From 713edd1f9d6827fe02af92e39d6dfbbbabb184cd Mon Sep 17 00:00:00 2001 From: "John M. Horan" Date: Mon, 26 Dec 2022 13:28:34 -0800 Subject: [PATCH 01/15] Save initial migration updates #970 References: https://github.com/nexB/vulnerablecode/issues/970 Signed-off-by: John M. Horan --- vulnerabilities/importers/apache_tomcat.py | 544 +++++++++++++++++--- vulnerabilities/tests/test_apache_tomcat.py | 266 +++------- 2 files changed, 525 insertions(+), 285 deletions(-) diff --git a/vulnerabilities/importers/apache_tomcat.py b/vulnerabilities/importers/apache_tomcat.py index 99cb8ce67..ce81ee639 100644 --- a/vulnerabilities/importers/apache_tomcat.py +++ b/vulnerabilities/importers/apache_tomcat.py @@ -7,20 +7,28 @@ # See https://aboutcode.org for more information about nexB OSS projects. # -import asyncio +# import json only for temporary testing +import json import re +# import asyncio +import urllib + import requests from bs4 import BeautifulSoup from packageurl import PackageURL +from univers.version_constraint import VersionConstraint from univers.version_range import MavenVersionRange from univers.versions import MavenVersion from univers.versions import SemverVersion from vulnerabilities.importer import AdvisoryData +from vulnerabilities.importer import AffectedPackage from vulnerabilities.importer import Importer from vulnerabilities.importer import Reference +from vulnerabilities.importer import VulnerabilitySeverity from vulnerabilities.package_managers import MavenVersionAPI +from vulnerabilities.severity_systems import GENERIC from vulnerabilities.utils import create_etag from vulnerabilities.utils import nearest_patched_package @@ -28,114 +36,480 @@ class ApacheTomcatImporter(Importer): base_url = "https://tomcat.apache.org/security-{}" + security_updates_home = "https://tomcat.apache.org/security" + spdx_license_expression = "Apache-2.0" + license_url = "https://www.apache.org/licenses/" + + temp_list_of_fixed_versions = [] - def __init__(self, *args, **kwargs): - super().__init__(*args, **kwargs) - self.version_api = MavenVersionAPI() - asyncio.run(self.version_api.load_api({"org.apache.tomcat:tomcat"})) + temp_advisory_dict_list = [] + + updated_temp_advisory_dict_list = [] def updated_advisories(self): advisories = [] - for advisory_page in self.fetch_pages(): + + for advisory_page in self.fetch_pages(self.security_updates_home): advisories.extend(self.to_advisories(advisory_page)) - return self.batch_advisories(advisories) - - def fetch_pages(self): - # Here Semver is used because it has notion of major, minor versions. - tomcat_major_versions = { - SemverVersion(i).value.major - for i in self.version_api.get("org.apache.tomcat:tomcat").valid_versions - } - for version in tomcat_major_versions: - page_url = self.base_url.format(version) - if create_etag(self, page_url, "ETag"): - yield requests.get(page_url).content + + apache_tomcat_advisories = "/mnt/c/wsl2-spyder-substitute-01/apache_tomcat_importer/apache_tomcat_advisories_refactored-02.txt" + + with open(apache_tomcat_advisories, "w") as f: + for line in advisories: + f.write(f"{line}\n") + + temp_advisory_to_dict_list = [] + for adv in advisories: + adv_dict = adv.to_dict() + temp_advisory_to_dict_list.append(adv_dict) + + with open( + "/mnt/c/wsl2-spyder-substitute-01/apache_tomcat_importer/apache_tomcat_advisories_to_dict-02.json", + "w", + encoding="utf-8", + ) as f: + json.dump(temp_advisory_to_dict_list, f, ensure_ascii=False, indent=4) + + with open( + "/mnt/c/wsl2-spyder-substitute-01/apache_tomcat_importer/apache_tomcat_fixed_version_list-00.txt", + "w", + ) as f: + for line in self.temp_list_of_fixed_versions: + f.write(f"{line}\n") + + with open( + "/mnt/c/wsl2-spyder-substitute-01/apache_tomcat_importer/apache_tomcat_advisory_dict_list-00.json", + "w", + encoding="utf-8", + ) as f: + json.dump(self.temp_advisory_dict_list, f, ensure_ascii=False, indent=4) + + with open( + "/mnt/c/wsl2-spyder-substitute-01/apache_tomcat_importer/apache_tomcat_advisory_dict_list-00-updated.json", + "w", + encoding="utf-8", + ) as f: + json.dump(self.updated_temp_advisory_dict_list, f, ensure_ascii=False, indent=4) + + return advisories + + def fetch_links(self, url): + links = [] + data = requests.get(url).content + soup = BeautifulSoup(data, features="lxml") + for tag in soup.find_all("a"): + link = tag.get("href") + + if "security-" in link and any(char.isdigit() for char in link): + links.append(urllib.parse.urljoin(url, link)) + + return links + + def fetch_pages(self, security_updates_home): + links = self.fetch_links(security_updates_home) + for page_url in links: + yield requests.get(page_url).content def to_advisories(self, apache_tomcat_advisory_html): advisories = [] page_soup = BeautifulSoup(apache_tomcat_advisory_html, features="lxml") pageh3s = page_soup.find_all("h3") - vuln_headings = [i for i in pageh3s if "Fixed in Apache Tomcat" in i.text] - for data in vuln_headings: - fixed_version = data.text.split("Fixed in Apache Tomcat")[-1].strip() - details_div = data.find_next_sibling() + vuln_headings = [heading for heading in pageh3s if "Fixed in Apache Tomcat" in heading.text] + + for vuln_heading in vuln_headings: + fixed_versions = [] + fixed_version = vuln_heading.text.split("Fixed in Apache Tomcat")[-1].strip() + print("fixed_version = {}".format(fixed_version)) + + if "and" in fixed_version: + # temp_fixed_version = fixed_version.split("and") + # new_fixed_version = ", ".join(temp_fixed_version) + # fixed_version = ", ".join(str(e).strip() for e in temp_fixed_version) + + # try this in place of above: + fixed_versions = fixed_version.split(" and ") + else: + fixed_versions.append(fixed_version) + + # if we define fixed_versions immediately above, we don't want this next line: + # fixed_versions.append(fixed_version) + print("fixed_versions = {}".format(fixed_versions)) + + details_div = vuln_heading.find_next_sibling() + + # =============================== 2022-12-25 Sunday 13:25:12. Start CVE section experiment + + # We want to start with + # vuln_p_list = ["Low:", "Moderate:", "Important:", "High:"] + # if p_tag.text.startswith(tuple(vuln_p_list)): + + vuln_p_list = ["Low:", "Moderate:", "Important:", "High:"] + # for section in details_div.find_all("p", string=(tuple(vuln_p_list))): + for section in details_div.find_all("p"): + # # for subsection in section.find_all("strong", text=(tuple(vuln_p_list))): + # for subsection in section.find_all( + # # "strong", text=lambda text: text and (tuple(vuln_p_list)) in text + # "strong", + # # this works but tests just 1 value from the list + # # text=lambda text: text and "Low:" in text, + # # 2022-12-25 Sunday 14:47:23. Looks like this works! Though doesn't require startswith . . . . + # # text=lambda text: text and any(word in text for word in vuln_p_list), + # # TODO: 2022-12-25 Sunday 14:55:09. This also seems to work at 1st glance and uses startswith!!! + # # text=lambda text: text and any(text.startswith(word) for word in vuln_p_list), + # # TODO: 2022-12-25 Sunday 15:05:44. And this also seems to work at 1st glance and also uses startswith!!! + # text=lambda text: text and text.startswith(tuple(vuln_p_list)), + # ): + # print( + # "\n-----------------------------------------------------------------------------------" + # ) + # print("\nsection = {}\n".format(section)) + + # print("fixed_versions = {}".format(fixed_versions)) + + # nextNode = section + # while True: + # # nextNode = nextNode.nextSibling + # nextNode = nextNode.find_next_sibling() + # try: + # tag_name = nextNode.name + # except AttributeError: + # tag_name = "" + # # I want to exclude but this does not do that: + # # if tag_name == "p" and not tag_name.find("strong"): + # if tag_name == "p": + # print("\nnextNode.string = {}".format(nextNode.string)) + # else: + # # print("*****") + # break + + # print( + # "\n-----------------------------------------------------------------------------------" + # ) + + # if section.name == "strong": + # print("\nHOORAY!\n") + + # # children = section.findChildren("strong", recursive=False) + # children = section.find_next_sibling("strong") + # for child in children: + # print("\nchild = \n".format(child)) + + elements = section.find_all( + # # "strong", text=lambda text: text and (tuple(vuln_p_list)) in text + "strong", + # this works but tests just 1 value from the list + # text=lambda text: text and "Low:" in text, + # 2022-12-25 Sunday 14:47:23. Looks like this works! Though doesn't require startswith . . . . + # text=lambda text: text and any(word in text for word in vuln_p_list), + # TODO: 2022-12-25 Sunday 14:55:09. This also seems to work at 1st glance and uses startswith!!! + # text=lambda text: text and any(text.startswith(word) for word in vuln_p_list), + # TODO: 2022-12-25 Sunday 15:05:44. And this also seems to work at 1st glance and also uses startswith!!! + text=lambda text: text and text.startswith(tuple(vuln_p_list)), + ) + + for strong_element in elements: + + # Is this where we want our test_advisory_dict = {}? + test_advisory_dict = {} + + print( + "\n-----------------------------------------------------------------------------------" + ) + + print("\nfixed_versions = {}".format(fixed_versions)) + + print("\nstrong_element = {}".format(strong_element)) + print( + "\nstrong_element.find_parent() = {}".format(strong_element.find_parent()) + ) + + severity_score = strong_element.text.split(" ")[0] + severity_score = severity_score.split(":")[0] + print("\nseverity_score = {}\n".format(severity_score)) + + strong_parent = strong_element.find_parent() + + cve_url_list = strong_parent.find_all("a") + print("cve_url_list = {}\n".format(cve_url_list)) + + cve_id_list = [cve_text.text for cve_text in cve_url_list] + print("cve_id_list = {}\n".format(cve_id_list)) + + for cve_url in strong_parent.find_all("a"): + print("cve_url = {}\n".format(cve_url)) + print("cve_url.text = {}".format(cve_url.text)) + + # Extracting all the next siblings of an element + # nextSibling = strong_element.find_next_sibling() + # nextSiblings = strong_element.find_next_siblings() + + nextSiblings = strong_parent.find_next_siblings() + + # Print all the next siblings + # print("\nnextSibling = {}".format(nextSibling)) + + # Comment out unless needed -- takes up much terminal output real estate. + # print("\nnextSiblings = {}".format(nextSiblings)) + + # 2022-12-25 Sunday 20:05:51. This might do what we want: + for sib in nextSiblings: + if "was fixed in" in sib.text or "was fixed with" in sib.text: + print("\nnext sib (was fixed) = {}".format(sib)) + fixed_commit_list = sib.find_all("a") + print("\nfixed_commit_list = {}".format(fixed_commit_list)) + elif "Affects" in sib.text: + print("\nnext sib (affects) = {}\n".format(sib)) + affects_string = sib.text.split("Affects:")[-1].strip() + print("affects_string = {}\n".format(affects_string)) + affected_versions = affects_string.split(",") + print("affected_versions = {}\n".format(affected_versions)) + elif sib.find_all( + "strong", + text=lambda text: text and text.startswith(tuple(vuln_p_list)), + ): + break + # else: + # print("\nsib.name = {}".format(sib.name)) + + # Starting to flesh out this new approach. + for cve_id_record in cve_id_list: + test_advisory_dict["fixed_versions"] = fixed_versions + test_advisory_dict["aliases"] = [cve_id_record] + + self.updated_temp_advisory_dict_list.append(test_advisory_dict) + + print( + "-------------------------------------------------------------------------------------\n" + ) - for anchor_tag in details_div.find_all("a"): - if "cve.mitre.org" not in anchor_tag["href"]: - continue + # =============================== 2022-12-25 Sunday 13:25:12. End CVE section experiment - cve_id = re.search(r"CVE-\d*-\d*", anchor_tag.text).group() - references = [] + versions_data = [] + + fixed_in_commits = [] + for aa_tag in details_div.find_all("a"): + if ( + "was fixed in" in aa_tag.find_parent().text + or "was fixed with" in aa_tag.find_parent().text + ): + fixed_in_commits.append(aa_tag["href"]) + print("fixed_in_commits = {}".format(fixed_in_commits)) + # 2022-12-25 Sunday 09:20:55. ^ This works to some extent -- but we have a duplicate problem when a Fixed-in header (the 'vuln_heading in vuln_headings' loop we're now in) has more than 1 Low/Moderate/High/Important CVE section -- all sections have all fixed in commit References! Example: 6.0.48. + # We need to loop through the Low/Moderate/High/Important CVE section, grab the data and build the AvisoryData() object, then do the same for the remaining Low/Moderate/High/Important CVE sections (if any). + + for p_tag in details_div.find_all("p"): + """ + - We're iterating through a number of sibling

elements and want to handle them in groups of related

elements. + + - The group of related

elements begins with an

element whose text starts with "Fixed in Apache Tomcat" or "Will not be fixed in Apache Tomcat" or "Not fixed in Apache Tomcat" -- that's the `for vuln_heading in vuln_headings:` loop above -- we're inside it now. + + - The

element is followed by a
element which contains the full set of sibling

elements that we want to divide into groups and handle group-by-group. + + - We're also now inside a child loop of that `vuln_heading` loop -- `for p_tag in details_div.find_all("p"):`. + + - The relevant starting

element of each group of related

elements begins with "Low:", "Moderate:", "High:" or "Important:". We want to grab the severity rating that begins that text (e.g., "Low"). + + - This text is inside

and occasionally includes a CVE URL. In addition, there are 1+ CVE URLs included just before the closing

tag. We want all those CVE URLs + + - We want the URLs (if any) in the

elements that list fixing commits -- these either start with "This was fixed" or contain "fixed in". Some have more than 1 URL. These will be references and we want all these URLs. + + - We end this group of related sibling

elements when we (1) reach the next "Low:/Moderate:/High:/Important:"

element or (2) reach the last

element in the fixed-version heading -- the end of the "for vuln_heading in vuln_headings:" loop we're currently in. + + - Now we construct the AffectedPackage() object(s) and then the AdvisoryData object + + - If there are more

elements to iterate over and group and analyze, we do that next. If not, we go to the next iteration in the `vuln_heading` loop -- the next fixed-version heading -- and repeat the process. I think `if not p_tag: continue` might accomplish this. + + """ + + cve_id_group = [] affected_packages = [] - paragraph = anchor_tag.find_parent() + advisory_dict = {} + severity_score = "" + severities = [] - while paragraph and "Affects:" not in paragraph.text: - for ref in paragraph.find_all("a"): - references.append(Reference(url=ref["href"])) + affects_versions_data_01 = "" - paragraph = paragraph.find_next_sibling() + if "Affects:" in p_tag.text: + affects_versions_data_01 = p_tag.text.split("Affects:")[-1].strip() + print("==> affects_versions_data_01 = {}".format(affects_versions_data_01)) + advisory_dict["affected_versions"] = affects_versions_data_01 - if not paragraph: - # At the end of details_div - continue + # if p_tag.find("strong") and p_tag.find("a"): + vuln_p_list = ["Low:", "Moderate:", "Important:", "High:"] + if p_tag.text.startswith(tuple(vuln_p_list)): + severity_score = p_tag.text.split(":")[0] + # severities.append(severity_score) + severities.append( + VulnerabilitySeverity( + system=GENERIC, + value=severity_score, + scoring_elements="", + ) + ) + # print("severity_score = {}".format(severity_score)) - for version_range in parse_version_ranges(paragraph.text): - affected_packages.extend( - [ - PackageURL( - type="maven", namespace="apache", name="tomcat", version=version + affects_versions_data_02 = "" + + if "Affects:" in p_tag.text: + affects_versions_data_02 = p_tag.text.split("Affects:")[-1].strip() + print("==> affects_versions_data_02 = {}".format(affects_versions_data_02)) + # ^ This never prints. + + # versions_data.append(p_tag.text.split("Affects:")[-1].strip()) + + # test_versions_data = p_tag.text.split("Affects:")[-1].strip() + # print("==> test_versions_data = {}".format(test_versions_data)) + + jmh_temp_cve_list = [] + for a_tag in p_tag.find_all("a"): + # versions_data = [] + + if "cve.mitre.org" not in a_tag["href"]: + # if "fixed in" in p_tag.text: + # fixed_in_commits.append(a_tag["href"]) + continue + cve_id_group.append(re.search(r"CVE-\d*-\d*", a_tag.text).group()) + + cve_id = re.search(r"CVE-\d*-\d*", a_tag.text).group() + + if "Affects:" in p_tag.text: + OG_versions_data = p_tag.text.split("Affects:")[-1].strip() + print("==> OG_versions_data = {}".format(OG_versions_data)) + # versions_data.append(p_tag.text.split("Affects:")[-1].strip()) + + # test_versions_data = p_tag.text.split("Affects:")[-1].strip() + # print("==> test_versions_data = {}".format(test_versions_data)) + + print("versions_data = {}".format(versions_data)) + print("*** affects_versions_data_01 = {}".format(affects_versions_data_01)) + print("cve_id_group = {}".format(cve_id_group)) + + # print("fixed_in_commits = {}".format(fixed_in_commits)) + print( + "-------------------------------fixed_versions = {}".format( + fixed_versions ) - for version in self.version_api.get( - "org.apache.tomcat:tomcat" - ).valid_versions - if MavenVersion(version) in version_range + ) + + # for cve_id in cve_id_group: + advisory_dict["aliases"] = [cve_id] + advisory_dict["fixed_versions"] = fixed_versions + # advisory_dict["affected_versions"] = versions_data + advisory_dict["severity_score"] = severity_score + + self.temp_advisory_dict_list.append(advisory_dict) + + affected_version_range = self.to_version_ranges( + versions_data, fixed_versions + ) + references = [ + Reference( + url=f"https://cve.mitre.org/cgi-bin/cvename.cgi?name={cve_id}", + reference_id=cve_id, + severities=severities, + ), ] + + for commit_url in fixed_in_commits: + references.append(Reference(url=commit_url)) + + affected_packages.append( + AffectedPackage( + package=PackageURL( + type="maven", + namespace="apache", + name="tomcat", + ), + affected_version_range=affected_version_range, + ) + ) + + advisories.append( + AdvisoryData( + aliases=[cve_id], + summary="", + affected_packages=affected_packages, + references=references, + ) + ) + + self.temp_list_of_fixed_versions.append(fixed_versions) + + return advisories + + def to_version_ranges(self, versions_data, fixed_versions): + constraints = [] + + for version_item in versions_data: + if "to" in version_item: + version_item_split = version_item.split(" ") + + constraints.append( + VersionConstraint( + comparator=">=", + version=MavenVersion(version_item_split[0]), + ) + ) + constraints.append( + VersionConstraint( + comparator="<=", + version=MavenVersion(version_item_split[-1]), ) + ) + + elif "-" in version_item: + # elif "-" in version_item and not any([i.isalpha() for i in version_item]): + # version_item_split = version_item.split(" ") + version_item_split = version_item.split("-") - fixed_package = [ - PackageURL( - type="maven", namespace="apache", name="tomcat", version=fixed_version + constraints.append( + VersionConstraint( + comparator=">=", + version=MavenVersion(version_item_split[0]), ) - ] - - advisories.append( - AdvisoryData( - summary="", - affected_packages=nearest_patched_package(affected_packages, fixed_package), - vulnerability_id=cve_id, - references=references, + ) + constraints.append( + VersionConstraint( + comparator="<=", + version=MavenVersion(version_item_split[-1]), ) ) - return advisories + else: + version_item_split = version_item.split(" ") + + constraints.append( + VersionConstraint( + comparator="=", + version=MavenVersion(version_item_split[0]), + ) + ) + for fixed_item in fixed_versions: + if "-" in fixed_item and not any([i.isalpha() for i in fixed_item]): + fixed_item_split = fixed_item.split(" ") + + constraints.append( + VersionConstraint( + comparator=">=", + version=MavenVersion(fixed_item_split[0]), + ).invert() + ) + constraints.append( + VersionConstraint( + comparator="<=", + version=MavenVersion(fixed_item_split[-1]), + ).invert() + ) + + else: + fixed_item_split = fixed_item.split(" ") + + constraints.append( + VersionConstraint( + comparator="=", + version=MavenVersion(fixed_item_split[0]), + ).invert() + ) -def parse_version_ranges(string): - """ - This method yields VersionRange objects obtained by - parsing `string`. - >>> list(parse_version_ranges("Affects: 9.0.0.M1 to 9.0.0.M9")) == [ - ... VersionRange.from_scheme_version_spec_string('maven','<=9.0.0.M9,>=9.0.0.M1') - ... ] - True - >>> list(parse_version_ranges("Affects: 9.0.0.M1")) == [ - ... VersionRange.from_scheme_version_spec_string('maven','>=9.0.0.M1,<=9.0.0.M1') - ... ] - True - >>> list(parse_version_ranges("Affects: 9.0.0.M1 to 9.0.0.M9, 1.2.3 to 3.4.5")) == [ - ... VersionRange.from_scheme_version_spec_string('maven','<=9.0.0.M9,>=9.0.0.M1'), - ... VersionRange.from_scheme_version_spec_string('maven','<=3.4.5,>=1.2.3') - ... ] - True - """ - version_rng_txt = string.split("Affects:")[-1].strip() - version_ranges = version_rng_txt.split(",") - for version_range in version_ranges: - if "to" in version_range: - lower_bound, upper_bound = version_range.split("to") - elif "-" in version_range and not any([i.isalpha() for i in version_range]): - lower_bound, upper_bound = version_range.split("-") - else: - lower_bound = upper_bound = version_range - - yield MavenVersionRange.from_native(f">={lower_bound},<={upper_bound}") + return MavenVersionRange(constraints=constraints) diff --git a/vulnerabilities/tests/test_apache_tomcat.py b/vulnerabilities/tests/test_apache_tomcat.py index 1e7bb34b1..0957a6dff 100644 --- a/vulnerabilities/tests/test_apache_tomcat.py +++ b/vulnerabilities/tests/test_apache_tomcat.py @@ -12,6 +12,9 @@ from unittest.mock import patch from packageurl import PackageURL +from univers.version_constraint import VersionConstraint +from univers.version_range import MavenVersionRange +from univers.versions import MavenVersion from vulnerabilities.importer import AdvisoryData from vulnerabilities.importer import Reference @@ -21,204 +24,67 @@ from vulnerabilities.utils import AffectedPackage BASE_DIR = os.path.dirname(os.path.abspath(__file__)) -TEST_DATA = os.path.join(BASE_DIR, "test_data", "apache_tomcat", "security-9.html") - - -class TestApacheTomcatImporter(TestCase): - @classmethod - def setUpClass(cls): - data_source_cfg = {"etags": {}} - mock_api = MavenVersionAPI( - cache={ - "org.apache.tomcat:tomcat": [ - PackageVersion("9.0.0.M1"), - PackageVersion("9.0.0.M2"), - PackageVersion("8.0.0.M1"), - PackageVersion("6.0.0M2"), - ] - } +TEST_DATA = os.path.join(BASE_DIR, "test_data/apache_tomcat") + +security_updates_home = "https://tomcat.apache.org/security" + + +# This test is temporary -- just for running apache_tomcat.py using all HTML report pages. +# Will replace with a REGEN-based test as with apache_httpd and postgresql. +def test_updated_advisories(): + returned_advisories = ApacheTomcatImporter().updated_advisories() + + +def test_fetch_links(): + retrieved_links = ApacheTomcatImporter().fetch_links(security_updates_home) + + assert retrieved_links == [ + "https://tomcat.apache.org/security-10.html", + "https://tomcat.apache.org/security-9.html", + "https://tomcat.apache.org/security-8.html", + "https://tomcat.apache.org/security-7.html", + "https://tomcat.apache.org/security-6.html", + "https://tomcat.apache.org/security-5.html", + "https://tomcat.apache.org/security-4.html", + "https://tomcat.apache.org/security-3.html", + ] + + +def test_to_version_ranges_test(): + versions_data = [ + "1.0.0-2.0.0", + "3.2.2-3.2.3?", + "3.3a-3.3.1", + "9.0.0.M1 to 9.0.0.M9", + "10.1.0-M1 to 10.1.0-M16", + ] + fixed_versions = ["3.0.0", "3.3.1a"] + + expected_versions_data = "vers:maven/>=1.0.0|<=2.0.0|!=3.0.0|>=3.2.2|<=3.2.3?|>=3.3a|<=3.3.1|!=3.3.1a|>=9.0.0.M1|<=9.0.0.M9|>=10.1.0-M1|<=10.1.0-M16" + + expected_MavenVersionRange_versions_data = MavenVersionRange( + constraints=( + VersionConstraint(comparator=">=", version=MavenVersion(string="1.0.0")), + VersionConstraint(comparator="<=", version=MavenVersion(string="2.0.0")), + VersionConstraint(comparator="!=", version=MavenVersion(string="3.0.0")), + VersionConstraint(comparator=">=", version=MavenVersion(string="3.2.2")), + VersionConstraint(comparator="<=", version=MavenVersion(string="3.2.3?")), + VersionConstraint(comparator=">=", version=MavenVersion(string="3.3a")), + VersionConstraint(comparator="<=", version=MavenVersion(string="3.3.1")), + VersionConstraint(comparator="!=", version=MavenVersion(string="3.3.1a")), + VersionConstraint(comparator=">=", version=MavenVersion(string="9.0.0.M1")), + VersionConstraint(comparator="<=", version=MavenVersion(string="9.0.0.M9")), + VersionConstraint(comparator=">=", version=MavenVersion(string="10.1.0-M1")), + VersionConstraint(comparator="<=", version=MavenVersion(string="10.1.0-M16")), ) - with patch("vulnerabilities.importers.apache_tomcat.MavenVersionAPI"): - with patch("vulnerabilities.importers.apache_tomcat.asyncio"): - cls.data_src = ApacheTomcatImporter(1, config=data_source_cfg) - cls.data_src.version_api = mock_api - - def test_to_advisories(self): - expected_advisories = [ - AdvisoryData( - summary="", - vulnerability_id="CVE-2015-5351", - affected_packages=[ - AffectedPackage( - vulnerable_package=PackageURL( - type="maven", - namespace="apache", - name="tomcat", - version="8.0.0.M1", - qualifiers={}, - subpath=None, - ), - patched_package=PackageURL( - type="maven", - namespace="apache", - name="tomcat", - version="9.0.0.M3", - qualifiers={}, - subpath=None, - ), - ), - AffectedPackage( - vulnerable_package=PackageURL( - type="maven", - namespace="apache", - name="tomcat", - version="9.0.0.M1", - ), - patched_package=PackageURL( - type="maven", - namespace="apache", - name="tomcat", - version="9.0.0.M3", - ), - ), - AffectedPackage( - vulnerable_package=PackageURL( - type="maven", - namespace="apache", - name="tomcat", - version="9.0.0.M2", - ), - patched_package=PackageURL( - type="maven", - namespace="apache", - name="tomcat", - version="9.0.0.M3", - ), - ), - ], - references=[ - Reference( - reference_id="", - url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5351", - severities=[], - ), - Reference( - reference_id="", - url="https://svn.apache.org/viewvc?view=rev&rev=1720652", - severities=[], - ), - Reference( - reference_id="", - url="https://svn.apache.org/viewvc?view=rev&rev=1720655", - severities=[], - ), - ], - ), - AdvisoryData( - summary="", - vulnerability_id="CVE-2016-0706", - affected_packages=[ - AffectedPackage( - vulnerable_package=PackageURL( - type="maven", - namespace="apache", - name="tomcat", - version="9.0.0.M1", - ), - patched_package=PackageURL( - type="maven", - namespace="apache", - name="tomcat", - version="9.0.0.M3", - ), - ) - ], - references=[ - Reference( - reference_id="", - url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0706", - severities=[], - ), - Reference( - reference_id="", - url="https://svn.apache.org/viewvc?view=rev&rev=1722799", - severities=[], - ), - ], - ), - AdvisoryData( - summary="", - vulnerability_id="CVE-2016-0714", - affected_packages={}, - references=[ - Reference( - reference_id="", - url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0714", - severities=[], - ), - Reference( - reference_id="", - url="https://svn.apache.org/viewvc?view=rev&rev=1725263", - severities=[], - ), - Reference( - reference_id="", - url="https://svn.apache.org/viewvc?view=rev&rev=1725914", - severities=[], - ), - ], - ), - AdvisoryData( - summary="", - vulnerability_id="CVE-2016-0763", - affected_packages=[ - AffectedPackage( - vulnerable_package=PackageURL( - type="maven", - namespace="apache", - name="tomcat", - version="9.0.0.M1", - ), - patched_package=PackageURL( - type="maven", - namespace="apache", - name="tomcat", - version="9.0.0.M3", - ), - ), - AffectedPackage( - vulnerable_package=PackageURL( - type="maven", - namespace="apache", - name="tomcat", - version="9.0.0.M2", - ), - patched_package=PackageURL( - type="maven", - namespace="apache", - name="tomcat", - version="9.0.0.M3", - ), - ), - ], - references=[ - Reference( - reference_id="", - url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0763", - severities=[], - ), - Reference( - reference_id="", - url="https://svn.apache.org/viewvc?view=rev&rev=1725926", - severities=[], - ), - ], - ), - ] - - with open(TEST_DATA) as f: - found_advisories = self.data_src.to_advisories(f) - - found_advisories = list(map(AdvisoryData.normalized, found_advisories)) - expected_advisories = list(map(AdvisoryData.normalized, expected_advisories)) - assert sorted(found_advisories) == sorted(expected_advisories) + ) + + converted_versions_data = ApacheTomcatImporter().to_version_ranges( + versions_data, fixed_versions + ) + + # print("\nvers_test = {}\n".format(MavenVersionRange.from_string("vers:maven/>=1.0.0|<=2.0.0"))) + # print("\nconverted_versions_data = {}\n".format(converted_versions_data)) + + assert expected_MavenVersionRange_versions_data == converted_versions_data + assert MavenVersionRange.from_string(expected_versions_data) == converted_versions_data From 22389cba3269bef74b748476b53f03522f922b72 Mon Sep 17 00:00:00 2001 From: "John M. Horan" Date: Thu, 29 Dec 2022 11:12:54 -0800 Subject: [PATCH 02/15] Create extract_advisories_from_page() #970 Reference: https://github.com/nexB/vulnerablecode/issues/970 Signed-off-by: John M. Horan --- vulnerabilities/importers/apache_tomcat.py | 570 ++++++++++---------- vulnerabilities/severity_systems.py | 22 + vulnerabilities/tests/test_apache_tomcat.py | 217 +++++++- 3 files changed, 525 insertions(+), 284 deletions(-) diff --git a/vulnerabilities/importers/apache_tomcat.py b/vulnerabilities/importers/apache_tomcat.py index ce81ee639..abc63ec84 100644 --- a/vulnerabilities/importers/apache_tomcat.py +++ b/vulnerabilities/importers/apache_tomcat.py @@ -7,11 +7,8 @@ # See https://aboutcode.org for more information about nexB OSS projects. # -# import json only for temporary testing +import dataclasses import json -import re - -# import asyncio import urllib import requests @@ -20,398 +17,332 @@ from univers.version_constraint import VersionConstraint from univers.version_range import MavenVersionRange from univers.versions import MavenVersion -from univers.versions import SemverVersion from vulnerabilities.importer import AdvisoryData from vulnerabilities.importer import AffectedPackage from vulnerabilities.importer import Importer from vulnerabilities.importer import Reference from vulnerabilities.importer import VulnerabilitySeverity -from vulnerabilities.package_managers import MavenVersionAPI -from vulnerabilities.severity_systems import GENERIC -from vulnerabilities.utils import create_etag -from vulnerabilities.utils import nearest_patched_package +from vulnerabilities.severity_systems import APACHE_TOMCAT + +TRACE = True class ApacheTomcatImporter(Importer): - base_url = "https://tomcat.apache.org/security-{}" - security_updates_home = "https://tomcat.apache.org/security" spdx_license_expression = "Apache-2.0" license_url = "https://www.apache.org/licenses/" temp_list_of_fixed_versions = [] - temp_advisory_dict_list = [] - updated_temp_advisory_dict_list = [] + record_of_all_affects_elements = [] + record_of_all_affects_strings = [] + record_of_all_affected_version_strings = [] + + def fetch_advisory_pages(self): + """ + Yield the content of each HTML page containing version-related security data. + """ + links = self.fetch_advisory_links("https://tomcat.apache.org/security") + for page_url in links: + yield requests.get(page_url).content + + def fetch_advisory_links(self, url): + """ + Yield the URLs of each Tomcat version security-related page. + Each page link is in the form of `https://tomcat.apache.org/security-10.html`, + for instance, for v10. + """ + data = requests.get(url).content + soup = BeautifulSoup(data, features="lxml") + for tag in soup.find_all("a"): + link = tag.get("href") + + if "security-" in link and any(char.isdigit() for char in link): + yield urllib.parse.urljoin(url, link) - def updated_advisories(self): + def advisory_data(self): + """ + Return a list of AdvisoryData. + """ advisories = [] - for advisory_page in self.fetch_pages(self.security_updates_home): - advisories.extend(self.to_advisories(advisory_page)) + for advisory_page in self.fetch_advisory_pages(self.security_updates_home): + advisories.extend(self.extract_advisories_from_page(advisory_page)) + + if TRACE: + self.debug_advisory_data(advisories) + + return advisories + + def debug_advisory_data(self, advisories): - apache_tomcat_advisories = "/mnt/c/wsl2-spyder-substitute-01/apache_tomcat_importer/apache_tomcat_advisories_refactored-02.txt" + apache_tomcat_advisories = "apache_tomcat_advisories_refactored-02.txt" with open(apache_tomcat_advisories, "w") as f: - for line in advisories: - f.write(f"{line}\n") + for advisory in advisories: + f.write(f"{advisory}\n") temp_advisory_to_dict_list = [] for adv in advisories: adv_dict = adv.to_dict() temp_advisory_to_dict_list.append(adv_dict) + # TODO: 2022-12-26 Monday 16:17:38. With my new ("better") approach, throws error: TypeError: Object of type Tag is not JSON serializable with open( - "/mnt/c/wsl2-spyder-substitute-01/apache_tomcat_importer/apache_tomcat_advisories_to_dict-02.json", + "apache_tomcat_advisories_to_dict-02.json", "w", encoding="utf-8", ) as f: json.dump(temp_advisory_to_dict_list, f, ensure_ascii=False, indent=4) with open( - "/mnt/c/wsl2-spyder-substitute-01/apache_tomcat_importer/apache_tomcat_fixed_version_list-00.txt", + "apache_tomcat_fixed_version_list-00.txt", "w", ) as f: for line in self.temp_list_of_fixed_versions: f.write(f"{line}\n") with open( - "/mnt/c/wsl2-spyder-substitute-01/apache_tomcat_importer/apache_tomcat_advisory_dict_list-00.json", + "apache_tomcat_advisory_dict_list-00.json", "w", encoding="utf-8", ) as f: json.dump(self.temp_advisory_dict_list, f, ensure_ascii=False, indent=4) with open( - "/mnt/c/wsl2-spyder-substitute-01/apache_tomcat_importer/apache_tomcat_advisory_dict_list-00-updated.json", + "apache_tomcat_advisory_dict_list-00-updated.json", "w", encoding="utf-8", ) as f: json.dump(self.updated_temp_advisory_dict_list, f, ensure_ascii=False, indent=4) - return advisories - - def fetch_links(self, url): - links = [] - data = requests.get(url).content - soup = BeautifulSoup(data, features="lxml") - for tag in soup.find_all("a"): - link = tag.get("href") - - if "security-" in link and any(char.isdigit() for char in link): - links.append(urllib.parse.urljoin(url, link)) + tomcat_affects_elements = "record_of_all_affects_elements-2022-12-27-00.txt" + with open(tomcat_affects_elements, "w") as f: + for line in self.record_of_all_affects_elements: + f.write(f"{line}\n") - return links + tomcat_affects_strings = "record_of_all_affects_strings-2022-12-27-00.txt" + with open(tomcat_affects_strings, "w") as f: + for line in self.record_of_all_affects_strings: + f.write(f"{line}\n") - def fetch_pages(self, security_updates_home): - links = self.fetch_links(security_updates_home) - for page_url in links: - yield requests.get(page_url).content + tomcat_affected_version_strings = "record_of_all_affected_version_strings-2022-12-27-00.txt" + with open(tomcat_affected_version_strings, "w") as f: + for line in self.record_of_all_affected_version_strings: + f.write(f"{line}\n") - def to_advisories(self, apache_tomcat_advisory_html): - advisories = [] + def extract_advisories_from_page(self, apache_tomcat_advisory_html): + """ + Return a list of AdvisoryData extracted from the HTML text ``apache_tomcat_advisory_html``. + """ page_soup = BeautifulSoup(apache_tomcat_advisory_html, features="lxml") + # We're looking for headers -- one for each advisory -- like this: + #

2022-10-10 Fixed in Apache Tomcat 10.0.27

pageh3s = page_soup.find_all("h3") - vuln_headings = [heading for heading in pageh3s if "Fixed in Apache Tomcat" in heading.text] + fixed_version_headings = [ + heading for heading in pageh3s if "Fixed in Apache Tomcat" in heading.text + ] - for vuln_heading in vuln_headings: + advisories = [] + for fixed_version_heading in fixed_version_headings: fixed_versions = [] - fixed_version = vuln_heading.text.split("Fixed in Apache Tomcat")[-1].strip() - print("fixed_version = {}".format(fixed_version)) - - if "and" in fixed_version: - # temp_fixed_version = fixed_version.split("and") - # new_fixed_version = ", ".join(temp_fixed_version) - # fixed_version = ", ".join(str(e).strip() for e in temp_fixed_version) + fixed_version = fixed_version_heading.text.split("Fixed in Apache Tomcat")[-1].strip() + if TRACE: + print("fixed_version = {}".format(fixed_version)) - # try this in place of above: + # We want to handle the occasional "and" in the fixed version headers, e.g., + #

