":107},"D3-ACH","Application Configuration Hardening",{"name":103},{"id":109,"name":110,"tactic":111},"D3-FE","File Encryption",{"name":103},{"id":113,"name":114,"tactic":115},"D3-RC","Restore Configuration",{"name":116},"Restore",{"id":118,"name":119,"tactic":120},"D3-RF","Restore File",{"name":116},{"id":122,"name":123,"tactic":124},"D3-CQ","Content Quarantine",{"name":125},"Isolate",{"id":127,"name":128,"tactic":129},"D3-CF","Content Filtering",{"name":125},{"id":131,"name":132,"tactic":133},"D3-LFP","Local File Permissions",{"name":125},{"id":135,"name":136,"tactic":137},"D3-RFAM","Remote File Access Mediation",{"name":125},{"id":139,"name":140,"tactic":141},"D3-CM","Content Modification",{"name":125},{"id":143,"name":144,"tactic":145},"D3-EAL","Executable Allowlisting",{"name":125},{"id":147,"name":148,"tactic":149},"D3-EDL","Executable Denylisting",{"name":125},{"id":151,"name":152,"tactics":153,"countermeasures":165},"T1574.006","Dynamic Linker Hijacking",[154,157,160,161,162],{"id":155,"name":156},"TA0110","Persistence",{"id":158,"name":159},"TA0111","Privilege Escalation",{"id":57,"name":58},{"id":60,"name":61},{"id":163,"name":164},"TA0104","Execution",[166,170,172,174,176,178,180,182,184,186,188,190],{"id":167,"name":168,"tactic":169},"D3-SFA","System File Analysis",{"name":72},{"id":69,"name":70,"tactic":171},{"name":72},{"id":74,"name":75,"tactic":173},{"name":72},{"id":86,"name":87,"tactic":175},{"name":89},{"id":95,"name":96,"tactic":177},{"name":98},{"id":109,"name":110,"tactic":179},{"name":103},{"id":118,"name":119,"tactic":181},{"name":116},{"id":127,"name":128,"tactic":183},{"name":125},{"id":131,"name":132,"tactic":185},{"name":125},{"id":135,"name":136,"tactic":187},{"name":125},{"id":122,"name":123,"tactic":189},{"name":125},{"id":139,"name":140,"tactic":191},{"name":125},{"id":193,"name":194,"tactics":195,"countermeasures":201},"T1574.007","Path Interception by PATH Environment Variable",[196,197,198,199,200],{"id":155,"name":156},{"id":158,"name":159},{"id":57,"name":58},{"id":60,"name":61},{"id":163,"name":164},[202,204,206,208,210,212,214,216,218,220,222,224,226,228,230],{"id":69,"name":70,"tactic":203},{"name":72},{"id":74,"name":75,"tactic":205},{"name":72},{"id":78,"name":79,"tactic":207},{"name":72},{"id":82,"name":83,"tactic":209},{"name":72},{"id":86,"name":87,"tactic":211},{"name":89},{"id":95,"name":96,"tactic":213},{"name":98},{"id":109,"name":110,"tactic":215},{"name":103},{"id":118,"name":119,"tactic":217},{"name":116},{"id":127,"name":128,"tactic":219},{"name":125},{"id":131,"name":132,"tactic":221},{"name":125},{"id":135,"name":136,"tactic":223},{"name":125},{"id":122,"name":123,"tactic":225},{"name":125},{"id":139,"name":140,"tactic":227},{"name":125},{"id":143,"name":144,"tactic":229},{"name":125},{"id":147,"name":148,"tactic":231},{"name":125},{"id":233,"name":234,"techniques":235},"CAPEC-135","Format String Injection",[],{"id":237,"name":238,"techniques":239},"CAPEC-136","LDAP Injection",[],{"id":241,"name":242,"techniques":243},"CAPEC-14","Client-side Injection-induced Buffer Overflow",[],{"id":245,"name":246,"techniques":247},"CAPEC-153","Input Data Manipulation",[],{"id":249,"name":250,"techniques":251},"CAPEC-182","Flash Injection",[],{"id":253,"name":254,"techniques":255},"CAPEC-209","XSS Using MIME Type Mismatch",[],{"id":257,"name":258,"techniques":259},"CAPEC-22","Exploiting Trust in Client",[],{"id":261,"name":262,"techniques":263},"CAPEC-23","File Content Injection",[],{"id":265,"name":266,"techniques":267},"CAPEC-230","Serialized Data with Nested Payloads",[],{"id":269,"name":270,"techniques":271},"CAPEC-231","Oversized Serialized Data Payloads",[],{"id":273,"name":274,"techniques":275},"CAPEC-24","Filter Failure through Buffer Overflow",[],{"id":277,"name":278,"techniques":279},"CAPEC-250","XML