[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-UBUNTU-CVE-2016-9774":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T14:55:33.319Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":16,"duplicates":19,"related":20,"reserved_at":9,"published_at":22,"modified_at":23,"state":9,"summary":24,"references_raw":26,"kevs":50,"epss":9,"epss_history":51,"metrics":52,"affected":59},"UBUNTU-CVE-2016-9774","The postinst script in the tomcat6 package before 6.0.45+dfsg-1~deb7u4 on Debian wheezy, before 6.0.35-1ubuntu3.9 on Ubuntu 12.04 LTS and on Ubuntu 14.04 LTS; the tomcat7 package before 7.0.28-4+deb7u8 on Debian wheezy, before 7.0.56-3+deb8u6 on Debian jessie, before 7.0.52-1ubuntu0.8 on Ubuntu 14.04 LTS, and on Ubuntu 12.04 LTS, 16.04 LTS, and 16.10; and the tomcat8 package before 8.0.14-1+deb8u5 on Debian jessie, before 8.0.32-1ubuntu1.3 on Ubuntu 16.04 LTS, before 8.0.37-1ubuntu0.1 on Ubuntu 16.10, and before 8.0.38-2ubuntu1 on Ubuntu 17.04 might allow local users with access to the tomcat account to obtain sensitive information or gain root privileges via a symlink attack on the Catalina localhost directory.",null,[],[],[],[14],{"_key":15},"CVE-2016-9774",[17],{"_key":18},"USN-3177-1",[],[21],{"_key":18},"2016-12-02T00:00:00Z","2026-06-04T12:45:09.917915793Z",{"cisa_kev":25,"cisa_ransomware":25,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[27,33,37,41,46],{"url":28,"sources":29,"tags":31},"https://ubuntu.com/security/CVE-2016-9774",[30],"osv_ubuntu",[32],"REPORT",{"url":34,"sources":35,"tags":36},"http://www.openwall.com/lists/oss-security/2016/12/02/5",[30],[32],{"url":38,"sources":39,"tags":40},"http://www.openwall.com/lists/oss-security/2016/12/02/10",[30],[32],{"url":42,"sources":43,"tags":44},"https://ubuntu.com/security/notices/USN-3177-1",[30],[45],"Advisory",{"url":47,"sources":48,"tags":49},"https://www.cve.org/CVERecord?id=CVE-2016-9774",[30],[32],[],[],[53],{"source":30,"cvss_v2_0":9,"cvss_v3_0":54,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":55,"baseSeverity":9,"vectorString":56,"impactScore":57,"exploitabilityScore":58},7.8,"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",9.8,4.6,[60,70,80],{"ecosystem":61,"name":62,"vendor":63,"product":62,"cpe_part":9,"purl_type":64,"purl_namespace":63,"purl_name":62,"source":9,"versions":65},"Ubuntu","tomcat6","ubuntu","deb",[66],{"version":67,"is_range":68,"range_type":69,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"all",true,"ecosystem",{"ecosystem":61,"name":71,"vendor":63,"product":71,"cpe_part":9,"purl_type":64,"purl_namespace":63,"purl_name":71,"source":9,"versions":72},"tomcat7",[73,77],{"version":74,"is_range":68,"range_type":69,"version_start":9,"version_start_type":9,"version_end":75,"version_end_type":76,"fixed_in":9},"lt7_0_52_1ubuntu0_8","7.0.52-1ubuntu0.8","excluding",{"version":78,"is_range":68,"range_type":69,"version_start":9,"version_start_type":9,"version_end":79,"version_end_type":76,"fixed_in":9},"lt7_0_68_1ubuntu0_3","7.0.68-1ubuntu0.3",{"ecosystem":61,"name":81,"vendor":63,"product":81,"cpe_part":9,"purl_type":64,"purl_namespace":63,"purl_name":81,"source":9,"versions":82},"tomcat8",[83],{"version":84,"is_range":68,"range_type":69,"version_start":9,"version_start_type":9,"version_end":85,"version_end_type":76,"fixed_in":9},"lt8_0_32_1ubuntu1_3","8.0.32-1ubuntu1.3"]