5 September 2016 Fixed in Apache Tomcat 8.5.5 and 8.0.37

+ if " and " in fixed_version: fixed_versions = fixed_version.split(" and ") else: fixed_versions.append(fixed_version) - # if we define fixed_versions immediately above, we don't want this next line: - # fixed_versions.append(fixed_version) - print("fixed_versions = {}".format(fixed_versions)) + if TRACE: + print("fixed_versions = {}".format(fixed_versions)) + + # Each group of fixed-version-related data is contained in a div that immediately follows the h3 element, e.g., + #

8 November 2016 Fixed in Apache Tomcat 8.5.8

+ #
...
+ fixed_version_paras = fixed_version_heading.find_next_sibling() + + # See https://tomcat.apache.org/security-impact.html for scoring. + # Each advisory section starts with a

element, + # the text of which starts with, e.g., "Low:", so we look for these here, e.g., + #

Low: Apache Tomcat request smugglingCVE-2022-42252

+ severities = ("Low:", "Moderate:", "Important:", "High:", "Critical:") + # A list of groups of paragraphs, each for a single Tomcat Advisory. + advisory_groups = [] + current_group = [] + for para in fixed_version_paras.find_all("p"): + if para.text.startswith(severities): + if current_group: + current_group = [] + else: + advisory_groups.append(current_group) + + current_group.append(para) + + else: + if current_group: + current_group.append(para) + else: + pass + + severity_score = para.text.split(" ")[0] + severity_score = severity_score.split(":")[0] + print("\nseverity_score = {}\n".format(severity_score)) - details_div = vuln_heading.find_next_sibling() - - # =============================== 2022-12-25 Sunday 13:25:12. Start CVE section experiment - - # We want to start with - # vuln_p_list = ["Low:", "Moderate:", "Important:", "High:"] - # if p_tag.text.startswith(tuple(vuln_p_list)): - - vuln_p_list = ["Low:", "Moderate:", "Important:", "High:"] - # for section in details_div.find_all("p", string=(tuple(vuln_p_list))): - for section in details_div.find_all("p"): - # # for subsection in section.find_all("strong", text=(tuple(vuln_p_list))): - # for subsection in section.find_all( - # # "strong", text=lambda text: text and (tuple(vuln_p_list)) in text - # "strong", - # # this works but tests just 1 value from the list - # # text=lambda text: text and "Low:" in text, - # # 2022-12-25 Sunday 14:47:23. Looks like this works! Though doesn't require startswith . . . . - # # text=lambda text: text and any(word in text for word in vuln_p_list), - # # TODO: 2022-12-25 Sunday 14:55:09. This also seems to work at 1st glance and uses startswith!!! - # # text=lambda text: text and any(text.startswith(word) for word in vuln_p_list), - # # TODO: 2022-12-25 Sunday 15:05:44. And this also seems to work at 1st glance and also uses startswith!!! - # text=lambda text: text and text.startswith(tuple(vuln_p_list)), - # ): - # print( - # "\n-----------------------------------------------------------------------------------" - # ) - # print("\nsection = {}\n".format(section)) - - # print("fixed_versions = {}".format(fixed_versions)) - - # nextNode = section - # while True: - # # nextNode = nextNode.nextSibling - # nextNode = nextNode.find_next_sibling() - # try: - # tag_name = nextNode.name - # except AttributeError: - # tag_name = "" - # # I want to exclude but this does not do that: - # # if tag_name == "p" and not tag_name.find("strong"): - # if tag_name == "p": - # print("\nnextNode.string = {}".format(nextNode.string)) - # else: - # # print("*****") - # break - - # print( - # "\n-----------------------------------------------------------------------------------" - # ) - - # if section.name == "strong": - # print("\nHOORAY!\n") - - # # children = section.findChildren("strong", recursive=False) - # children = section.find_next_sibling("strong") - # for child in children: - # print("\nchild = \n".format(child)) - - elements = section.find_all( - # # "strong", text=lambda text: text and (tuple(vuln_p_list)) in text - "strong", - # this works but tests just 1 value from the list - # text=lambda text: text and "Low:" in text, - # 2022-12-25 Sunday 14:47:23. Looks like this works! Though doesn't require startswith . . . . - # text=lambda text: text and any(word in text for word in vuln_p_list), - # TODO: 2022-12-25 Sunday 14:55:09. This also seems to work at 1st glance and uses startswith!!! - # text=lambda text: text and any(text.startswith(word) for word in vuln_p_list), - # TODO: 2022-12-25 Sunday 15:05:44. And this also seems to work at 1st glance and also uses startswith!!! - text=lambda text: text and text.startswith(tuple(vuln_p_list)), - ) + print("===") - for strong_element in elements: + better_cve_url_list = para.find_all("a") + print("better_cve_url_list = {}\n".format(better_cve_url_list)) - # Is this where we want our test_advisory_dict = {}? - test_advisory_dict = {} + better_cve_id_list = [cve_text.text for cve_text in better_cve_url_list] + print("better_cve_id_list = {}\n".format(better_cve_id_list)) - print( - "\n-----------------------------------------------------------------------------------" - ) + for better_cve_url in para.find_all("a"): + print("better_cve_url = {}\n".format(better_cve_url)) + print("better_cve_url.text = {}".format(better_cve_url.text)) - print("\nfixed_versions = {}".format(fixed_versions)) + better_nextSiblings = para.find_next_siblings() - print("\nstrong_element = {}".format(strong_element)) - print( - "\nstrong_element.find_parent() = {}".format(strong_element.find_parent()) - ) + print("===") - severity_score = strong_element.text.split(" ")[0] - severity_score = severity_score.split(":")[0] - print("\nseverity_score = {}\n".format(severity_score)) - - strong_parent = strong_element.find_parent() + section_parent = para.find_parent() - cve_url_list = strong_parent.find_all("a") + cve_url_list = section_parent.find_all("a") print("cve_url_list = {}\n".format(cve_url_list)) cve_id_list = [cve_text.text for cve_text in cve_url_list] print("cve_id_list = {}\n".format(cve_id_list)) - for cve_url in strong_parent.find_all("a"): + for cve_url in section_parent.find_all("a"): print("cve_url = {}\n".format(cve_url)) print("cve_url.text = {}".format(cve_url.text)) - # Extracting all the next siblings of an element - # nextSibling = strong_element.find_next_sibling() - # nextSiblings = strong_element.find_next_siblings() - - nextSiblings = strong_parent.find_next_siblings() + nextSiblings = section_parent.find_next_siblings() - # Print all the next siblings - # print("\nnextSibling = {}".format(nextSibling)) + print("===") - # Comment out unless needed -- takes up much terminal output real estate. - # print("\nnextSiblings = {}".format(nextSiblings)) + fixed_commit_list = [] + affected_versions = [] - # 2022-12-25 Sunday 20:05:51. This might do what we want: - for sib in nextSiblings: + for sib in better_nextSiblings: if "was fixed in" in sib.text or "was fixed with" in sib.text: print("\nnext sib (was fixed) = {}".format(sib)) fixed_commit_list = sib.find_all("a") print("\nfixed_commit_list = {}".format(fixed_commit_list)) + elif "Affects" in sib.text: print("\nnext sib (affects) = {}\n".format(sib)) + + # 2022-12-27 Tuesday 18:47:28. We need the list of `sib` elements to examine -- and test -- the raw HTML. + self.record_of_all_affects_elements.append(sib) + + # 2022-12-27 Tuesday 14:47:51. We'll examine the affects_string and try to find and remove unwanted alpha and related characters/strings. + # === + # This version is before stripping/replacing etc. affects_string = sib.text.split("Affects:")[-1].strip() print("affects_string = {}\n".format(affects_string)) - affected_versions = affects_string.split(",") - print("affected_versions = {}\n".format(affected_versions)) + self.record_of_all_affects_strings.append(affects_string) + + affected_versions = affects_string.split(", ") + print("> affected_versions = {}\n".format(affected_versions)) + self.record_of_all_affected_version_strings.append(affected_versions) + # === + # This version is with most but not all of the stripping/replacing. + # affects_string = sib.text.split("Affects:")[-1].strip() + # affects_string = affects_string.replace("\n", "") + # affects_string = " ".join(affects_string.split()) + # affects_string_no_parens = re.sub(r" ?\([^)]+\)", "", affects_string) + # # print("affects_string = {}\n".format(affects_string)) + # # self.record_of_all_affects_strings.append(affects_string) + # print( + # "affects_string_no_parens = {}\n".format(affects_string_no_parens) + # ) + # self.record_of_all_affects_strings.append(affects_string_no_parens) + + # # affected_versions = affects_string.split(", ") + # affected_versions = affects_string_no_parens.split(", ") + # print("> affected_versions = {}\n".format(affected_versions)) + # self.record_of_all_affected_version_strings.append(affected_versions) + # === + elif sib.find_all( "strong", - text=lambda text: text and text.startswith(tuple(vuln_p_list)), + text=lambda text: text and text.startswith(tuple(severities)), ): break - # else: - # print("\nsib.name = {}".format(sib.name)) # Starting to flesh out this new approach. - for cve_id_record in cve_id_list: - test_advisory_dict["fixed_versions"] = fixed_versions - test_advisory_dict["aliases"] = [cve_id_record] - - self.updated_temp_advisory_dict_list.append(test_advisory_dict) - - print( - "-------------------------------------------------------------------------------------\n" - ) - - # =============================== 2022-12-25 Sunday 13:25:12. End CVE section experiment - - versions_data = [] - - fixed_in_commits = [] - for aa_tag in details_div.find_all("a"): - if ( - "was fixed in" in aa_tag.find_parent().text - or "was fixed with" in aa_tag.find_parent().text - ): - fixed_in_commits.append(aa_tag["href"]) - print("fixed_in_commits = {}".format(fixed_in_commits)) - # 2022-12-25 Sunday 09:20:55. ^ This works to some extent -- but we have a duplicate problem when a Fixed-in header (the 'vuln_heading in vuln_headings' loop we're now in) has more than 1 Low/Moderate/High/Important CVE section -- all sections have all fixed in commit References! Example: 6.0.48. - # We need to loop through the Low/Moderate/High/Important CVE section, grab the data and build the AvisoryData() object, then do the same for the remaining Low/Moderate/High/Important CVE sections (if any). - - for p_tag in details_div.find_all("p"): - """ - - We're iterating through a number of sibling

elements and want to handle them in groups of related

elements. - - - The group of related

elements begins with an

element whose text starts with "Fixed in Apache Tomcat" or "Will not be fixed in Apache Tomcat" or "Not fixed in Apache Tomcat" -- that's the `for vuln_heading in vuln_headings:` loop above -- we're inside it now. + # for cve_id_record in cve_id_list: + # test_advisory_dict["fixed_versions"] = fixed_versions + # test_advisory_dict["aliases"] = [cve_id_record] - - The

element is followed by a
element which contains the full set of sibling

elements that we want to divide into groups and handle group-by-group. + temp_dict_list = [] - - We're also now inside a child loop of that `vuln_heading` loop -- `for p_tag in details_div.find_all("p"):`. + print("\n1. affected_versions = {}\n".format(affected_versions)) - - The relevant starting

element of each group of related

elements begins with "Low:", "Moderate:", "High:" or "Important:". We want to grab the severity rating that begins that text (e.g., "Low"). - - - This text is inside

and occasionally includes a CVE URL. In addition, there are 1+ CVE URLs included just before the closing

tag. We want all those CVE URLs - - - We want the URLs (if any) in the

elements that list fixing commits -- these either start with "This was fixed" or contain "fixed in". Some have more than 1 URL. These will be references and we want all these URLs. - - - We end this group of related sibling

elements when we (1) reach the next "Low:/Moderate:/High:/Important:"

element or (2) reach the last

element in the fixed-version heading -- the end of the "for vuln_heading in vuln_headings:" loop we're currently in. - - - Now we construct the AffectedPackage() object(s) and then the AdvisoryData object - - - If there are more

elements to iterate over and group and analyze, we do that next. If not, we go to the next iteration in the `vuln_heading` loop -- the next fixed-version heading -- and repeat the process. I think `if not p_tag: continue` might accomplish this. - - """ - - cve_id_group = [] - affected_packages = [] - advisory_dict = {} - severity_score = "" - severities = [] - - affects_versions_data_01 = "" + for better_cve_id_record in better_cve_id_list: + # 2022-12-26 Monday 14:41:11. This is where `test_advisory_dict = {}` belongs! Now we have data for the double-CVEs! + test_advisory_dict = {} + test_advisory_dict["fixed_versions"] = fixed_versions + test_advisory_dict["aliases"] = [better_cve_id_record] - if "Affects:" in p_tag.text: - affects_versions_data_01 = p_tag.text.split("Affects:")[-1].strip() - print("==> affects_versions_data_01 = {}".format(affects_versions_data_01)) - advisory_dict["affected_versions"] = affects_versions_data_01 + self.updated_temp_advisory_dict_list.append(test_advisory_dict) - # if p_tag.find("strong") and p_tag.find("a"): - vuln_p_list = ["Low:", "Moderate:", "Important:", "High:"] - if p_tag.text.startswith(tuple(vuln_p_list)): - severity_score = p_tag.text.split(":")[0] - # severities.append(severity_score) - severities.append( - VulnerabilitySeverity( - system=GENERIC, - value=severity_score, - scoring_elements="", + print( + "==========================> better_cve_id_record = {}".format( + better_cve_id_record + ) ) - ) - # print("severity_score = {}".format(severity_score)) - - affects_versions_data_02 = "" - - if "Affects:" in p_tag.text: - affects_versions_data_02 = p_tag.text.split("Affects:")[-1].strip() - print("==> affects_versions_data_02 = {}".format(affects_versions_data_02)) - # ^ This never prints. - - # versions_data.append(p_tag.text.split("Affects:")[-1].strip()) - - # test_versions_data = p_tag.text.split("Affects:")[-1].strip() - # print("==> test_versions_data = {}".format(test_versions_data)) - - jmh_temp_cve_list = [] - for a_tag in p_tag.find_all("a"): - # versions_data = [] - if "cve.mitre.org" not in a_tag["href"]: - # if "fixed in" in p_tag.text: - # fixed_in_commits.append(a_tag["href"]) - continue - cve_id_group.append(re.search(r"CVE-\d*-\d*", a_tag.text).group()) + temp_dict_list.append(test_advisory_dict) - cve_id = re.search(r"CVE-\d*-\d*", a_tag.text).group() - - if "Affects:" in p_tag.text: - OG_versions_data = p_tag.text.split("Affects:")[-1].strip() - print("==> OG_versions_data = {}".format(OG_versions_data)) - # versions_data.append(p_tag.text.split("Affects:")[-1].strip()) - - # test_versions_data = p_tag.text.split("Affects:")[-1].strip() - # print("==> test_versions_data = {}".format(test_versions_data)) - - print("versions_data = {}".format(versions_data)) - print("*** affects_versions_data_01 = {}".format(affects_versions_data_01)) - print("cve_id_group = {}".format(cve_id_group)) - - # print("fixed_in_commits = {}".format(fixed_in_commits)) - print( - "-------------------------------fixed_versions = {}".format( - fixed_versions + # TODO: 2022-12-26 Monday 14:55:49. Is this where we build the "better" AdvisoryData() objects? + better_severities = [] + better_severities.append( + VulnerabilitySeverity( + system=APACHE_TOMCAT, + value=severity_score, + scoring_elements="", ) ) - # for cve_id in cve_id_group: - advisory_dict["aliases"] = [cve_id] - advisory_dict["fixed_versions"] = fixed_versions - # advisory_dict["affected_versions"] = versions_data - advisory_dict["severity_score"] = severity_score - - self.temp_advisory_dict_list.append(advisory_dict) + print("\n2. affected_versions = {}\n".format(affected_versions)) affected_version_range = self.to_version_ranges( - versions_data, fixed_versions + # versions_data, fixed_versions + affected_versions, + # TODO: 2022-12-26 Monday 16:01:08. fix this! + # ["1.1"], + # ["8.5.0 to 8.5.4", " 8.0.0.RC1 to 8.0.36"], + # ["3.0", " 3.1-3.1.1", " 3.2-3.2.1"], + # TODO: 2022-12-26 Monday 17:56:04. This identified the problem -- a space at the start of the 2nd range! + # ["8.5.0 to 8.5.4", "8.0.0.RC1 to 8.0.36"], + fixed_versions, ) references = [ Reference( - url=f"https://cve.mitre.org/cgi-bin/cvename.cgi?name={cve_id}", - reference_id=cve_id, - severities=severities, + # url=f"https://cve.mitre.org/cgi-bin/cvename.cgi?name={cve_id}", + url=f"https://cve.mitre.org/cgi-bin/cvename.cgi?name={better_cve_id_record}", + # reference_id=cve_id, + reference_id=better_cve_id_record, + # severities=severities, + severities=better_severities, ), ] - for commit_url in fixed_in_commits: - references.append(Reference(url=commit_url)) + # for commit_url in fixed_in_commits: + for commit_url in fixed_commit_list: + # references.append(Reference(url=commit_url)) + # TODO: 2022-12-26 Monday 17:23:38. Does this fix the error TypeError: Object of type Tag is not JSON serializable? Yes. + references.append(Reference(url=commit_url["href"])) + + # 2022-12-26 Monday 15:37:02. Does this belong here? + affected_packages = [] affected_packages.append( AffectedPackage( @@ -426,14 +357,14 @@ def to_advisories(self, apache_tomcat_advisory_html): advisories.append( AdvisoryData( - aliases=[cve_id], + aliases=[better_cve_id_record], summary="", affected_packages=affected_packages, references=references, ) ) - self.temp_list_of_fixed_versions.append(fixed_versions) + self.temp_list_of_fixed_versions.append(fixed_versions) return advisories @@ -513,3 +444,78 @@ def to_version_ranges(self, versions_data, fixed_versions): ) return MavenVersionRange(constraints=constraints) + + +@dataclasses.dataclass(order=True) +class TomcatAdvisoryData: + fixed_versions: list + advisory_groups: list + + def to_dict(self): + advisory_groups_to_strings = [] + # Convert bs4 para to string. + for group in self.advisory_groups: + advisory_groups_to_strings.append([str(para) for para in group]) + return { + "fixed_versions": self.fixed_versions, + "advisory_groups": advisory_groups_to_strings, + } + + +def extract_advisories_from_page(apache_tomcat_advisory_html): + """ + Yield TomcatAdvisoryData from the HTML text ``apache_tomcat_advisory_html``. + """ + page_soup = BeautifulSoup(apache_tomcat_advisory_html, features="lxml") + # We're looking for headers -- one for each advisory -- like this: + #

2022-10-10 Fixed in Apache Tomcat 10.0.27

+ pageh3s = page_soup.find_all("h3") + fixed_version_headings = [ + heading for heading in pageh3s if "Fixed in Apache Tomcat" in heading.text + ] + + for fixed_version_heading in fixed_version_headings: + fixed_versions = [] + fixed_version = fixed_version_heading.text.split("Fixed in Apache Tomcat")[-1].strip() + if TRACE: + print("fixed_version = {}".format(fixed_version)) + + # We want to handle the occasional "and" in the fixed version headers, e.g., + #

5 September 2016 Fixed in Apache Tomcat 8.5.5 and 8.0.37

+ if " and " in fixed_version: + fixed_versions = fixed_version.split(" and ") + else: + fixed_versions.append(fixed_version) + + if TRACE: + print("fixed_versions = {}".format(fixed_versions)) + + # Each group of fixed-version-related data is contained in a div that immediately follows the h3 element, e.g., + #

8 November 2016 Fixed in Apache Tomcat 8.5.8

+ #
...
+ fixed_version_paras = fixed_version_heading.find_next_sibling() + + # See https://tomcat.apache.org/security-impact.html for scoring. + # Each advisory section starts with a

element, + # the text of which starts with, e.g., "Low:", so we look for these here, e.g., + #

Low: Apache Tomcat request smugglingCVE-2022-42252

+ severities = ("Low:", "Moderate:", "Important:", "High:", "Critical:") + # A list of groups of paragraphs, each for a single Tomcat Advisory. + advisory_groups = [] + current_group = [] + for para in fixed_version_paras.find_all("p"): + if para.text.startswith(severities): + if current_group: + current_group = [] + else: + advisory_groups.append(current_group) + + current_group.append(para) + + else: + if current_group: + current_group.append(para) + else: + pass + + yield TomcatAdvisoryData(fixed_versions=fixed_versions, advisory_groups=advisory_groups) diff --git a/vulnerabilities/severity_systems.py b/vulnerabilities/severity_systems.py index 2bf27de98..de0d45f69 100644 --- a/vulnerabilities/severity_systems.py +++ b/vulnerabilities/severity_systems.py @@ -124,6 +124,27 @@ def compute(self, scoring_elements: str) -> str: name="Apache Httpd Severity", url="https://httpd.apache.org/security/impact_levels.html", ) +APACHE_HTTPD.choices = [ + "Critical", + "Important", + "Moderate", + "Low", +] + +# This is essentially identical to apache_http except for the addition of the "High" score, +# which seems to be used interchangeably for "Important". +APACHE_TOMCAT = ScoringSystem( + identifier="apache_tomcat", + name="Apache Tomcat Severity", + url="https://tomcat.apache.org/security-impact.html", +) +APACHE_TOMCAT.choices = [ + "Critical", + "High", + "Important", + "Moderate", + "Low", +] SCORING_SYSTEMS = { system.identifier: system @@ -137,5 +158,6 @@ def compute(self, scoring_elements: str) -> str: CVSS31_QUALITY, GENERIC, APACHE_HTTPD, + APACHE_TOMCAT, ) } diff --git a/vulnerabilities/tests/test_apache_tomcat.py b/vulnerabilities/tests/test_apache_tomcat.py index 0957a6dff..938e7c66b 100644 --- a/vulnerabilities/tests/test_apache_tomcat.py +++ b/vulnerabilities/tests/test_apache_tomcat.py @@ -19,6 +19,7 @@ from vulnerabilities.importer import AdvisoryData from vulnerabilities.importer import Reference from vulnerabilities.importers.apache_tomcat import ApacheTomcatImporter +from vulnerabilities.importers.apache_tomcat import extract_advisories_from_page from vulnerabilities.package_managers import MavenVersionAPI from vulnerabilities.package_managers import PackageVersion from vulnerabilities.utils import AffectedPackage @@ -29,14 +30,226 @@ security_updates_home = "https://tomcat.apache.org/security" +def test_extract_advisories_from_page(): + page = """ +

6 April 2021 Fixed in Apache Tomcat 10.0.5

+ +

Important: Denial of Service + CVE-2021-30639

+ +

An error introduced as part of a change to improve error handling.

+ Applications that do not use non-blocking I/O are not exposed to this vulnerability. + +

This was fixed with commit + b59099e4.

+ +

This issue was reported publicly as 65203.

+ +

Affects: 10.0.3 to 10.0.4

+ +
+ """ + + expected = [ + { + "advisory_groups": [ + [ + "

Important: Denial of Service\n" + "CVE-2021-30639

', + "

An error introduced as part of a change to improve " "error handling.

", + "

This was fixed with commit\n" + " b59099e4.

', + "

This issue was reported publicly as 65203.

', + "

Affects: 10.0.3 to 10.0.4

", + ] + ], + "fixed_versions": ["10.0.5"], + }, + ] + results = extract_advisories_from_page(page) + results = [d.to_dict() for d in results] + assert results == expected + + +def test_extract_advisories_from_page_with_multiple_groups(): + page = """ +

2 February 2021 Fixed in Apache Tomcat 10.0.2

+ +

Note: The issues below were fixed in Apache Tomcat 10.0.1 but the + release vote for the 10.0.1 release candidate did not pass. Therefore, + although users must download 10.0.2 to obtain a version that includes a + fix for these issues, version 10.0.1 is not included in the list of + affected versions.

+ +

Low: Fix for CVE-2020-9484 was incomplete + CVE-2021-25329

+ +

The fix for CVE-2020-9484 was incomplete. When using a + highly unlikely configuration edge case, the Tomcat instance was still + vulnerable to CVE-2020-9484. Note that both the previously + published prerequisites for CVE-2020-9484 and the previously + published non-upgrade mitigations for CVE-2020-9484 also apply to + this issue.

+ +

This was fixed with commit + 6d66e99e.

+ +

This issue was reported to the Apache Tomcat Security team by Trung Pham + of Viettel Cyber Security on 12 January 2021. The issue was made public + on 1 March 2021.

+ +

Affects: 10.0.0-M1 to 10.0.0

+ +

Important: Request mix-up with h2c + CVE-2021-25122

+ +

When responding to new h2c connection requests, Apache Tomcat could + duplicate request headers and a limited amount of request body from one + request to another meaning user A and user B could both see the results of + user A's request.

+ +

This was fixed with commit + dd757c0a.

+ +

This issue was identified by the Apache Tomcat Security team on 11 + January 2021. The issue was made public on 1 March 2021.

+ +

Affects: 10.0.0-M1 to 10.0.0

+ +

17 November 2020 Fixed in Apache Tomcat 10.0.0-M10

+ +

Important: Information disclosure + CVE-2021-24122

+ +

When serving resources from a network location using the NTFS file system + it was possible to bypass security constraints and/or view the source + code for JSPs in some configurations. The root cause was the unexpected + behaviour of the JRE API File.getCanonicalPath() which in + turn was caused by the inconsistent behaviour of the Windows API + (FindFirstFileW) in some circumstances. +

+ +

This was fixed with commit + 7f004ac4.

+ +

This issue was reported the Apache Tomcat Security team by Ilja Brander + on 26 October 2020. The issue was made public on 14 January 2021.

+ +

Affects: 10.0.0-M1 to 10.0.0-M9

+ +

Moderate: HTTP/2 request header mix-up + CVE-2020-17527

+ +

While investigating issue 64830 it was discovered that Apache + Tomcat could re-use an HTTP request header value from the previous stream + received on an HTTP/2 connection for the request associated with the + subsequent stream. While this would most likely lead to an error and the + closure of the HTTP/2 connection, it is possible that information could + leak between requests. +

+ +

This was fixed with commit + 8d2fe689.

+ +

This issue was identified by the Apache Tomcat Security team on 10 + November 2020. The issue was made public on 3 December 2020.

+ +

Affects: 10.0.0-M1 to 10.0.0-M9

+ +
+ """ + + expected = [ + { + "advisory_groups": [ + [ + "

Low: Fix for CVE-2020-9484 was ' + "incomplete\n" + "CVE-2021-25329

', + "

The fix for CVE-2020-9484 was incomplete. When ' + "using a\n" + " highly unlikely configuration edge case, the " + "Tomcat instance was still\n" + " vulnerable to CVE-2020-9484. Note that both the ' + "previously\n" + " published prerequisites for CVE-2020-9484 and the previously\n' + " published non-upgrade mitigations for CVE-2020-9484 also apply to\n' + " this issue.

", + "

This was fixed with commit\n" + " 6d66e99e.

', + "

This issue was reported to the Apache Tomcat " + "Security team by Trung Pham\n" + " of Viettel Cyber Security on 12 January 2021. " + "The issue was made public\n" + " on 1 March 2021.

", + "

Affects: 10.0.0-M1 to 10.0.0

", + ] + ], + "fixed_versions": ["10.0.2"], + }, + { + "advisory_groups": [ + [ + "

Important: Information disclosure\n" + "CVE-2021-24122

', + "

When serving resources from a network location " + "using the NTFS file system\n" + " it was possible to bypass security constraints " + "and/or view the source\n" + " code for JSPs in some configurations. The root " + "cause was the unexpected\n" + " behaviour of the JRE API " + "File.getCanonicalPath() which in\n" + " turn was caused by the inconsistent behaviour " + "of the Windows API\n" + " (FindFirstFileW) in some " + "circumstances.\n" + "

", + "

This was fixed with commit\n" + " 7f004ac4.

', + "

This issue was reported the Apache Tomcat Security " + "team by Ilja Brander\n" + " on 26 October 2020. The issue was made public " + "on 14 January 2021.

", + "

Affects: 10.0.0-M1 to 10.0.0-M9

", + ] + ], + "fixed_versions": ["10.0.0-M10"], + }, + ] + results = extract_advisories_from_page(page) + results = [d.to_dict() for d in results] + assert results == expected + + # This test is temporary -- just for running apache_tomcat.py using all HTML report pages. # Will replace with a REGEN-based test as with apache_httpd and postgresql. def test_updated_advisories(): - returned_advisories = ApacheTomcatImporter().updated_advisories() + returned_advisories = ApacheTomcatImporter().advisory_data() def test_fetch_links(): - retrieved_links = ApacheTomcatImporter().fetch_links(security_updates_home) + retrieved_links = ApacheTomcatImporter().fetch_advisory_links(security_updates_home) assert retrieved_links == [ "https://tomcat.apache.org/security-10.html", From 56a3ad7ede9509e7ffb556705d3ea08408fa5246 Mon Sep 17 00:00:00 2001 From: "John M. Horan" Date: Thu, 29 Dec 2022 13:15:59 -0800 Subject: [PATCH 03/15] Update tests for new extract_advisories_from_page() #970 Reference: https://github.com/nexB/vulnerablecode/issues/970 Signed-off-by: John M. Horan --- vulnerabilities/importers/apache_tomcat.py | 34 ++++++------ vulnerabilities/tests/test_apache_tomcat.py | 57 ++++++++++++++++++++- 2 files changed, 74 insertions(+), 17 deletions(-) diff --git a/vulnerabilities/importers/apache_tomcat.py b/vulnerabilities/importers/apache_tomcat.py index abc63ec84..76a4a2396 100644 --- a/vulnerabilities/importers/apache_tomcat.py +++ b/vulnerabilities/importers/apache_tomcat.py @@ -25,7 +25,7 @@ from vulnerabilities.importer import VulnerabilitySeverity from vulnerabilities.severity_systems import APACHE_TOMCAT -TRACE = True +TRACE = False class ApacheTomcatImporter(Importer): @@ -89,7 +89,6 @@ def debug_advisory_data(self, advisories): adv_dict = adv.to_dict() temp_advisory_to_dict_list.append(adv_dict) - # TODO: 2022-12-26 Monday 16:17:38. With my new ("better") approach, throws error: TypeError: Object of type Tag is not JSON serializable with open( "apache_tomcat_advisories_to_dict-02.json", "w", @@ -133,6 +132,8 @@ def debug_advisory_data(self, advisories): for line in self.record_of_all_affected_version_strings: f.write(f"{line}\n") + # 2022-12-29 Thursday 13:11:16. We're in the process of refactoring this method. + # See, e.g., function with the same name at the bottom of this file. def extract_advisories_from_page(self, apache_tomcat_advisory_html): """ Return a list of AdvisoryData extracted from the HTML text ``apache_tomcat_advisory_html``. @@ -389,8 +390,6 @@ def to_version_ranges(self, versions_data, fixed_versions): ) elif "-" in version_item: - # elif "-" in version_item and not any([i.isalpha() for i in version_item]): - # version_item_split = version_item.split(" ") version_item_split = version_item.split("-") constraints.append( @@ -479,6 +478,7 @@ def extract_advisories_from_page(apache_tomcat_advisory_html): fixed_version = fixed_version_heading.text.split("Fixed in Apache Tomcat")[-1].strip() if TRACE: print("fixed_version = {}".format(fixed_version)) + print("===========================") # We want to handle the occasional "and" in the fixed version headers, e.g., #

5 September 2016 Fixed in Apache Tomcat 8.5.5 and 8.0.37

@@ -489,6 +489,7 @@ def extract_advisories_from_page(apache_tomcat_advisory_html): if TRACE: print("fixed_versions = {}".format(fixed_versions)) + print("===========================") # Each group of fixed-version-related data is contained in a div that immediately follows the h3 element, e.g., #

8 November 2016 Fixed in Apache Tomcat 8.5.8

@@ -502,20 +503,23 @@ def extract_advisories_from_page(apache_tomcat_advisory_html): severities = ("Low:", "Moderate:", "Important:", "High:", "Critical:") # A list of groups of paragraphs, each for a single Tomcat Advisory. advisory_groups = [] - current_group = [] + for para in fixed_version_paras.find_all("p"): + current_group = [] if para.text.startswith(severities): - if current_group: - current_group = [] - else: - advisory_groups.append(current_group) - current_group.append(para) - else: - if current_group: - current_group.append(para) - else: - pass + test_nextSiblings = para.find_next_siblings() + for next_sibling in test_nextSiblings: + if not next_sibling.text.startswith(severities): + current_group.append(next_sibling) + elif next_sibling.text.startswith(severities): + break + + advisory_groups.append(current_group) + + if TRACE: + print("\ncurrent_group = {}\n".format(current_group)) + print("\nadvisory_groups = {}\n".format(advisory_groups)) yield TomcatAdvisoryData(fixed_versions=fixed_versions, advisory_groups=advisory_groups) diff --git a/vulnerabilities/tests/test_apache_tomcat.py b/vulnerabilities/tests/test_apache_tomcat.py index 938e7c66b..b43227418 100644 --- a/vulnerabilities/tests/test_apache_tomcat.py +++ b/vulnerabilities/tests/test_apache_tomcat.py @@ -59,6 +59,8 @@ def test_extract_advisories_from_page(): 'href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30639" ' 'rel="nofollow">CVE-2021-30639

', "

An error introduced as part of a change to improve " "error handling.

", + "Applications that do not use non-blocking I/O are " + "not exposed to this vulnerability.", "

This was fixed with commit\n" " b59099e4.

', @@ -200,7 +202,29 @@ def test_extract_advisories_from_page_with_multiple_groups(): "The issue was made public\n" " on 1 March 2021.

", "

Affects: 10.0.0-M1 to 10.0.0

", - ] + ], + [ + "

Important: Request mix-up with " + "h2c\n" + "CVE-2021-25122

', + "

When responding to new h2c connection requests, " + "Apache Tomcat could\n" + " duplicate request headers and a limited amount of " + "request body from one\n" + " request to another meaning user A and user B could " + "both see the results of\n" + " user A's request.

", + "

This was fixed with commit\n" + " dd757c0a.

', + "

This issue was identified by the Apache Tomcat " + "Security team on 11\n" + " January 2021. The issue was made public on 1 " + "March 2021.

", + "

Affects: 10.0.0-M1 to 10.0.0

", + ], ], "fixed_versions": ["10.0.2"], }, @@ -232,11 +256,40 @@ def test_extract_advisories_from_page_with_multiple_groups(): " on 26 October 2020. The issue was made public " "on 14 January 2021.

", "

Affects: 10.0.0-M1 to 10.0.0-M9

", - ] + ], + [ + "

Moderate: HTTP/2 request header " + "mix-up\n" + "CVE-2020-17527

', + "

While investigating issue 64830 ' + "it was discovered that Apache\n" + " Tomcat could re-use an HTTP request header " + "value from the previous stream\n" + " received on an HTTP/2 connection for the " + "request associated with the\n" + " subsequent stream. While this would most likely " + "lead to an error and the\n" + " closure of the HTTP/2 connection, it is " + "possible that information could\n" + " leak between requests.\n" + "

", + "

This was fixed with commit\n" + " 8d2fe689.

', + "

This issue was identified by the Apache Tomcat " + "Security team on 10\n" + " November 2020. The issue was made public on 3 " + "December 2020.