Injection",[],{"id":281,"name":282,"techniques":283},"CAPEC-261","Fuzzing for garnering other adjacent user/sensitive data",[],{"id":285,"name":286,"techniques":287},"CAPEC-267","Leverage Alternate Encoding",[288],{"id":289,"name":290,"tactics":291,"countermeasures":294},"T1027","Obfuscated Files or Information",[292,293],{"id":57,"name":58},{"id":60,"name":61},[295,297,299,301,303,305,307,309,311,313,315,317,319,321,323],{"id":69,"name":70,"tactic":296},{"name":72},{"id":74,"name":75,"tactic":298},{"name":72},{"id":78,"name":79,"tactic":300},{"name":72},{"id":82,"name":83,"tactic":302},{"name":72},{"id":86,"name":87,"tactic":304},{"name":89},{"id":95,"name":96,"tactic":306},{"name":98},{"id":109,"name":110,"tactic":308},{"name":103},{"id":118,"name":119,"tactic":310},{"name":116},{"id":127,"name":128,"tactic":312},{"name":125},{"id":131,"name":132,"tactic":314},{"name":125},{"id":135,"name":136,"tactic":316},{"name":125},{"id":122,"name":123,"tactic":318},{"name":125},{"id":139,"name":140,"tactic":320},{"name":125},{"id":143,"name":144,"tactic":322},{"name":125},{"id":147,"name":148,"tactic":324},{"name":125},{"id":326,"name":327,"techniques":328},"CAPEC-28","Fuzzing",[],{"id":330,"name":331,"techniques":332},"CAPEC-3","Using Leading 'Ghost' Character Sequences to Bypass Input Filters",[],{"id":334,"name":335,"techniques":336},"CAPEC-31","Accessing/Intercepting/Modifying HTTP Cookies",[337],{"id":338,"name":339,"tactics":340,"countermeasures":344},"T1539","Steal Web Session Cookie",[341],{"id":342,"name":343},"TA0031","Credential Access",[345,349,353,357,361,365,369,373,377],{"id":346,"name":347,"tactic":348},"D3-CCSA","Credential Compromise Scope Analysis",{"name":72},{"id":350,"name":351,"tactic":352},"D3-CR","Credential Revocation",{"name":89},{"id":354,"name":355,"tactic":356},"D3-ANCI","Authentication Cache Invalidation",{"name":89},{"id":358,"name":359,"tactic":360},"D3-DUC","Decoy User Credential",{"name":98},{"id":362,"name":363,"tactic":364},"D3-CH","Credential Hardening",{"name":103},{"id":366,"name":367,"tactic":368},"D3-MFA","Multi-factor Authentication",{"name":103},{"id":370,"name":371,"tactic":372},"D3-CRO","Credential Rotation",{"name":103},{"id":374,"name":375,"tactic":376},"D3-RIC","Reissue Credential",{"name":116},{"id":378,"name":379,"tactic":380},"D3-CTS","Credential Transmission Scoping",{"name":125},{"id":382,"name":383,"techniques":384},"CAPEC-42","MIME Conversion",[],{"id":386,"name":387,"techniques":388},"CAPEC-43","Exploiting Multiple Input Interpretation Layers",[],{"id":390,"name":391,"techniques":392},"CAPEC-45","Buffer Overflow via Symbolic Links",[],{"id":394,"name":395,"techniques":396},"CAPEC-46","Overflow Variables and Tags",[],{"id":398,"name":399,"techniques":400},"CAPEC-47","Buffer Overflow via Parameter Expansion",[],{"id":402,"name":403,"techniques":404},"CAPEC-473","Signature Spoof",[405,442],{"id":406,"name":407,"tactics":408,"countermeasures":411},"T1036.001","Invalid Code Signature",[409,410],{"id":57,"name":58},{"id":60,"name":61},[412,414,416,418,420,422,424,426,428,430,432,434,436,438,440],{"id":69,"name":70,"tactic":413},{"name":72},{"id":74,"name":75,"tactic":415},{"name":72},{"id":78,"name":79,"tactic":417},{"name":72},{"id":82,"name":83,"tactic":419},{"name":72},{"id":86,"name":87,"tactic":421},{"name":89},{"id":95,"name":96,"tactic":423},{"name":98},{"id":109,"name":110,"tactic":425},{"name":103},{"id":118,"name":119,"tactic":427},{"name":116},{"id":127,"name":128,"tactic":429},{"name":125},{"id":131,"name":132,"tactic":431},{"name":125},{"id":135,"name":136,"tactic":433},{"name":125},{"id":122,"name":123,"tactic":435},{"name":125},{"id":139,"name":140,"tactic":437},{"name":125},{"id":143,"name":144,"tactic":439},{"name":125},{"id":147,"name":148,"tactic":441},{"name":125},{"id":443,"name":444,"tactics":445,"countermeasures":450},"T1553.002","Code