", + "

Affects: 10.0.0-M1 to 10.0.0-M9

", + ], ], "fixed_versions": ["10.0.0-M10"], }, ] + results = extract_advisories_from_page(page) results = [d.to_dict() for d in results] assert results == expected From 42561b867dd2578144c953244babff10b359a82e Mon Sep 17 00:00:00 2001 From: "John M. Horan" Date: Mon, 2 Jan 2023 16:41:53 -0800 Subject: [PATCH 04/15] Begin apache_tomcat.py refactoring #970 Reference: https://github.com/nexB/vulnerablecode/issues/970 Signed-off-by: John M. Horan --- vulnerabilities/importers/apache_tomcat.py | 863 ++++++++++++------ vulnerabilities/tests/test_apache_tomcat.py | 27 +- .../apache_tomcat_cve-2020-9484.html | 248 +++++ 3 files changed, 830 insertions(+), 308 deletions(-) create mode 100644 vulnerabilities/tests/test_data/apache_tomcat/apache_tomcat_cve-2020-9484.html diff --git a/vulnerabilities/importers/apache_tomcat.py b/vulnerabilities/importers/apache_tomcat.py index 76a4a2396..3f35a4321 100644 --- a/vulnerabilities/importers/apache_tomcat.py +++ b/vulnerabilities/importers/apache_tomcat.py @@ -138,311 +138,123 @@ def extract_advisories_from_page(self, apache_tomcat_advisory_html): """ Return a list of AdvisoryData extracted from the HTML text ``apache_tomcat_advisory_html``. """ - page_soup = BeautifulSoup(apache_tomcat_advisory_html, features="lxml") - # We're looking for headers -- one for each advisory -- like this: - #

2022-10-10 Fixed in Apache Tomcat 10.0.27

- pageh3s = page_soup.find_all("h3") - fixed_version_headings = [ - heading for heading in pageh3s if "Fixed in Apache Tomcat" in heading.text - ] - advisories = [] - for fixed_version_heading in fixed_version_headings: - fixed_versions = [] - fixed_version = fixed_version_heading.text.split("Fixed in Apache Tomcat")[-1].strip() - if TRACE: - print("fixed_version = {}".format(fixed_version)) - - # We want to handle the occasional "and" in the fixed version headers, e.g., - #

5 September 2016 Fixed in Apache Tomcat 8.5.5 and 8.0.37

- if " and " in fixed_version: - fixed_versions = fixed_version.split(" and ") - else: - fixed_versions.append(fixed_version) - - if TRACE: - print("fixed_versions = {}".format(fixed_versions)) - - # Each group of fixed-version-related data is contained in a div that immediately follows the h3 element, e.g., - #

8 November 2016 Fixed in Apache Tomcat 8.5.8

- #
...
- fixed_version_paras = fixed_version_heading.find_next_sibling() - - # See https://tomcat.apache.org/security-impact.html for scoring. - # Each advisory section starts with a

element, - # the text of which starts with, e.g., "Low:", so we look for these here, e.g., - #

Low: Apache Tomcat request smugglingCVE-2022-42252

- severities = ("Low:", "Moderate:", "Important:", "High:", "Critical:") - # A list of groups of paragraphs, each for a single Tomcat Advisory. - advisory_groups = [] - current_group = [] - for para in fixed_version_paras.find_all("p"): - if para.text.startswith(severities): - if current_group: - current_group = [] - else: - advisory_groups.append(current_group) - - current_group.append(para) - - else: - if current_group: - current_group.append(para) - else: - pass - - severity_score = para.text.split(" ")[0] - severity_score = severity_score.split(":")[0] - print("\nseverity_score = {}\n".format(severity_score)) - print("===") - - better_cve_url_list = para.find_all("a") - print("better_cve_url_list = {}\n".format(better_cve_url_list)) - - better_cve_id_list = [cve_text.text for cve_text in better_cve_url_list] - print("better_cve_id_list = {}\n".format(better_cve_id_list)) - - for better_cve_url in para.find_all("a"): - print("better_cve_url = {}\n".format(better_cve_url)) - print("better_cve_url.text = {}".format(better_cve_url.text)) - - better_nextSiblings = para.find_next_siblings() - - print("===") - - section_parent = para.find_parent() - - cve_url_list = section_parent.find_all("a") - print("cve_url_list = {}\n".format(cve_url_list)) - - cve_id_list = [cve_text.text for cve_text in cve_url_list] - print("cve_id_list = {}\n".format(cve_id_list)) - - for cve_url in section_parent.find_all("a"): - print("cve_url = {}\n".format(cve_url)) - print("cve_url.text = {}".format(cve_url.text)) - - nextSiblings = section_parent.find_next_siblings() - - print("===") - - fixed_commit_list = [] - affected_versions = [] - - for sib in better_nextSiblings: - if "was fixed in" in sib.text or "was fixed with" in sib.text: - print("\nnext sib (was fixed) = {}".format(sib)) - fixed_commit_list = sib.find_all("a") - print("\nfixed_commit_list = {}".format(fixed_commit_list)) - - elif "Affects" in sib.text: - print("\nnext sib (affects) = {}\n".format(sib)) - - # 2022-12-27 Tuesday 18:47:28. We need the list of `sib` elements to examine -- and test -- the raw HTML. - self.record_of_all_affects_elements.append(sib) - - # 2022-12-27 Tuesday 14:47:51. We'll examine the affects_string and try to find and remove unwanted alpha and related characters/strings. - # === - # This version is before stripping/replacing etc. - affects_string = sib.text.split("Affects:")[-1].strip() - print("affects_string = {}\n".format(affects_string)) - self.record_of_all_affects_strings.append(affects_string) - - affected_versions = affects_string.split(", ") - print("> affected_versions = {}\n".format(affected_versions)) - self.record_of_all_affected_version_strings.append(affected_versions) - # === - # This version is with most but not all of the stripping/replacing. - # affects_string = sib.text.split("Affects:")[-1].strip() - # affects_string = affects_string.replace("\n", "") - # affects_string = " ".join(affects_string.split()) - # affects_string_no_parens = re.sub(r" ?\([^)]+\)", "", affects_string) - # # print("affects_string = {}\n".format(affects_string)) - # # self.record_of_all_affects_strings.append(affects_string) - # print( - # "affects_string_no_parens = {}\n".format(affects_string_no_parens) - # ) - # self.record_of_all_affects_strings.append(affects_string_no_parens) - - # # affected_versions = affects_string.split(", ") - # affected_versions = affects_string_no_parens.split(", ") - # print("> affected_versions = {}\n".format(affected_versions)) - # self.record_of_all_affected_version_strings.append(affected_versions) - # === - - elif sib.find_all( - "strong", - text=lambda text: text and text.startswith(tuple(severities)), - ): - break - - # Starting to flesh out this new approach. - # for cve_id_record in cve_id_list: - # test_advisory_dict["fixed_versions"] = fixed_versions - # test_advisory_dict["aliases"] = [cve_id_record] - - temp_dict_list = [] - - print("\n1. affected_versions = {}\n".format(affected_versions)) - - for better_cve_id_record in better_cve_id_list: - # 2022-12-26 Monday 14:41:11. This is where `test_advisory_dict = {}` belongs! Now we have data for the double-CVEs! - test_advisory_dict = {} - test_advisory_dict["fixed_versions"] = fixed_versions - test_advisory_dict["aliases"] = [better_cve_id_record] - - self.updated_temp_advisory_dict_list.append(test_advisory_dict) - - print( - "==========================> better_cve_id_record = {}".format( - better_cve_id_record - ) - ) - - temp_dict_list.append(test_advisory_dict) - - # TODO: 2022-12-26 Monday 14:55:49. Is this where we build the "better" AdvisoryData() objects? - better_severities = [] - better_severities.append( - VulnerabilitySeverity( - system=APACHE_TOMCAT, - value=severity_score, - scoring_elements="", - ) - ) - - print("\n2. affected_versions = {}\n".format(affected_versions)) - - affected_version_range = self.to_version_ranges( - # versions_data, fixed_versions - affected_versions, - # TODO: 2022-12-26 Monday 16:01:08. fix this! - # ["1.1"], - # ["8.5.0 to 8.5.4", " 8.0.0.RC1 to 8.0.36"], - # ["3.0", " 3.1-3.1.1", " 3.2-3.2.1"], - # TODO: 2022-12-26 Monday 17:56:04. This identified the problem -- a space at the start of the 2nd range! - # ["8.5.0 to 8.5.4", "8.0.0.RC1 to 8.0.36"], - fixed_versions, - ) - references = [ - Reference( - # url=f"https://cve.mitre.org/cgi-bin/cvename.cgi?name={cve_id}", - url=f"https://cve.mitre.org/cgi-bin/cvename.cgi?name={better_cve_id_record}", - # reference_id=cve_id, - reference_id=better_cve_id_record, - # severities=severities, - severities=better_severities, - ), - ] - - # for commit_url in fixed_in_commits: - for commit_url in fixed_commit_list: - # references.append(Reference(url=commit_url)) - # TODO: 2022-12-26 Monday 17:23:38. Does this fix the error TypeError: Object of type Tag is not JSON serializable? Yes. - references.append(Reference(url=commit_url["href"])) - - # 2022-12-26 Monday 15:37:02. Does this belong here? - affected_packages = [] - - affected_packages.append( - AffectedPackage( - package=PackageURL( - type="maven", - namespace="apache", - name="tomcat", - ), - affected_version_range=affected_version_range, - ) - ) - - advisories.append( - AdvisoryData( - aliases=[better_cve_id_record], - summary="", - affected_packages=affected_packages, - references=references, - ) - ) - - self.temp_list_of_fixed_versions.append(fixed_versions) + # TODO: 2022-12-29 Thursday 13:52:36. Replace relevant code block below with with call to new independent function. + # TODO: Then: create a function that receives a single TomcatAdvisoryData object and yields one or more AdvisoryData objects. + + # fixed_versions, advisory_groups = extract_advisories_from_page(apache_tomcat_advisory_html) + # print("\nfixed_versions = {}\n".format(fixed_versions)) + # print("\nadvisory_groups = {}\n".format(advisory_groups)) + + test_output = extract_tomcat_advisory_data_from_page(apache_tomcat_advisory_html) + # XXX: 2023-01-02 Monday 12:15:49. Hide but keep while debugging + # print( + # "\n\n-------------------------------------------------------------------------------------------" + # ) + # print("test_output = {}".format(test_output)) + # print( + # "-------------------------------------------------------------------------------------------" + # ) + + for adv in test_output: + print("\n==================================================\n") + + print("Fixed-version advisory") + # XXX: 2023-01-02 Monday 12:15:49. Hide but keep while debugging + # print("\nadv = {}\n".format(adv)) + advisory_data_object = generate_advisory_data_objects(adv) + # print("\nadvisory_data_object = {}\n".format(advisory_data_object)) + for gen in advisory_data_object: + print("\ngen = {}\n".format(gen)) + # XXX: 2023-01-02 Monday 15:18:53. Now that we're writing `real` code this doesn't + # work because `gen` is now an AdvisoryData() object, not a hand-crafted dict. + # print(json.dumps(gen, indent=4, sort_keys=False)) + advisories.append(advisory_data_object) + # XXX: 2023-01-02 Monday 12:15:49. Hide but keep while debugging + # for test_advisory in advisories: + # print("\ntest_advisory = {}\n".format(test_advisory)) + + print("\nadvisories = {}\n".format(advisories)) return advisories - def to_version_ranges(self, versions_data, fixed_versions): - constraints = [] - - for version_item in versions_data: - if "to" in version_item: - version_item_split = version_item.split(" ") - - constraints.append( - VersionConstraint( - comparator=">=", - version=MavenVersion(version_item_split[0]), - ) - ) - constraints.append( - VersionConstraint( - comparator="<=", - version=MavenVersion(version_item_split[-1]), - ) - ) - - elif "-" in version_item: - version_item_split = version_item.split("-") - - constraints.append( - VersionConstraint( - comparator=">=", - version=MavenVersion(version_item_split[0]), - ) - ) - constraints.append( - VersionConstraint( - comparator="<=", - version=MavenVersion(version_item_split[-1]), - ) - ) - - else: - version_item_split = version_item.split(" ") - - constraints.append( - VersionConstraint( - comparator="=", - version=MavenVersion(version_item_split[0]), - ) - ) - - for fixed_item in fixed_versions: - if "-" in fixed_item and not any([i.isalpha() for i in fixed_item]): - fixed_item_split = fixed_item.split(" ") - - constraints.append( - VersionConstraint( - comparator=">=", - version=MavenVersion(fixed_item_split[0]), - ).invert() - ) - constraints.append( - VersionConstraint( - comparator="<=", - version=MavenVersion(fixed_item_split[-1]), - ).invert() - ) - - else: - fixed_item_split = fixed_item.split(" ") - - constraints.append( - VersionConstraint( - comparator="=", - version=MavenVersion(fixed_item_split[0]), - ).invert() - ) - - return MavenVersionRange(constraints=constraints) + # XXX: 2023-01-02 Monday 14:48:57. We need to convert this from class method to + # independent function because it's now called by another independent function and thus has no `self`. + # def to_version_ranges(self, versions_data, fixed_versions): + # constraints = [] + + # for version_item in versions_data: + # if "to" in version_item: + # version_item_split = version_item.split(" ") + + # constraints.append( + # VersionConstraint( + # comparator=">=", + # version=MavenVersion(version_item_split[0]), + # ) + # ) + # constraints.append( + # VersionConstraint( + # comparator="<=", + # version=MavenVersion(version_item_split[-1]), + # ) + # ) + + # elif "-" in version_item: + # version_item_split = version_item.split("-") + + # constraints.append( + # VersionConstraint( + # comparator=">=", + # version=MavenVersion(version_item_split[0]), + # ) + # ) + # constraints.append( + # VersionConstraint( + # comparator="<=", + # version=MavenVersion(version_item_split[-1]), + # ) + # ) + + # else: + # version_item_split = version_item.split(" ") + + # constraints.append( + # VersionConstraint( + # comparator="=", + # version=MavenVersion(version_item_split[0]), + # ) + # ) + + # for fixed_item in fixed_versions: + # if "-" in fixed_item and not any([i.isalpha() for i in fixed_item]): + # fixed_item_split = fixed_item.split(" ") + + # constraints.append( + # VersionConstraint( + # comparator=">=", + # version=MavenVersion(fixed_item_split[0]), + # ).invert() + # ) + # constraints.append( + # VersionConstraint( + # comparator="<=", + # version=MavenVersion(fixed_item_split[-1]), + # ).invert() + # ) + + # else: + # fixed_item_split = fixed_item.split(" ") + + # constraints.append( + # VersionConstraint( + # comparator="=", + # version=MavenVersion(fixed_item_split[0]), + # ).invert() + # ) + + # return MavenVersionRange(constraints=constraints) @dataclasses.dataclass(order=True) @@ -461,7 +273,7 @@ def to_dict(self): } -def extract_advisories_from_page(apache_tomcat_advisory_html): +def extract_tomcat_advisory_data_from_page(apache_tomcat_advisory_html): """ Yield TomcatAdvisoryData from the HTML text ``apache_tomcat_advisory_html``. """ @@ -509,6 +321,7 @@ def extract_advisories_from_page(apache_tomcat_advisory_html): if para.text.startswith(severities): current_group.append(para) + # TODO: 2023-01-02 Monday 11:47:58. Rename this `nextSiblings`. test_nextSiblings = para.find_next_siblings() for next_sibling in test_nextSiblings: if not next_sibling.text.startswith(severities): @@ -523,3 +336,451 @@ def extract_advisories_from_page(apache_tomcat_advisory_html): print("\nadvisory_groups = {}\n".format(advisory_groups)) yield TomcatAdvisoryData(fixed_versions=fixed_versions, advisory_groups=advisory_groups) + + +def generate_advisory_data_objects(tomcat_advisory_data_object): + + fixed_versions = tomcat_advisory_data_object.fixed_versions + + len_advisory_groups = len(tomcat_advisory_data_object.advisory_groups) + print("\nlen_advisory_groups = {}\n".format(len_advisory_groups)) + + # aliases = [] + + # vuln_p_list = ("Low:", "Moderate:", "Important:", "High:", "Critical:") + severities = ("Low:", "Moderate:", "Important:", "High:", "Critical:") + + for para_list in tomcat_advisory_data_object.advisory_groups: + # XXX: 2023-01-02 Monday 12:15:49. Hide but keep while debugging + # print("type(para_list) = {}".format(type(para_list))) + # print("\npara_list = {}\n".format(para_list)) + affected_versions = [] + fixed_commit_list = [] + references = [] + cve_url_list = [] + for para in para_list: + + if para.text.startswith("Affects:"): + print("\npara startswith Affects: = {}\n".format(para)) + print(">>> {}".format(para.text.split(":")[-1])) + # This will need detailed cleaning: + affected_versions.append(para.text.split(":")[-1]) + elif "was fixed in" in para.text or "was fixed with" in para.text: + # XXX: 2023-01-02 Monday 12:15:49. Hide but keep while debugging + # print("\nnext sib (was fixed) = {}".format(para)) + fixed_commit_list = para.find_all("a") + print("\nfixed_commit_list = {}".format(fixed_commit_list)) + + # print("\n!!!!!!!!! fixed_commit_list = {}\n".format(fixed_commit_list)) + references.extend([ref_url["href"] for ref_url in fixed_commit_list]) + elif para.text.startswith(severities): + # XXX: 2023-01-02 Monday 12:15:49. Hide but keep while debugging + # print("\n==> para_severity_row = {}\n".format(para)) + cve_url_list = para.find_all("a") + print("\n==> cve_url_list = {}\n".format(cve_url_list)) + cve_list = [cve_url.text for cve_url in cve_url_list] + print("\n==> cve_list = {}\n".format(cve_list)) + + severity_score = para.text.split(":")[0] + + for cve_url in cve_url_list: + aliases = [] + aliases.append(cve_url.text) + + # XXX: 2023-01-02 Monday 13:53:38. This simple dict output can be replaced by the creation of the AdvisoryData() object. + # ===================================================== + + # test_dict = { + # "aliases": aliases, + # "fixed_versions": fixed_versions, + # "affected_versions": affected_versions, + # "references": references, + # "severity_score": severity_score, + # } + + # yield test_dict + + # XXX: 2023-01-02 Monday 14:28:39. This is meant to be the `real` code. + # ===================================================== + better_severities = [] + better_severities.append( + VulnerabilitySeverity( + system=APACHE_TOMCAT, + value=severity_score, + scoring_elements="", + ) + ) + + print("\naffected_versions = {}\n".format(affected_versions)) + + # XXX: 2023-01-02 Monday 15:02:15. We need to clean up the affected version data + # with a combination of RegEx, replace(), join()/split() and split(). + + # XXX: 2023-01-02 Monday 14:46:15. Remove `self.` + # affected_version_range = self.to_version_ranges( + affected_version_range = to_version_ranges( + # versions_data, fixed_versions + affected_versions, + # TODO: 2022-12-26 Monday 16:01:08. fix this! + # ["1.1"], + # ["8.5.0 to 8.5.4", " 8.0.0.RC1 to 8.0.36"], + # ["3.0", " 3.1-3.1.1", " 3.2-3.2.1"], + # TODO: 2022-12-26 Monday 17:56:04. This identified the problem -- a space at the start of the 2nd range! + # ["8.5.0 to 8.5.4", "8.0.0.RC1 to 8.0.36"], + fixed_versions, + ) + references = [ + Reference( + # url=f"https://cve.mitre.org/cgi-bin/cvename.cgi?name={cve_id}", + # XXX: 2023-01-02 Monday 14:56:33. We want to use cve_url in this current loop. + # url=f"https://cve.mitre.org/cgi-bin/cvename.cgi?name={better_cve_id_record}", + url=f"https://cve.mitre.org/cgi-bin/cvename.cgi?name={cve_url}", + # reference_id=cve_id, + # reference_id=better_cve_id_record, + reference_id=cve_url, + # severities=severities, + severities=better_severities, + ), + ] + + # for commit_url in fixed_in_commits: + for commit_url in fixed_commit_list: + # references.append(Reference(url=commit_url)) + # TODO: 2022-12-26 Monday 17:23:38. Does this fix the error TypeError: Object of type Tag is not JSON serializable? Yes. + references.append(Reference(url=commit_url["href"])) + + # 2022-12-26 Monday 15:37:02. Does this belong here? + affected_packages = [] + + affected_packages.append( + AffectedPackage( + package=PackageURL( + type="maven", + namespace="apache", + name="tomcat", + ), + affected_version_range=affected_version_range, + ) + ) + + # advisories.append( + # AdvisoryData( + # aliases=[better_cve_id_record], + # summary="", + # affected_packages=affected_packages, + # references=references, + # ) + # ) + + # self.temp_list_of_fixed_versions.append(fixed_versions) + + yield AdvisoryData( + aliases=aliases, + summary="", + affected_packages=affected_packages, + references=references, + ) + + +# XXX: 2023-01-02 Monday 14:52:31. This is converted from a method function because it's +# now called by another independent function and thus has no `self`. +def to_version_ranges(versions_data, fixed_versions): + constraints = [] + + for version_item in versions_data: + # XXX: 2023-01-02 Monday 15:12:36. Clean affected version data here or above + # in generate_advisory_data_objects()? Try here. + version_item = version_item.strip() + if "to" in version_item: + version_item_split = version_item.split(" ") + + constraints.append( + VersionConstraint( + comparator=">=", + version=MavenVersion(version_item_split[0]), + ) + ) + constraints.append( + VersionConstraint( + comparator="<=", + version=MavenVersion(version_item_split[-1]), + ) + ) + + elif "-" in version_item: + version_item_split = version_item.split("-") + + constraints.append( + VersionConstraint( + comparator=">=", + version=MavenVersion(version_item_split[0]), + ) + ) + constraints.append( + VersionConstraint( + comparator="<=", + version=MavenVersion(version_item_split[-1]), + ) + ) + + else: + version_item_split = version_item.split(" ") + + constraints.append( + VersionConstraint( + comparator="=", + version=MavenVersion(version_item_split[0]), + ) + ) + + # XXX: 2023-01-02 Monday 14:58:47. Need to check whether the inverted value is + # already in the `constraints` list. + for fixed_item in fixed_versions: + if "-" in fixed_item and not any([i.isalpha() for i in fixed_item]): + fixed_item_split = fixed_item.split(" ") + + constraints.append( + VersionConstraint( + comparator=">=", + version=MavenVersion(fixed_item_split[0]), + ).invert() + ) + constraints.append( + VersionConstraint( + comparator="<=", + version=MavenVersion(fixed_item_split[-1]), + ).invert() + ) + + else: + fixed_item_split = fixed_item.split(" ") + + constraints.append( + VersionConstraint( + comparator="=", + version=MavenVersion(fixed_item_split[0]), + ).invert() + ) + + return MavenVersionRange(constraints=constraints) + + # ===================================================== + + # for para in para_list: + # print("type(para) = {}".format(type(para))) + # cve_p = para.find( + # "strong", + # # text=lambda text: text and text.startswith(tuple(vuln_p_list)), + # text=lambda text: text and text.startswith(severities), + # ) + # # 2022-12-31 Saturday 20:16:51. Seems this is False for the missing pair of CVEs? + # if cve_p: + # cve_p_parent = cve_p.find_parent() + # print("\ncve_p = {}\n".format(cve_p)) + # print("\ncve_p_parent = {}\n".format(cve_p_parent)) + + # # TODO: 2022-12-31 Saturday 18:58:00. Why does this omit the 1st pair, CVE-2020-9484 and CVE-2021-25329? + # # Seems cve_p_parent (just above) is also omitted for that data? + # cve_url_list = cve_p_parent.find_all("a") + # print("cve_url_list = {}\n".format(cve_url_list)) + + # cve_id_list = [cve_text.text for cve_text in cve_url_list] + # print("cve_id_list = {}\n".format(cve_id_list)) + + # for cve_id in cve_id_list: + + # test_dict = { + # "aliases": [cve_id], + # "fixed_version": fixed_version, + # "affected_versions": [], + # } + + # yield test_dict + + # else: + # print("\n\nALERT! This para failed the `if_cve_p` test: {} \n\n".format(para)) + + +# ======================================================== +# severity_score = para.text.split(" ")[0] +# severity_score = severity_score.split(":")[0] +# print("\nseverity_score = {}\n".format(severity_score)) + +# print("===") + +# better_cve_url_list = para.find_all("a") +# print("better_cve_url_list = {}\n".format(better_cve_url_list)) + +# better_cve_id_list = [cve_text.text for cve_text in better_cve_url_list] +# print("better_cve_id_list = {}\n".format(better_cve_id_list)) + +# for better_cve_url in para.find_all("a"): +# print("better_cve_url = {}\n".format(better_cve_url)) +# print("better_cve_url.text = {}".format(better_cve_url.text)) + +# better_nextSiblings = para.find_next_siblings() + +# print("===") + +# section_parent = para.find_parent() + +# cve_url_list = section_parent.find_all("a") +# print("cve_url_list = {}\n".format(cve_url_list)) + +# cve_id_list = [cve_text.text for cve_text in cve_url_list] +# print("cve_id_list = {}\n".format(cve_id_list)) + +# for cve_url in section_parent.find_all("a"): +# print("cve_url = {}\n".format(cve_url)) +# print("cve_url.text = {}".format(cve_url.text)) + +# nextSiblings = section_parent.find_next_siblings() + +# print("===") + +# fixed_commit_list = [] +# affected_versions = [] + +# for sib in better_nextSiblings: +# if "was fixed in" in sib.text or "was fixed with" in sib.text: +# print("\nnext sib (was fixed) = {}".format(sib)) +# fixed_commit_list = sib.find_all("a") +# print("\nfixed_commit_list = {}".format(fixed_commit_list)) + +# elif "Affects" in sib.text: +# print("\nnext sib (affects) = {}\n".format(sib)) + +# # 2022-12-27 Tuesday 18:47:28. We need the list of `sib` elements to examine -- and test -- the raw HTML. +# self.record_of_all_affects_elements.append(sib) + +# # 2022-12-27 Tuesday 14:47:51. We'll examine the affects_string and try to find and remove unwanted alpha and related characters/strings. +# # === +# # This version is before stripping/replacing etc. +# affects_string = sib.text.split("Affects:")[-1].strip() +# print("affects_string = {}\n".format(affects_string)) +# self.record_of_all_affects_strings.append(affects_string) + +# affected_versions = affects_string.split(", ") +# print("> affected_versions = {}\n".format(affected_versions)) +# self.record_of_all_affected_version_strings.append(affected_versions) +# # === +# # This version is with most but not all of the stripping/replacing. +# # affects_string = sib.text.split("Affects:")[-1].strip() +# # affects_string = affects_string.replace("\n", "") +# # affects_string = " ".join(affects_string.split()) +# # affects_string_no_parens = re.sub(r" ?\([^)]+\)", "", affects_string) +# # # print("affects_string = {}\n".format(affects_string)) +# # # self.record_of_all_affects_strings.append(affects_string) +# # print( +# # "affects_string_no_parens = {}\n".format(affects_string_no_parens) +# # ) +# # self.record_of_all_affects_strings.append(affects_string_no_parens) + +# # # affected_versions = affects_string.split(", ") +# # affected_versions = affects_string_no_parens.split(", ") +# # print("> affected_versions = {}\n".format(affected_versions)) +# # self.record_of_all_affected_version_strings.append(affected_versions) +# # === + +# elif sib.find_all( +# "strong", +# text=lambda text: text and text.startswith(tuple(severities)), +# ): +# break + +# # Starting to flesh out this new approach. +# # for cve_id_record in cve_id_list: +# # test_advisory_dict["fixed_versions"] = fixed_versions +# # test_advisory_dict["aliases"] = [cve_id_record] + +# temp_dict_list = [] + +# print("\n1. affected_versions = {}\n".format(affected_versions)) + +# for better_cve_id_record in better_cve_id_list: +# # 2022-12-26 Monday 14:41:11. This is where `test_advisory_dict = {}` belongs! Now we have data for the double-CVEs! +# test_advisory_dict = {} +# test_advisory_dict["fixed_versions"] = fixed_versions +# test_advisory_dict["aliases"] = [better_cve_id_record] + +# self.updated_temp_advisory_dict_list.append(test_advisory_dict) + +# print( +# "==========================> better_cve_id_record = {}".format( +# better_cve_id_record +# ) +# ) + +# temp_dict_list.append(test_advisory_dict) + +# # TODO: 2022-12-26 Monday 14:55:49. Is this where we build the "better" AdvisoryData() objects? +# better_severities = [] +# better_severities.append( +# VulnerabilitySeverity( +# system=APACHE_TOMCAT, +# value=severity_score, +# scoring_elements="", +# ) +# ) + +# print("\n2. affected_versions = {}\n".format(affected_versions)) + +# affected_version_range = self.to_version_ranges( +# # versions_data, fixed_versions +# affected_versions, +# # TODO: 2022-12-26 Monday 16:01:08. fix this! +# # ["1.1"], +# # ["8.5.0 to 8.5.4", " 8.0.0.RC1 to 8.0.36"], +# # ["3.0", " 3.1-3.1.1", " 3.2-3.2.1"], +# # TODO: 2022-12-26 Monday 17:56:04. This identified the problem -- a space at the start of the 2nd range! +# # ["8.5.0 to 8.5.4", "8.0.0.RC1 to 8.0.36"], +# fixed_versions, +# ) +# references = [ +# Reference( +# # url=f"https://cve.mitre.org/cgi-bin/cvename.cgi?name={cve_id}", +# url=f"https://cve.mitre.org/cgi-bin/cvename.cgi?name={better_cve_id_record}", +# # reference_id=cve_id, +# reference_id=better_cve_id_record, +# # severities=severities, +# severities=better_severities, +# ), +# ] + +# # for commit_url in fixed_in_commits: +# for commit_url in fixed_commit_list: +# # references.append(Reference(url=commit_url)) +# # TODO: 2022-12-26 Monday 17:23:38. Does this fix the error TypeError: Object of type Tag is not JSON serializable? Yes. +# references.append(Reference(url=commit_url["href"])) + +# # 2022-12-26 Monday 15:37:02. Does this belong here? +# affected_packages = [] + +# affected_packages.append( +# AffectedPackage( +# package=PackageURL( +# type="maven", +# namespace="apache", +# name="tomcat", +# ), +# affected_version_range=affected_version_range, +# ) +# ) + +# advisories.append( +# AdvisoryData( +# aliases=[better_cve_id_record], +# summary="", +# affected_packages=affected_packages, +# references=references, +# ) +# ) + +# self.temp_list_of_fixed_versions.append(fixed_versions) + +# yield AdvisoryData( +# aliases=aliases, +# summary="", +# affected_packages=affected_packages, +# references=references, +# ) diff --git a/vulnerabilities/tests/test_apache_tomcat.py b/vulnerabilities/tests/test_apache_tomcat.py index b43227418..493f077a7 100644 --- a/vulnerabilities/tests/test_apache_tomcat.py +++ b/vulnerabilities/tests/test_apache_tomcat.py @@ -19,7 +19,8 @@ from vulnerabilities.importer import AdvisoryData from vulnerabilities.importer import Reference from vulnerabilities.importers.apache_tomcat import ApacheTomcatImporter -from vulnerabilities.importers.apache_tomcat import extract_advisories_from_page +from vulnerabilities.importers.apache_tomcat import extract_tomcat_advisory_data_from_page +from vulnerabilities.importers.apache_tomcat import to_version_ranges from vulnerabilities.package_managers import MavenVersionAPI from vulnerabilities.package_managers import PackageVersion from vulnerabilities.utils import AffectedPackage @@ -30,6 +31,13 @@ security_updates_home = "https://tomcat.apache.org/security" +# Temp test to flesh out `extract_advisories_from_page()` -- the method . +def test_method_extract_advisories_from_page(): + with open(os.path.join(TEST_DATA, "apache_tomcat_cve-2020-9484.html")) as f: + raw_data = f.read() + extracted_advisories = ApacheTomcatImporter().extract_advisories_from_page(raw_data) + + def test_extract_advisories_from_page(): page = """

6 April 2021 Fixed in Apache Tomcat 10.0.5

@@ -72,7 +80,7 @@ def test_extract_advisories_from_page(): "fixed_versions": ["10.0.5"], }, ] - results = extract_advisories_from_page(page) + results = extract_tomcat_advisory_data_from_page(page) results = [d.to_dict() for d in results] assert results == expected @@ -290,14 +298,15 @@ def test_extract_advisories_from_page_with_multiple_groups(): }, ] - results = extract_advisories_from_page(page) + results = extract_tomcat_advisory_data_from_page(page) results = [d.to_dict() for d in results] assert results == expected # This test is temporary -- just for running apache_tomcat.py using all HTML report pages. # Will replace with a REGEN-based test as with apache_httpd and postgresql. -def test_updated_advisories(): +# Formely named `test_updated_advisories` before method was renamed `advisory_data()` +def test_advisory_data(): returned_advisories = ApacheTomcatImporter().advisory_data() @@ -345,9 +354,13 @@ def test_to_version_ranges_test(): ) ) - converted_versions_data = ApacheTomcatImporter().to_version_ranges( - versions_data, fixed_versions - ) + # XXX: 2023-01-02 Monday 16:27:37. Error: AttributeError: 'ApacheTomcatImporter' object has no attribute 'to_version_ranges' + # That's because I converted a method function to an independent function. + # converted_versions_data = ApacheTomcatImporter().to_version_ranges( + # versions_data, fixed_versions + # ) + # Try this instead. It works! + converted_versions_data = to_version_ranges(versions_data, fixed_versions) # print("\nvers_test = {}\n".format(MavenVersionRange.from_string("vers:maven/>=1.0.0|<=2.0.0"))) # print("\nconverted_versions_data = {}\n".format(converted_versions_data)) diff --git a/vulnerabilities/tests/test_data/apache_tomcat/apache_tomcat_cve-2020-9484.html b/vulnerabilities/tests/test_data/apache_tomcat/apache_tomcat_cve-2020-9484.html new file mode 100644 index 000000000..150cc0c9f --- /dev/null +++ b/vulnerabilities/tests/test_data/apache_tomcat/apache_tomcat_cve-2020-9484.html @@ -0,0 +1,248 @@ + + + + + + + + simple-html-01.html + + + + + + + + +
+ +
nexB note: This file contains excerpts from https://tomcat.apache.org/security-9.html and other related Tomcat pages.
+ +

2 February 2021 Fixed in Apache Tomcat 9.0.43

+
+ +

Note: The issues below were fixed in Apache Tomcat 9.0.42 but the + release vote for the 9.0.42 release candidate did not pass. Therefore, + although users must download 9.0.43 to obtain a version that includes a + fix for these issues, version 9.0.42 is not included in the list of + affected versions.

+ +

Low: Fix for CVE-2020-9484 was incomplete + CVE-2021-25329 +

+ +

The fix for CVE-2020-9484 was incomplete. When using a + highly unlikely configuration edge case, the Tomcat instance was still + vulnerable to CVE-2020-9484. Note that both the previously + published prerequisites for CVE-2020-9484 and the previously + published non-upgrade mitigations for CVE-2020-9484 also apply to + this issue.

+ +

This was fixed with commit + 4785433a. +

+ +

This issue was reported to the Apache Tomcat Security team by Trung Pham + of Viettel Cyber Security on 12 January 2021. The issue was made public + on 1 March 2021.

+ +

Affects: 9.0.0.M1 to 9.0.41

+ +

Important: Request mix-up with h2c + CVE-2021-25122 +

+ +

When responding to new h2c connection requests, Apache Tomcat could + duplicate request headers and a limited amount of request body from one + request to another meaning user A and user B could both see the results of + user A's request.

+ +

This was fixed with commit + d47c20a7. +

+ +

This issue was identified by the Apache Tomcat Security team on 11 + January 2021. The issue was made public on 1 March 2021.

+ +

Affects: 9.0.0.M1 to 9.0.41

+ +
+ +

11 May 2020 Fixed in Apache Tomcat 9.0.35

+
+ +

Important: Remote Code Execution via session persistence + CVE-2020-9484 +

+ +

If:

+
    +
  • an attacker is able to control the contents and name of a file on the + server; and
    • +
  • the server is configured to use the PersistenceManager + with a FileStore; and
    • +
  • the PersistenceManager is configured with + sessionAttributeValueClassNameFilter="null" (the default + unless a SecurityManager is used) or a sufficiently lax + filter to allow the attacker provided object to be deserialized; + and +
    • +
  • the attacker knows the relative file path from the storage location + used by FileStore to the file the attacker has control + over;
    • +
+

then, using a specifically crafted request, the attacker will be able to + trigger remote code execution via deserialization of the file under their + control.

+ +

Note: All of conditions above must be true for the + attack to succeed.

+ +

As an alternative to upgrading to 9.0.35 or later, users may configure + the PersistenceManager with an appropriate value for + sessionAttributeValueClassNameFilter to ensure that only + application provided attributes are serialized and deserialized. +

+ +

This was fixed with commit + 3aa8f28d. +

+ +

This issue was reported to the Apache Tomcat Security Team by by jarvis + threedr3am of pdd security research on 12 April 2020. The issue was made + public on 20 May 2020.

+ +

Affects: 9.0.0.M1 to 9.0.34

+ +
+ +

13 June 2016 Fixed in Apache Tomcat 8.5.3 and 8.0.36

+
+ +

Moderate: Denial of Service + CVE-2016-3092 +

+ +

Apache Tomcat uses a package renamed copy of Apache Commons FileUpload to + implement the file upload requirements of the Servlet specification. A + denial of service vulnerability was identified in Commons FileUpload that + occurred when the length of the multipart boundary was just below the + size of the buffer (4096 bytes) used to read the uploaded file. This + caused the file upload process to take several orders of magnitude + longer than if the boundary was the typical tens of bytes long.

+ +

This was fixed in revision 1743722 for + 8.5.x and revision 1743738 for + 8.0.x.

+ +

This issue was identified by the TERASOLUNA Framework Development Team + and reported to the Apache Commons team via JPCERT on 9 May 2016. It was + made public on 21 June 2016.

+ +

Affects: 8.5.0 to 8.5.2, 8.0.0.RC1 to 8.0.35

+ +
+ +

Will not be fixed in Apache Tomcat 4.1.x

+
+

Moderate: Information disclosure + CVE-2005-4836 +

+ +

The deprecated HTTP/1.1 connector does not reject request URIs containing + null bytes when used with contexts that are configured with + allowLinking="true". Failure to reject the null byte enables an attacker + to obtain the source for any JSP page in these contexts. Users of Tomcat + 4.1.x are advised to use the default, supported Coyote HTTP/1.1 connector + which does not exhibit this issue. There are no plans to issue an update + to Tomcat 4.1.x for this issue.

+ +

Affects: 4.1.15-4.1.SVN

+ +
+ +

Fixed in Apache Tomcat 3.3a

+
+

Moderate: Information disclosure + CVE-2002-2007 +

+ +

Non-standard requests to the sample applications installed by default + could result in unexpected directory listings or disclosure of the full + file system path for a JSP.

+ +

Affects: 3.2.3-3.2.4

+ +

Low: Information disclosure + CVE-2002-2006, + CVE-2000-0760 +

+ +

The snoop servlet installed as part of the examples includes output that + identifies the Tomcat installation path. There are no plans to issue a an + update to Tomcat 3.x for this issue.