Signing",[446,447],{"id":57,"name":58},{"id":448,"name":449},"TA0112","Defense Impairment",[],{"id":452,"name":453,"techniques":454},"CAPEC-52","Embedding NULL Bytes",[],{"id":456,"name":457,"techniques":458},"CAPEC-53","Postfix, Null Terminate, and Backslash",[],{"id":460,"name":461,"techniques":462},"CAPEC-588","DOM-Based XSS",[],{"id":464,"name":465,"techniques":466},"CAPEC-63","Cross-Site Scripting (XSS)",[],{"id":468,"name":469,"techniques":470},"CAPEC-64","Using Slashes and URL Encoding Combined to Bypass Validation Logic",[],{"id":472,"name":473,"techniques":474},"CAPEC-664","Server Side Request Forgery",[],{"id":476,"name":477,"techniques":478},"CAPEC-67","String Format Overflow in syslog()",[],{"id":480,"name":481,"techniques":482},"CAPEC-7","Blind SQL Injection",[],{"id":484,"name":485,"techniques":486},"CAPEC-71","Using Unicode Encoding to Bypass Validation Logic",[],{"id":488,"name":489,"techniques":490},"CAPEC-72","URL Encoding",[],{"id":492,"name":493,"techniques":494},"CAPEC-73","User-Controlled Filename",[],{"id":496,"name":497,"techniques":498},"CAPEC-78","Using Escaped Slashes in Alternate Encoding",[],{"id":500,"name":501,"techniques":502},"CAPEC-79","Using Slashes in Alternate Encoding",[],{"id":504,"name":505,"techniques":506},"CAPEC-8","Buffer Overflow in an API Call",[],{"id":508,"name":509,"techniques":510},"CAPEC-80","Using UTF-8 Encoding to Bypass Validation Logic",[],{"id":512,"name":513,"techniques":514},"CAPEC-81","Web Server Logs Tampering",[],{"id":516,"name":517,"techniques":518},"CAPEC-83","XPath Injection",[],{"id":520,"name":521,"techniques":522},"CAPEC-85","AJAX Footprinting",[],{"id":524,"name":525,"techniques":526},"CAPEC-88","OS Command Injection",[],{"id":528,"name":529,"techniques":530},"CAPEC-9","Buffer Overflow in Local Command-Line Utilities",[],{"_key":532,"id":532,"name":533,"description":534,"type":535,"status":536,"abstraction":9,"likelihood_of_exploit":9,"capec":537},"NVD-CWE-OTHER","Other","NVD uses this CWE ID when the weakness does not map to any existing CWE entry.","placeholder","NVD-Reserved",[],[],[540,541],"GHSA-r6j3-px5g-cq3x","BIT-tomcat-2023-45648",[],[544,546,548,550,552,554,556,558,560,562,564,566,568,570,572],{"_key":545},"OPENSUSE-SU-2024:13382-1",{"_key":547},"SUSE-SU-2023:4337-1",{"_key":549},"SUSE-SU-2023:4423-1",{"_key":551},"SUSE-SU-2024:0472-1",{"_key":553},"DLA-3617-1",{"_key":555},"DSA-5521-1",{"_key":557},"DSA-5522-1",{"_key":559},"MGASA-2023-0319",{"_key":561},"USN-7106-1",{"_key":563},"USN-7562-1",{"_key":565},"DEBIAN-CVE-2023-45648",{"_key":567},"RHSA-2023:6206",{"_key":569},"RHSA-2024:0125",{"_key":571},"RHSA-2024:0474",{"_key":573},"UBUNTU-CVE-2023-45648",[],[576,577,578,579,580],{"_key":545},{"_key":547},{"_key":549},{"_key":551},{"_key":559},"2023-10-10T18:38:34.097Z","2025-10-29T12:00:47.484Z","Modified",{"cisa_kev":585,"cisa_ransomware":585,"cisa_vendor":9,"epss_severity":586,"epss_score":587,"severity":588,"severity_score":589,"severity_version":590,"severity_source":591,"severity_vector":592,"severity_status":583},false,"critical",0.62079,"medium",5.3,"v3.1","cve.org","CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",[594,602,609,613,617,621,625,630,634,638,642,646,651],{"url":595,"sources":596,"tags":599},"https://lists.apache.org/thread/2pv8yz1pyp088tsxfb7ogltk9msk0jdp",[591,597,598],"nvd","osv_maven",[600,601],"Vendor Advisory","WEB",{"url":603,"sources":604,"tags":605},"http://www.openwall.com/lists/oss-security/2023/10/10/10",[591,597,598],[606,607,608,601],"X Transferred","Mailing List","Third Party Advisory",{"url":610,"sources":611,"tags":612},"https://www.debian.org/security/2023/dsa-5522",[591,597,598],[606,608,601],{"url":614,"sources":615,"tags":616},"https://www.debian.org/security/2023/dsa-5521",[591,597,598],[606,608,601],{"url":618,"sources":619,"tags":620},"https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html",[591,597,598],[606,607,608,601],{"url":622,"sources":623,"tags":624},"https://security.netapp.com/advisory/ntap-20231103-0007/",[591,597],[606],{"url":626,"sources":627,"tags":628},"https://nvd.nist.gov/vuln/detail/CVE-2023-45648",[598],[629],"Advisory",{"url":631,"sources":632,"tags":633},"https://github.com/apache/tomcat/commit/59583245639d8c42ae0009f4a4a70464d3ea70a0",[598],[601],{"url":635,"sources":636,"tags":637},"https://github.com/apache/tomcat/commit/8ecff306507be8e4fd3adee1ae5de1ea6661a8f4",[598],[601],{"url":639,"sources":640,"tags":641},"https://github.com/apache/tomcat/commit/c83fe47725f7ae9ae213568d9039171124fb7ec6",[598],[601],{"url":643,"sources":644,"tags":645},"https://github.com/apache/tomcat/commit/eb5c094e5560764cda436362254997511a3ca1f6",[598],[601],{"url":647,"sources":648,"tags":649},"https://github.com/apache/tomcat",[598],[650],"PACKAGE",{"url":652,"sources":653,"tags":654},"https://security.netapp.com/advisory/ntap-20231103-0007",[598],[601],[],{"date":657,"score":587,"percentile":658},"2026-06-04",0.98367,[660,664,667,670,673,676,679,682,685,688,691,694,697,700,703,707,710,713,716,719,722,724,726,728,730,733,736,738,742,745,748,750,753,755,758,761,764,767,770,773,776,779,781,784,787,790,793,796,799,802,805,808,811,814,818,821,824,827,830,833,836,839,841,844,847,850,853,856,859,862,865,868,871,874,877,880,883,886,889,892,894,897,900,903,906,908,911,913,916,919],{"date":661,"score":662,"percentile":663},"2025-11-04",0.00732,0.7194,{"date":665,"score":662,"percentile":666},"2025-11-05",0.71924,{"date":668,"score":662,"percentile":669},"2025-11-06",0.71922,{"date":671,"score":662,"percentile":672},"2025-11-07",0.71936,{"date":674,"score":662,"percentile":675},"2025-11-08",0.71933,{"date":677,"score":662,"percentile":678},"2025-11-09",0.71926,{"date":680,"score":662,"percentile":681},"2025-11-10",0.71913,{"date":683,"score":662,"percentile":684},"2025-11-11",0.71921,{"date":686,"score":662,"percentile":687},"2025-11-12",0.71939,{"date":689,"score":662,"percentile":690},"2025-11-13",0.71946,{"date":692,"score":662,"percentile":693},"2025-11-14",0.71953,{"date":695,"score":662,"percentile":696},"2025-11-15",0.71952,{"date":698,"score":662,"percentile":699},"2025-11-16",0.71949,{"date":701,"score":662,"percentile":702},"2025-11-17",0.71942,{"date":704,"score":705,"percentile":706},"2025-11-18",0.03959,0.87225,{"date":708,"score":705,"percentile":709},"2025-11-19",0.87229,{"date":711,"score":705,"percentile":712},"2025-11-20",0.87233,{"date":714,"score":662,"percentile":715},"2025-11-21",0.71967,{"date":717,"score":662,"percentile":718},"2025-11-22",0.71962,{"date":720,"score":662,"percentile":721},"2025-11-23",0.71945,{"date":723,"score":662,"percentile":672},"2025-11-24",{"date":725,"score":662,"percentile":663},"2025-11-25",{"date":727,"score":662,"percentile":721},"2025-11-26",{"date":729,"score":662,"percentile":721},"2025-11-27",{"date":731,"score":662,"percentile":732},"2025-11-28",0.71934,{"date":734,"score":662,"percentile":735},"2025-11-29",0.71925,{"date":737,"score":662,"percentile":684},"2025-11-30",{"date":739,"score":740,"percentile":741},"2025-12-01",0.00694,0.71209,{"date":743,"score":740,"percentile":744},"2025-12-02",0.71224,{"date":746,"score":740,"percentile":747},"2025-12-03",0.71222,{"date":749,"score":662,"percentile":678},"2025-12-04",{"date":751,"score":662,"percentile":752},"2025-12-05",0.71938,{"date":754,"score":662,"percentile":687},"2025-12-06",{"date":756,"score":662,"percentile":757},"2025-12-07",0.71944,{"date":759,"score":662,"percentile":760},"2025-12-08",0.71947,{"date":762,"score":662,"percentile":763},"2025-12-09",0.7198,{"date":765,