+ +

Affects:3.1-3.1.1, 3.2-3.2.4

+
+ +
+ + + + From 4389f451d2d091d7ba54034c92c8adb0cc43b874 Mon Sep 17 00:00:00 2001 From: "John M. Horan" Date: Tue, 3 Jan 2023 10:28:15 -0800 Subject: [PATCH 05/15] Clean up latest code refactoring, update tests #970 Reference: https://github.com/nexB/vulnerablecode/issues/970 Signed-off-by: John M. Horan --- vulnerabilities/importers/apache_tomcat.py | 301 +------------------- vulnerabilities/tests/test_apache_tomcat.py | 14 +- 2 files changed, 13 insertions(+), 302 deletions(-) diff --git a/vulnerabilities/importers/apache_tomcat.py b/vulnerabilities/importers/apache_tomcat.py index 3f35a4321..158b8cf59 100644 --- a/vulnerabilities/importers/apache_tomcat.py +++ b/vulnerabilities/importers/apache_tomcat.py @@ -68,7 +68,8 @@ def advisory_data(self): """ advisories = [] - for advisory_page in self.fetch_advisory_pages(self.security_updates_home): + # for advisory_page in self.fetch_advisory_pages(self.security_updates_home): + for advisory_page in self.fetch_advisory_pages(): advisories.extend(self.extract_advisories_from_page(advisory_page)) if TRACE: @@ -179,83 +180,6 @@ def extract_advisories_from_page(self, apache_tomcat_advisory_html): return advisories - # XXX: 2023-01-02 Monday 14:48:57. We need to convert this from class method to - # independent function because it's now called by another independent function and thus has no `self`. - # def to_version_ranges(self, versions_data, fixed_versions): - # constraints = [] - - # for version_item in versions_data: - # if "to" in version_item: - # version_item_split = version_item.split(" ") - - # constraints.append( - # VersionConstraint( - # comparator=">=", - # version=MavenVersion(version_item_split[0]), - # ) - # ) - # constraints.append( - # VersionConstraint( - # comparator="<=", - # version=MavenVersion(version_item_split[-1]), - # ) - # ) - - # elif "-" in version_item: - # version_item_split = version_item.split("-") - - # constraints.append( - # VersionConstraint( - # comparator=">=", - # version=MavenVersion(version_item_split[0]), - # ) - # ) - # constraints.append( - # VersionConstraint( - # comparator="<=", - # version=MavenVersion(version_item_split[-1]), - # ) - # ) - - # else: - # version_item_split = version_item.split(" ") - - # constraints.append( - # VersionConstraint( - # comparator="=", - # version=MavenVersion(version_item_split[0]), - # ) - # ) - - # for fixed_item in fixed_versions: - # if "-" in fixed_item and not any([i.isalpha() for i in fixed_item]): - # fixed_item_split = fixed_item.split(" ") - - # constraints.append( - # VersionConstraint( - # comparator=">=", - # version=MavenVersion(fixed_item_split[0]), - # ).invert() - # ) - # constraints.append( - # VersionConstraint( - # comparator="<=", - # version=MavenVersion(fixed_item_split[-1]), - # ).invert() - # ) - - # else: - # fixed_item_split = fixed_item.split(" ") - - # constraints.append( - # VersionConstraint( - # comparator="=", - # version=MavenVersion(fixed_item_split[0]), - # ).invert() - # ) - - # return MavenVersionRange(constraints=constraints) - @dataclasses.dataclass(order=True) class TomcatAdvisoryData: @@ -563,224 +487,3 @@ def to_version_ranges(versions_data, fixed_versions): ) return MavenVersionRange(constraints=constraints) - - # ===================================================== - - # for para in para_list: - # print("type(para) = {}".format(type(para))) - # cve_p = para.find( - # "strong", - # # text=lambda text: text and text.startswith(tuple(vuln_p_list)), - # text=lambda text: text and text.startswith(severities), - # ) - # # 2022-12-31 Saturday 20:16:51. Seems this is False for the missing pair of CVEs? - # if cve_p: - # cve_p_parent = cve_p.find_parent() - # print("\ncve_p = {}\n".format(cve_p)) - # print("\ncve_p_parent = {}\n".format(cve_p_parent)) - - # # TODO: 2022-12-31 Saturday 18:58:00. Why does this omit the 1st pair, CVE-2020-9484 and CVE-2021-25329? - # # Seems cve_p_parent (just above) is also omitted for that data? - # cve_url_list = cve_p_parent.find_all("a") - # print("cve_url_list = {}\n".format(cve_url_list)) - - # cve_id_list = [cve_text.text for cve_text in cve_url_list] - # print("cve_id_list = {}\n".format(cve_id_list)) - - # for cve_id in cve_id_list: - - # test_dict = { - # "aliases": [cve_id], - # "fixed_version": fixed_version, - # "affected_versions": [], - # } - - # yield test_dict - - # else: - # print("\n\nALERT! This para failed the `if_cve_p` test: {} \n\n".format(para)) - - -# ======================================================== -# severity_score = para.text.split(" ")[0] -# severity_score = severity_score.split(":")[0] -# print("\nseverity_score = {}\n".format(severity_score)) - -# print("===") - -# better_cve_url_list = para.find_all("a") -# print("better_cve_url_list = {}\n".format(better_cve_url_list)) - -# better_cve_id_list = [cve_text.text for cve_text in better_cve_url_list] -# print("better_cve_id_list = {}\n".format(better_cve_id_list)) - -# for better_cve_url in para.find_all("a"): -# print("better_cve_url = {}\n".format(better_cve_url)) -# print("better_cve_url.text = {}".format(better_cve_url.text)) - -# better_nextSiblings = para.find_next_siblings() - -# print("===") - -# section_parent = para.find_parent() - -# cve_url_list = section_parent.find_all("a") -# print("cve_url_list = {}\n".format(cve_url_list)) - -# cve_id_list = [cve_text.text for cve_text in cve_url_list] -# print("cve_id_list = {}\n".format(cve_id_list)) - -# for cve_url in section_parent.find_all("a"): -# print("cve_url = {}\n".format(cve_url)) -# print("cve_url.text = {}".format(cve_url.text)) - -# nextSiblings = section_parent.find_next_siblings() - -# print("===") - -# fixed_commit_list = [] -# affected_versions = [] - -# for sib in better_nextSiblings: -# if "was fixed in" in sib.text or "was fixed with" in sib.text: -# print("\nnext sib (was fixed) = {}".format(sib)) -# fixed_commit_list = sib.find_all("a") -# print("\nfixed_commit_list = {}".format(fixed_commit_list)) - -# elif "Affects" in sib.text: -# print("\nnext sib (affects) = {}\n".format(sib)) - -# # 2022-12-27 Tuesday 18:47:28. We need the list of `sib` elements to examine -- and test -- the raw HTML. -# self.record_of_all_affects_elements.append(sib) - -# # 2022-12-27 Tuesday 14:47:51. We'll examine the affects_string and try to find and remove unwanted alpha and related characters/strings. -# # === -# # This version is before stripping/replacing etc. -# affects_string = sib.text.split("Affects:")[-1].strip() -# print("affects_string = {}\n".format(affects_string)) -# self.record_of_all_affects_strings.append(affects_string) - -# affected_versions = affects_string.split(", ") -# print("> affected_versions = {}\n".format(affected_versions)) -# self.record_of_all_affected_version_strings.append(affected_versions) -# # === -# # This version is with most but not all of the stripping/replacing. -# # affects_string = sib.text.split("Affects:")[-1].strip() -# # affects_string = affects_string.replace("\n", "") -# # affects_string = " ".join(affects_string.split()) -# # affects_string_no_parens = re.sub(r" ?\([^)]+\)", "", affects_string) -# # # print("affects_string = {}\n".format(affects_string)) -# # # self.record_of_all_affects_strings.append(affects_string) -# # print( -# # "affects_string_no_parens = {}\n".format(affects_string_no_parens) -# # ) -# # self.record_of_all_affects_strings.append(affects_string_no_parens) - -# # # affected_versions = affects_string.split(", ") -# # affected_versions = affects_string_no_parens.split(", ") -# # print("> affected_versions = {}\n".format(affected_versions)) -# # self.record_of_all_affected_version_strings.append(affected_versions) -# # === - -# elif sib.find_all( -# "strong", -# text=lambda text: text and text.startswith(tuple(severities)), -# ): -# break - -# # Starting to flesh out this new approach. -# # for cve_id_record in cve_id_list: -# # test_advisory_dict["fixed_versions"] = fixed_versions -# # test_advisory_dict["aliases"] = [cve_id_record] - -# temp_dict_list = [] - -# print("\n1. affected_versions = {}\n".format(affected_versions)) - -# for better_cve_id_record in better_cve_id_list: -# # 2022-12-26 Monday 14:41:11. This is where `test_advisory_dict = {}` belongs! Now we have data for the double-CVEs! -# test_advisory_dict = {} -# test_advisory_dict["fixed_versions"] = fixed_versions -# test_advisory_dict["aliases"] = [better_cve_id_record] - -# self.updated_temp_advisory_dict_list.append(test_advisory_dict) - -# print( -# "==========================> better_cve_id_record = {}".format( -# better_cve_id_record -# ) -# ) - -# temp_dict_list.append(test_advisory_dict) - -# # TODO: 2022-12-26 Monday 14:55:49. Is this where we build the "better" AdvisoryData() objects? -# better_severities = [] -# better_severities.append( -# VulnerabilitySeverity( -# system=APACHE_TOMCAT, -# value=severity_score, -# scoring_elements="", -# ) -# ) - -# print("\n2. affected_versions = {}\n".format(affected_versions)) - -# affected_version_range = self.to_version_ranges( -# # versions_data, fixed_versions -# affected_versions, -# # TODO: 2022-12-26 Monday 16:01:08. fix this! -# # ["1.1"], -# # ["8.5.0 to 8.5.4", " 8.0.0.RC1 to 8.0.36"], -# # ["3.0", " 3.1-3.1.1", " 3.2-3.2.1"], -# # TODO: 2022-12-26 Monday 17:56:04. This identified the problem -- a space at the start of the 2nd range! -# # ["8.5.0 to 8.5.4", "8.0.0.RC1 to 8.0.36"], -# fixed_versions, -# ) -# references = [ -# Reference( -# # url=f"https://cve.mitre.org/cgi-bin/cvename.cgi?name={cve_id}", -# url=f"https://cve.mitre.org/cgi-bin/cvename.cgi?name={better_cve_id_record}", -# # reference_id=cve_id, -# reference_id=better_cve_id_record, -# # severities=severities, -# severities=better_severities, -# ), -# ] - -# # for commit_url in fixed_in_commits: -# for commit_url in fixed_commit_list: -# # references.append(Reference(url=commit_url)) -# # TODO: 2022-12-26 Monday 17:23:38. Does this fix the error TypeError: Object of type Tag is not JSON serializable? Yes. -# references.append(Reference(url=commit_url["href"])) - -# # 2022-12-26 Monday 15:37:02. Does this belong here? -# affected_packages = [] - -# affected_packages.append( -# AffectedPackage( -# package=PackageURL( -# type="maven", -# namespace="apache", -# name="tomcat", -# ), -# affected_version_range=affected_version_range, -# ) -# ) - -# advisories.append( -# AdvisoryData( -# aliases=[better_cve_id_record], -# summary="", -# affected_packages=affected_packages, -# references=references, -# ) -# ) - -# self.temp_list_of_fixed_versions.append(fixed_versions) - -# yield AdvisoryData( -# aliases=aliases, -# summary="", -# affected_packages=affected_packages, -# references=references, -# ) diff --git a/vulnerabilities/tests/test_apache_tomcat.py b/vulnerabilities/tests/test_apache_tomcat.py index 493f077a7..ed97a7b07 100644 --- a/vulnerabilities/tests/test_apache_tomcat.py +++ b/vulnerabilities/tests/test_apache_tomcat.py @@ -28,7 +28,7 @@ BASE_DIR = os.path.dirname(os.path.abspath(__file__)) TEST_DATA = os.path.join(BASE_DIR, "test_data/apache_tomcat") -security_updates_home = "https://tomcat.apache.org/security" +# security_updates_home = "https://tomcat.apache.org/security" # Temp test to flesh out `extract_advisories_from_page()` -- the method . @@ -311,9 +311,17 @@ def test_advisory_data(): def test_fetch_links(): - retrieved_links = ApacheTomcatImporter().fetch_advisory_links(security_updates_home) + # retrieved_links = ApacheTomcatImporter().fetch_advisory_links(security_updates_home) + retrieved_links = ApacheTomcatImporter().fetch_advisory_links( + "https://tomcat.apache.org/security" + ) + + generator_result = [] + for link in retrieved_links: + generator_result.append(link) - assert retrieved_links == [ + assert generator_result == [ + "https://tomcat.apache.org/security-11.html", "https://tomcat.apache.org/security-10.html", "https://tomcat.apache.org/security-9.html", "https://tomcat.apache.org/security-8.html", From de3d685a97a78587b55505a470cb9b70df0caa48 Mon Sep 17 00:00:00 2001 From: "John M. Horan" Date: Fri, 6 Jan 2023 09:39:21 -0800 Subject: [PATCH 06/15] Begin work on hard-coded dictionary #970 Reference: https://github.com/nexB/vulnerablecode/issues/970 Signed-off-by: John M. Horan --- vulnerabilities/importers/apache_tomcat.py | 346 ++++++++------ vulnerabilities/tests/test_apache_tomcat.py | 8 +- .../apache_tomcat-selected-advisories.html | 395 ++++++++++++++++ .../apache_tomcat_cve-2020-9484.html | 2 +- ...of_all_affected_versions-2023-01-03-00.txt | 430 ++++++++++++++++++ ...of_all_affected_versions-2023-01-04-00.txt | 430 ++++++++++++++++++ ..._of_all_affects_elements-2023-01-03-00.txt | 422 +++++++++++++++++ ..._of_all_affects_elements-2023-01-04-00.txt | 422 +++++++++++++++++ ...ord_of_all_reported_cves-2023-01-04-00.txt | 430 ++++++++++++++++++ 9 files changed, 2744 insertions(+), 141 deletions(-) create mode 100644 vulnerabilities/tests/test_data/apache_tomcat/apache_tomcat-selected-advisories.html create mode 100644 vulnerabilities/tests/test_data/apache_tomcat/trace/record_of_all_affected_versions-2023-01-03-00.txt create mode 100644 vulnerabilities/tests/test_data/apache_tomcat/trace/record_of_all_affected_versions-2023-01-04-00.txt create mode 100644 vulnerabilities/tests/test_data/apache_tomcat/trace/record_of_all_affects_elements-2023-01-03-00.txt create mode 100644 vulnerabilities/tests/test_data/apache_tomcat/trace/record_of_all_affects_elements-2023-01-04-00.txt create mode 100644 vulnerabilities/tests/test_data/apache_tomcat/trace/record_of_all_reported_cves-2023-01-04-00.txt diff --git a/vulnerabilities/importers/apache_tomcat.py b/vulnerabilities/importers/apache_tomcat.py index 158b8cf59..0feccc522 100644 --- a/vulnerabilities/importers/apache_tomcat.py +++ b/vulnerabilities/importers/apache_tomcat.py @@ -25,7 +25,20 @@ from vulnerabilities.importer import VulnerabilitySeverity from vulnerabilities.severity_systems import APACHE_TOMCAT -TRACE = False +TRACE = True + +record_of_all_affects_elements = [] +record_of_all_affected_versions = [] +record_of_all_reported_cves = [] + + +# Not yet finished! +corrective_data_mapping = { + (("4.1.3",), "CVE-2002-0935"): { + "fixed_versions": ["4.1.3"], + "affected_versions": ["4.0.0-4.0.2", "4.0.3", "4.0.4-4.0.6", "4.1.0-4.1.2"], + }, +} class ApacheTomcatImporter(Importer): @@ -33,12 +46,12 @@ class ApacheTomcatImporter(Importer): spdx_license_expression = "Apache-2.0" license_url = "https://www.apache.org/licenses/" - temp_list_of_fixed_versions = [] - temp_advisory_dict_list = [] - updated_temp_advisory_dict_list = [] - record_of_all_affects_elements = [] - record_of_all_affects_strings = [] - record_of_all_affected_version_strings = [] + # temp_list_of_fixed_versions = [] + # temp_advisory_dict_list = [] + # updated_temp_advisory_dict_list = [] + # record_of_all_affects_elements = [] + # record_of_all_affects_strings = [] + # record_of_all_affected_version_strings = [] def fetch_advisory_pages(self): """ @@ -64,7 +77,7 @@ def fetch_advisory_links(self, url): def advisory_data(self): """ - Return a list of AdvisoryData. + Return a list of AdvisoryData objects. """ advisories = [] @@ -79,104 +92,109 @@ def advisory_data(self): def debug_advisory_data(self, advisories): - apache_tomcat_advisories = "apache_tomcat_advisories_refactored-02.txt" - - with open(apache_tomcat_advisories, "w") as f: - for advisory in advisories: - f.write(f"{advisory}\n") - - temp_advisory_to_dict_list = [] - for adv in advisories: - adv_dict = adv.to_dict() - temp_advisory_to_dict_list.append(adv_dict) - - with open( - "apache_tomcat_advisories_to_dict-02.json", - "w", - encoding="utf-8", - ) as f: - json.dump(temp_advisory_to_dict_list, f, ensure_ascii=False, indent=4) - - with open( - "apache_tomcat_fixed_version_list-00.txt", - "w", - ) as f: - for line in self.temp_list_of_fixed_versions: - f.write(f"{line}\n") - - with open( - "apache_tomcat_advisory_dict_list-00.json", - "w", - encoding="utf-8", - ) as f: - json.dump(self.temp_advisory_dict_list, f, ensure_ascii=False, indent=4) - - with open( - "apache_tomcat_advisory_dict_list-00-updated.json", - "w", - encoding="utf-8", - ) as f: - json.dump(self.updated_temp_advisory_dict_list, f, ensure_ascii=False, indent=4) - - tomcat_affects_elements = "record_of_all_affects_elements-2022-12-27-00.txt" + tomcat_affects_elements = "vulnerabilities/tests/test_data/apache_tomcat/trace/record_of_all_affects_elements-2023-01-04-00.txt" with open(tomcat_affects_elements, "w") as f: - for line in self.record_of_all_affects_elements: + for line in record_of_all_affects_elements: f.write(f"{line}\n") - tomcat_affects_strings = "record_of_all_affects_strings-2022-12-27-00.txt" - with open(tomcat_affects_strings, "w") as f: - for line in self.record_of_all_affects_strings: + tomcat_affected_versions = "vulnerabilities/tests/test_data/apache_tomcat/trace/record_of_all_affected_versions-2023-01-04-00.txt" + with open(tomcat_affected_versions, "w") as f: + for line in record_of_all_affected_versions: f.write(f"{line}\n") - tomcat_affected_version_strings = "record_of_all_affected_version_strings-2022-12-27-00.txt" - with open(tomcat_affected_version_strings, "w") as f: - for line in self.record_of_all_affected_version_strings: + # record_of_all_reported_cves + tomcat_reported_cves = "vulnerabilities/tests/test_data/apache_tomcat/trace/record_of_all_reported_cves-2023-01-04-00.txt" + with open(tomcat_reported_cves, "w") as f: + for line in record_of_all_reported_cves: f.write(f"{line}\n") - # 2022-12-29 Thursday 13:11:16. We're in the process of refactoring this method. - # See, e.g., function with the same name at the bottom of this file. + # apache_tomcat_advisories = "apache_tomcat_advisories_refactored-02.txt" + + # with open(apache_tomcat_advisories, "w") as f: + # for advisory in advisories: + # f.write(f"{advisory}\n") + + # temp_advisory_to_dict_list = [] + # for adv in advisories: + # adv_dict = adv.to_dict() + # temp_advisory_to_dict_list.append(adv_dict) + + # with open( + # "apache_tomcat_advisories_to_dict-02.json", + # "w", + # encoding="utf-8", + # ) as f: + # json.dump(temp_advisory_to_dict_list, f, ensure_ascii=False, indent=4) + + # with open( + # "apache_tomcat_fixed_version_list-00.txt", + # "w", + # ) as f: + # for line in self.temp_list_of_fixed_versions: + # f.write(f"{line}\n") + + # with open( + # "apache_tomcat_advisory_dict_list-00.json", + # "w", + # encoding="utf-8", + # ) as f: + # json.dump(self.temp_advisory_dict_list, f, ensure_ascii=False, indent=4) + + # with open( + # "apache_tomcat_advisory_dict_list-00-updated.json", + # "w", + # encoding="utf-8", + # ) as f: + # json.dump(self.updated_temp_advisory_dict_list, f, ensure_ascii=False, indent=4) + + # tomcat_affects_elements = "vulnerabilities/tests/test_data/apache_tomcat/record_of_all_affects_elements-2023-01-03-00.txt" + # with open(tomcat_affects_elements, "w") as f: + # for line in self.record_of_all_affects_elements: + # f.write(f"{line}\n") + + # tomcat_affects_strings = "record_of_all_affects_strings-2022-12-27-00.txt" + # with open(tomcat_affects_strings, "w") as f: + # for line in self.record_of_all_affects_strings: + # f.write(f"{line}\n") + + # tomcat_affected_version_strings = "record_of_all_affected_version_strings-2022-12-27-00.txt" + # with open(tomcat_affected_version_strings, "w") as f: + # for line in self.record_of_all_affected_version_strings: + # f.write(f"{line}\n") + def extract_advisories_from_page(self, apache_tomcat_advisory_html): """ Return a list of AdvisoryData extracted from the HTML text ``apache_tomcat_advisory_html``. """ advisories = [] - # TODO: 2022-12-29 Thursday 13:52:36. Replace relevant code block below with with call to new independent function. - # TODO: Then: create a function that receives a single TomcatAdvisoryData object and yields one or more AdvisoryData objects. - - # fixed_versions, advisory_groups = extract_advisories_from_page(apache_tomcat_advisory_html) - # print("\nfixed_versions = {}\n".format(fixed_versions)) - # print("\nadvisory_groups = {}\n".format(advisory_groups)) - test_output = extract_tomcat_advisory_data_from_page(apache_tomcat_advisory_html) - # XXX: 2023-01-02 Monday 12:15:49. Hide but keep while debugging - # print( - # "\n\n-------------------------------------------------------------------------------------------" - # ) - # print("test_output = {}".format(test_output)) - # print( - # "-------------------------------------------------------------------------------------------" - # ) for adv in test_output: - print("\n==================================================\n") - - print("Fixed-version advisory") - # XXX: 2023-01-02 Monday 12:15:49. Hide but keep while debugging - # print("\nadv = {}\n".format(adv)) - advisory_data_object = generate_advisory_data_objects(adv) - # print("\nadvisory_data_object = {}\n".format(advisory_data_object)) - for gen in advisory_data_object: - print("\ngen = {}\n".format(gen)) - # XXX: 2023-01-02 Monday 15:18:53. Now that we're writing `real` code this doesn't - # work because `gen` is now an AdvisoryData() object, not a hand-crafted dict. - # print(json.dumps(gen, indent=4, sort_keys=False)) - advisories.append(advisory_data_object) - # XXX: 2023-01-02 Monday 12:15:49. Hide but keep while debugging - # for test_advisory in advisories: - # print("\ntest_advisory = {}\n".format(test_advisory)) - - print("\nadvisories = {}\n".format(advisories)) + advisory_data_objects = generate_advisory_data_objects(adv) + + for advisory_data_object in advisory_data_objects: + print("\nadvisory_data_object = {}\n".format(advisory_data_object)) + # to_dict() + print( + "\nadvisory_data_object.to_dict() = {}\n".format(advisory_data_object.to_dict()) + ) + + adv_dict = advisory_data_object.to_dict() + print(json.dumps(adv_dict, indent=4, sort_keys=False)) + # XXX: 2023-01-05 Thursday 09:18:15. Great this now works w/o the error + # TypeError: Object of type Tag is not JSON serializable + + # result = advisory_data_object.to_dict() + # print(json.dumps(result, indent=4, sort_keys=False)) + + # # another to_dict() approach: + # another_result = [data.to_dict() for data in advisory_data_objects] + # print(another_result) + # print("another_result = \n") + # print(json.dumps(another_result, indent=4, sort_keys=False)) + + advisories.append(advisory_data_objects) return advisories @@ -210,11 +228,14 @@ def extract_tomcat_advisory_data_from_page(apache_tomcat_advisory_html): ] for fixed_version_heading in fixed_version_headings: + print("\n==================================================\n") + print("*** fixed_version_heading.text = {} ***".format(fixed_version_heading.text)) fixed_versions = [] fixed_version = fixed_version_heading.text.split("Fixed in Apache Tomcat")[-1].strip() - if TRACE: - print("fixed_version = {}".format(fixed_version)) - print("===========================") + + # if TRACE: + # print("fixed_version = {}".format(fixed_version)) + # print("===========================") # We want to handle the occasional "and" in the fixed version headers, e.g., #

5 September 2016 Fixed in Apache Tomcat 8.5.5 and 8.0.37

@@ -223,9 +244,11 @@ def extract_tomcat_advisory_data_from_page(apache_tomcat_advisory_html): else: fixed_versions.append(fixed_version) - if TRACE: - print("fixed_versions = {}".format(fixed_versions)) - print("===========================") + print("*** fixed_versions = {} ***\n".format(fixed_versions)) + + # if TRACE: + # print("fixed_versions = {}".format(fixed_versions)) + # print("===========================") # Each group of fixed-version-related data is contained in a div that immediately follows the h3 element, e.g., #

8 November 2016 Fixed in Apache Tomcat 8.5.8

@@ -236,28 +259,29 @@ def extract_tomcat_advisory_data_from_page(apache_tomcat_advisory_html): # Each advisory section starts with a

element, # the text of which starts with, e.g., "Low:", so we look for these here, e.g., #

Low: Apache Tomcat request smugglingCVE-2022-42252

- severities = ("Low:", "Moderate:", "Important:", "High:", "Critical:") + # severities = ("Low:", "Moderate:", "Important:", "High:", "Critical:") + severity_scores = ("Low:", "Moderate:", "Important:", "High:", "Critical:") # A list of groups of paragraphs, each for a single Tomcat Advisory. advisory_groups = [] for para in fixed_version_paras.find_all("p"): current_group = [] - if para.text.startswith(severities): + if para.text.startswith(severity_scores): current_group.append(para) # TODO: 2023-01-02 Monday 11:47:58. Rename this `nextSiblings`. test_nextSiblings = para.find_next_siblings() for next_sibling in test_nextSiblings: - if not next_sibling.text.startswith(severities): + if not next_sibling.text.startswith(severity_scores): current_group.append(next_sibling) - elif next_sibling.text.startswith(severities): + elif next_sibling.text.startswith(severity_scores): break advisory_groups.append(current_group) - if TRACE: - print("\ncurrent_group = {}\n".format(current_group)) - print("\nadvisory_groups = {}\n".format(advisory_groups)) + # if TRACE: + # print("\ncurrent_group = {}\n".format(current_group)) + # print("\nadvisory_groups = {}\n".format(advisory_groups)) yield TomcatAdvisoryData(fixed_versions=fixed_versions, advisory_groups=advisory_groups) @@ -266,13 +290,14 @@ def generate_advisory_data_objects(tomcat_advisory_data_object): fixed_versions = tomcat_advisory_data_object.fixed_versions - len_advisory_groups = len(tomcat_advisory_data_object.advisory_groups) - print("\nlen_advisory_groups = {}\n".format(len_advisory_groups)) + # len_advisory_groups = len(tomcat_advisory_data_object.advisory_groups) + # print("\nlen_advisory_groups = {}\n".format(len_advisory_groups)) # aliases = [] # vuln_p_list = ("Low:", "Moderate:", "Important:", "High:", "Critical:") - severities = ("Low:", "Moderate:", "Important:", "High:", "Critical:") + # severities = ("Low:", "Moderate:", "Important:", "High:", "Critical:") + severity_scores = ("Low:", "Moderate:", "Important:", "High:", "Critical:") for para_list in tomcat_advisory_data_object.advisory_groups: # XXX: 2023-01-02 Monday 12:15:49. Hide but keep while debugging @@ -285,49 +310,56 @@ def generate_advisory_data_objects(tomcat_advisory_data_object): for para in para_list: if para.text.startswith("Affects:"): - print("\npara startswith Affects: = {}\n".format(para)) - print(">>> {}".format(para.text.split(":")[-1])) + # 2023-01-03 Tuesday 20:33:02. Add to .txt + record_of_all_affects_elements.append(para.text) + # print("\npara startswith Affects: = {}\n".format(para)) + # print(">>> {}".format(para.text.split(":")[-1])) # This will need detailed cleaning: - affected_versions.append(para.text.split(":")[-1]) + + print("\npara.text startswith affects = {}".format(para.text)) + + formatted_affected_version_data = para.text.split(":")[-1].split(", ") + print( + "\nformatted_affected_version_data = {}\n".format( + formatted_affected_version_data + ) + ) + + # affected_versions.append(para.text.split(":")[-1]) + affected_versions.extend(formatted_affected_version_data) + + print("\naffected_versions = {}".format(affected_versions)) + + # # XXX: Remove any leading spaces + # affected_versions = [ + # affected_version.strip() for affected_version in affected_versions + # ] elif "was fixed in" in para.text or "was fixed with" in para.text: # XXX: 2023-01-02 Monday 12:15:49. Hide but keep while debugging # print("\nnext sib (was fixed) = {}".format(para)) fixed_commit_list = para.find_all("a") - print("\nfixed_commit_list = {}".format(fixed_commit_list)) + print("\nfixed_commit_list = {}\n".format(fixed_commit_list)) # print("\n!!!!!!!!! fixed_commit_list = {}\n".format(fixed_commit_list)) references.extend([ref_url["href"] for ref_url in fixed_commit_list]) - elif para.text.startswith(severities): + elif para.text.startswith(severity_scores): # XXX: 2023-01-02 Monday 12:15:49. Hide but keep while debugging # print("\n==> para_severity_row = {}\n".format(para)) cve_url_list = para.find_all("a") - print("\n==> cve_url_list = {}\n".format(cve_url_list)) + # print("==> cve_url_list = {}".format(cve_url_list)) cve_list = [cve_url.text for cve_url in cve_url_list] - print("\n==> cve_list = {}\n".format(cve_list)) + print("\n==> cve_list = {}".format(cve_list)) severity_score = para.text.split(":")[0] for cve_url in cve_url_list: + print("\n^^^ cve_url = {}\n".format(cve_url)) aliases = [] aliases.append(cve_url.text) - # XXX: 2023-01-02 Monday 13:53:38. This simple dict output can be replaced by the creation of the AdvisoryData() object. - # ===================================================== - - # test_dict = { - # "aliases": aliases, - # "fixed_versions": fixed_versions, - # "affected_versions": affected_versions, - # "references": references, - # "severity_score": severity_score, - # } - - # yield test_dict - - # XXX: 2023-01-02 Monday 14:28:39. This is meant to be the `real` code. - # ===================================================== - better_severities = [] - better_severities.append( + # better_severities = [] + severity_list = [] + severity_list.append( VulnerabilitySeverity( system=APACHE_TOMCAT, value=severity_score, @@ -335,7 +367,38 @@ def generate_advisory_data_objects(tomcat_advisory_data_object): ) ) - print("\naffected_versions = {}\n".format(affected_versions)) + # FIXME: 2023-01-05 Thursday 12:05:16. Check the dictionary and supply/replace needed values. + # Convert the list `fixed_versions`` to a tuple so it's hashable and thus can serve as part of a tuple-based dictionary key. + print("fixed_versions before update if any = {}".format(fixed_versions)) + print("affected_versions before update if any = {}\n".format(affected_versions)) + + fixed_versions_tuple = tuple(fixed_versions) + + if (fixed_versions_tuple, cve_url.text) in corrective_data_mapping.keys(): + print("\n\n-- REPLACE/CORRECT VERSION DATA -- \n\n") + fixed_versions = corrective_data_mapping[fixed_versions_tuple, cve_url.text][ + "fixed_versions" + ] + affected_versions = corrective_data_mapping[fixed_versions_tuple, cve_url.text][ + "affected_versions" + ] + else: + pass + + print("==> reported_cve = {}\n".format(cve_url.text)) + record_of_all_reported_cves.append(cve_url.text) + + # print("==> affected_versions = {}".format(affected_versions)) + print("fixed_versions after update if any = {}".format(fixed_versions)) + print("affected_versions after update if any = {}".format(affected_versions)) + + # # XXX: Do we want to remove leading spaces here? Can we do this earlier? + # print( + # "==> affected_versions -- stripped = {}".format( + # [affected_version.strip() for affected_version in affected_versions] + # ) + # ) + record_of_all_affected_versions.append(affected_versions) # XXX: 2023-01-02 Monday 15:02:15. We need to clean up the affected version data # with a combination of RegEx, replace(), join()/split() and split(). @@ -358,12 +421,21 @@ def generate_advisory_data_objects(tomcat_advisory_data_object): # url=f"https://cve.mitre.org/cgi-bin/cvename.cgi?name={cve_id}", # XXX: 2023-01-02 Monday 14:56:33. We want to use cve_url in this current loop. # url=f"https://cve.mitre.org/cgi-bin/cvename.cgi?name={better_cve_id_record}", - url=f"https://cve.mitre.org/cgi-bin/cvename.cgi?name={cve_url}", - # reference_id=cve_id, - # reference_id=better_cve_id_record, - reference_id=cve_url, + # url=f"https://cve.mitre.org/cgi-bin/cvename.cgi?name={cve_url}", + # XXX: 2023-01-05 Thursday 09:05:10. Is above throwing error when I try json.dumps()? + # We want this instead: + url=f"https://cve.mitre.org/cgi-bin/cvename.cgi?name={cve_url.text}", + # # reference_id=cve_id, + # # reference_id=better_cve_id_record, + # reference_id=cve_url, + # XXX: 2023-01-05 Thursday 09:15:31. Or maybe the above is throwing the error + # TypeError: Object of type Tag is not JSON serializable + # so instead just get the text, e.g., CVE-2020-1234, not the entire tag? + # 2023-01-05 Thursday 09:18:50. YES this removed the error and json.dumps() + # now works above in extract_advisories_from_page. Excellent! + reference_id=cve_url.text, # severities=severities, - severities=better_severities, + severities=severity_list, ), ] @@ -414,7 +486,9 @@ def to_version_ranges(versions_data, fixed_versions): for version_item in versions_data: # XXX: 2023-01-02 Monday 15:12:36. Clean affected version data here or above # in generate_advisory_data_objects()? Try here. + # print("version_item = {}".format(version_item)) version_item = version_item.strip() + # print("version_item.strip() = {}".format(version_item.strip())) if "to" in version_item: version_item_split = version_item.split(" ") diff --git a/vulnerabilities/tests/test_apache_tomcat.py b/vulnerabilities/tests/test_apache_tomcat.py index ed97a7b07..b67a87a21 100644 --- a/vulnerabilities/tests/test_apache_tomcat.py +++ b/vulnerabilities/tests/test_apache_tomcat.py @@ -28,12 +28,11 @@ BASE_DIR = os.path.dirname(os.path.abspath(__file__)) TEST_DATA = os.path.join(BASE_DIR, "test_data/apache_tomcat") -# security_updates_home = "https://tomcat.apache.org/security" - # Temp test to flesh out `extract_advisories_from_page()` -- the method . def test_method_extract_advisories_from_page(): - with open(os.path.join(TEST_DATA, "apache_tomcat_cve-2020-9484.html")) as f: + # with open(os.path.join(TEST_DATA, "apache_tomcat_cve-2020-9484.html")) as f: + with open(os.path.join(TEST_DATA, "apache_tomcat-selected-advisories.html")) as f: raw_data = f.read() extracted_advisories = ApacheTomcatImporter().extract_advisories_from_page(raw_data) @@ -333,7 +332,8 @@ def test_fetch_links(): ] -def test_to_version_ranges_test(): +# def test_to_version_ranges_test(): +def test_to_version_ranges(): versions_data = [ "1.0.0-2.0.0", "3.2.2-3.2.3?", diff --git a/vulnerabilities/tests/test_data/apache_tomcat/apache_tomcat-selected-advisories.html b/vulnerabilities/tests/test_data/apache_tomcat/apache_tomcat-selected-advisories.html new file mode 100644 index 000000000..29be45f6c --- /dev/null +++ b/vulnerabilities/tests/test_data/apache_tomcat/apache_tomcat-selected-advisories.html @@ -0,0 +1,395 @@ + + + + + + + + apache_tomcat-selected-advisories.html + + + + + + + + +
+ +
nexB note: This file contains excerpts from https://tomcat.apache.org/security-9.html and other related Tomcat pages.
+ +

2 February 2021 Fixed in Apache Tomcat 9.0.43

+
+ +

Note: The issues below were fixed in Apache Tomcat 9.0.42 but the + release vote for the 9.0.42 release candidate did not pass. Therefore, + although users must download 9.0.43 to obtain a version that includes a + fix for these issues, version 9.0.42 is not included in the list of + affected versions.

+ +

Low: Fix for CVE-2020-9484 was incomplete + CVE-2021-25329 +

+ +

The fix for CVE-2020-9484 was incomplete. When using a + highly unlikely configuration edge case, the Tomcat instance was still + vulnerable to CVE-2020-9484. Note that both the previously + published prerequisites for CVE-2020-9484 and the previously + published non-upgrade mitigations for CVE-2020-9484 also apply to + this issue.

+ +

This was fixed with commit + 4785433a. +

+ +

This issue was reported to the Apache Tomcat Security team by Trung Pham + of Viettel Cyber Security on 12 January 2021. The issue was made public + on 1 March 2021.

+ +

Affects: 9.0.0.M1 to 9.0.41

+ +

Important: Request mix-up with h2c + CVE-2021-25122 +

+ +

When responding to new h2c connection requests, Apache Tomcat could + duplicate request headers and a limited amount of request body from one + request to another meaning user A and user B could both see the results of + user A's request.

+ +

This was fixed with commit + d47c20a7. +

+ +

This issue was identified by the Apache Tomcat Security team on 11 + January 2021. The issue was made public on 1 March 2021.

+ +

Affects: 9.0.0.M1 to 9.0.41

+ +
+ +

11 May 2020 Fixed in Apache Tomcat 9.0.35

+
+ +

Important: Remote Code Execution via session persistence + CVE-2020-9484 +

+ +

If:

+
    +
  • an attacker is able to control the contents and name of a file on the + server; and
    • +
  • the server is configured to use the PersistenceManager + with a FileStore; and
    • +
  • the PersistenceManager is configured with + sessionAttributeValueClassNameFilter="null" (the default + unless a SecurityManager is used) or a sufficiently lax + filter to allow the attacker provided object to be deserialized; + and +
    • +
  • the attacker knows the relative file path from the storage location + used by FileStore to the file the attacker has control + over;
    • +
+

then, using a specifically crafted request, the attacker will be able to + trigger remote code execution via deserialization of the file under their + control.

+ +

Note: All of conditions above must be true for the + attack to succeed.

+ +

As an alternative to upgrading to 9.0.35 or later, users may configure + the PersistenceManager with an appropriate value for + sessionAttributeValueClassNameFilter to ensure that only + application provided attributes are serialized and deserialized. +

+ +

This was fixed with commit + 3aa8f28d. +

+ +

This issue was reported to the Apache Tomcat Security Team by by jarvis + threedr3am of pdd security research on 12 April 2020. The issue was made + public on 20 May 2020.

+ +

Affects: 9.0.0.M1 to 9.0.34

+ +
+ +

not released Fixed in Apache Tomcat 9.0.9

+
+ +

Low: CORS filter has insecure defaults + CVE-2018-8014 +

+ +

The defaults settings for the CORS filter are insecure and enable + supportsCredentials for all origins. It is expected that + users of the CORS filter will have configured it appropriately for their + environment rather than using it in the default configuration. Therefore, + it is expected that most users will not be impacted by this issue. +

+ +

This was fixed in revision 1831726.

+ +

This issue was reported publicly on 1 May 2018 and formally announced as + a vulnerability on 16 May 2018.

+ +
+ +

13 June 2016 Fixed in Apache Tomcat 8.5.3 and 8.0.36

+
+ +

Moderate: Denial of Service + CVE-2016-3092 +

+ +

Apache Tomcat uses a package renamed copy of Apache Commons FileUpload to + implement the file upload requirements of the Servlet specification. A + denial of service vulnerability was identified in Commons FileUpload that + occurred when the length of the multipart boundary was just below the + size of the buffer (4096 bytes) used to read the uploaded file. This + caused the file upload process to take several orders of magnitude + longer than if the boundary was the typical tens of bytes long.