"score":662,"percentile":766},"2025-12-10",0.72018,{"date":768,"score":662,"percentile":769},"2025-12-11",0.72038,{"date":771,"score":662,"percentile":772},"2025-12-12",0.72062,{"date":774,"score":662,"percentile":775},"2025-12-13",0.72069,{"date":777,"score":662,"percentile":778},"2025-12-14",0.7207,{"date":780,"score":662,"percentile":778},"2025-12-15",{"date":782,"score":662,"percentile":783},"2025-12-16",0.72079,{"date":785,"score":662,"percentile":786},"2025-12-17",0.72095,{"date":788,"score":662,"percentile":789},"2025-12-18",0.72114,{"date":791,"score":662,"percentile":792},"2025-12-19",0.72129,{"date":794,"score":662,"percentile":795},"2025-12-20",0.7213,{"date":797,"score":662,"percentile":798},"2025-12-21",0.72123,{"date":800,"score":662,"percentile":801},"2025-12-22",0.72121,{"date":803,"score":662,"percentile":804},"2025-12-23",0.72117,{"date":806,"score":662,"percentile":807},"2025-12-24",0.72122,{"date":809,"score":662,"percentile":810},"2025-12-25",0.72147,{"date":812,"score":662,"percentile":813},"2025-12-26",0.72146,{"date":815,"score":816,"percentile":817},"2025-12-27",0.0054,0.67038,{"date":819,"score":662,"percentile":820},"2025-12-28",0.7212,{"date":822,"score":662,"percentile":823},"2025-12-29",0.72118,{"date":825,"score":662,"percentile":826},"2025-12-30",0.72132,{"date":828,"score":662,"percentile":829},"2025-12-31",0.72153,{"date":831,"score":740,"percentile":832},"2026-01-01",0.71461,{"date":834,"score":740,"percentile":835},"2026-01-02",0.71458,{"date":837,"score":740,"percentile":838},"2026-01-03",0.71456,{"date":840,"score":662,"percentile":829},"2026-01-04",{"date":842,"score":662,"percentile":843},"2026-01-05",0.72155,{"date":845,"score":662,"percentile":846},"2026-01-06",0.72166,{"date":848,"score":662,"percentile":849},"2026-01-07",0.7218,{"date":851,"score":662,"percentile":852},"2026-01-08",0.72195,{"date":854,"score":662,"percentile":855},"2026-01-09",0.722,{"date":857,"score":662,"percentile":858},"2026-01-10",0.72198,{"date":860,"score":662,"percentile":861},"2026-01-11",0.72191,{"date":863,"score":662,"percentile":864},"2026-01-12",0.72181,{"date":866,"score":662,"percentile":867},"2026-01-13",0.72178,{"date":869,"score":662,"percentile":870},"2026-01-14",0.72201,{"date":872,"score":662,"percentile":873},"2026-01-15",0.72206,{"date":875,"score":662,"percentile":876},"2026-01-16",0.72223,{"date":878,"score":662,"percentile":879},"2026-01-17",0.72219,{"date":881,"score":662,"percentile":882},"2026-01-18",0.72194,{"date":884,"score":662,"percentile":885},"2026-01-19",0.72187,{"date":887,"score":662,"percentile":888},"2026-01-20",0.7219,{"date":890,"score":662,"percentile":891},"2026-01-21",0.72192,{"date":893,"score":662,"percentile":870},"2026-01-22",{"date":895,"score":662,"percentile":896},"2026-01-23",0.72232,{"date":898,"score":662,"percentile":899},"2026-01-24",0.72239,{"date":901,"score":662,"percentile":902},"2026-01-25",0.7222,{"date":904,"score":662,"percentile":905},"2026-01-26",0.72217,{"date":907,"score":662,"percentile":905},"2026-01-27",{"date":909,"score":662,"percentile":910},"2026-01-28",0.7223,{"date":912,"score":662,"percentile":910},"2026-01-29",{"date":914,"score":662,"percentile":915},"2026-01-30",0.72237,{"date":917,"score":662,"percentile":918},"2026-01-31",0.7224,{"date":920,"score":740,"percentile":921},"2026-02-01",0.71534,[923,928,930],{"source":591,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":924,"cvss_v4_0":9},{"baseScore":589,"baseSeverity":925,"vectorString":592,"impactScore":926,"exploitabilityScore":927},"MEDIUM",2.3,10,{"source":597,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":929,"cvss_v4_0":9},{"baseScore":589,"baseSeverity":925,"vectorString":592,"impactScore":926,"exploitabilityScore":927},{"source":598,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":931,"cvss_v4_0":9},{"baseScore":589,"baseSeverity":9,"vectorString":592,"impactScore":926,"exploitabilityScore":927},[933,957,1088,1100,1117],{"ecosystem":9,"name":934,"vendor":935,"product":936,"cpe_part":937,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":938},"Apache