+ +

This was fixed in revision 1743722 for + 8.5.x and revision 1743738 for + 8.0.x.

+ +

This issue was identified by the TERASOLUNA Framework Development Team + and reported to the Apache Commons team via JPCERT on 9 May 2016. It was + made public on 21 June 2016.

+ +

Affects: 8.5.0 to 8.5.2, 8.0.0.RC1 to 8.0.35

+ +
+ +

released 4 Sep 2009 Fixed in Apache Tomcat 5.5.28

+
+

Important: Information Disclosure + CVE-2008-5515 +

+ +

When using a RequestDispatcher obtained from the Request, the target path + was normalised before the query string was removed. A request that + included a specially crafted request parameter could be used to access + content that would otherwise be protected by a security constraint or by + locating it in under the WEB-INF directory.

+ +

This was fixed in revisions 782757 and + 783291. +

+ +

This was first reported to the Tomcat security team on 11 Dec 2008 and + made public on 8 Jun 2009.

+ +

Affects: 5.5.0-5.5.27

+ +

Important: Denial of Service + CVE-2009-0033 +

+ +

If Tomcat receives a request with invalid headers via the Java AJP + connector, it does not return an error and instead closes the AJP + connection. In case this connector is member of a mod_jk load balancing + worker, this member will be put into an error state and will be blocked + from use for approximately one minute. Thus the behaviour can be used for + a denial of service attack using a carefully crafted request.

+ +

This was fixed in revision 781362.

+ +

This was first reported to the Tomcat security team on 26 Jan 2009 and + made public on 3 Jun 2009.

+ +

Affects: 5.5.0-5.5.27

+ +

Low: Information disclosure + CVE-2009-0580 +

+ +

Due to insufficient error checking in some authentication classes, Tomcat + allows for the enumeration (brute force testing) of user names by + supplying illegally URL encoded passwords. The attack is possible if FORM + based authentication (j_security_check) is used with the MemoryRealm. + Note that in early versions, the DataSourceRealm and JDBCRealm were also + affected.

+ +

This was fixed in revision 781379.

+ +

This was first reported to the Tomcat security team on 25 Feb 2009 and + made public on 3 Jun 2009.

+ +

Affects: 5.5.0-5.5.27 (Memory Realm), 5.5.0-5.5.5 (DataSource and JDBC + Realms)

+ +

Low: Cross-site scripting + CVE-2009-0781 +

+ +

The calendar application in the examples web application contains an + XSS flaw due to invalid HTML which renders the XSS filtering protection + ineffective.

+ +

This was fixed in revision 750928.

+ +

This was first reported to the Tomcat security team on 5 Mar 2009 and + made public on 6 Mar 2009.

+ +

Affects: 5.5.0-5.5.27

+ +

Low: Information disclosure + CVE-2009-0783 +

+ +

Bugs 29936 and 45933 allowed a web application + to replace the XML parser used by + Tomcat to process web.xml, context.xml and tld files. In limited + circumstances these bugs may allow a rogue web application to view and/or + alter the web.xml, context.xml and tld files of other web applications + deployed on the Tomcat instance.

+ +

This was fixed in revisions 681156 and + 781542. +

+ +

This was first reported to the Tomcat security team on 2 Mar 2009 and + made public on 4 Jun 2009.

+ +

Affects: 5.5.0-5.5.27

+ +
+ +

Will not be fixed in Apache Tomcat 4.1.x

+
+

Moderate: Information disclosure + CVE-2005-4836 +

+ +

The deprecated HTTP/1.1 connector does not reject request URIs containing + null bytes when used with contexts that are configured with + allowLinking="true". Failure to reject the null byte enables an attacker + to obtain the source for any JSP page in these contexts. Users of Tomcat + 4.1.x are advised to use the default, supported Coyote HTTP/1.1 connector + which does not exhibit this issue. There are no plans to issue an update + to Tomcat 4.1.x for this issue.

+ +

Affects: 4.1.15-4.1.SVN

+ +
+ +

Fixed in Apache Tomcat 4.1.35

+
+ +

Low: Information disclosure + CVE-2008-4308 +

+ +

Bug + 40771 may result in the disclosure of POSTed content from a previous + request. For a vulnerability to exist, the content read from the input + stream must be disclosed, eg via writing it to the response and committing + the response, before the ArrayIndexOutOfBoundsException occurs which will + halt processing of the request.

+ +

Affects: 4.1.32-4.1.34 (4.0.x unknown)

+
+ +

Fixed in Apache Tomcat 4.1.3

+
+

Important: Denial of service + CVE-2002-0935 +

+ +

A malformed HTTP request can cause the request processing thread to + become unresponsive. A sequence of such requests will cause all request + processing threads, and hence Tomcat as a whole, to become unresponsive.

+ +

Affects: 4.0.0-4.0.2?, 4.0.3, 4.0.4-4.0.6?, 4.1.0-4.1.2?

+ +
+ +

Fixed in Apache Tomcat 3.3a

+
+

Moderate: Information disclosure + CVE-2002-2007 +

+ +

Non-standard requests to the sample applications installed by default + could result in unexpected directory listings or disclosure of the full + file system path for a JSP.

+ +

Affects: 3.2.3-3.2.4

+ +

Low: Information disclosure + CVE-2002-2006, + CVE-2000-0760 +

+ +

The snoop servlet installed as part of the examples includes output that + identifies the Tomcat installation path. There are no plans to issue a an + update to Tomcat 3.x for this issue.

+ +

Affects:3.1-3.1.1, 3.2-3.2.4

+
+ +
+ + + + diff --git a/vulnerabilities/tests/test_data/apache_tomcat/apache_tomcat_cve-2020-9484.html b/vulnerabilities/tests/test_data/apache_tomcat/apache_tomcat_cve-2020-9484.html index 150cc0c9f..66f0931da 100644 --- a/vulnerabilities/tests/test_data/apache_tomcat/apache_tomcat_cve-2020-9484.html +++ b/vulnerabilities/tests/test_data/apache_tomcat/apache_tomcat_cve-2020-9484.html @@ -5,7 +5,7 @@ - simple-html-01.html + apache_tomcat_cve-2020-9484.html - - - - - -
- -
nexB note: This file contains excerpts from https://tomcat.apache.org/security-9.html and other related Tomcat pages.
- -

2 February 2021 Fixed in Apache Tomcat 9.0.43

-
- -

Note: The issues below were fixed in Apache Tomcat 9.0.42 but the - release vote for the 9.0.42 release candidate did not pass. Therefore, - although users must download 9.0.43 to obtain a version that includes a - fix for these issues, version 9.0.42 is not included in the list of - affected versions.

- -

Low: Fix for CVE-2020-9484 was incomplete - CVE-2021-25329 -

- -

The fix for CVE-2020-9484 was incomplete. When using a - highly unlikely configuration edge case, the Tomcat instance was still - vulnerable to CVE-2020-9484. Note that both the previously - published prerequisites for CVE-2020-9484 and the previously - published non-upgrade mitigations for CVE-2020-9484 also apply to - this issue.

- -

This was fixed with commit - 4785433a. -

- -

This issue was reported to the Apache Tomcat Security team by Trung Pham - of Viettel Cyber Security on 12 January 2021. The issue was made public - on 1 March 2021.

- -

Affects: 9.0.0.M1 to 9.0.41

- -

Important: Request mix-up with h2c - CVE-2021-25122 -

- -

When responding to new h2c connection requests, Apache Tomcat could - duplicate request headers and a limited amount of request body from one - request to another meaning user A and user B could both see the results of - user A's request.

- -

This was fixed with commit - d47c20a7. -

- -

This issue was identified by the Apache Tomcat Security team on 11 - January 2021. The issue was made public on 1 March 2021.

- -

Affects: 9.0.0.M1 to 9.0.41

- -
- -

11 May 2020 Fixed in Apache Tomcat 9.0.35

-
- -

Important: Remote Code Execution via session persistence - CVE-2020-9484 -

- -

If:

-
    -
  • an attacker is able to control the contents and name of a file on the - server; and
    • -
  • the server is configured to use the PersistenceManager - with a FileStore; and
    • -
  • the PersistenceManager is configured with - sessionAttributeValueClassNameFilter="null" (the default - unless a SecurityManager is used) or a sufficiently lax - filter to allow the attacker provided object to be deserialized; - and -
    • -
  • the attacker knows the relative file path from the storage location - used by FileStore to the file the attacker has control - over;
    • -
-

then, using a specifically crafted request, the attacker will be able to - trigger remote code execution via deserialization of the file under their - control.

- -

Note: All of conditions above must be true for the - attack to succeed.

- -

As an alternative to upgrading to 9.0.35 or later, users may configure - the PersistenceManager with an appropriate value for - sessionAttributeValueClassNameFilter to ensure that only - application provided attributes are serialized and deserialized. -

- -

This was fixed with commit - 3aa8f28d. -

- -

This issue was reported to the Apache Tomcat Security Team by by jarvis - threedr3am of pdd security research on 12 April 2020. The issue was made - public on 20 May 2020.

- -

Affects: 9.0.0.M1 to 9.0.34

- -
- -

13 June 2016 Fixed in Apache Tomcat 8.5.3 and 8.0.36

-
- -

Moderate: Denial of Service - CVE-2016-3092 -

- -

Apache Tomcat uses a package renamed copy of Apache Commons FileUpload to - implement the file upload requirements of the Servlet specification. A - denial of service vulnerability was identified in Commons FileUpload that - occurred when the length of the multipart boundary was just below the - size of the buffer (4096 bytes) used to read the uploaded file. This - caused the file upload process to take several orders of magnitude - longer than if the boundary was the typical tens of bytes long.

- -

This was fixed in revision 1743722 for - 8.5.x and revision 1743738 for - 8.0.x.

- -

This issue was identified by the TERASOLUNA Framework Development Team - and reported to the Apache Commons team via JPCERT on 9 May 2016. It was - made public on 21 June 2016.

- -

Affects: 8.5.0 to 8.5.2, 8.0.0.RC1 to 8.0.35

- -
- -

Will not be fixed in Apache Tomcat 4.1.x

-
-

Moderate: Information disclosure - CVE-2005-4836 -

- -

The deprecated HTTP/1.1 connector does not reject request URIs containing - null bytes when used with contexts that are configured with - allowLinking="true". Failure to reject the null byte enables an attacker - to obtain the source for any JSP page in these contexts. Users of Tomcat - 4.1.x are advised to use the default, supported Coyote HTTP/1.1 connector - which does not exhibit this issue. There are no plans to issue an update - to Tomcat 4.1.x for this issue.

- -

Affects: 4.1.15-4.1.SVN

- -
- -

Fixed in Apache Tomcat 3.3a

-
-

Moderate: Information disclosure - CVE-2002-2007 -

- -

Non-standard requests to the sample applications installed by default - could result in unexpected directory listings or disclosure of the full - file system path for a JSP.

- -

Affects: 3.2.3-3.2.4

- -

Low: Information disclosure - CVE-2002-2006, - CVE-2000-0760 -

- -

The snoop servlet installed as part of the examples includes output that - identifies the Tomcat installation path. There are no plans to issue a an - update to Tomcat 3.x for this issue.

- -

Affects:3.1-3.1.1, 3.2-3.2.4

-
- -
- - - - diff --git a/vulnerabilities/tests/test_data/apache_tomcat/parse-apache_tomcat-selected-advisories-expected.json b/vulnerabilities/tests/test_data/apache_tomcat/parse-apache_tomcat-selected-advisories-expected.json new file mode 100644 index 000000000..1a116dce9 --- /dev/null +++ b/vulnerabilities/tests/test_data/apache_tomcat/parse-apache_tomcat-selected-advisories-expected.json @@ -0,0 +1,854 @@ +[ + { + "aliases": [ + "CVE-2020-9484" + ], + "summary": "", + "affected_packages": [ + { + "package": { + "type": "apache", + "namespace": null, + "name": "tomcat", + "version": null, + "qualifiers": null, + "subpath": null + }, + "affected_version_range": "vers:apache/>=9.0.0+M1|<=9.0.41|!=9.0.43", + "fixed_version": null + }, + { + "package": { + "type": "maven", + "namespace": "org.apache.tomcat", + "name": "tomcat", + "version": null, + "qualifiers": null, + "subpath": null + }, + "affected_version_range": "vers:maven/>=9.0.0.M1|<=9.0.41|!=9.0.43", + "fixed_version": null + } + ], + "references": [ + { + "reference_id": "CVE-2020-9484", + "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9484", + "severities": [ + { + "system": "apache_tomcat", + "value": "Low", + "scoring_elements": "" + } + ] + }, + { + "reference_id": "", + "url": "https://github.com/apache/tomcat/commit/4785433a226a20df6acbea49296e1ce7e23de453", + "severities": [] + } + ], + "date_published": null + }, + { + "aliases": [ + "CVE-2021-25329" + ], + "summary": "", + "affected_packages": [ + { + "package": { + "type": "apache", + "namespace": null, + "name": "tomcat", + "version": null, + "qualifiers": null, + "subpath": null + }, + "affected_version_range": "vers:apache/>=9.0.0+M1|<=9.0.41|!=9.0.43", + "fixed_version": null + }, + { + "package": { + "type": "maven", + "namespace": "org.apache.tomcat", + "name": "tomcat", + "version": null, + "qualifiers": null, + "subpath": null + }, + "affected_version_range": "vers:maven/>=9.0.0.M1|<=9.0.41|!=9.0.43", + "fixed_version": null + } + ], + "references": [ + { + "reference_id": "CVE-2021-25329", + "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25329", + "severities": [ + { + "system": "apache_tomcat", + "value": "Low", + "scoring_elements": "" + } + ] + }, + { + "reference_id": "", + "url": "https://github.com/apache/tomcat/commit/4785433a226a20df6acbea49296e1ce7e23de453", + "severities": [] + } + ], + "date_published": null + }, + { + "aliases": [ + "CVE-2021-25122" + ], + "summary": "", + "affected_packages": [ + { + "package": { + "type": "apache", + "namespace": null, + "name": "tomcat", + "version": null, + "qualifiers": null, + "subpath": null + }, + "affected_version_range": "vers:apache/>=9.0.0+M1|<=9.0.41|!=9.0.43", + "fixed_version": null + }, + { + "package": { + "type": "maven", + "namespace": "org.apache.tomcat", + "name": "tomcat", + "version": null, + "qualifiers": null, + "subpath": null + }, + "affected_version_range": "vers:maven/>=9.0.0.M1|<=9.0.41|!=9.0.43", + "fixed_version": null + } + ], + "references": [ + { + "reference_id": "CVE-2021-25122", + "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25122", + "severities": [ + { + "system": "apache_tomcat", + "value": "Important", + "scoring_elements": "" + } + ] + }, + { + "reference_id": "", + "url": "https://github.com/apache/tomcat/commit/d47c20a776e8919eaca8da9390a32bc8bf8210b1", + "severities": [] + } + ], + "date_published": null + }, + { + "aliases": [ + "CVE-2020-9484" + ], + "summary": "", + "affected_packages": [ + { + "package": { + "type": "apache", + "namespace": null, + "name": "tomcat", + "version": null, + "qualifiers": null, + "subpath": null + }, + "affected_version_range": "vers:apache/>=9.0.0+M1|<=9.0.34|!=9.0.35", + "fixed_version": null + }, + { + "package": { + "type": "maven", + "namespace": "org.apache.tomcat", + "name": "tomcat", + "version": null, + "qualifiers": null, + "subpath": null + }, + "affected_version_range": "vers:maven/>=9.0.0.M1|<=9.0.34|!=9.0.35", + "fixed_version": null + } + ], + "references": [ + { + "reference_id": "CVE-2020-9484", + "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9484", + "severities": [ + { + "system": "apache_tomcat", + "value": "Important", + "scoring_elements": "" + } + ] + }, + { + "reference_id": "", + "url": "https://github.com/apache/tomcat/commit/3aa8f28db7efb311cdd1b6fe15a9cd3b167a2222", + "severities": [] + } + ], + "date_published": null + }, + { + "aliases": [ + "CVE-2018-8014" + ], + "summary": "", + "affected_packages": [ + { + "package": { + "type": "apache", + "namespace": null, + "name": "tomcat", + "version": null, + "qualifiers": null, + "subpath": null + }, + "affected_version_range": "vers:apache/>=9.0.0+M1|<=9.0.8|!=9.0.9", + "fixed_version": null + }, + { + "package": { + "type": "maven", + "namespace": "org.apache.tomcat", + "name": "tomcat", + "version": null, + "qualifiers": null, + "subpath": null + }, + "affected_version_range": "vers:maven/>=9.0.0.M1|<=9.0.8|!=9.0.9", + "fixed_version": null + } + ], + "references": [ + { + "reference_id": "CVE-2018-8014", + "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8014", + "severities": [ + { + "system": "apache_tomcat", + "value": "Low", + "scoring_elements": "" + } + ] + }, + { + "reference_id": "", + "url": "https://svn.apache.org/viewvc?view=rev&rev=1831726", + "severities": [] + } + ], + "date_published": null + }, + { + "aliases": [ + "CVE-2016-3092" + ], + "summary": "", + "affected_packages": [ + { + "package": { + "type": "apache", + "namespace": null, + "name": "tomcat", + "version": null, + "qualifiers": null, + "subpath": null + }, + "affected_version_range": "vers:apache/>=8.0.0+RC1|<=8.0.35|!=8.0.36|>=8.5.0|<=8.5.2|!=8.5.3", + "fixed_version": null + }, + { + "package": { + "type": "maven", + "namespace": "org.apache.tomcat", + "name": "tomcat", + "version": null, + "qualifiers": null, + "subpath": null + }, + "affected_version_range": "vers:maven/>=8.0.0.RC1|<=8.0.35|!=8.0.36|>=8.5.0|<=8.5.2|!=8.5.3", + "fixed_version": null + } + ], + "references": [ + { + "reference_id": "CVE-2016-3092", + "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3092", + "severities": [ + { + "system": "apache_tomcat", + "value": "Moderate", + "scoring_elements": "" + } + ] + }, + { + "reference_id": "", + "url": "https://svn.apache.org/viewvc?view=rev&rev=1743722", + "severities": [] + }, + { + "reference_id": "", + "url": "https://svn.apache.org/viewvc?view=rev&rev=1743738", + "severities": [] + } + ], + "date_published": null + }, + { + "aliases": [ + "CVE-2008-5515" + ], + "summary": "", + "affected_packages": [ + { + "package": { + "type": "apache", + "namespace": null, + "name": "tomcat", + "version": null, + "qualifiers": null, + "subpath": null + }, + "affected_version_range": "vers:apache/>=5.5.0|<=5.5.27|!=5.5.28", + "fixed_version": null + }, + { + "package": { + "type": "maven", + "namespace": "org.apache.tomcat", + "name": "tomcat", + "version": null, + "qualifiers": null, + "subpath": null + }, + "affected_version_range": "vers:maven/>=5.5.0|<=5.5.27|!=5.5.28", + "fixed_version": null + } + ], + "references": [ + { + "reference_id": "CVE-2008-5515", + "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5515", + "severities": [ + { + "system": "apache_tomcat", + "value": "Important", + "scoring_elements": "" + } + ] + }, + { + "reference_id": "", + "url": "https://svn.apache.org/viewvc?view=rev&rev=782757", + "severities": [] + }, + { + "reference_id": "", + "url": "https://svn.apache.org/viewvc?view=rev&rev=783291", + "severities": [] + } + ], + "date_published": null + }, + { + "aliases": [ + "CVE-2009-0033" + ], + "summary": "", + "affected_packages": [ + { + "package": { + "type": "apache", + "namespace": null, + "name": "tomcat", + "version": null, + "qualifiers": null, + "subpath": null + }, + "affected_version_range": "vers:apache/>=5.5.0|<=5.5.27|!=5.5.28", + "fixed_version": null + }, + { + "package": { + "type": "maven", + "namespace": "org.apache.tomcat", + "name": "tomcat", + "version": null, + "qualifiers": null, + "subpath": null + }, + "affected_version_range": "vers:maven/>=5.5.0|<=5.5.27|!=5.5.28", + "fixed_version": null + } + ], + "references": [ + { + "reference_id": "CVE-2009-0033", + "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0033", + "severities": [ + { + "system": "apache_tomcat", + "value": "Important", + "scoring_elements": "" + } + ] + }, + { + "reference_id": "", + "url": "https://svn.apache.org/viewvc?view=rev&rev=781362", + "severities": [] + } + ], + "date_published": null + }, + { + "aliases": [ + "CVE-2009-0580" + ], + "summary": "", + "affected_packages": [ + { + "package": { + "type": "apache", + "namespace": null, + "name": "tomcat", + "version": null, + "qualifiers": null, + "subpath": null + }, + "affected_version_range": "vers:apache/>=5.5.0|<=5.5.27|!=5.5.28", + "fixed_version": null + }, + { + "package": { + "type": "maven", + "namespace": "org.apache.tomcat", + "name": "tomcat", + "version": null, + "qualifiers": null, + "subpath": null + }, + "affected_version_range": "vers:maven/>=5.5.0|<=5.5.27|!=5.5.28", + "fixed_version": null + } + ], + "references": [ + { + "reference_id": "CVE-2009-0580", + "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0580", + "severities": [ + { + "system": "apache_tomcat", + "value": "Low", + "scoring_elements": "" + } + ] + }, + { + "reference_id": "", + "url": "https://svn.apache.org/viewvc?view=rev&rev=781379", + "severities": [] + } + ], + "date_published": null + }, + { + "aliases": [ + "CVE-2009-0781" + ], + "summary": "", + "affected_packages": [ + { + "package": { + "type": "apache", + "namespace": null, + "name": "tomcat", + "version": null, + "qualifiers": null, + "subpath": null + }, + "affected_version_range": "vers:apache/>=5.5.0|<=5.5.27|!=5.5.28", + "fixed_version": null + }, + { + "package": { + "type": "maven", + "namespace": "org.apache.tomcat", + "name": "tomcat", + "version": null, + "qualifiers": null, + "subpath": null + }, + "affected_version_range": "vers:maven/>=5.5.0|<=5.5.27|!=5.5.28", + "fixed_version": null + } + ], + "references": [ + { + "reference_id": "CVE-2009-0781", + "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0781", + "severities": [ + { + "system": "apache_tomcat", + "value": "Low", + "scoring_elements": "" + } + ] + }, + { + "reference_id": "", + "url": "https://svn.apache.org/viewvc?view=rev&rev=750928", + "severities": [] + } + ], + "date_published": null + }, + { + "aliases": [ + "CVE-2009-0783" + ], + "summary": "", + "affected_packages": [ + { + "package": { + "type": "apache", + "namespace": null, + "name": "tomcat", + "version": null, + "qualifiers": null, + "subpath": null + }, + "affected_version_range": "vers:apache/>=5.5.0|<=5.5.27|!=5.5.28", + "fixed_version": null + }, + { + "package": { + "type": "maven", + "namespace": "org.apache.tomcat", + "name": "tomcat", + "version": null, + "qualifiers": null, + "subpath": null + }, + "affected_version_range": "vers:maven/>=5.5.0|<=5.5.27|!=5.5.28", + "fixed_version": null + } + ], + "references": [ + { + "reference_id": "CVE-2009-0783", + "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0783", + "severities": [ + { + "system": "apache_tomcat", + "value": "Low", + "scoring_elements": "" + } + ] + }, + { + "reference_id": "", + "url": "https://svn.apache.org/viewvc?view=rev&rev=681156", + "severities": [] + }, + { + "reference_id": "", + "url": "https://svn.apache.org/viewvc?view=rev&rev=781542", + "severities": [] + } + ], + "date_published": null + }, + { + "aliases": [ + "CVE-2005-4836" + ], + "summary": "", + "affected_packages": [ + { + "package": { + "type": "apache", + "namespace": null, + "name": "tomcat", + "version": null, + "qualifiers": null, + "subpath": null + }, + "affected_version_range": "vers:apache/<=4.1.0+SVN|>=4.1.15", + "fixed_version": null + }, + { + "package": { + "type": "maven", + "namespace": "org.apache.tomcat", + "name": "tomcat", + "version": null, + "qualifiers": null, + "subpath": null + }, + "affected_version_range": "vers:maven/<=4.1.SVN|>=4.1.15", + "fixed_version": null + } + ], + "references": [ + { + "reference_id": "CVE-2005-4836", + "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4836", + "severities": [ + { + "system": "apache_tomcat", + "value": "Moderate", + "scoring_elements": "" + } + ] + } + ], + "date_published": null + }, + { + "aliases": [ + "CVE-2008-4308" + ], + "summary": "", + "affected_packages": [ + { + "package": { + "type": "apache", + "namespace": null, + "name": "tomcat", + "version": null, + "qualifiers": null, + "subpath": null + }, + "affected_version_range": "vers:apache/>=4.1.32|<=4.1.34|!=4.1.35", + "fixed_version": null + }, + { + "package": { + "type": "maven", + "namespace": "org.apache.tomcat", + "name": "tomcat", + "version": null, + "qualifiers": null, + "subpath": null + }, + "affected_version_range": "vers:maven/>=4.1.32|<=4.1.34|!=4.1.35", + "fixed_version": null + } + ], + "references": [ + { + "reference_id": "CVE-2008-4308", + "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4308", + "severities": [ + { + "system": "apache_tomcat", + "value": "Low", + "scoring_elements": "" + } + ] + } + ], + "date_published": null + }, + { + "aliases": [ + "CVE-2002-0935" + ], + "summary": "", + "affected_packages": [ + { + "package": { + "type": "apache", + "namespace": null, + "name": "tomcat", + "version": null, + "qualifiers": null, + "subpath": null + }, + "affected_version_range": "vers:apache/>=4.0.0|<=4.0.2|4.0.3|>=4.0.4|<=4.0.6|>=4.1.0|<=4.1.2|!=4.1.3", + "fixed_version": null + }, + { + "package": { + "type": "maven", + "namespace": "org.apache.tomcat", + "name": "tomcat", + "version": null, + "qualifiers": null, + "subpath": null + }, + "affected_version_range": "vers:maven/>=4.0.0|<=4.0.2|4.0.3|>=4.0.4|<=4.0.6|>=4.1.0|<=4.1.2|!=4.1.3", + "fixed_version": null + } + ], + "references": [ + { + "reference_id": "CVE-2002-0935", + "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0935", + "severities": [ + { + "system": "apache_tomcat", + "value": "Important", + "scoring_elements": "" + } + ] + } + ], + "date_published": null + }, + { + "aliases": [ + "CVE-2002-2007" + ], + "summary": "", + "affected_packages": [ + { + "package": { + "type": "apache", + "namespace": null, + "name": "tomcat", + "version": null, + "qualifiers": null, + "subpath": null + }, + "affected_version_range": "vers:apache/>=3.2.3|<=3.2.4|!=3.3.0-a", + "fixed_version": null + }, + { + "package": { + "type": "maven", + "namespace": "org.apache.tomcat", + "name": "tomcat", + "version": null, + "qualifiers": null, + "subpath": null + }, + "affected_version_range": "vers:maven/>=3.2.3|<=3.2.4|!=3.3a", + "fixed_version": null + } + ], + "references": [ + { + "reference_id": "CVE-2002-2007", + "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2007", + "severities": [ + { + "system": "apache_tomcat", + "value": "Moderate", + "scoring_elements": "" + } + ] + } + ], + "date_published": null + }, + { + "aliases": [ + "CVE-2002-2006" + ], + "summary": "", + "affected_packages": [ + { + "package": { + "type": "apache", + "namespace": null, + "name": "tomcat", + "version": null, + "qualifiers": null, + "subpath": null + }, + "affected_version_range": "vers:apache/>=3.1.0|<=3.1.1|>=3.2.0|<=3.2.4|!=3.3.0-a", + "fixed_version": null + }, + { + "package": { + "type": "maven", + "namespace": "org.apache.tomcat", + "name": "tomcat", + "version": null, + "qualifiers": null, + "subpath": null + }, + "affected_version_range": "vers:maven/>=3.1|<=3.1.1|>=3.2|<=3.2.4|!=3.3a", + "fixed_version": null + } + ], + "references": [ + { + "reference_id": "CVE-2002-2006", + "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2006", + "severities": [ + { + "system": "apache_tomcat", + "value": "Low", + "scoring_elements": "" + } + ] + } + ], + "date_published": null + }, + { + "aliases": [ + "CVE-2000-0760" + ], + "summary": "", + "affected_packages": [ + { + "package": { + "type": "apache", + "namespace": null, + "name": "tomcat", + "version": null, + "qualifiers": null, + "subpath": null + }, + "affected_version_range": "vers:apache/>=3.1.0|<=3.1.1|>=3.2.0|<=3.2.4|!=3.3.0-a", + "fixed_version": null + }, + { + "package": { + "type": "maven", + "namespace": "org.apache.tomcat", + "name": "tomcat", + "version": null, + "qualifiers": null, + "subpath": null + }, + "affected_version_range": "vers:maven/>=3.1|<=3.1.1|>=3.2|<=3.2.4|!=3.3a", + "fixed_version": null + } + ], + "references": [ + { + "reference_id": "CVE-2000-0760", + "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0760", + "severities": [ + { + "system": "apache_tomcat", + "value": "Low", + "scoring_elements": "" + } + ] + } + ], + "date_published": null + } +] diff --git a/vulnerabilities/tests/test_data/apache_tomcat/security-9.html b/vulnerabilities/tests/test_data/apache_tomcat/security-9.html deleted file mode 100644 index 0931f9274..000000000 --- a/vulnerabilities/tests/test_data/apache_tomcat/security-9.html +++ /dev/null @@ -1,140 +0,0 @@ - -Apache Tomcat® - Apache Tomcat 9 vulnerabilities

Content

Table of Contents

- -

Apache Tomcat 9.x vulnerabilities

-

This page lists all security vulnerabilities fixed in released versions - of Apache Tomcat 9.x. Each vulnerability is given a - security impact rating by the Apache - Tomcat security team — please note that this rating may vary from - platform to platform. We also list the versions of Apache Tomcat the flaw - is known to affect, and where a flaw has not been verified list the - version with a question mark.

- -

Note: Vulnerabilities that are not Tomcat vulnerabilities - but have either been incorrectly reported against Tomcat or where Tomcat - provides a workaround are listed at the end of this page.

- -

Please note that binary patches are never provided. If you need to - apply a source code patch, use the building instructions for the - Apache Tomcat version that you are using. For Tomcat 9.0 those are - building.html and - BUILDING.txt. - Both files can be found in the webapps/docs subdirectory - of a binary distribution. You may also want to review the - Security Considerations - page in the documentation.

- -

If you need help on building or configuring Tomcat or other help on - following the instructions to mitigate the known vulnerabilities listed - here, please send your questions to the public - Tomcat Users mailing list -

- -

If you have encountered an unlisted security vulnerability or other - unexpected behaviour that has security - impact, or if the descriptions here are incomplete, - please report them privately to the - Tomcat Security Team. Thank you. -

-

5 January 2016 Fixed in Apache Tomcat 9.0.0.M3

- -

Moderate: Security Manager bypass - CVE-2016-0763

- -

This issue only affects users running untrusted web applications under a - security manager.

- -

ResourceLinkFactory.setGlobalContext() is a public method - and was accessible to web applications even when running under a security - manager. This allowed a malicious web application to inject a malicious - global context that could in turn be used to disrupt other web - applications and/or read and write data owned by other web - applications.

- -

This was fixed in revision 1725926.

- -

This issue was identified by the Tomcat security team on 18 January 2016 - and made public on 22 February 2016.

- -

Affects: 9.0.0.M1 to 9.0.0.M2

- -

Note: The issues below were fixed in Apache Tomcat 9.0.0.M2 but the - release vote for the 9.0.0.M2 release candidate did not pass. Therefore, - although users must download 9.0.0.M3 to obtain a version that includes - fixes for these issues, version 9.0.0.M2 is not included in the list of - affected versions.

- -

Moderate: CSRF token leak - CVE-2015-5351

- -

The index page of the Manager and Host Manager applications included a - valid CSRF token when issuing a redirect as a result of an - unauthenticated request to the root of the web application. If an - attacker had access to the Manager or Host Manager applications - (typically these applications are only accessible to internal users, not - exposed to the Internet), this token could then be used by the attacker - to construct a CSRF attack.

- -

This was fixed in revisions 1720652 and - 1720655.

- -

This issue was identified by the Tomcat security team on 8 December 2015 - and made public on 22 February 2016.

- -

Affects: 8.0.0.M1 to 9.0.0, 9.0.1.M1 to 9.0.1.M2-

- -

Low: Security Manager bypass - CVE-2016-0706

- -

This issue only affects users running untrusted web applications under a - security manager.

- -

The internal StatusManagerServlet could be loaded by a malicious web - application when a security manager was configured. This servlet could - then provide the malicious web application with a list of all deployed - applications and a list of the HTTP request lines for all requests - currently being processed. This could have exposed sensitive information - from other web applications, such as session IDs, to the web - application.

- -

This was fixed in revision 1722799.

- -

This issue was identified by the Tomcat security team on 27 December 2015 - and made public on 22 February 2016.

- -

Affects: 9.0.0.M1

- -

Moderate: Security Manager bypass - CVE-2016-0714

- -

This issue only affects users running untrusted web applications under a - security manager.

- -

Tomcat provides several session persistence mechanisms. The - StandardManager persists session over a restart. The - PersistentManager is able to persist sessions to files, a - database or a custom Store. The cluster implementation - persists sessions to one or more additional nodes in the cluster. All of - these mechanisms could be exploited to bypass a security manager. Session - persistence is performed by Tomcat code with the permissions assigned to - Tomcat internal code. By placing a carefully crafted object into a - session, a malicious web application could trigger the execution of - arbitrary code.

- -

This was fixed in revisions 1725263 and - 1725914.

- -

This issue was identified by the Tomcat security team on 12 November 2015 - and made public on 22 February 2016.