Tomcat","apache software foundation","apache tomcat","a",[939,945,949,953],{"version":940,"is_range":941,"range_type":591,"version_start":942,"version_start_type":943,"version_end":944,"version_end_type":943,"fixed_in":9},">= 11.0.0-M1, \u003C= 11.0.0-M11",true,"11.0.0-M1","including","11.0.0-M11",{"version":946,"is_range":941,"range_type":591,"version_start":947,"version_start_type":943,"version_end":948,"version_end_type":943,"fixed_in":9},">= 10.1.0-M1, \u003C= 10.1.13","10.1.0-M1","10.1.13",{"version":950,"is_range":941,"range_type":591,"version_start":951,"version_start_type":943,"version_end":952,"version_end_type":943,"fixed_in":9},">= 9.0.0-M1, \u003C= 9.0.81","9.0.0-M1","9.0.81",{"version":954,"is_range":941,"range_type":591,"version_start":955,"version_start_type":943,"version_end":956,"version_end_type":943,"fixed_in":9},">= 8.5.0, \u003C= 8.5.93","8.5.0","8.5.93",{"ecosystem":9,"name":958,"vendor":9,"product":958,"cpe_part":9,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":959},"Tomcat",[960,965,968,972,974,976,978,980,982,984,986,988,990,992,994,996,998,1000,1002,1004,1006,1008,1010,1012,1014,1016,1018,1020,1022,1024,1026,1028,1030,1032,1034,1036,1038,1040,1042,1044,1046,1048,1050,1052,1054,1056,1058,1060,1062,1064,1066,1068,1070,1072,1074,1076,1078,1080,1082,1084,1086],{"version":961,"is_range":941,"range_type":962,"version_start":955,"version_start_type":943,"version_end":963,"version_end_type":964,"fixed_in":9},"gte8.5.0_lt8.5.94","cpe","8.5.94","excluding",{"version":966,"is_range":941,"range_type":962,"version_start":967,"version_start_type":943,"version_end":952,"version_end_type":964,"fixed_in":9},"gte9.0.1_lt9.0.81","9.0.1",{"version":969,"is_range":941,"range_type":962,"version_start":970,"version_start_type":943,"version_end":971,"version_end_type":964,"fixed_in":9},"gte10.1.1_lt10.1.14","10.1.1","10.1.14",{"version":973,"is_range":585,"range_type":962,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0.0:milestone1",{"version":975,"is_range":585,"range_type":962,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0.0:milestone10",{"version":977,"is_range":585,"range_type":962,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0.0:milestone11",{"version":979,"is_range":585,"range_type":962,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0.0:milestone12",{"version":981,"is_range":585,"range_type":962,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0.0:milestone13",{"version":983,"is_range":585,"range_type":962,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0.0:milestone14",{"version":985,"is_range":585,"range_type":962,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0.0:milestone15",{"version":987,"is_range":585,"range_type":962,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0.0:milestone16",{"version":989,"is_range":585,"range_type":962,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0.0:milestone17",{"version":991,"is_range":585,"range_type":962,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0.0:milestone18",{"version":993,"is_range":585,"range_type":962,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0.0:milestone19",{"version":995,"is_range":585,"range_type":962,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0.0:milestone2",{"version":997,"is_range":585,"range_type":962,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0.0:milestone20",{"version":999,"is_range":585,"range_type":962,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0.0:milestone21",{"version":1001,"is