- -

Affects: 9.0.0.M1-9.0.0.M2

- -
- Copyright © 1999-2020, The Apache Software Foundation -
- Apache Tomcat, Tomcat, Apache, the Apache feather, and the Apache Tomcat - project logo are either registered trademarks or trademarks of the Apache - Software Foundation. -
\ No newline at end of file diff --git a/vulnerabilities/tests/test_data/apache_tomcat/trace/record_of_all_affected_versions-2023-01-03-00.txt b/vulnerabilities/tests/test_data/apache_tomcat/trace/record_of_all_affected_versions-2023-01-03-00.txt deleted file mode 100644 index dcb9a0b15..000000000 --- a/vulnerabilities/tests/test_data/apache_tomcat/trace/record_of_all_affected_versions-2023-01-03-00.txt +++ /dev/null @@ -1,430 +0,0 @@ -[' 10.0.0-M1 to 10.0.26'] -[' 10.1.0-M1 to 10.1.1'] -[' 10.1.0-M1 to 10.1.0'] -[' 10.0.0-M1 to 10.0.22'] -[' 10.1.0-M1 to 10.1.0-M16'] -[' 10.0.0-M1 to 10.0.20'] -[' 10.1.0-M1 to 10.1.0-M14'] -[' 10.0.0-M1 to 10.0.18'] -[' 10.1.0-M1 to 10.1.0-M12'] -[' 10.0.0-M5 to 10.0.14'] -[' 10.1.0-M1 to 10.1.0-M8'] -[' 10.0.0-M10 to 10.0.11'] -[' 10.1.0-M1 to 10.1.0-M5'] -[' 10.0.0-M1 to 10.0.6'] -[' 10.0.0-M1 to 10.0.5'] -[' 10.0.3 to 10.0.4'] -[' 10.0.0-M1 to 10.0.2'] -[' 10.0.0-M1 to 10.0.0'] -[' 10.0.0-M1 to 10.0.0'] -[' 10.0.0-M1 to 10.0.0'] -[' 10.0.0-M1 to 10.0.0-M9'] -[' 10.0.0-M1 to 10.0.0-M9'] -[' 10.0.0-M1 to 10.0.0-M7'] -[' 10.0.0-M1 to 10.0.0-M6'] -[' 10.0.0-M1 to 10.0.0-M6'] -[' 10.0.0-M1 to 10.0.0-M5'] -[' 10.0.0-M1 to 10.0.0-M4'] -[' 9.0.40 to 9.0.68'] -[' 9.0.0-M1 to 9.0.67'] -[' 9.0.30 to 9.0.64'] -[' 9.0.13 to 9.0.62'] -[' 9.0.0-M1 to 9.0.60'] -[' 9.0.35 to 9.0.56'] -[' 9.0.40 to 9.0.53'] -[' 9.0.0.M1 to 9.0.46'] -[' 9.0.0.M1 to 9.0.45'] -[' 9.0.44'] -[' 9.0.0-M1 to 9.0.43'] -[' 9.0.0.M1 to 9.0.41'] -[' 9.0.0.M1 to 9.0.41'] -[' 9.0.0.M1 to 9.0.41'] -[' 9.0.0.M1 to 9.0.39'] -[' 9.0.0-M1 to 9.0.39'] -[' 9.0.0.M1 to 9.0.37'] -[' 9.0.0.M1 to 9.0.36'] -[' 9.0.0.M5 to 9.0.36'] -[' 9.0.0.M1 to 9.0.35'] -[' 9.0.0.M1 to 9.0.34'] -[' 9.0.0.M1 to 9.0.30'] -[' 9.0.0.M1 to 9.0.30'] -[' 9.0.28 to 9.0.30'] -[' 9.0.0.M1 to 9.0.29'] -[' 9.0.0.M1 to 9.0.28'] -[' 9.0.0.M1 to 9.0.20'] -[' 9.0.0.M1 to 9.0.19'] -[' 9.0.0.M1 to 9.0.17'] -[' 9.0.0.M1 to 9.0.17'] -[' 9.0.0.M1 to 9.0.14'] -[' 9.0.0.M1 to 9.0.11'] -[' 9.0.0.M1 to 9.0.9'] -[' 9.0.0.M9 to 9.0.9'] -[] -[' 9.0.0.M1 to 9.0.7'] -[' 9.0.0.M1 to 9.0.4'] -[' 9.0.0.M1 to 9.0.4'] -[' 9.0.0.M22 to 9.0.1'] -[' 9.0.0.M1 to 9.0.0'] -[' 9.0.0.M1 to 9.0.0.M21'] -[' 9.0.0.M1 to 9.0.0.M21'] -[' 9.0.0.M1 to 9.0.0.M20'] -[' 9.0.0.M1 to 9.0.0.M18'] -[' 9.0.0.M1 to 9.0.0.M18'] -[' 9.0.0.M1 to 9.0.0.M18'] -[' 9.0.0.M1 to 9.0.0.M17'] -[' 9.0.0.M11 to 9.0.0.M15'] -[' 9.0.0.M1 to 9.0.0.M13'] -[' 9.0.0.M1 to 9.0.0.M11'] -[' 9.0.0.M1 to 9.0.0.M11'] -[' 9.0.0.M1 to 9.0.0.M11'] -[' 9.0.0.M1 to 9.0.0.M9'] -[' 9.0.0.M1 to 9.0.0.M9'] -[' 9.0.0.M1 to 9.0.0.M9'] -[' 9.0.0.M1 to 9.0.0.M9'] -[' 9.0.0.M1 to 9.0.0.M9'] -[' 9.0.0.M1 to 9.0.0.M6'] -[' 9.0.0.M1 to 9.0.0.M2'] -[' 9.0.0.M1'] -[' 9.0.0.M1'] -[' 9.0.0.M1'] -[' 9.0.0.M1'] -[' 9.0.0.M1'] -[' 8.5.83'] -[' 8.5.0 to 8.5.82'] -[' 8.5.50 to 8.5.81'] -[' 8.5.38 to 8.5.78'] -[' 8.5.0 to 8.5.77'] -[' 8.5.0 to 8.5.75'] -[' 8.5.55 to 8.5.73'] -[' 8.5.60 to 8.5.71'] -[' 8.5.0 to 8.5.66'] -[' 8.5.0 to 8.5.65'] -[' 8.5.64'] -[' 8.5.0 to 8.5.63'] -[' 8.5.0 to 8.5.61'] -[' 8.5.0 to 8.5.61'] -[' 8.5.0 to 8.5.61'] -[' 8.5.0 to 8.5.59'] -[' 8.5.0 to 8.5.59'] -[' 8.5.0 to 8.5.57'] -[' 8.5.0 to 8.5.56'] -[' 8.5.1 to 8.5.56'] -[' 8.5.0 to 8.5.55'] -[' 8.5.0 to 8.5.54'] -[' 8.5.0 to 8.5.50'] -[' 8.5.0 to 8.5.50'] -[' 8.5.48 to 8.5.50'] -[' 8.5.0 to 8.5.49'] -[' 8.5.0 to 8.5.47'] -[' 8.5.0 to 8.5.40'] -[' 8.5.0 to 8.5.39'] -[' 8.5.0 to 8.5.39'] -[' 8.5.0 to 8.5.37'] -[' 8.5.0 to 8.5.33'] -[' 8.0.0.RC1 to 8.0.52'] -[] -[' 8.5.5 to 8.5.31'] -[' 8.5.0 to 8.5.31'] -[] -[' 8.0.0.RC1 to 8.0.51'] -[' 8.5.0 to 8.5.30'] -[' 8.0.0.RC1 to 8.0.49'] -[' 8.0.0.RC1 to 8.0.49'] -[' 8.5.0 to 8.5.27'] -[' 8.5.0 to 8.5.27'] -[' 8.0.45 to 8.0.47'] -[' 8.5.16 to 8.5.23'] -[' 8.0.0.RC1 to 8.0.46'] -[' 8.5.0 to 8.5.22'] -[' 8.0.0.RC1 to 8.0.44'] -[' 8.5.0 to 8.5.15'] -[' 8.5.0 to 8.5.15'] -[' 8.0.0.RC1 to 8.0.43'] -[' 8.5.0 to 8.5.14'] -[' 8.0.0.RC1 to 8.0.42'] -[' 8.5.0 to 8.5.12'] -[' 8.5.0 to 8.5.12'] -[' 8.5.0 to 8.5.12'] -[' 8.0.0.RC1 to 8.0.41'] -[' 8.5.0 to 8.5.11'] -[' 8.0.0.RC1 to 8.0.39'] -[' 8.5.7 to 8.5.9'] -[' 8.5.0 to 8.5.8'] -[' 8.0.0.RC1 to 8.0.38'] -[' 8.0.0.RC1 to 8.0.38'] -[' 8.5.0 to 8.5.6'] -[' 8.5.0 to 8.5.6'] -[' 8.5.0 to 8.5.6'] -[' 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36'] -[' 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36'] -[' 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36'] -[' 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36'] -[' 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36'] -[' 8.5.0 to 8.5.2, 8.0.0.RC1 to 8.0.35'] -[' 8.0.0.RC1 to 8.0.30'] -[' 8.0.0.RC1 to 8.0.30'] -[' 8.0.0.RC1 to 8.0.30'] -[' 8.0.0.RC1 to 8.0.30'] -[' 8.0.0.RC1 to 8.0.30'] -[' 8.0.0.RC1 to 8.0.29'] -[' 8.0.0-RC1 to 8.0.26'] -[' 8.0.0-RC1 to 8.0.15'] -[' 8.0.0-RC1 to 8.0.8'] -[' 8.0.0-RC1 to 8.0.8'] -[' 8.0.0-RC1 to 8.0.5'] -[' 8.0.0-RC1 to 8.0.3'] -[' 8.0.0-RC2 to 8.0.3'] -[' 8.0.0-RC1 to 8.0.3'] -[' 8.0.0-RC1 to 8.0.3'] -[' 8.0.0-RC1 to 8.0.1'] -[' 8.0.0-RC1 to 8.0.0-RC5'] -[' 8.0.0-RC1 to 8.0.0-RC5'] -[' 8.0.0-RC1'] -[' 7.0.0 to 7.0.108'] -[' 7.0.0 to 7.0.107'] -[' 7.0.0 to 7.0.107'] -[' 7.0.0 to 7.0.106'] -[' 7.0.27 to 7.0.104'] -[' 7.0.0 to 7.0.103'] -[' 7.0.0 to 7.0.99'] -[' 7.0.0 to 7.0.99'] -[' 7.0.98 to 7.0.99'] -[' 7.0.0 to 7.0.98'] -[' 7.0.0 to 7.0.97'] -[' 7.0.0 to 7.0.93'] -[' 7.0.0 to 7.0.93'] -[' 7.0.23 to 7.0.90'] -[' 7.0.25 to 7.0.88'] -[] -[' 7.0.28 to 7.0.88'] -[' 7.0.0 to 7.0.84'] -[' 7.0.0 to 7.0.84'] -[' 7.0.79 to 7.0.82'] -[' 7.0.0 to 7.0.81'] -[' 7.0.0 to 7.0.80'] -[' 7.0.0 to 7.0.79'] -[' 7.0.41 to 7.0.78'] -[' 7.0.0 to 7.0.77'] -[' 7.0.0 to 7.0.76'] -[' 7.0.0 to 7.0.75'] -[' 7.0.0 to 7.0.73'] -[' 7.0.0 to 7.0.72'] -[' 7.0.0 to 7.0.72'] -[' 7.0.0 to 7.0.70'] -[' 7.0.0 to 7.0.70'] -[' 7.0.0 to 7.0.70'] -[' 7.0.0 to 7.0.70'] -[' 7.0.0 to 7.0.70'] -[' 7.0.0 to 7.0.69'] -[' 7.0.0 to 7.0.67'] -[' 7.0.1 to 7.0.67'] -[' 7.0.0 to 7.0.67'] -[' 7.0.0 to 7.0.67'] -[' 7.0.0 to 7.0.67'] -[' 7.0.5 to 7.0.65'] -[' 7.0.0 to 7.0.64'] -[' 7.0.0 to 7.0.57'] -[' 7.0.0 to 7.0.54'] -[' 7.0.0 to 7.0.54'] -[' 7.0.0-7.0.53'] -[' 7.0.0-7.0.52'] -[' 7.0.0-7.0.52'] -[' 7.0.0-7.0.52'] -[' 7.0.0-7.0.50'] -[' 7.0.0 to 7.0.47'] -[' 7.0.0 to 7.0.47'] -[' 7.0.0 to 7.0.42'] -[' 7.0.0-7.0.39'] -[' 7.0.0 to 7.0.39'] -[' 7.0.0-7.0.32'] -[' 7.0.0-7.0.31'] -[' 7.0.0-7.0.29'] -[' 7.0.0-7.0.29'] -[' 7.0.0-7.0.29'] -[' 7.0.0-7.0.27'] -[' 7.0.0-7.0.27'] -[' 7.0.0-7.0.22'] -[' 7.0.0-7.0.21'] -[' 7.0.0-7.0.21'] -[' 7.0.0-7.0.20'] -[' 7.0.0-7.0.19'] -[' 7.0.0-7.0.18'] -[' 7.0.0-7.0.16'] -[' 7.0.0-7.0.16'] -[' 7.0.12-7.0.13'] -[' 7.0.0-7.0.11'] -[' 7.0.0-7.0.11'] -[' 7.0.11'] -[' 7.0.0-7.0.10'] -[' 7.0.0-7.0.6'] -[' 7.0.0-7.0.5'] -[' 7.0.0-7.0.4'] -[' 7.0.0-7.0.3'] -[' 7.0.0'] -[' 6.0.0 to 6.0.52'] -[' 6.0.16 to 6.0.48'] -[' 6.0.0 to 6.0.47'] -[' 6.0.0 to 6.0.47'] -[' 6.0.0 to 6.0.45'] -[' 6.0.0 to 6.0.45'] -[' 6.0.0 to 6.0.45'] -[' 6.0.0 to 6.0.45'] -[' 6.0.0 to 6.0.45'] -[' 6.0.0 to 6.0.44'] -[' 6.0.0 to 6.0.44'] -[' 6.0.0 to 6.0.44'] -[' 6.0.0 to 6.0.44'] -[' 6.0.0 to 6.0.43'] -[' 6.0.0 to 6.0.43'] -[' 6.0.0 to 6.0.41'] -[' 6.0.0-6.0.39'] -[' 6.0.0-6.0.39'] -[' 6.0.0-6.0.39'] -[' 6.0.0-6.0.39'] -[' 6.0.0-6.0.37'] -[' 6.0.0 to 6.0.37'] -[' 6.0.0 to 6.0.37'] -[' 6.0.0 to 6.0.37'] -[' 6.0.33 to 6.0.37'] -[' 6.0.21-6.0.36'] -[' 6.0.0-6.0.36'] -[' 6.0.0-6.0.35'] -[' 6.0.0-6.0.35'] -[' 6.0.0-6.0.35'] -[' 6.0.30-6.0.35'] -[' 6.0.0-6.0.35'] -[' 6.0.30-6.0.33'] -[' 6.0.0-6.0.33'] -[' 6.0.0-6.0.33'] -[' 6.0.0-6.0.32'] -[' 6.0.0-6.0.32'] -[' 6.0.0-6.0.32'] -[' 6.0.30-6.0.32'] -[' 6.0.0-6.0.30'] -[' 6.0.0-6.0.29'] -[' 6.0.12-6.0.29'] -[' 6.0.0-6.0.29'] -[' 6.0.0-6.0.27'] -[' 6.0.0-6.0.26'] -[' 6.0.0-6.0.20'] -[' 6.0.0-6.0.20 (Windows only)'] -[' 6.0.0-6.0.20'] -[' 6.0.0-6.0.20'] -[' 6.0.0-6.0.18'] -[' 6.0.0-6.0.18'] -[' 6.0.0-6.0.18'] -[' 6.0.0-6.0.18'] -[' 6.0.0-6.0.18'] -[' 6.0.0-6.0.16'] -[' 6.0.0-6.0.16'] -[' 6.0.0-6.0.16'] -[' 6.0.0-6.0.14'] -[' 6.0.0-6.0.15'] -[' 6.0.0-6.0.14'] -[' 6.0.0-6.0.15'] -[' 6.0.5-6.0.15'] -[' 6.0.0-6.0.13'] -[' 6.0.0-6.0.13'] -[' 6.0.0-6.0.13'] -[' 6.0.0-6.0.13'] -[' 6.0.0-6.0.13'] -[' 6.0.0-6.0.10'] -[' 6.0.0-6.0.10'] -[' 6.0.0-6.0.9'] -[' 6.0.0-6.0.8'] -[' 6.0.0-6.0.5'] -[' 5.5.0-5.5.35'] -[' 5.5.0-5.5.34'] -[' 5.5.0-5.5.33'] -[' 5.5.0-5.5.33'] -[' 5.5.0-5.5.33'] -[' 5.5.32-5.5.33'] -[' 5.5.0-5.5.33'] -[' 5.5.0-5.5.31'] -[' 5.5.0-5.5.29'] -[' 5.5.0-5.5.29'] -[' 5.5.0-5.5.29'] -[' 5.5.0-5.5.28'] -[' 5.5.0-5.5.28 (Windows only)'] -[' 5.5.0-5.5.28'] -[' 5.5.0-5.5.28'] -[' 5.5.0-5.5.27'] -[' 5.5.0-5.5.27'] -[' 5.5.0-5.5.27 (Memory Realm), 5.5.0-5.5.5 (DataSource and JDBC\n Realms)'] -[' 5.5.0-5.5.27'] -[' 5.5.0-5.5.27'] -[' 5.5.0-5.5.26'] -[' 5.5.9-5.5.26'] -[' 5.5.0-5.5.26'] -[' 5.5.0-5.5.25'] -[' 5.5.9-5.5.25'] -[' 5.5.0-5.5.25'] -[' 5.5.11-5.5.25'] -[' 5.0.0-5.0.30, 5.5.0-5.5.24'] -[' 5.0.0-5.0.30, 5.5.0-5.5.24'] -[' 5.0.0-5.0.30, 5.5.0-5.5.24'] -[' 5.0.0-5.0.30, 5.5.0-5.5.24'] -[' 5.5.0-5.5.24'] -[' 5.0.0-5.0.30, 5.5.0-5.5.23'] -[' 5.0.0-5.0.30, 5.5.0-5.5.22'] -[' 5.0.0-5.0.30, 5.5.0-5.5.21'] -[' 5.0.0-5.0.30, 5.5.0-5.5.20'] -[' 5.0.0-5.0.SVN, 5.5.0-5.5.20'] -[' 5.5.10-5.5.20 (5.0.x unknown)'] -[' 5.0.0-5.0.30, 5.5.0-5.5.17'] -[' 5.0.0-5.0.30, 5.5.0-5.5.16'] -[' 5.0.0-5.0.30, 5.5.0-5.5.15'] -[' 5.0.0-5.0.30, 5.5.0-5.5.12'] -[' 5.0.0-5.0.30, 5.5.0-5.5.12'] -[' 5.0.0-5.0.30, 5.5.0-5.5.6'] -[' 5.5.0 (5.0.x unknown)'] -[' 4.1.0-4.1.39'] -[' 4.1.0-4.1.39'] -[' 4.1.0-4.1.39 (Memory Realm), 4.1.0-4.1.31 (JDBC Realm),\n 4.1.17-4.1.31 (DataSource Realm)'] -[' 4.1.0-4.1.39'] -[' 4.1.0-4.1.39'] -[' 4.1.0-4.1.37'] -[' 4.1.0-4.1.37'] -[' 4.1.0-4.1.37'] -[' 4.0.1-4.0.6, 4.1.0-4.1.36'] -[' 4.0.1-4.0.6, 4.1.0-4.1.36'] -[' 4.0.0-4.0.6, 4.1.0-4.1.36'] -[' 4.0.1-4.0.6, 4.1.0-4.1.36'] -[' 4.1.0-4.1.36'] -[' 4.0.0-4.0.6, 4.1.0-4.1.36'] -[' 4.1.0-4.1.36'] -[' 4.1.0-4.1.36'] -[' 4.0.0-4.0.6, 4.1.0-4.1.36'] -[' 4.0.0-4.0.6, 4.1.0-4.1.34'] -[' 4.0.0-4.0.6, 4.1.0-4.1.34'] -[' 4.0.0-4.0.6, 4.1.0-4.1.34'] -[' 4.1.32-4.1.34 (4.0.x unknown)'] -[' 4.1.0-4.1.31'] -[' 4.1.28-4.1.31'] -[' 4.0.0-4.0.6, 4.1.0-4.1.31'] -[' 4.0.0-4.0.6, 4.1.0-4.1.31'] -[' 4.0.0-4.0.6, 4.1.0-4.1.31'] -[' 4.0.0-4.0.6, 4.1.0-4.1.31'] -[' 4.1.0-4.1.28'] -[' 4.0.0-4.0.5, 4.1.0-4.1.12'] -[' 4.0.0-4.0.5, 4.1.0-4.1.12'] -[' 4.0.0-4.0.4, 4.1.0-4.1.11'] -[' 4.0.0-4.0.2?, 4.0.3, 4.0.4-4.0.6?, 4.1.0-4.1.2?'] -[' 4.0.0-4.0.6'] -[' 4.0.0-4.0.6'] -[' 4.0.0-4.0.1'] -[' 4.0.0-4.0.1'] -[' Pre-release builds of 4.0.0'] -[' 3.0, 3.1-3.1.1, 3.2-3.2.4, 3.3a-3.3.1a'] -[' 3.0, 3.1-3.1.1, 3.2-3.2.4, 3.3a-3.3.1'] -[' 3.0, 3.1-3.1.1, 3.2-3.2.4, 3.3a-3.3.1'] -[' 3.0, 3.1-3.1.1, 3.2-3.2.4, 3.3a'] -[' 3.2.3-3.2.4'] -['3.1-3.1.1, 3.2-3.2.4'] -['3.1-3.1.1, 3.2-3.2.4'] -[' 3.2?, 3.2.1, 3.2.2-3.2.3?'] -[' 3.0, 3.1-3.1.1, 3.2-3.2.1'] -[' 3.0, 3.1-3.1.1, 3.2-3.2.1'] -[' 3.1'] -[' 3.1'] -[' 3.0'] diff --git a/vulnerabilities/tests/test_data/apache_tomcat/trace/record_of_all_affected_versions-2023-01-04-00.txt b/vulnerabilities/tests/test_data/apache_tomcat/trace/record_of_all_affected_versions-2023-01-04-00.txt deleted file mode 100644 index 4630ade9a..000000000 --- a/vulnerabilities/tests/test_data/apache_tomcat/trace/record_of_all_affected_versions-2023-01-04-00.txt +++ /dev/null @@ -1,452 +0,0 @@ -[' 9.0.0.M1 to 9.0.41'] -[' 9.0.0.M1 to 9.0.41'] -[' 9.0.0.M1 to 9.0.41'] -[' 9.0.0.M1 to 9.0.34'] -['9.0.0.M1 to 9.0.8'] -[' 8.5.0 to 8.5.2', '8.0.0.RC1 to 8.0.35'] -[' 5.5.0-5.5.27'] -[' 5.5.0-5.5.27'] -['5.5.0-5.5.27'] -[' 5.5.0-5.5.27'] -[' 5.5.0-5.5.27'] -['4.1.15-4.1.SVN'] -['4.1.32-4.1.34'] -['4.0.0-4.0.2', '4.0.3', '4.0.4-4.0.6', '4.1.0-4.1.2'] -[' 3.2.3-3.2.4'] -['3.1-3.1.1', '3.2-3.2.4'] -['3.1-3.1.1', '3.2-3.2.4'] -[' 10.0.0-M1 to 10.0.26'] -[' 10.1.0-M1 to 10.1.1'] -[' 10.1.0-M1 to 10.1.0'] -[' 10.0.0-M1 to 10.0.22'] -[' 10.1.0-M1 to 10.1.0-M16'] -[' 10.0.0-M1 to 10.0.20'] -[' 10.1.0-M1 to 10.1.0-M14'] -[' 10.0.0-M1 to 10.0.18'] -[' 10.1.0-M1 to 10.1.0-M12'] -[' 10.0.0-M5 to 10.0.14'] -[' 10.1.0-M1 to 10.1.0-M8'] -[' 10.0.0-M10 to 10.0.11'] -[' 10.1.0-M1 to 10.1.0-M5'] -[' 10.0.0-M1 to 10.0.6'] -[' 10.0.0-M1 to 10.0.5'] -[' 10.0.3 to 10.0.4'] -[' 10.0.0-M1 to 10.0.2'] -[' 10.0.0-M1 to 10.0.0'] -[' 10.0.0-M1 to 10.0.0'] -[' 10.0.0-M1 to 10.0.0'] -[' 10.0.0-M1 to 10.0.0-M9'] -[' 10.0.0-M1 to 10.0.0-M9'] -[' 10.0.0-M1 to 10.0.0-M7'] -[' 10.0.0-M1 to 10.0.0-M6'] -[' 10.0.0-M1 to 10.0.0-M6'] -[' 10.0.0-M1 to 10.0.0-M5'] -[' 10.0.0-M1 to 10.0.0-M4'] -[' 9.0.40 to 9.0.68'] -[' 9.0.0-M1 to 9.0.67'] -[' 9.0.30 to 9.0.64'] -[' 9.0.13 to 9.0.62'] -[' 9.0.0-M1 to 9.0.60'] -[' 9.0.35 to 9.0.56'] -[' 9.0.40 to 9.0.53'] -[' 9.0.0.M1 to 9.0.46'] -[' 9.0.0.M1 to 9.0.45'] -[' 9.0.44'] -[' 9.0.0-M1 to 9.0.43'] -[' 9.0.0.M1 to 9.0.41'] -[' 9.0.0.M1 to 9.0.41'] -[' 9.0.0.M1 to 9.0.41'] -[' 9.0.0.M1 to 9.0.39'] -[' 9.0.0-M1 to 9.0.39'] -[' 9.0.0.M1 to 9.0.37'] -[' 9.0.0.M1 to 9.0.36'] -[' 9.0.0.M5 to 9.0.36'] -[' 9.0.0.M1 to 9.0.35'] -[' 9.0.0.M1 to 9.0.34'] -[' 9.0.0.M1 to 9.0.30'] -[' 9.0.0.M1 to 9.0.30'] -[' 9.0.28 to 9.0.30'] -[' 9.0.0.M1 to 9.0.29'] -[' 9.0.0.M1 to 9.0.28'] -[' 9.0.0.M1 to 9.0.20'] -[' 9.0.0.M1 to 9.0.19'] -[' 9.0.0.M1 to 9.0.17'] -[' 9.0.0.M1 to 9.0.17'] -[' 9.0.0.M1 to 9.0.14'] -[' 9.0.0.M1 to 9.0.11'] -[' 9.0.0.M1 to 9.0.9'] -[' 9.0.0.M9 to 9.0.9'] -['9.0.0.M1 to 9.0.8'] -[' 9.0.0.M1 to 9.0.7'] -[' 9.0.0.M1 to 9.0.4'] -[' 9.0.0.M1 to 9.0.4'] -[' 9.0.0.M22 to 9.0.1'] -[' 9.0.0.M1 to 9.0.0'] -[' 9.0.0.M1 to 9.0.0.M21'] -[' 9.0.0.M1 to 9.0.0.M21'] -[' 9.0.0.M1 to 9.0.0.M20'] -[' 9.0.0.M1 to 9.0.0.M18'] -[' 9.0.0.M1 to 9.0.0.M18'] -[' 9.0.0.M1 to 9.0.0.M18'] -[' 9.0.0.M1 to 9.0.0.M17'] -[' 9.0.0.M11 to 9.0.0.M15'] -[' 9.0.0.M1 to 9.0.0.M13'] -[' 9.0.0.M1 to 9.0.0.M11'] -[' 9.0.0.M1 to 9.0.0.M11'] -[' 9.0.0.M1 to 9.0.0.M11'] -[' 9.0.0.M1 to 9.0.0.M9'] -[' 9.0.0.M1 to 9.0.0.M9'] -[' 9.0.0.M1 to 9.0.0.M9'] -[' 9.0.0.M1 to 9.0.0.M9'] -[' 9.0.0.M1 to 9.0.0.M9'] -[' 9.0.0.M1 to 9.0.0.M6'] -[' 9.0.0.M1 to 9.0.0.M2'] -[' 9.0.0.M1'] -[' 9.0.0.M1'] -[' 9.0.0.M1'] -[' 9.0.0.M1'] -[' 9.0.0.M1'] -[' 8.5.83'] -[' 8.5.0 to 8.5.82'] -[' 8.5.50 to 8.5.81'] -[' 8.5.38 to 8.5.78'] -[' 8.5.0 to 8.5.77'] -[' 8.5.0 to 8.5.75'] -[' 8.5.55 to 8.5.73'] -[' 8.5.60 to 8.5.71'] -[' 8.5.0 to 8.5.66'] -[' 8.5.0 to 8.5.65'] -[' 8.5.64'] -[' 8.5.0 to 8.5.63'] -[' 8.5.0 to 8.5.61'] -[' 8.5.0 to 8.5.61'] -[' 8.5.0 to 8.5.61'] -[' 8.5.0 to 8.5.59'] -[' 8.5.0 to 8.5.59'] -[' 8.5.0 to 8.5.57'] -[' 8.5.0 to 8.5.56'] -[' 8.5.1 to 8.5.56'] -[' 8.5.0 to 8.5.55'] -[' 8.5.0 to 8.5.54'] -[' 8.5.0 to 8.5.50'] -[' 8.5.0 to 8.5.50'] -[' 8.5.48 to 8.5.50'] -[' 8.5.0 to 8.5.49'] -[' 8.5.0 to 8.5.47'] -[' 8.5.0 to 8.5.40'] -[' 8.5.0 to 8.5.39'] -[' 8.5.0 to 8.5.39'] -[' 8.5.0 to 8.5.37'] -[' 8.5.0 to 8.5.33'] -[' 8.0.0.RC1 to 8.0.52'] -['8.0.0.RC1 to 8.0.52'] -[' 8.5.5 to 8.5.31'] -[' 8.5.0 to 8.5.31'] -['8.5.0 to 8.5.31'] -[' 8.0.0.RC1 to 8.0.51'] -[' 8.5.0 to 8.5.30'] -[' 8.0.0.RC1 to 8.0.49'] -[' 8.0.0.RC1 to 8.0.49'] -[' 8.5.0 to 8.5.27'] -[' 8.5.0 to 8.5.27'] -[' 8.0.45 to 8.0.47'] -[' 8.5.16 to 8.5.23'] -[' 8.0.0.RC1 to 8.0.46'] -[' 8.5.0 to 8.5.22'] -[' 8.0.0.RC1 to 8.0.44'] -[' 8.5.0 to 8.5.15'] -[' 8.5.0 to 8.5.15'] -[' 8.0.0.RC1 to 8.0.43'] -[' 8.5.0 to 8.5.14'] -[' 8.0.0.RC1 to 8.0.42'] -[' 8.5.0 to 8.5.12'] -[' 8.5.0 to 8.5.12'] -[' 8.5.0 to 8.5.12'] -[' 8.0.0.RC1 to 8.0.41'] -[' 8.5.0 to 8.5.11'] -[' 8.0.0.RC1 to 8.0.39'] -[' 8.5.7 to 8.5.9'] -[' 8.5.0 to 8.5.8'] -[' 8.0.0.RC1 to 8.0.38'] -[' 8.0.0.RC1 to 8.0.38'] -[' 8.5.0 to 8.5.6'] -[' 8.5.0 to 8.5.6'] -[' 8.5.0 to 8.5.6'] -[' 8.5.0 to 8.5.4', '8.0.0.RC1 to 8.0.36'] -[' 8.5.0 to 8.5.4', '8.0.0.RC1 to 8.0.36'] -[' 8.5.0 to 8.5.4', '8.0.0.RC1 to 8.0.36'] -[' 8.5.0 to 8.5.4', '8.0.0.RC1 to 8.0.36'] -[' 8.5.0 to 8.5.4', '8.0.0.RC1 to 8.0.36'] -[' 8.5.0 to 8.5.2', '8.0.0.RC1 to 8.0.35'] -[' 8.0.0.RC1 to 8.0.30'] -[' 8.0.0.RC1 to 8.0.30'] -[' 8.0.0.RC1 to 8.0.30'] -[' 8.0.0.RC1 to 8.0.30'] -[' 8.0.0.RC1 to 8.0.30'] -[' 8.0.0.RC1 to 8.0.29'] -[' 8.0.0-RC1 to 8.0.26'] -[' 8.0.0-RC1 to 8.0.15'] -[' 8.0.0-RC1 to 8.0.8'] -[' 8.0.0-RC1 to 8.0.8'] -[' 8.0.0-RC1 to 8.0.5'] -[' 8.0.0-RC1 to 8.0.3'] -[' 8.0.0-RC2 to 8.0.3'] -[' 8.0.0-RC1 to 8.0.3'] -[' 8.0.0-RC1 to 8.0.3'] -[' 8.0.0-RC1 to 8.0.1'] -[' 8.0.0-RC1 to 8.0.0-RC5'] -[' 8.0.0-RC1 to 8.0.0-RC5'] -[' 8.0.0-RC1'] -[' 7.0.0 to 7.0.108'] -[' 7.0.0 to 7.0.107'] -[' 7.0.0 to 7.0.107'] -[' 7.0.0 to 7.0.106'] -[' 7.0.27 to 7.0.104'] -[' 7.0.0 to 7.0.103'] -[' 7.0.0 to 7.0.99'] -[' 7.0.0 to 7.0.99'] -[' 7.0.98 to 7.0.99'] -[' 7.0.0 to 7.0.98'] -[' 7.0.0 to 7.0.97'] -[' 7.0.0 to 7.0.93'] -[' 7.0.0 to 7.0.93'] -[' 7.0.23 to 7.0.90'] -[' 7.0.25 to 7.0.88'] -['7.0.41 to 7.0.88'] -['7.0.28 to 7.0.86'] -[' 7.0.0 to 7.0.84'] -[' 7.0.0 to 7.0.84'] -[' 7.0.79 to 7.0.82'] -[' 7.0.0 to 7.0.81'] -[' 7.0.0 to 7.0.80'] -[' 7.0.0 to 7.0.79'] -[' 7.0.41 to 7.0.78'] -[' 7.0.0 to 7.0.77'] -[' 7.0.0 to 7.0.76'] -[' 7.0.0 to 7.0.75'] -[' 7.0.0 to 7.0.73'] -[' 7.0.0 to 7.0.72'] -[' 7.0.0 to 7.0.72'] -[' 7.0.0 to 7.0.70'] -[' 7.0.0 to 7.0.70'] -[' 7.0.0 to 7.0.70'] -[' 7.0.0 to 7.0.70'] -[' 7.0.0 to 7.0.70'] -[' 7.0.0 to 7.0.69'] -[' 7.0.0 to 7.0.67'] -[' 7.0.1 to 7.0.67'] -[' 7.0.0 to 7.0.67'] -[' 7.0.0 to 7.0.67'] -[' 7.0.0 to 7.0.67'] -[' 7.0.5 to 7.0.65'] -[' 7.0.0 to 7.0.64'] -[' 7.0.0 to 7.0.57'] -[' 7.0.0 to 7.0.54'] -[' 7.0.0 to 7.0.54'] -[' 7.0.0-7.0.53'] -[' 7.0.0-7.0.52'] -[' 7.0.0-7.0.52'] -[' 7.0.0-7.0.52'] -[' 7.0.0-7.0.50'] -[' 7.0.0 to 7.0.47'] -[' 7.0.0 to 7.0.47'] -[' 7.0.0 to 7.0.42'] -[' 7.0.0-7.0.39'] -[' 7.0.0 to 7.0.39'] -[' 7.0.0-7.0.32'] -[' 7.0.0-7.0.31'] -[' 7.0.0-7.0.29'] -[' 7.0.0-7.0.29'] -[' 7.0.0-7.0.29'] -[' 7.0.0-7.0.27'] -[' 7.0.0-7.0.27'] -[' 7.0.0-7.0.22'] -[' 7.0.0-7.0.21'] -[' 7.0.0-7.0.21'] -[' 7.0.0-7.0.20'] -[' 7.0.0-7.0.19'] -[' 7.0.0-7.0.18'] -[' 7.0.0-7.0.16'] -[' 7.0.0-7.0.16'] -[' 7.0.12-7.0.13'] -[' 7.0.0-7.0.11'] -[' 7.0.0-7.0.11'] -[' 7.0.11'] -[' 7.0.0-7.0.10'] -[' 7.0.0-7.0.6'] -[' 7.0.0-7.0.5'] -[' 7.0.0-7.0.4'] -[' 7.0.0-7.0.3'] -[' 7.0.0'] -[' 6.0.0 to 6.0.52'] -[' 6.0.16 to 6.0.48'] -[' 6.0.0 to 6.0.47'] -[' 6.0.0 to 6.0.47'] -[' 6.0.0 to 6.0.45'] -[' 6.0.0 to 6.0.45'] -[' 6.0.0 to 6.0.45'] -[' 6.0.0 to 6.0.45'] -[' 6.0.0 to 6.0.45'] -[' 6.0.0 to 6.0.44'] -[' 6.0.0 to 6.0.44'] -[' 6.0.0 to 6.0.44'] -[' 6.0.0 to 6.0.44'] -[' 6.0.0 to 6.0.43'] -[' 6.0.0 to 6.0.43'] -[' 6.0.0 to 6.0.41'] -[' 6.0.0-6.0.39'] -[' 6.0.0-6.0.39'] -[' 6.0.0-6.0.39'] -[' 6.0.0-6.0.39'] -[' 6.0.0-6.0.37'] -[' 6.0.0 to 6.0.37'] -[' 6.0.0 to 6.0.37'] -[' 6.0.0 to 6.0.37'] -[' 6.0.33 to 6.0.37'] -[' 6.0.21-6.0.36'] -[' 6.0.0-6.0.36'] -[' 6.0.0-6.0.35'] -[' 6.0.0-6.0.35'] -[' 6.0.0-6.0.35'] -[' 6.0.30-6.0.35'] -[' 6.0.0-6.0.35'] -[' 6.0.30-6.0.33'] -[' 6.0.0-6.0.33'] -[' 6.0.0-6.0.33'] -[' 6.0.0-6.0.32'] -[' 6.0.0-6.0.32'] -[' 6.0.0-6.0.32'] -[' 6.0.30-6.0.32'] -[' 6.0.0-6.0.30'] -[' 6.0.0-6.0.29'] -[' 6.0.12-6.0.29'] -[' 6.0.0-6.0.29'] -[' 6.0.0-6.0.27'] -[' 6.0.0-6.0.26'] -[' 6.0.0-6.0.20'] -['6.0.0-6.0.20'] -[' 6.0.0-6.0.20'] -[' 6.0.0-6.0.20'] -[' 6.0.0-6.0.18'] -[' 6.0.0-6.0.18'] -[' 6.0.0-6.0.18'] -[' 6.0.0-6.0.18'] -[' 6.0.0-6.0.18'] -[' 6.0.0-6.0.16'] -[' 6.0.0-6.0.16'] -[' 6.0.0-6.0.16'] -[' 6.0.0-6.0.14'] -[' 6.0.0-6.0.15'] -[' 6.0.0-6.0.14'] -[' 6.0.0-6.0.15'] -[' 6.0.5-6.0.15'] -[' 6.0.0-6.0.13'] -[' 6.0.0-6.0.13'] -[' 6.0.0-6.0.13'] -[' 6.0.0-6.0.13'] -[' 6.0.0-6.0.13'] -[' 6.0.0-6.0.10'] -[' 6.0.0-6.0.10'] -[' 6.0.0-6.0.9'] -[' 6.0.0-6.0.8'] -[' 6.0.0-6.0.5'] -[' 5.5.0-5.5.35'] -[' 5.5.0-5.5.34'] -[' 5.5.0-5.5.33'] -[' 5.5.0-5.5.33'] -[' 5.5.0-5.5.33'] -[' 5.5.32-5.5.33'] -[' 5.5.0-5.5.33'] -[' 5.5.0-5.5.31'] -[' 5.5.0-5.5.29'] -[' 5.5.0-5.5.29'] -[' 5.5.0-5.5.29'] -[' 5.5.0-5.5.28'] -['5.5.0-5.5.28'] -[' 5.5.0-5.5.28'] -[' 5.5.0-5.5.28'] -[' 5.5.0-5.5.27'] -[' 5.5.0-5.5.27'] -['5.5.0-5.5.27'] -[' 5.5.0-5.5.27'] -[' 5.5.0-5.5.27'] -[' 5.5.0-5.5.26'] -[' 5.5.9-5.5.26'] -[' 5.5.0-5.5.26'] -[' 5.5.0-5.5.25'] -[' 5.5.9-5.5.25'] -[' 5.5.0-5.5.25'] -[' 5.5.11-5.5.25'] -[' 5.0.0-5.0.30', '5.5.0-5.5.24'] -[' 5.0.0-5.0.30', '5.5.0-5.5.24'] -[' 5.0.0-5.0.30', '5.5.0-5.5.24'] -[' 5.0.0-5.0.30', '5.5.0-5.5.24'] -[' 5.5.0-5.5.24'] -[' 5.0.0-5.0.30', '5.5.0-5.5.23'] -[' 5.0.0-5.0.30', '5.5.0-5.5.22'] -[' 5.0.0-5.0.30', '5.5.0-5.5.21'] -[' 5.0.0-5.0.30', '5.5.0-5.5.20'] -[' 5.0.0-5.0.SVN', '5.5.0-5.5.20'] -['5.5.10-5.5.20'] -[' 5.0.0-5.0.30', '5.5.0-5.5.17'] -[' 5.0.0-5.0.30', '5.5.0-5.5.16'] -[' 5.0.0-5.0.30', '5.5.0-5.5.15'] -[' 5.0.0-5.0.30', '5.5.0-5.5.12'] -[' 5.0.0-5.0.30', '5.5.0-5.5.12'] -[' 5.0.0-5.0.30', '5.5.0-5.5.6'] -['5.5.0'] -['4.1.15-4.1.SVN'] -[' 4.1.0-4.1.39'] -[' 4.1.0-4.1.39'] -['4.1.0-4.1.39'] -[' 4.1.0-4.1.39'] -[' 4.1.0-4.1.39'] -[' 4.1.0-4.1.37'] -[' 4.1.0-4.1.37'] -[' 4.1.0-4.1.37'] -[' 4.0.1-4.0.6', '4.1.0-4.1.36'] -[' 4.0.1-4.0.6', '4.1.0-4.1.36'] -[' 4.0.0-4.0.6', '4.1.0-4.1.36'] -[' 4.0.1-4.0.6', '4.1.0-4.1.36'] -[' 4.1.0-4.1.36'] -[' 4.0.0-4.0.6', '4.1.0-4.1.36'] -[' 4.1.0-4.1.36'] -[' 4.1.0-4.1.36'] -[' 4.0.0-4.0.6', '4.1.0-4.1.36'] -[' 4.0.0-4.0.6', '4.1.0-4.1.34'] -[' 4.0.0-4.0.6', '4.1.0-4.1.34'] -[' 4.0.0-4.0.6', '4.1.0-4.1.34'] -['4.1.32-4.1.34'] -[' 4.1.0-4.1.31'] -[' 4.1.28-4.1.31'] -[' 4.0.0-4.0.6', '4.1.0-4.1.31'] -[' 4.0.0-4.0.6', '4.1.0-4.1.31'] -[' 4.0.0-4.0.6', '4.1.0-4.1.31'] -[' 4.0.0-4.0.6', '4.1.0-4.1.31'] -[' 4.1.0-4.1.28'] -[' 4.0.0-4.0.5', '4.1.0-4.1.12'] -[' 4.0.0-4.0.5', '4.1.0-4.1.12'] -[' 4.0.0-4.0.4', '4.1.0-4.1.11'] -['4.0.0-4.0.2', '4.0.3', '4.0.4-4.0.6', '4.1.0-4.1.2'] -[' 4.0.0-4.0.6'] -[' 4.0.0-4.0.6'] -[' 4.0.0-4.0.1'] -[' 4.0.0-4.0.1'] -['<4.0.0'] -['3.0', '3.1-3.1.1', '3.2-3.2.4', '3.3a-3.3.2'] -['3.3-3.3.2'] -['3.3-3.3.2'] -['3.3-3.3.2'] -[' 3.0', '3.1-3.1.1', '3.2-3.2.4', '3.3a-3.3.1a'] -[' 3.0', '3.1-3.1.1', '3.2-3.2.4', '3.3a-3.3.1'] -[' 3.0', '3.1-3.1.1', '3.2-3.2.4', '3.3a-3.3.1'] -[' 3.0', '3.1-3.1.1', '3.2-3.2.4', '3.3a'] -[' 3.2.3-3.2.4'] -['3.1-3.1.1', '3.2-3.2.4'] -['3.1-3.1.1', '3.2-3.2.4'] -['3.2', '3.2.1', '3.2.2-3.2.3'] -[' 3.0', '3.1-3.1.1', '3.2-3.2.1'] -[' 3.0', '3.1-3.1.1', '3.2-3.2.1'] -[' 3.1'] -[' 3.1'] -[' 3.0'] diff --git a/vulnerabilities/tests/test_data/apache_tomcat/trace/record_of_all_affects_elements-2023-01-03-00.txt b/vulnerabilities/tests/test_data/apache_tomcat/trace/record_of_all_affects_elements-2023-01-03-00.txt deleted file mode 100644 index 7f7f0cf44..000000000 --- a/vulnerabilities/tests/test_data/apache_tomcat/trace/record_of_all_affects_elements-2023-01-03-00.txt +++ /dev/null @@ -1,422 +0,0 @@ -Affects: 10.0.0-M1 to 10.0.26 -Affects: 10.1.0-M1 to 10.1.1 -Affects: 10.1.0-M1 to 10.1.0 -Affects: 10.0.0-M1 to 10.0.22 -Affects: 10.1.0-M1 to 10.1.0-M16 -Affects: 10.0.0-M1 to 10.0.20 -Affects: 10.1.0-M1 to 10.1.0-M14 -Affects: 10.0.0-M1 to 10.0.18 -Affects: 10.1.0-M1 to 10.1.0-M12 -Affects: 10.0.0-M5 to 10.0.14 -Affects: 10.1.0-M1 to 10.1.0-M8 -Affects: 10.0.0-M10 to 10.0.11 -Affects: 10.1.0-M1 to 10.1.0-M5 -Affects: 10.0.0-M1 to 10.0.6 -Affects: 10.0.0-M1 to 10.0.5 -Affects: 10.0.3 to 10.0.4 -Affects: 10.0.0-M1 to 10.0.2 -Affects: 10.0.0-M1 to 10.0.0 -Affects: 10.0.0-M1 to 10.0.0 -Affects: 10.0.0-M1 to 10.0.0-M9 -Affects: 10.0.0-M1 to 10.0.0-M9 -Affects: 10.0.0-M1 to 10.0.0-M7 -Affects: 10.0.0-M1 to 10.0.0-M6 -Affects: 10.0.0-M1 to 10.0.0-M6 -Affects: 10.0.0-M1 to 10.0.0-M5 -Affects: 10.0.0-M1 to 10.0.0-M4 -Affects: 9.0.40 to 9.0.68 -Affects: 9.0.0-M1 to 9.0.67 -Affects: 9.0.30 to 9.0.64 -Affects: 9.0.13 to 9.0.62 -Affects: 9.0.0-M1 to 9.0.60 -Affects: 9.0.35 to 9.0.56 -Affects: 9.0.40 to 9.0.53 -Affects: 9.0.0.M1 to 9.0.46 -Affects: 9.0.0.M1 to 9.0.45 -Affects: 9.0.44 -Affects: 9.0.0-M1 to 9.0.43 -Affects: 9.0.0.M1 to 9.0.41 -Affects: 9.0.0.M1 to 9.0.41 -Affects: 9.0.0.M1 to 9.0.39 -Affects: 9.0.0-M1 to 9.0.39 -Affects: 9.0.0.M1 to 9.0.37 -Affects: 9.0.0.M1 to 9.0.36 -Affects: 9.0.0.M5 to 9.0.36 -Affects: 9.0.0.M1 to 9.0.35 -Affects: 9.0.0.M1 to 9.0.34 -Affects: 9.0.0.M1 to 9.0.30 -Affects: 9.0.0.M1 to 9.0.30 -Affects: 9.0.28 to 9.0.30 -Affects: 9.0.0.M1 to 9.0.29 -Affects: 9.0.0.M1 to 9.0.28 -Affects: 9.0.0.M1 to 9.0.20 -Affects: 9.0.0.M1 to 9.0.19 -Affects: 9.0.0.M1 to 9.0.17 -Affects: 9.0.0.M1 to 9.0.17 -Affects: 9.0.0.M1 to 9.0.14 -Affects: 9.0.0.M1 to 9.0.11 -Affects: 9.0.0.M1 to 9.0.9 -Affects: 9.0.0.M9 to 9.0.9 -Affects: 9.0.0.M1 to 9.0.7 -Affects: 9.0.0.M1 to 9.0.4 -Affects: 9.0.0.M1 to 9.0.4 -Affects: 9.0.0.M22 to 9.0.1 -Affects: 9.0.0.M1 to 9.0.0 -Affects: 9.0.0.M1 to 9.0.0.M21 -Affects: 9.0.0.M1 to 9.0.0.M21 -Affects: 9.0.0.M1 to 9.0.0.M20 -Affects: 9.0.0.M1 to 9.0.0.M18 -Affects: 9.0.0.M1 to 9.0.0.M18 -Affects: 9.0.0.M1 to 9.0.0.M18 -Affects: 9.0.0.M1 to 9.0.0.M17 -Affects: 9.0.0.M11 to 9.0.0.M15 -Affects: 9.0.0.M1 to 9.0.0.M13 -Affects: 9.0.0.M1 to 9.0.0.M11 -Affects: 9.0.0.M1 to 9.0.0.M11 -Affects: 9.0.0.M1 to 9.0.0.M11 -Affects: 9.0.0.M1 to 9.0.0.M9 -Affects: 9.0.0.M1 to 9.0.0.M9 -Affects: 9.0.0.M1 to 9.0.0.M9 -Affects: 9.0.0.M1 to 9.0.0.M9 -Affects: 9.0.0.M1 to 9.0.0.M9 -Affects: 9.0.0.M1 to 9.0.0.M6 -Affects: 9.0.0.M1 to 9.0.0.M2 -Affects: 9.0.0.M1 -Affects: 9.0.0.M1 -Affects: 9.0.0.M1 -Affects: 9.0.0.M1 -Affects: 9.0.0.M1 -Affects: 8.5.83 -Affects: 8.5.0 to 8.5.82 -Affects: 8.5.50 to 8.5.81 -Affects: 8.5.38 to 8.5.78 -Affects: 8.5.0 to 8.5.77 -Affects: 8.5.0 to 8.5.75 -Affects: 8.5.55 to 8.5.73 -Affects: 8.5.60 to 8.5.71 -Affects: 8.5.0 to 8.5.66 -Affects: 8.5.0 to 8.5.65 -Affects: 8.5.64 -Affects: 8.5.0 to 8.5.63 -Affects: 8.5.0 to 8.5.61 -Affects: 8.5.0 to 8.5.61 -Affects: 8.5.0 to 8.5.59 -Affects: 8.5.0 to 8.5.59 -Affects: 8.5.0 to 8.5.57 -Affects: 8.5.0 to 8.5.56 -Affects: 8.5.1 to 8.5.56 -Affects: 8.5.0 to 8.5.55 -Affects: 8.5.0 to 8.5.54 -Affects: 8.5.0 to 8.5.50 -Affects: 8.5.0 to 8.5.50 -Affects: 8.5.48 to 8.5.50 -Affects: 8.5.0 to 8.5.49 -Affects: 8.5.0 to 8.5.47 -Affects: 8.5.0 to 8.5.40 -Affects: 8.5.0 to 8.5.39 -Affects: 8.5.0 to 8.5.39 -Affects: 8.5.0 to 8.5.37 -Affects: 8.5.0 to 8.5.33 -Affects: 8.0.0.RC1 to 8.0.52 -Affects: 8.5.5 to 8.5.31 -Affects: 8.5.0 to 8.5.31 -Affects: 8.0.0.RC1 to 8.0.51 -Affects: 8.5.0 to 8.5.30 -Affects: 8.0.0.RC1 to 8.0.49 -Affects: 8.0.0.RC1 to 8.0.49 -Affects: 8.5.0 to 8.5.27 -Affects: 8.5.0 to 8.5.27 -Affects: 8.0.45 to 8.0.47 -Affects: 8.5.16 to 8.5.23 -Affects: 8.0.0.RC1 to 8.0.46 -Affects: 8.5.0 to 8.5.22 -Affects: 8.0.0.RC1 to 8.0.44 -Affects: 8.5.0 to 8.5.15 -Affects: 8.5.0 to 8.5.15 -Affects: 8.0.0.RC1 to 8.0.43 -Affects: 8.5.0 to 8.5.14 -Affects: 8.0.0.RC1 to 8.0.42 -Affects: 8.5.0 to 8.5.12 -Affects: 8.5.0 to 8.5.12 -Affects: 8.5.0 to 8.5.12 -Affects: 8.0.0.RC1 to 8.0.41 -Affects: 8.5.0 to 8.5.11 -Affects: 8.0.0.RC1 to 8.0.39 -Affects: 8.5.7 to 8.5.9 -Affects: 8.5.0 to 8.5.8 -Affects: 8.0.0.RC1 to 8.0.38 -Affects: 8.0.0.RC1 to 8.0.38 -Affects: 8.5.0 to 8.5.6 -Affects: 8.5.0 to 8.5.6 -Affects: 8.5.0 to 8.5.6 -Affects: 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36 -Affects: 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36 -Affects: 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36 -Affects: 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36 -Affects: 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36 -Affects: 8.5.0 to 8.5.2, 8.0.0.RC1 to 8.0.35 -Affects: 8.0.0.RC1 to 8.0.30 -Affects: 8.0.0.RC1 to 8.0.30 -Affects: 8.0.0.RC1 to 8.0.30 -Affects: 8.0.0.RC1 to 8.0.30 -Affects: 8.0.0.RC1 to 8.0.30 -Affects: 8.0.0.RC1 to 8.0.29 -Affects: 8.0.0-RC1 to 8.0.26 -Affects: 8.0.0-RC1 to 8.0.15 -Affects: 8.0.0-RC1 to 8.0.8 -Affects: 8.0.0-RC1 to 8.0.8 -Affects: 8.0.0-RC1 to 8.0.5 -Affects: 8.0.0-RC1 to 8.0.3 -Affects: 8.0.0-RC2 to 8.0.3 -Affects: 8.0.0-RC1 to 8.0.3 -Affects: 8.0.0-RC1 to 8.0.3 -Affects: 8.0.0-RC1 to 8.0.1 -Affects: 8.0.0-RC1 to 8.0.0-RC5 -Affects: 8.0.0-RC1 to 8.0.0-RC5 -Affects: 8.0.0-RC1 -Affects: 7.0.0 to 7.0.108 -Affects: 7.0.0 to 7.0.107 -Affects: 7.0.0 to 7.0.106 -Affects: 7.0.27 to 7.0.104 -Affects: 7.0.0 to 7.0.103 -Affects: 7.0.0 to 7.0.99 -Affects: 7.0.0 to 7.0.99 -Affects: 7.0.98 to 7.0.99 -Affects: 7.0.0 to 7.0.98 -Affects: 7.0.0 to 7.0.97 -Affects: 7.0.0 to 7.0.93 -Affects: 7.0.0 to 7.0.93 -Affects: 7.0.23 to 7.0.90 -Affects: 7.0.25 to 7.0.88 -Affects: 7.0.28 to 7.0.88 -Affects: 7.0.0 to 7.0.84 -Affects: 7.0.0 to 7.0.84 -Affects: 7.0.79 to 7.0.82 -Affects: 7.0.0 to 7.0.81 -Affects: 7.0.0 to 7.0.80 -Affects: 7.0.0 to 7.0.79 -Affects: 7.0.41 to 7.0.78 -Affects: 7.0.0 to 7.0.77 -Affects: 7.0.0 to 7.0.76 -Affects: 7.0.0 to 7.0.75 -Affects: 7.0.0 to 7.0.73 -Affects: 7.0.0 to 7.0.72 -Affects: 7.0.0 to 7.0.72 -Affects: 7.0.0 to 7.0.70 -Affects: 7.0.0 to 7.0.70 -Affects: 7.0.0 to 7.0.70 -Affects: 7.0.0 to 7.0.70 -Affects: 7.0.0 to 7.0.70 -Affects: 7.0.0 to 7.0.69 -Affects: 7.0.0 to 7.0.67 -Affects: 7.0.1 to 7.0.67 -Affects: 7.0.0 to 7.0.67 -Affects: 7.0.0 to 7.0.67 -Affects: 7.0.0 to 7.0.67 -Affects: 7.0.5 to 7.0.65 -Affects: 7.0.0 to 7.0.64 -Affects: 7.0.0 to 7.0.57 -Affects: 7.0.0 to 7.0.54 -Affects: 7.0.0 to 7.0.54 -Affects: 7.0.0-7.0.53 -Affects: 7.0.0-7.0.52 -Affects: 7.0.0-7.0.52 -Affects: 7.0.0-7.0.52 -Affects: 7.0.0-7.0.50 -Affects: 7.0.0 to 7.0.47 -Affects: 7.0.0 to 7.0.47 -Affects: 7.0.0 to 7.0.42 -Affects: 7.0.0-7.0.39 -Affects: 7.0.0 to 7.0.39 -Affects: 7.0.0-7.0.32 -Affects: 7.0.0-7.0.31 -Affects: 7.0.0-7.0.29 -Affects: 7.0.0-7.0.29 -Affects: 7.0.0-7.0.29 -Affects: 7.0.0-7.0.27 -Affects: 7.0.0-7.0.27 -Affects: 7.0.0-7.0.22 -Affects: 7.0.0-7.0.21 -Affects: 7.0.0-7.0.21 -Affects: 7.0.0-7.0.20 -Affects: 7.0.0-7.0.19 -Affects: 7.0.0-7.0.18 -Affects: 7.0.0-7.0.16 -Affects: 7.0.0-7.0.16 -Affects: 7.0.12-7.0.13 -Affects: 7.0.0-7.0.11 -Affects: 7.0.0-7.0.11 -Affects: 7.0.11 -Affects: 7.0.0-7.0.10 -Affects: 7.0.0-7.0.6 -Affects: 7.0.0-7.0.5 -Affects: 7.0.0-7.0.4 -Affects: 7.0.0-7.0.3 -Affects: 7.0.0 -Affects: 6.0.0 to 6.0.52 -Affects: 6.0.16 to 6.0.48 -Affects: 6.0.0 to 6.0.47 -Affects: 6.0.0 to 6.0.47 -Affects: 6.0.0 to 6.0.45 -Affects: 6.0.0 to 6.0.45 -Affects: 6.0.0 to 6.0.45 -Affects: 6.0.0 to 6.0.45 -Affects: 6.0.0 to 6.0.45 -Affects: 6.0.0 to 6.0.44 -Affects: 6.0.0 to 6.0.44 -Affects: 6.0.0 to 6.0.44 -Affects: 6.0.0 to 6.0.44 -Affects: 6.0.0 to 6.0.43 -Affects: 6.0.0 to 6.0.43 -Affects: 6.0.0 to 6.0.41 -Affects: 6.0.0-6.0.39 -Affects: 6.0.0-6.0.39 -Affects: 6.0.0-6.0.39 -Affects: 6.0.0-6.0.39 -Affects: 6.0.0-6.0.37 -Affects: 6.0.0 to 6.0.37 -Affects: 6.0.0 to 6.0.37 -Affects: 6.0.0 to 6.0.37 -Affects: 6.0.33 to 6.0.37 -Affects: 6.0.21-6.0.36 -Affects: 6.0.0-6.0.36 -Affects: 6.0.0-6.0.35 -Affects: 6.0.0-6.0.35 -Affects: 6.0.0-6.0.35 -Affects: 6.0.30-6.0.35 -Affects: 6.0.0-6.0.35 -Affects: 6.0.30-6.0.33 -Affects: 6.0.0-6.0.33 -Affects: 6.0.0-6.0.33 -Affects: 6.0.0-6.0.32 -Affects: 6.0.0-6.0.32 -Affects: 6.0.0-6.0.32 -Affects: 6.0.30-6.0.32 -Affects: 6.0.0-6.0.30 -Affects: 6.0.0-6.0.29 -Affects: 6.0.12-6.0.29 -Affects: 6.0.0-6.0.29 -Affects: 6.0.0-6.0.27 -Affects: 6.0.0-6.0.26 -Affects: 6.0.0-6.0.20 -Affects: 6.0.0-6.0.20 (Windows only) -Affects: 6.0.0-6.0.20 -Affects: 6.0.0-6.0.20 -Affects: 6.0.0-6.0.18 -Affects: 6.0.0-6.0.18 -Affects: 6.0.0-6.0.18 -Affects: 6.0.0-6.0.18 -Affects: 6.0.0-6.0.18 -Affects: 6.0.0-6.0.16 -Affects: 6.0.0-6.0.16 -Affects: 6.0.0-6.0.16 -Affects: 6.0.0-6.0.14 -Affects: 6.0.0-6.0.15 -Affects: 6.0.0-6.0.14 -Affects: 6.0.0-6.0.15 -Affects: 6.0.5-6.0.15 -Affects: 6.0.0-6.0.13 -Affects: 6.0.0-6.0.13 -Affects: 6.0.0-6.0.13 -Affects: 6.0.0-6.0.13 -Affects: 6.0.0-6.0.13 -Affects: 6.0.0-6.0.10 -Affects: 6.0.0-6.0.10 -Affects: 6.0.0-6.0.9 -Affects: 6.0.0-6.0.8 -Affects: 6.0.0-6.0.5 -Affects: 5.5.0-5.5.35 -Affects: 5.5.0-5.5.34 -Affects: 5.5.0-5.5.33 -Affects: 5.5.0-5.5.33 -Affects: 5.5.0-5.5.33 -Affects: 5.5.32-5.5.33 -Affects: 5.5.0-5.5.33 -Affects: 5.5.0-5.5.31 -Affects: 5.5.0-5.5.29 -Affects: 5.5.0-5.5.29 -Affects: 5.5.0-5.5.29 -Affects: 5.5.0-5.5.28 -Affects: 5.5.0-5.5.28 (Windows only) -Affects: 5.5.0-5.5.28 -Affects: 5.5.0-5.5.28 -Affects: 5.5.0-5.5.27 -Affects: 5.5.0-5.5.27 -Affects: 5.5.0-5.5.27 (Memory Realm), 5.5.0-5.5.5 (DataSource and JDBC - Realms) -Affects: 5.5.0-5.5.27 -Affects: 5.5.0-5.5.27 -Affects: 5.5.0-5.5.26 -Affects: 5.5.9-5.5.26 -Affects: 5.5.0-5.5.26 -Affects: 5.5.0-5.5.25 -Affects: 5.5.9-5.5.25 -Affects: 5.5.0-5.5.25 -Affects: 5.5.11-5.5.25 -Affects: 5.0.0-5.0.30, 5.5.0-5.5.24 -Affects: 5.0.0-5.0.30, 5.5.0-5.5.24 -Affects: 5.0.0-5.0.30, 5.5.0-5.5.24 -Affects: 5.0.0-5.0.30, 5.5.0-5.5.24 -Affects: 5.5.0-5.5.24 -Affects: 5.0.0-5.0.30, 5.5.0-5.5.23 -Affects: 5.0.0-5.0.30, 5.5.0-5.5.22 -Affects: 5.0.0-5.0.30, 5.5.0-5.5.21 -Affects: 5.0.0-5.0.30, 5.5.0-5.5.20 -Affects: 5.0.0-5.0.SVN, 5.5.0-5.5.20 -Affects: 5.5.10-5.5.20 (5.0.x unknown) -Affects: 5.0.0-5.0.30, 5.5.0-5.5.17 -Affects: 5.0.0-5.0.30, 5.5.0-5.5.16 -Affects: 5.0.0-5.0.30, 5.5.0-5.5.15 -Affects: 5.0.0-5.0.30, 5.5.0-5.5.12 -Affects: 5.0.0-5.0.30, 5.5.0-5.5.12 -Affects: 5.0.0-5.0.30, 5.5.0-5.5.6 -Affects: 5.5.0 (5.0.x unknown) -Affects: 4.1.0-4.1.39 -Affects: 4.1.0-4.1.39 -Affects: 4.1.0-4.1.39 (Memory Realm), 4.1.0-4.1.31 (JDBC Realm), - 4.1.17-4.1.31 (DataSource Realm) -Affects: 4.1.0-4.1.39 -Affects: 4.1.0-4.1.39 -Affects: 4.1.0-4.1.37 -Affects: 4.1.0-4.1.37 -Affects: 4.1.0-4.1.37 -Affects: 4.0.1-4.0.6, 4.1.0-4.1.36 -Affects: 4.0.1-4.0.6, 4.1.0-4.1.36 -Affects: 4.0.0-4.0.6, 4.1.0-4.1.36 -Affects: 4.0.1-4.0.6, 4.1.0-4.1.36 -Affects: 4.1.0-4.1.36 -Affects: 4.0.0-4.0.6, 4.1.0-4.1.36 -Affects: 4.1.0-4.1.36 -Affects: 4.1.0-4.1.36 -Affects: 4.0.0-4.0.6, 4.1.0-4.1.36 -Affects: 4.0.0-4.0.6, 4.1.0-4.1.34 -Affects: 4.0.0-4.0.6, 4.1.0-4.1.34 -Affects: 4.0.0-4.0.6, 4.1.0-4.1.34 -Affects: 4.1.32-4.1.34 (4.0.x unknown) -Affects: 4.1.0-4.1.31 -Affects: 4.1.28-4.1.31 -Affects: 4.0.0-4.0.6, 4.1.0-4.1.31 -Affects: 4.0.0-4.0.6, 4.1.0-4.1.31 -Affects: 4.0.0-4.0.6, 4.1.0-4.1.31 -Affects: 4.0.0-4.0.6, 4.1.0-4.1.31 -Affects: 4.1.0-4.1.28 -Affects: 4.0.0-4.0.5, 4.1.0-4.1.12 -Affects: 4.0.0-4.0.5, 4.1.0-4.1.12 -Affects: 4.0.0-4.0.4, 4.1.0-4.1.11 -Affects: 4.0.0-4.0.2?, 4.0.3, 4.0.4-4.0.6?, 4.1.0-4.1.2? -Affects: 4.0.0-4.0.6 -Affects: 4.0.0-4.0.6 -Affects: 4.0.0-4.0.1 -Affects: Pre-release builds of 4.0.0 -Affects: 3.0, 3.1-3.1.1, 3.2-3.2.4, 3.3a-3.3.1a -Affects: 3.0, 3.1-3.1.1, 3.2-3.2.4, 3.3a-3.3.1 -Affects: 3.0, 3.1-3.1.1, 3.2-3.2.4, 3.3a-3.3.1 -Affects: 3.0, 3.1-3.1.1, 3.2-3.2.4, 3.3a -Affects: 3.2.3-3.2.4 -Affects:3.1-3.1.1, 3.2-3.2.4 -Affects: 3.2?, 3.2.1, 3.2.2-3.2.3? -Affects: 3.0, 3.1-3.1.1, 3.2-3.2.1 -Affects: 3.0, 3.1-3.1.1, 3.2-3.2.1 -Affects: 3.1 -Affects: 3.1 -Affects: 3.0 diff --git a/vulnerabilities/tests/test_data/apache_tomcat/trace/record_of_all_affects_elements-2023-01-04-00.txt b/vulnerabilities/tests/test_data/apache_tomcat/trace/record_of_all_affects_elements-2023-01-04-00.txt deleted file mode 100644 index f35dca65b..000000000 --- a/vulnerabilities/tests/test_data/apache_tomcat/trace/record_of_all_affects_elements-2023-01-04-00.txt +++ /dev/null @@ -1,442 +0,0 @@ -Affects: 9.0.0.M1 to 9.0.41 -Affects: 9.0.0.M1 to 9.0.41 -Affects: 9.0.0.M1 to 9.0.34 -Affects: 8.5.0 to 8.5.2, 8.0.0.RC1 to 8.0.35 -Affects: 5.5.0-5.5.27 -Affects: 5.5.0-5.5.27 -Affects: 5.5.0-5.5.27 (Memory Realm), 5.5.0-5.5.5 (DataSource and JDBC - Realms) -Affects: 5.5.0-5.5.27 -Affects: 5.5.0-5.5.27 -Affects: 4.1.15-4.1.SVN -Affects: 4.1.32-4.1.34 (4.0.x unknown) -Affects: 4.0.0-4.0.2?, 4.0.3, 4.0.4-4.0.6?, 4.1.0-4.1.2? -Affects: 3.2.3-3.2.4 -Affects:3.1-3.1.1, 3.2-3.2.4 -Affects: 10.0.0-M1 to 10.0.26 -Affects: 10.1.0-M1 to 10.1.1 -Affects: 10.1.0-M1 to 10.1.0 -Affects: 10.0.0-M1 to 10.0.22 -Affects: 10.1.0-M1 to 10.1.0-M16 -Affects: 10.0.0-M1 to 10.0.20 -Affects: 10.1.0-M1 to 10.1.0-M14 -Affects: 10.0.0-M1 to 10.0.18 -Affects: 10.1.0-M1 to 10.1.0-M12 -Affects: 10.0.0-M5 to 10.0.14 -Affects: 10.1.0-M1 to 10.1.0-M8 -Affects: 10.0.0-M10 to 10.0.11 -Affects: 10.1.0-M1 to 10.1.0-M5 -Affects: 10.0.0-M1 to 10.0.6 -Affects: 10.0.0-M1 to 10.0.5 -Affects: 10.0.3 to 10.0.4 -Affects: 10.0.0-M1 to 10.0.2 -Affects: 10.0.0-M1 to 10.0.0 -Affects: 10.0.0-M1 to 10.0.0 -Affects: 10.0.0-M1 to 10.0.0-M9 -Affects: 10.0.0-M1 to 10.0.0-M9 -Affects: 10.0.0-M1 to 10.0.0-M7 -Affects: 10.0.0-M1 to 10.0.0-M6 -Affects: 10.0.0-M1 to 10.0.0-M6 -Affects: 10.0.0-M1 to 10.0.0-M5 -Affects: 10.0.0-M1 to 10.0.0-M4 -Affects: 9.0.40 to 9.0.68 -Affects: 9.0.0-M1 to 9.0.67 -Affects: 9.0.30 to 9.0.64 -Affects: 9.0.13 to 9.0.62 -Affects: 9.0.0-M1 to 9.0.60 -Affects: 9.0.35 to 9.0.56 -Affects: 9.0.40 to 9.0.53 -Affects: 9.0.0.M1 to 9.0.46 -Affects: 9.0.0.M1 to 9.0.45 -Affects: 9.0.44 -Affects: 9.0.0-M1 to 9.0.43 -Affects: 9.0.0.M1 to 9.0.41 -Affects: 9.0.0.M1 to 9.0.41 -Affects: 9.0.0.M1 to 9.0.39 -Affects: 9.0.0-M1 to 9.0.39 -Affects: 9.0.0.M1 to 9.0.37 -Affects: 9.0.0.M1 to 9.0.36 -Affects: 9.0.0.M5 to 9.0.36 -Affects: 9.0.0.M1 to 9.0.35 -Affects: 9.0.0.M1 to 9.0.34 -Affects: 9.0.0.M1 to 9.0.30 -Affects: 9.0.0.M1 to 9.0.30 -Affects: 9.0.28 to 9.0.30 -Affects: 9.0.0.M1 to 9.0.29 -Affects: 9.0.0.M1 to 9.0.28 -Affects: 9.0.0.M1 to 9.0.20 -Affects: 9.0.0.M1 to 9.0.19 -Affects: 9.0.0.M1 to 9.0.17 -Affects: 9.0.0.M1 to 9.0.17 -Affects: 9.0.0.M1 to 9.0.14 -Affects: 9.0.0.M1 to 9.0.11 -Affects: 9.0.0.M1 to 9.0.9 -Affects: 9.0.0.M9 to 9.0.9 -Affects: 9.0.0.M1 to 9.0.7 -Affects: 9.0.0.M1 to 9.0.4 -Affects: 9.0.0.M1 to 9.0.4 -Affects: 9.0.0.M22 to 9.0.1 -Affects: 9.0.0.M1 to 9.0.0 -Affects: 9.0.0.M1 to 9.0.0.M21 -Affects: 9.0.0.M1 to 9.0.0.M21 -Affects: 9.0.0.M1 to 9.0.0.M20 -Affects: 9.0.0.M1 to 9.0.0.M18 -Affects: 9.0.0.M1 to 9.0.0.M18 -Affects: 9.0.0.M1 to 9.0.0.M18 -Affects: 9.0.0.M1 to 9.0.0.M17 -Affects: 9.0.0.M11 to 9.0.0.M15 -Affects: 9.0.0.M1 to 9.0.0.M13 -Affects: 9.0.0.M1 to 9.0.0.M11 -Affects: 9.0.0.M1 to 9.0.0.M11 -Affects: 9.0.0.M1 to 9.0.0.M11 -Affects: 9.0.0.M1 to 9.0.0.M9 -Affects: 9.0.0.M1 to 9.0.0.M9 -Affects: 9.0.0.M1 to 9.0.0.M9 -Affects: 9.0.0.M1 to 9.0.0.M9 -Affects: 9.0.0.M1 to 9.0.0.M9 -Affects: 9.0.0.M1 to 9.0.0.M6 -Affects: 9.0.0.M1 to 9.0.0.M2 -Affects: 9.0.0.M1 -Affects: 9.0.0.M1 -Affects: 9.0.0.M1 -Affects: 9.0.0.M1 -Affects: 9.0.0.M1 -Affects: 8.5.83 -Affects: 8.5.0 to 8.5.82 -Affects: 8.5.50 to 8.5.81 -Affects: 8.5.38 to 8.5.78 -Affects: 8.5.0 to 8.5.77 -Affects: 8.5.0 to 8.5.75 -Affects: 8.5.55 to 8.5.73 -Affects: 8.5.60 to 8.5.71 -Affects: 8.5.0 to 8.5.66 -Affects: 8.5.0 to 8.5.65 -Affects: 8.5.64 -Affects: 8.5.0 to 8.5.63 -Affects: 8.5.0 to 8.5.61 -Affects: 8.5.0 to 8.5.61 -Affects: 8.5.0 to 8.5.59 -Affects: 8.5.0 to 8.5.59 -Affects: 8.5.0 to 8.5.57 -Affects: 8.5.0 to 8.5.56 -Affects: 8.5.1 to 8.5.56 -Affects: 8.5.0 to 8.5.55 -Affects: 8.5.0 to 8.5.54 -Affects: 8.5.0 to 8.5.50 -Affects: 8.5.0 to 8.5.50 -Affects: 8.5.48 to 8.5.50 -Affects: 8.5.0 to 8.5.49 -Affects: 8.5.0 to 8.5.47 -Affects: 8.5.0 to 8.5.40 -Affects: 8.5.0 to 8.5.39 -Affects: 8.5.0 to 8.5.39 -Affects: 8.5.0 to 8.5.37 -Affects: 8.5.0 to 8.5.33 -Affects: 8.0.0.RC1 to 8.0.52 -Affects: 8.5.5 to 8.5.31 -Affects: 8.5.0 to 8.5.31 -Affects: 8.0.0.RC1 to 8.0.51 -Affects: 8.5.0 to 8.5.30 -Affects: 8.0.0.RC1 to 8.0.49 -Affects: 8.0.0.RC1 to 8.0.49 -Affects: 8.5.0 to 8.5.27 -Affects: 8.5.0 to 8.5.27 -Affects: 8.0.45 to 8.0.47 -Affects: 8.5.16 to 8.5.23 -Affects: 8.0.0.RC1 to 8.0.46 -Affects: 8.5.0 to 8.5.22 -Affects: 8.0.0.RC1 to 8.0.44 -Affects: 8.5.0 to 8.5.15 -Affects: 8.5.0 to 8.5.15 -Affects: 8.0.0.RC1 to 8.0.43 -Affects: 8.5.0 to 8.5.14 -Affects: 8.0.0.RC1 to 8.0.42 -Affects: 8.5.0 to 8.5.12 -Affects: 8.5.0 to 8.5.12 -Affects: 8.5.0 to 8.5.12 -Affects: 8.0.0.RC1 to 8.0.41 -Affects: 8.5.0 to 8.5.11 -Affects: 8.0.0.RC1 to 8.0.39 -Affects: 8.5.7 to 8.5.9 -Affects: 8.5.0 to 8.5.8 -Affects: 8.0.0.RC1 to 8.0.38 -Affects: 8.0.0.RC1 to 8.0.38 -Affects: 8.5.0 to 8.5.6 -Affects: 8.5.0 to 8.5.6 -Affects: 8.5.0 to 8.5.6 -Affects: 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36 -Affects: 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36 -Affects: 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36 -Affects: 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36 -Affects: 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36 -Affects: 8.5.0 to 8.5.2, 8.0.0.RC1 to 8.0.35 -Affects: 8.0.0.RC1 to 8.0.30 -Affects: 8.0.0.RC1 to 8.0.30 -Affects: 8.0.0.RC1 to 8.0.30 -Affects: 8.0.0.RC1 to 8.0.30 -Affects: 8.0.0.RC1 to 8.0.30 -Affects: 8.0.0.RC1 to 8.0.29 -Affects: 8.0.0-RC1 to 8.0.26 -Affects: 8.0.0-RC1 to 8.0.15 -Affects: 8.0.0-RC1 to 8.0.8 -Affects: 8.0.0-RC1 to 8.0.8 -Affects: 8.0.0-RC1 to 8.0.5 -Affects: 8.0.0-RC1 to 8.0.3 -Affects: 8.0.0-RC2 to 8.0.3 -Affects: 8.0.0-RC1 to 8.0.3 -Affects: 8.0.0-RC1 to 8.0.3 -Affects: 8.0.0-RC1 to 8.0.1 -Affects: 8.0.0-RC1 to 8.0.0-RC5 -Affects: 8.0.0-RC1 to 8.0.0-RC5 -Affects: 8.0.0-RC1 -Affects: 7.0.0 to 7.0.108 -Affects: 7.0.0 to 7.0.107 -Affects: 7.0.0 to 7.0.106 -Affects: 7.0.27 to 7.0.104 -Affects: 7.0.0 to 7.0.103 -Affects: 7.0.0 to 7.0.99 -Affects: 7.0.0 to 7.0.99 -Affects: 7.0.98 to 7.0.99 -Affects: 7.0.0 to 7.0.98 -Affects: 7.0.0 to 7.0.97 -Affects: 7.0.0 to 7.0.93 -Affects: 7.0.0 to 7.0.93 -Affects: 7.0.23 to 7.0.90 -Affects: 7.0.25 to 7.0.88 -Affects: 7.0.28 to 7.0.88 -Affects: 7.0.0 to 7.0.84 -Affects: 7.0.0 to 7.0.84 -Affects: 7.0.79 to 7.0.82 -Affects: 7.0.0 to 7.0.81 -Affects: 7.0.0 to 7.0.80 -Affects: 7.0.0 to 7.0.79 -Affects: 7.0.41 to 7.0.78 -Affects: 7.0.0 to 7.0.77 -Affects: 7.0.0 to 7.0.76 -Affects: 7.0.0 to 7.0.75 -Affects: 7.0.0 to 7.0.73 -Affects: 7.0.0 to 7.0.72 -Affects: 7.0.0 to 7.0.72 -Affects: 7.0.0 to 7.0.70 -Affects: 7.0.0 to 7.0.70 -Affects: 7.0.0 to 7.0.70 -Affects: 7.0.0 to 7.0.70 -Affects: 7.0.0 to 7.0.70 -Affects: 7.0.0 to 7.0.69 -Affects: 7.0.0 to 7.0.67 -Affects: 7.0.1 to 7.0.67 -Affects: 7.0.0 to 7.0.67 -Affects: 7.0.0 to 7.0.67 -Affects: 7.0.0 to 7.0.67 -Affects: 7.0.5 to 7.0.65 -Affects: 7.0.0 to 7.0.64 -Affects: 7.0.0 to 7.0.57 -Affects: 7.0.0 to 7.0.54 -Affects: 7.0.0 to 7.0.54 -Affects: 7.0.0-7.0.53 -Affects: 7.0.0-7.0.52 -Affects: 7.0.0-7.0.52 -Affects: 7.0.0-7.0.52 -Affects: 7.0.0-7.0.50 -Affects: 7.0.0 to 7.0.47 -Affects: 7.0.0 to 7.0.47 -Affects: 7.0.0 to 7.0.42 -Affects: 7.0.0-7.0.39 -Affects: 7.0.0 to 7.0.39 -Affects: 7.0.0-7.0.32 -Affects: 7.0.0-7.0.31 -Affects: 7.0.0-7.0.29 -Affects: 7.0.0-7.0.29 -Affects: 7.0.0-7.0.29 -Affects: 7.0.0-7.0.27 -Affects: 7.0.0-7.0.27 -Affects: 7.0.0-7.0.22 -Affects: 7.0.0-7.0.21 -Affects: 7.0.0-7.0.21 -Affects: 7.0.0-7.0.20 -Affects: 7.0.0-7.0.19 -Affects: 7.0.0-7.0.18 -Affects: 7.0.0-7.0.16 -Affects: 7.0.0-7.0.16 -Affects: 7.0.12-7.0.13 -Affects: 7.0.0-7.0.11 -Affects: 7.0.0-7.0.11 -Affects: 7.0.11 -Affects: 7.0.0-7.0.10 -Affects: 7.0.0-7.0.6 -Affects: 7.0.0-7.0.5 -Affects: 7.0.0-7.0.4 -Affects: 7.0.0-7.0.3 -Affects: 7.0.0 -Affects: 6.0.0 to 6.0.52 -Affects: 6.0.16 to 6.0.48 -Affects: 6.0.0 to 6.0.47 -Affects: 6.0.0 to 6.0.47 -Affects: 6.0.0 to 6.0.45 -Affects: 6.0.0 to 6.0.45 -Affects: 6.0.0 to 6.0.45 -Affects: 6.0.0 to 6.0.45 -Affects: 6.0.0 to 6.0.45 -Affects: 6.0.0 to 6.0.44 -Affects: 6.0.0 to 6.0.44 -Affects: 6.0.0 to 6.0.44 -Affects: 6.0.0 to 6.0.44 -Affects: 6.0.0 to 6.0.43 -Affects: 6.0.0 to 6.0.43 -Affects: 6.0.0 to 6.0.41 -Affects: 6.0.0-6.0.39 -Affects: 6.0.0-6.0.39 -Affects: 6.0.0-6.0.39 -Affects: 6.0.0-6.0.39 -Affects: 6.0.0-6.0.37 -Affects: 6.0.0 to 6.0.37 -Affects: 6.0.0 to 6.0.37 -Affects: 6.0.0 to 6.0.37 -Affects: 6.0.33 to 6.0.37 -Affects: 6.0.21-6.0.36 -Affects: 6.0.0-6.0.36 -Affects: 6.0.0-6.0.35 -Affects: 6.0.0-6.0.35 -Affects: 6.0.0-6.0.35 -Affects: 6.0.30-6.0.35 -Affects: 6.0.0-6.0.35 -Affects: 6.0.30-6.0.33 -Affects: 6.0.0-6.0.33 -Affects: 6.0.0-6.0.33 -Affects: 6.0.0-6.0.32 -Affects: 6.0.0-6.0.32 -Affects: 6.0.0-6.0.32 -Affects: 6.0.30-6.0.32 -Affects: 6.0.0-6.0.30 -Affects: 6.0.0-6.0.29 -Affects: 6.0.12-6.0.29 -Affects: 6.0.0-6.0.29 -Affects: 6.0.0-6.0.27 -Affects: 6.0.0-6.0.26 -Affects: 6.0.0-6.0.20 -Affects: 6.0.0-6.0.20 (Windows only) -Affects: 6.0.0-6.0.20 -Affects: 6.0.0-6.0.20 -Affects: 6.0.0-6.0.18 -Affects: 6.0.0-6.0.18 -Affects: 6.0.0-6.0.18 -Affects: 6.0.0-6.0.18 -Affects: 6.0.0-6.0.18 -Affects: 6.0.0-6.0.16 -Affects: 6.0.0-6.0.16 -Affects: 6.0.0-6.0.16 -Affects: 6.0.0-6.0.14 -Affects: 6.0.0-6.0.15 -Affects: 6.0.0-6.0.14 -Affects: 6.0.0-6.0.15 -Affects: 6.0.5-6.0.15 -Affects: 6.0.0-6.0.13 -Affects: 6.0.0-6.0.13 -Affects: 6.0.0-6.0.13 -Affects: 6.0.0-6.0.13 -Affects: 6.0.0-6.0.13 -Affects: 6.0.0-6.0.10 -Affects: 6.0.0-6.0.10 -Affects: 6.0.0-6.0.9 -Affects: 6.0.0-6.0.8 -Affects: 6.0.0-6.0.5 -Affects: 5.5.0-5.5.35 -Affects: 5.5.0-5.5.34 -Affects: 5.5.0-5.5.33 -Affects: 5.5.0-5.5.33 -Affects: 5.5.0-5.5.33 -Affects: 5.5.32-5.5.33 -Affects: 5.5.0-5.5.33 -Affects: 5.5.0-5.5.31 -Affects: 5.5.0-5.5.29 -Affects: 5.5.0-5.5.29 -Affects: 5.5.0-5.5.29 -Affects: 5.5.0-5.5.28 -Affects: 5.5.0-5.5.28 (Windows only) -Affects: 5.5.0-5.5.28 -Affects: 5.5.0-5.5.28 -Affects: 5.5.0-5.5.27 -Affects: 5.5.0-5.5.27 -Affects: 5.5.0-5.5.27 (Memory Realm), 5.5.0-5.5.5 (DataSource and JDBC - Realms) -Affects: 5.5.0-5.5.27 -Affects: 5.5.0-5.5.27 -Affects: 5.5.0-5.5.26 -Affects: 5.5.9-5.5.26 -Affects: 5.5.0-5.5.26 -Affects: 5.5.0-5.5.25 -Affects: 5.5.9-5.5.25 -Affects: 5.5.0-5.5.25 -Affects: 5.5.11-5.5.25 -Affects: 5.0.0-5.0.30, 5.5.0-5.5.24 -Affects: 5.0.0-5.0.30, 5.5.0-5.5.24 -Affects: 5.0.0-5.0.30, 5.5.0-5.5.24 -Affects: 5.0.0-5.0.30, 5.5.0-5.5.24 -Affects: 5.5.0-5.5.24 -Affects: 5.0.0-5.0.30, 5.5.0-5.5.23 -Affects: 5.0.0-5.0.30, 5.5.0-5.5.22 -Affects: 5.0.0-5.0.30, 5.5.0-5.5.21 -Affects: 5.0.0-5.0.30, 5.5.0-5.5.20 -Affects: 5.0.0-5.0.SVN, 5.5.0-5.5.20 -Affects: 5.5.10-5.5.20 (5.0.x unknown) -Affects: 5.0.0-5.0.30, 5.5.0-5.5.17 -Affects: 5.0.0-5.0.30, 5.5.0-5.5.16 -Affects: 5.0.0-5.0.30, 5.5.0-5.5.15 -Affects: 5.0.0-5.0.30, 5.5.0-5.5.12 -Affects: 5.0.0-5.0.30, 5.5.0-5.5.12 -Affects: 5.0.0-5.0.30, 5.5.0-5.5.6 -Affects: 5.5.0 (5.0.x unknown) -Affects: 4.1.15-4.1.SVN -Affects: 4.1.0-4.1.39 -Affects: 4.1.0-4.1.39 -Affects: 4.1.0-4.1.39 (Memory Realm), 4.1.0-4.1.31 (JDBC Realm), - 4.1.17-4.1.31 (DataSource Realm) -Affects: 4.1.0-4.1.39 -Affects: 4.1.0-4.1.39 -Affects: 4.1.0-4.1.37 -Affects: 4.1.0-4.1.37 -Affects: 4.1.0-4.1.37 -Affects: 4.0.1-4.0.6, 4.1.0-4.1.36 -Affects: 4.0.1-4.0.6, 4.1.0-4.1.36 -Affects: 4.0.0-4.0.6, 4.1.0-4.1.36 -Affects: 4.0.1-4.0.6, 4.1.0-4.1.36 -Affects: 4.1.0-4.1.36 -Affects: 4.0.0-4.0.6, 4.1.0-4.1.36 -Affects: 4.1.0-4.1.36 -Affects: 4.1.0-4.1.36 -Affects: 4.0.0-4.0.6, 4.1.0-4.1.36 -Affects: 4.0.0-4.0.6, 4.1.0-4.1.34 -Affects: 4.0.0-4.0.6, 4.1.0-4.1.34 -Affects: 4.0.0-4.0.6, 4.1.0-4.1.34 -Affects: 4.1.32-4.1.34 (4.0.x unknown) -Affects: 4.1.0-4.1.31 -Affects: 4.1.28-4.1.31 -Affects: 4.0.0-4.0.6, 4.1.0-4.1.31 -Affects: 4.0.0-4.0.6, 4.1.0-4.1.31 -Affects: 4.0.0-4.0.6, 4.1.0-4.1.31 -Affects: 4.0.0-4.0.6, 4.1.0-4.1.31 -Affects: 4.1.0-4.1.28 -Affects: 4.0.0-4.0.5, 4.1.0-4.1.12 -Affects: 4.0.0-4.0.5, 4.1.0-4.1.12 -Affects: 4.0.0-4.0.4, 4.1.0-4.1.11 -Affects: 4.0.0-4.0.2?, 4.0.3, 4.0.4-4.0.6?, 4.1.0-4.1.2? -Affects: 4.0.0-4.0.6 -Affects: 4.0.0-4.0.6 -Affects: 4.0.0-4.0.1 -Affects: Pre-release builds of 4.0.0 -Affects: 3.0, 3.1-3.1.1, 3.2-3.2.4, 3.3a-3.3.2 -Affects: 3.3-3.3.2 -Affects: 3.3-3.3.2 -Affects: 3.3-3.3.2 -Affects: 3.0, 3.1-3.1.1, 3.2-3.2.4, 3.3a-3.3.1a -Affects: 3.0, 3.1-3.1.1, 3.2-3.2.4, 3.3a-3.3.1 -Affects: 3.0, 3.1-3.1.1, 3.2-3.2.4, 3.3a-3.3.1 -Affects: 3.0, 3.1-3.1.1, 3.2-3.2.4, 3.3a -Affects: 3.2.3-3.2.4 -Affects:3.1-3.1.1, 3.2-3.2.4 -Affects: 3.2?, 3.2.1, 3.2.2-3.2.3? -Affects: 3.0, 3.1-3.1.1, 3.2-3.2.1 -Affects: 3.0, 3.1-3.1.1, 3.2-3.2.1 -Affects: 3.1 -Affects: 3.1 -Affects: 3.0 diff --git a/vulnerabilities/tests/test_data/apache_tomcat/trace/record_of_all_reported_advisories-2023-01-06-00.txt b/vulnerabilities/tests/test_data/apache_tomcat/trace/record_of_all_reported_advisories-2023-01-06-00.txt deleted file mode 100644 index d08d20df3..000000000 --- a/vulnerabilities/tests/test_data/apache_tomcat/trace/record_of_all_reported_advisories-2023-01-06-00.txt +++ /dev/null @@ -1,245 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/vulnerabilities/tests/test_data/apache_tomcat/trace/record_of_all_reported_advisories_test01-2023-01-06-00.txt b/vulnerabilities/tests/test_data/apache_tomcat/trace/record_of_all_reported_advisories_test01-2023-01-06-00.txt deleted file mode 100644 index f8ed62c52..000000000 --- a/vulnerabilities/tests/test_data/apache_tomcat/trace/record_of_all_reported_advisories_test01-2023-01-06-00.txt +++ /dev/null @@ -1,452 +0,0 @@ -{'aliases': ['CVE-2020-9484'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.41|!=9.0.43', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.41|!=9.0.43', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2020-9484', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9484', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/4785433a226a20df6acbea49296e1ce7e23de453', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2021-25329'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.41|!=9.0.43', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.41|!=9.0.43', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2021-25329', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25329', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/4785433a226a20df6acbea49296e1ce7e23de453', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2021-25122'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.41|!=9.0.43', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.41|!=9.0.43', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2021-25122', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25122', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/d47c20a776e8919eaca8da9390a32bc8bf8210b1', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2020-9484'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.34|!=9.0.35', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.34|!=9.0.35', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2020-9484', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9484', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/3aa8f28db7efb311cdd1b6fe15a9cd3b167a2222', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2018-8014'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.8|!=9.0.9', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.8|!=9.0.9', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2018-8014', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8014', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1831726', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-3092'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.0.0+RC1|<=8.0.35|!=8.0.36|>=8.5.0|<=8.5.2|!=8.5.3', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.0.0.RC1|<=8.0.35|!=8.0.36|>=8.5.0|<=8.5.2|!=8.5.3', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-3092', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3092', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1743722', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1743738', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2008-5515'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.5.0|<=5.5.27|!=5.5.28', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.5.0|<=5.5.27|!=5.5.28', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2008-5515', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5515', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=782757', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=783291', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2009-0033'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.5.0|<=5.5.27|!=5.5.28', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.5.0|<=5.5.27|!=5.5.28', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2009-0033', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0033', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=781362', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2009-0580'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.5.0|<=5.5.27|!=5.5.28', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.5.0|<=5.5.27|!=5.5.28', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2009-0580', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0580', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=781379', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2009-0781'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.5.0|<=5.5.27|!=5.5.28', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.5.0|<=5.5.27|!=5.5.28', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2009-0781', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0781', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=750928', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2009-0783'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.5.0|<=5.5.27|!=5.5.28', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.5.0|<=5.5.27|!=5.5.28', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2009-0783', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0783', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=681156', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=781542', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2005-4836'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/<=4.1.0+SVN|>=4.1.15', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/<=4.1.SVN|>=4.1.15', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2005-4836', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4836', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2008-4308'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=4.1.32|<=4.1.34|!=4.1.35', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=4.1.32|<=4.1.34|!=4.1.35', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2008-4308', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4308', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2002-0935'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=4.0.0|<=4.0.2|4.0.3|>=4.0.4|<=4.0.6|>=4.1.0|<=4.1.2|!=4.1.3', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=4.0.0|<=4.0.2|4.0.3|>=4.0.4|<=4.0.6|>=4.1.0|<=4.1.2|!=4.1.3', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2002-0935', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0935', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2002-2007'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=3.2.3|<=3.2.4|!=3.3.0-a', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=3.2.3|<=3.2.4|!=3.3a', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2002-2007', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2007', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2002-2006'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=3.1.0|<=3.1.1|>=3.2.0|<=3.2.4|!=3.3.0-a', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=3.1|<=3.1.1|>=3.2|<=3.2.4|!=3.3a', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2002-2006', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2006', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2000-0760'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=3.1.0|<=3.1.1|>=3.2.0|<=3.2.4|!=3.3.0-a', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=3.1|<=3.1.1|>=3.2|<=3.2.4|!=3.3a', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2000-0760', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0760', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2022-42252'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=10.0.0-M1|<=10.0.26|!=10.0.27', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=10.0.0-M1|<=10.0.26|!=10.0.27', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2022-42252', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42252', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/0d089a15047faf9cb3c82f80f4d28febd4798920', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2022-45143'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=10.1.0-M1|<=10.1.1|!=10.1.2', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=10.1.0-M1|<=10.1.1|!=10.1.2', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2022-45143', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45143', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/6a0ac6a438cbbb66b6e9c5223842f53bf0cb50aa', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2022-42252'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=10.1.0-M1|<=10.1.0|!=10.1.1', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=10.1.0-M1|<=10.1.0|!=10.1.1', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2022-42252', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42252', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/c9fe754e5d17e262dfbd3eab2a03ca96ff372dc3', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2022-34305'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=10.0.0-M1|<=10.0.22|!=10.0.23', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=10.0.0-M1|<=10.0.22|!=10.0.23', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2022-34305', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34305', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/1a7e95d9c3ef18c4efb5eb997fd1553a71dc6c80', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2022-34305'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=10.1.0-M1|<=10.1.0-M16|!=10.1.0-M17', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=10.1.0-M1|<=10.1.0-M16|!=10.1.0-M17', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2022-34305', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34305', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/d6251d1cfb683f1bdd00ed022ac8e9b9a7e7792c', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2022-29885'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=10.0.0-M1|<=10.0.20|!=10.0.21', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=10.0.0-M1|<=10.0.20|!=10.0.21', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2022-29885', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29885', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/36826ea638457d7e17876a70f89cb435b6db0d91', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2022-29885'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=10.1.0-M1|<=10.1.0-M14|!=10.1.0-M15', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=10.1.0-M1|<=10.1.0-M14|!=10.1.0-M15', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2022-29885', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29885', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/0fa7721f11d565a2cd2e44366c388ad6a3e6357d', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2021-43980'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=10.0.0-M1|<=10.0.18|!=10.0.20', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=10.0.0-M1|<=10.0.18|!=10.0.20', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2021-43980', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43980', 'severities': [{'system': 'apache_tomcat', 'value': 'High', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/17f177eeb7df5938f67ef9ea580411b120195f13', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2021-43980'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=10.1.0-M1|<=10.1.0-M12|!=10.1.0-M14', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=10.1.0-M1|<=10.1.0-M12|!=10.1.0-M14', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2021-43980', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43980', 'severities': [{'system': 'apache_tomcat', 'value': 'High', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/9651b83a1d04583791525e5f0c4c9089f678d9fc', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2022-23181'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=10.0.0-M5|<=10.0.14|!=10.0.16', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=10.0.0-M5|<=10.0.14|!=10.0.16', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2022-23181', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23181', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/094800b12d6c958d7b4540372c5a95698658ada1', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2022-23181'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=10.1.0-M1|!=10.1.0-M10|<=10.1.0-M8', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=10.1.0-M1|<=10.1.0-M8|!=10.1.0-M10', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2022-23181', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23181', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/70da1aaa51e0f9d088438e9d958812a144e12754', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2021-42340'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=10.0.0-M10|<=10.0.11|!=10.0.12', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=10.0.0-M10|<=10.0.11|!=10.0.12', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2021-42340', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42340', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/31d62426645824bdfe076a0c0eafa904d90b4fb9', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2021-42340'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=10.1.0-M1|<=10.1.0-M5|!=10.1.0-M6', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=10.1.0-M1|<=10.1.0-M5|!=10.1.0-M6', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2021-42340', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42340', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/d5a6660cba7f51589468937bf3bbad4db7810371', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2021-33037'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=10.0.0-M1|<=10.0.6|!=10.0.7', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=10.0.0-M1|<=10.0.6|!=10.0.7', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2021-33037', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33037', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/eee0d024c1b3171560c92eaba79dd6eb8eb11bcd', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/506134f957a4be2c5b4a9334f7b3435fc954dbc1', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/19d11556d0db99df291df33605f137976d152475', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2021-30640'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=10.0.0-M1|<=10.0.5|!=10.0.6', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=10.0.0-M1|<=10.0.5|!=10.0.6', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2021-30640', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30640', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/f4d9bdef53ec009b7717620d890465fa273721a6', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/4e61e1d625a4a64d6b775e3a03c77a0b100d56d7', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/d5303a506c7533803d2b3bc46e6120ce673a6667', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/b930d0b3161d9ec78d5fa57f886ed2de4680518b', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/17208c645d68d2af1444ee8c64f36a9b8f0ba76f', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/bd4d1fbe9146dff4714130594afd668406a6a5ef', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/81f16b0a7186ed02efbfac336589d6cff28d1e89', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/eeb7351219bd8803c0053e1e80444664a7cf5b51', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2021-30639'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=10.0.3|<=10.0.4|!=10.0.5', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=10.0.3|<=10.0.4|!=10.0.5', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2021-30639', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30639', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/b59099e4ca501a039510334ebe1024971cd6f959', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2021-41079'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=10.0.0-M1|<=10.0.2|!=10.0.4', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=10.0.0-M1|<=10.0.2|!=10.0.4', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2021-41079', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41079', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/34115fb3c83f6cd97772232316a492a4cc5729e0', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2020-9484'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=10.0.0-M1|<=10.0.0|!=10.0.2', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=10.0.0-M1|<=10.0.0|!=10.0.2', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2020-9484', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9484', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/6d66e99ef85da93e4d2c2a536ca51aa3418bfaf4', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2021-25329'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=10.0.0-M1|<=10.0.0|!=10.0.2', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=10.0.0-M1|<=10.0.0|!=10.0.2', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2021-25329', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25329', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/6d66e99ef85da93e4d2c2a536ca51aa3418bfaf4', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2021-25122'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=10.0.0-M1|<=10.0.0|!=10.0.2', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=10.0.0-M1|<=10.0.0|!=10.0.2', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2021-25122', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25122', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/dd757c0a893e2e35f8bc1385d6967221ae8b9b9b', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2021-24122'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=10.0.0-M1|!=10.0.0-M10|<=10.0.0-M9', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=10.0.0-M1|<=10.0.0-M9|!=10.0.0-M10', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2021-24122', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24122', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/7f004ac4531c45f9a2a2d1470561fe135cf27bc2', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2020-17527'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=10.0.0-M1|!=10.0.0-M10|<=10.0.0-M9', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=10.0.0-M1|<=10.0.0-M9|!=10.0.0-M10', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2020-17527', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17527', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/8d2fe6894d6e258a6d615d7f786acca80e6020cb', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2020-13943'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=10.0.0-M1|<=10.0.0-M7|!=10.0.0-M8', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=10.0.0-M1|<=10.0.0-M7|!=10.0.0-M8', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2020-13943', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13943', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/1bbc650cbc3f08d85a1ec6d803c47ae53a84f3bb', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2020-13935'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=10.0.0-M1|<=10.0.0-M6|!=10.0.0-M7', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=10.0.0-M1|<=10.0.0-M6|!=10.0.0-M7', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2020-13935', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13935', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/1c1c77b0efb667cea80b532440b44cea1dc427c3', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2020-13934'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=10.0.0-M1|<=10.0.0-M6|!=10.0.0-M7', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=10.0.0-M1|<=10.0.0-M6|!=10.0.0-M7', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2020-13934', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13934', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/c9167ae30f3b03b112f3d81772e3450b7d0e6a25', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2020-11996'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=10.0.0-M1|<=10.0.0-M5|!=10.0.0-M6', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=10.0.0-M1|<=10.0.0-M5|!=10.0.0-M6', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2020-11996', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11996', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/9434a44d3449d620b1be70206819f8275b4a7509', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2020-9484'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=10.0.0-M1|<=10.0.0-M4|!=10.0.0-M5', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=10.0.0-M1|<=10.0.0-M4|!=10.0.0-M5', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2020-9484', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9484', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/bb33048e3f9b4f2b70e4da2e6c4e34ca89023b1b', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2022-45143'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.40|<=9.0.68|!=9.0.69', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.40|<=9.0.68|!=9.0.69', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2022-45143', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45143', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/b336f4e58893ea35114f1e4a415657f723b1298e', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2022-42252'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0-M1|<=9.0.67|!=9.0.68', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0-M1|<=9.0.67|!=9.0.68', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2022-42252', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42252', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/4c7f4fd09d2cc1692112ef70b8ee23a7a037ae77', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2022-34305'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.30|<=9.0.64|!=9.0.65', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.30|<=9.0.64|!=9.0.65', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2022-34305', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34305', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/8b60af90b99945379c2d1003277e0cabc6776bac', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2022-29885'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.13|<=9.0.62|!=9.0.63', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.13|<=9.0.62|!