_range":585,"range_type":962,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0.0:milestone22",{"version":1003,"is_range":585,"range_type":962,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0.0:milestone23",{"version":1005,"is_range":585,"range_type":962,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0.0:milestone24",{"version":1007,"is_range":585,"range_type":962,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0.0:milestone25",{"version":1009,"is_range":585,"range_type":962,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0.0:milestone26",{"version":1011,"is_range":585,"range_type":962,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0.0:milestone27",{"version":1013,"is_range":585,"range_type":962,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0.0:milestone3",{"version":1015,"is_range":585,"range_type":962,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0.0:milestone4",{"version":1017,"is_range":585,"range_type":962,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0.0:milestone5",{"version":1019,"is_range":585,"range_type":962,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0.0:milestone6",{"version":1021,"is_range":585,"range_type":962,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0.0:milestone7",{"version":1023,"is_range":585,"range_type":962,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0.0:milestone8",{"version":1025,"is_range":585,"range_type":962,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0.0:milestone9",{"version":1027,"is_range":585,"range_type":962,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"10.1.0:milestone1",{"version":1029,"is_range":585,"range_type":962,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"10.1.0:milestone10",{"version":1031,"is_range":585,"range_type":962,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"10.1.0:milestone11",{"version":1033,"is_range":585,"range_type":962,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"10.1.0:milestone12",{"version":1035,"is_range":585,"range_type":962,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"10.1.0:milestone13",{"version":1037,"is_range":585,"range_type":962,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"10.1.0:milestone14",{"version":1039,"is_range":585,"range_type":962,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"10.1.0:milestone15",{"version":1041,"is_range":585,"range_type":962,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"10.1.0:milestone16",{"version":1043,"is_range":585,"range_type":962,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"10.1.0:milestone17",{"version":1045,"is_range":585,"range_type":962,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"10.1.0:milestone18",{"version":1047,"is_range":585,"range_type":962,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"10.1.0:milestone19",{"version":1049,"is_range":585,"range_type":962,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"10.1.0:milestone2",{"version":1051,"is_range":585,"range_type":962,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"10.1.0:milestone20",{"version":1053,"is_range":585,"range_type":962,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"10.1.0:milestone3",{"version":1055,"is_range":585,"range_type":962,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"10.1.0:milestone4",{"version":1057,"is_range":585,"range_type":962,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"10.1.0:milestone5",{"version":1059,"is_range":585,"range_type":962,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"10.1.0:milestone6",{"version":1061,"is_range":585,"range_type":962,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"10.1.0:milestone7",{"version":1063,"is_range":585,"range_type":962,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"10.1.0:milestone8",{"version":1065,"is_range":585,"range_type":962,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"10.1.0:milestone9",{"version":1067,"is_range":585,"range_type":962,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"11.0.0:milestone1",{"version":1069,"is_range":585,"range_type":962,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"11.0.0:milestone10",{"version":1071,"is_range":585,"range_type":962,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"11.0.0:milestone11",{"version":1073,"is_range":585,"range_type":962,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"11.0.0:milestone2",{"version":1075,"is_range":585,"range_type":962,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"11.0.0:milestone3",{"version":1077,"is_range":585,"range_type":962,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"11.0.0:milestone4",{"version":1079,"is_range":585,"range_type":962,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"11.0.0:milestone5",{"version":1081,"is_range":585,"range_type":962,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"11.0.0:milestone6",{"version":1083,"is_range":585,"range_type":962,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"11.0.0:milestone7",{"version":1085,"is_range":585,"range_type":962,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"11.0.0:milestone8",{"version":1087,"is_range":585,"range_type":962,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"11.0.0:milestone9",{"ecosystem":9,"name":1089,"vendor":1090,"product":1091,"cpe_part":1092,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":1093},"debian linux","debian","debian_linux","o",[1094,1096,1098],{"version":1095,"is_range":585,"range_type":962,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"10.0",{"version":1097,"is_range":585,"range_type":962,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"11.0",{"version":1099,"is_range":585,"range_type":962,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"12.0",{"ecosystem":1101,"name":1102,"vendor":1103,"product":1104,"cpe_part":9,"purl_type":1105,"purl_namespace":1103,"purl_name":1104,"source":9,"versions":1106},"Maven","org.apache.tomcat:tomcat","org.apache.tomcat","tomcat","maven",[1107,1111,1113,1115],{"version":1108,"is_range":941,"range_type":1109,"version_start":942,"version_start_type":943,"version_end":1110,"version_end_type":964,"fixed_in":9},"gte11_0_0_M1_lt11_0_0_M12","ecosystem","11.0.0-M12",{"version":1112,"is_range":941,"range_type":1109,"version_start":947,"version_start_type":943,"version_end":971,"version_end_type":964,"fixed_in":9},"gte10_1_0_M1_lt10_1_14",{"version":1114,"is_range":941,"range_type":1109,"version_start":951,"version_start_type":943,"version_end":952,"version_end_type":964,"fixed_in":9},"gte9_0_0_M1_lt9_0_81",{"version":1116,"is_range":941,"range_type":1109,"version_start":955,"version_start_type":943,"version_end":963,"version_end_type":964,"fixed_in":9},"gte8_5_0_lt8_5_94",{"ecosystem":1101,"name":1118,"vendor":1119,"product":1120,"cpe_part":9,"purl_type":1105,"purl_namespace":1119,"purl_name":1120,"source":9,"versions":1121},"org.apache.tomcat.embed:tomcat-embed-core","org.apache.tomcat.embed","tomcat-embed-core",[1122,1123,1124,1125],{"version":1108,"is_range":941,"range_type":1109,"version_start":942,"version_start_type":943,"version_end":1110,"version_end_type":964,"fixed_in":9},{"version":1112,"is_range":941,"range_type":1109,"version_start":947,"version_start_type":943,"version_end":971,"version_end_type":964,"fixed_in":9},{"version":1114,"is_range":941,"range_type":1109,"version_start":951,"version_start_type":943,"version_end":952,"version_end_type":964,"fixed_in":9},{"version":1116,"is_range":941,"range_type":1109,"version_start":955,"version_start_type":943,"version_end":963,"version_end_type":964,"fixed_in":9}]