=9.0.63', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2022-29885', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29885', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/eaafd28296c54d983e28a47953c1f5cb2c334f48', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2021-43980'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0-M1|<=9.0.60|!=9.0.62', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0-M1|<=9.0.60|!=9.0.62', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2021-43980', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43980', 'severities': [{'system': 'apache_tomcat', 'value': 'High', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/170e0f792bd18ff031677890ba2fe50eb7a376c1', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2022-23181'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.35|<=9.0.56|!=9.0.58', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.35|<=9.0.56|!=9.0.58', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2022-23181', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23181', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/1385c624b4a1e994426e810075c850edc38a700e', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2021-42340'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.40|<=9.0.53|!=9.0.54', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.40|<=9.0.53|!=9.0.54', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2021-42340', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42340', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/80f1438ec45e77a07b96419808971838d259eb47', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2021-33037'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.46|!=9.0.48', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.46|!=9.0.48', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2021-33037', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33037', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/45d70a86a901cbd534f8f570bed2aec9f7f7b88e', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/05f9e8b00f5d9251fcd3c95dcfd6cf84177f46c8', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/a2c3dc4c96168743ac0bab613709a5bbdaec41d0', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2021-30640'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.45|!=9.0.46', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.45|!=9.0.46', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2021-30640', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30640', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/c4df8d44a959a937d507d15e5b1ca35c3dbc41eb', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/749f3cc192c68c34f2375509aea087be45fc4434', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/c6b6e1015ae44c936971b6bf8bce70987935b92e', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/91ecdc61ce3420054c04114baaaf1c1e0cbd5d56', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/e50067486cf86564175ca0cfdcbf7d209c6df862', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/b5585a9e5d4fec020cc5ebadb82f899fae22bc43', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/329932012d3a9b95fde0b18618416e659ecffdc0', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/3ce84512ed8783577d9945df28da5a033465b945', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2021-30639'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/9.0.44|!=9.0.45', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/9.0.44|!=9.0.45', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2021-30639', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30639', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/8ece47c4a9fb9349e8862c84358a4dd23c643a24', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2021-41079'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0-M1|<=9.0.43|!=9.0.44', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0-M1|<=9.0.43|!=9.0.44', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2021-41079', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41079', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/d4b340fa8feaf55831f9a59350578f7b6ca048b8', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2020-9484'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.41|!=9.0.43', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.41|!=9.0.43', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2020-9484', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9484', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/4785433a226a20df6acbea49296e1ce7e23de453', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2021-25329'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.41|!=9.0.43', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.41|!=9.0.43', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2021-25329', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25329', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/4785433a226a20df6acbea49296e1ce7e23de453', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2021-25122'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.41|!=9.0.43', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.41|!=9.0.43', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2021-25122', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25122', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/d47c20a776e8919eaca8da9390a32bc8bf8210b1', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2021-24122'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.39|!=9.0.40', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.39|!=9.0.40', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2021-24122', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24122', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/935fc5582dc25ae10bab6f9d5629ff8d996cb533', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2020-17527'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0-M1|<=9.0.39|!=9.0.40', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0-M1|<=9.0.39|!=9.0.40', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2020-17527', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17527', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/d56293f816d6dc9e2b47107f208fa9e95db58c65', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2020-13943'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.37|!=9.0.38', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.37|!=9.0.38', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2020-13943', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13943', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/55911430df13f8c9998fbdee1f9716994d2db59b', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2020-13935'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.36|!=9.0.37', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.36|!=9.0.37', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2020-13935', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13935', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/40fa74c74822711ab878079d0a69f7357926723d', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2020-13934'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M5|<=9.0.36|!=9.0.37', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M5|<=9.0.36|!=9.0.37', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2020-13934', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13934', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/172977f04a5215128f1e278a688983dcd230f399', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2020-11996'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.35|!=9.0.36', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.35|!=9.0.36', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2020-11996', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11996', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/9a0231683a77e2957cea0fdee88b193b30b0c976', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2020-9484'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.34|!=9.0.35', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.34|!=9.0.35', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2020-9484', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9484', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/3aa8f28db7efb311cdd1b6fe15a9cd3b167a2222', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2020-1938'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.30|!=9.0.31', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.30|!=9.0.31', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2020-1938', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1938', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/0e8a50f0a5958744bea1fd6768c862e04d3b7e75', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/9ac90532e9a7d239f90952edb229b07c80a9a3eb', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/64fa5b99442589ef0bf2a7fcd71ad2bc68b35fad', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/7a1406a3cd20fdd90656add6cd8f27ef8f24e957', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/49ad3f954f69c6e838c8cd112ad79aa5fa8e7153', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2020-1935'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.30|!=9.0.31', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.30|!=9.0.31', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2020-1935', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1935', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/8bfb0ff7f25fe7555a5eb2f7984f73546c11aa26', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2019-17569'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.28|<=9.0.30|!=9.0.31', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.28|<=9.0.30|!=9.0.31', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2019-17569', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17569', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/060ecc5eb839208687b7fcc9e35287ac8eb46998', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2019-17563'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.29|!=9.0.30', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.29|!=9.0.30', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2019-17563', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17563', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/1ecba14e690cf5f3f143eef6ae7037a6d3c16652', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2019-12418'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.28|!=9.0.29', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.28|!=9.0.29', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2019-12418', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12418', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/1fc9f589dbdd8295cf313b2667ab041c425f99c3', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2022-25762'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.20|!=9.0.21', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.20|!=9.0.21', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2022-25762', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25762', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/e2d5a040b962a904db5264b3cb3282c6b05f823c', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/7046644bf361b89afc246b6643e24ce2ae60cacc', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/339b40bc07bdba9ded565929b9a3448c5a78f015', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/65fb1ee548111021edde247f3b3c409ec95a5183', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2019-10072'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.19|!=9.0.20', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.19|!=9.0.20', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2019-10072', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10072', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/7f748eb6bfaba5207c89dbd7d5adf50fae847145', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/ada725a50a60867af3422c8e612aecaeea856a9a', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2019-0232'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.17|!=9.0.19', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.17|!=9.0.19', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2019-0232', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0232', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/4b244d827ade2a36ef3b8734939541207b78f35c', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2019-0221'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.17|!=9.0.19', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.17|!=9.0.19', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2019-0221', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0221', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/15fcd166ea2c1bb79e8541b8e1a43da9c452ceea', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2019-0199'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.14|!=9.0.16', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.14|!=9.0.16', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2019-0199', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0199', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1852698', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1852699', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1852700', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1852701', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1852702', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1852703', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1852704', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1852705', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1852706', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/a1cb1ac77e3a8fec1b00eb0e944842555da14f7d', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2018-11784'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.11|!=9.0.12', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.11|!=9.0.12', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2018-11784', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11784', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1840055', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2018-8034'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.9|!=9.0.10', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.9|!=9.0.10', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2018-8034', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8034', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1833757', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2018-8037'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M9|<=9.0.9|!=9.0.10', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M9|<=9.0.9|!=9.0.10', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2018-8037', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8037', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1833825', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1833831', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1837530', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1833906', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2018-8014'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.8|!=9.0.9', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.8|!=9.0.9', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2018-8014', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8014', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1831726', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2018-1336'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.7|!=9.0.8', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.7|!=9.0.8', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2018-1336', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1336', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1830373', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2018-1305'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.4|!=9.0.5', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.4|!=9.0.5', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2018-1305', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1305', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1823310', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1824323', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2018-1304'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.4|!=9.0.5', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.4|!=9.0.5', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2018-1304', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1304', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1823306', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2017-15706'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M22|<=9.0.1|!=9.0.2', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M22|<=9.0.1|!=9.0.2', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2017-15706', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15706', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1814825', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2017-12617'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.0|!=9.0.1', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.0|!=9.0.1', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2017-12617', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12617', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1809669', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1809674', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1809684', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1809711', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2017-7675'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.0+M21|!=9.0.0+M22', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.0.M21|!=9.0.0.M22', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2017-7675', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7675', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1796090', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2017-7674'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.0+M21|!=9.0.0+M22', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.0.M21|!=9.0.0.M22', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2017-7674', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7674', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1795813', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2017-5664'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.0+M20|!=9.0.0+M21', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.0.M20|!=9.0.0.M21', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2017-5664', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5664', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1793468', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1793487', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2017-5651'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.0+M18|!=9.0.0+M19', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.0.M18|!=9.0.0.M19', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2017-5651', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5651', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1788544', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2017-5650'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.0+M18|!=9.0.0+M19', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.0.M18|!=9.0.0.M19', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2017-5650', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5650', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1788460', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2017-5647'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.0+M18|!=9.0.0+M19', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.0.M18|!=9.0.0.M19', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2017-5647', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5647', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1788890', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2017-5648'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.0+M17|!=9.0.0+M18', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.0.M17|!=9.0.0.M18', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2017-5648', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5648', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1785774', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-8747'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M11|<=9.0.0+M15|!=9.0.0+M17', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M11|<=9.0.0.M15|!=9.0.0.M17', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-8747', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8747', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1774161', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-8745'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.0+M13|!=9.0.0+M15', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.0.M13|!=9.0.0.M15', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-8745', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8745', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1771853', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-8735'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.0+M11|!=9.0.0+M13', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.0.M11|!=9.0.0.M13', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-8735', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8735', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1767644', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-6817'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.0+M11|!=9.0.0+M13', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.0.M11|!=9.0.0.M13', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-6817', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6817', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1765794', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-6816'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.0+M11|!=9.0.0+M13', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.0.M11|!=9.0.0.M13', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-6816', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6816', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1767641', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-6797'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.0+M9|!=9.0.0+M10', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.0.M9|!=9.0.0.M10', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-6797', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6797', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1757271', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-6796'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.0+M9|!=9.0.0+M10', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.0.M9|!=9.0.0.M10', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-6796', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6796', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1758487', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1763232', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-6794'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.0+M9|!=9.0.0+M10', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.0.M9|!=9.0.0.M10', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-6794', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6794', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1754445', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-5018'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.0+M9|!=9.0.0+M10', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.0.M9|!=9.0.0.M10', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-5018', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5018', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1754714', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1760300', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-0762'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.0+M9|!=9.0.0+M10', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.0.M9|!=9.0.0.M10', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-0762', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0762', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1758499', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-3092'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.0+M6|!=9.0.0+M8', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.0.M6|!=9.0.0.M8', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-3092', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3092', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1743700', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-0763'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.0+M2|!=9.0.0+M3', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.0.M2|!=9.0.0.M3', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-0763', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0763', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1725926', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2015-5345'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/9.0.0+M1|!=9.0.0+M3', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/9.0.0.M1|!=9.0.0.M3', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2015-5345', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5345', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1715206', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1716882', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1716894', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2015-5346'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/9.0.0+M1|!=9.0.0+M3', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/9.0.0.M1|!=9.0.0.M3', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2015-5346', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5346', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1713184', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1723414', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2015-5351'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/9.0.0+M1|!=9.0.0+M3', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/9.0.0.M1|!=9.0.0.M3', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2015-5351', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5351', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1720652', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1720655', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-0706'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/9.0.0+M1|!=9.0.0+M3', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/9.0.0.M1|!=9.0.0.M3', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-0706', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0706', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1722799', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-0714'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/9.0.0+M1|!=9.0.0+M3', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/9.0.0.M1|!=9.0.0.M3', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-0714', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0714', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1725263', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1725914', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2022-45143'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/8.5.83|!=8.5.84', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/8.5.83|!=8.5.84', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2022-45143', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45143', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/0cab3a56bd89f70e7481bb0d68395dc7e130dbbf', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2022-42252'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.0|<=8.5.82|!=8.5.83', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.0|<=8.5.82|!=8.5.83', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2022-42252', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42252', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/a1c07906d8dcaf7957e5cc97f5cdbac7d18a205a', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2022-34305'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.50|<=8.5.81|!=8.5.82', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.50|<=8.5.81|!=8.5.82', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2022-34305', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34305', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/5f6c88b054b0e4fbccff8b7f15974ed55d59a9f7', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2022-29885'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.38|<=8.5.78|!=8.5.79', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.38|<=8.5.78|!=8.5.79', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2022-29885', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29885', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/b679bc627f5a4ea6510af95adfb7476b07eba890', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2021-43980'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.0|<=8.5.77|!=8.5.78', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.0|<=8.5.77|!=8.5.78', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2021-43980', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43980', 'severities': [{'system': 'apache_tomcat', 'value': 'High', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/4a00b0c0890538b9d3107eef8f2e0afadd119beb', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2022-25762'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.0|<=8.5.75|!=8.5.76', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.0|<=8.5.75|!=8.5.76', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2022-25762', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25762', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/01f2cf25b270a84d0daeefc4f215aa2f56e1df99', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2022-23181'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.55|<=8.5.73|!=8.5.75', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.55|<=8.5.73|!=8.5.75', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2022-23181', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23181', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/97943959ba721ad5e8e8ba765a68d2b153348530', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2021-42340'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.60|<=8.5.71|!=8.5.72', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.60|<=8.5.71|!=8.5.72', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2021-42340', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42340', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/d27535bdee95d252418201eb21e9d29476aa6b6a', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2021-33037'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.0|<=8.5.66|!=8.5.68', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.0|<=8.5.66|!=8.5.68', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2021-33037', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33037', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/3202703e6d635e39b74262e81f0cb4bcbe2170dc', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/da0e7cb093cf68b052d9175e469dbd0464441b0b', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/8874fa02e9b36baa9ca6b226c0882c0190ca5a02', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2021-30640'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.0|<=8.5.65|!=8.5.66', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.0|<=8.5.65|!=8.5.66', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2021-30640', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30640', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/24dfb30076997b640e5123e92c4b8d7f206f609c', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/0a272b00aed57526dbfc8b881ab253c23c61f100', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/c9f21a2a7908c7c4ecd4f9bb495d3ee36a2bd822', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/4e86b4ea0d1a9b00fa93971c31b93ad1bd49c7fe', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/79580e7f70a07c083be07307376511bb864d5a7b', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/d3407672774e372fae8b5898d55f85d16f22b972', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/6a9129ac9bd06555ce04bb564a76fc3987311f38', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/ad22db641dcd61c2e8078f658fa709897b5da375', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2021-30639'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/8.5.64|!=8.5.65', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/8.5.64|!=8.5.65', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2021-30639', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30639', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/411caf29ac1c16e6ac291b6e5543b2371dbd25e2', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2021-41079'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.0|<=8.5.63|!=8.5.64', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.0|<=8.5.63|!=8.5.64', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2021-41079', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41079', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/b90d4fc1ff44f30e4b3aba622ba6677e3f003822', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2020-9484'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.0|<=8.5.61|!=8.5.63', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.0|<=8.5.61|!=8.5.63', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2020-9484', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9484', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/93f0cc403a9210d469afc2bd9cf03ab3251c6f35', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2021-25329'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.0|<=8.5.61|!=8.5.63', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.0|<=8.5.61|!=8.5.63', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2021-25329', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25329', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/93f0cc403a9210d469afc2bd9cf03ab3251c6f35', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2021-25122'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.0|<=8.5.61|!=8.5.63', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.0|<=8.5.61|!=8.5.63', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2021-25122', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25122', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/bb0e7c1e0d737a0de7d794572517bce0e91d30fa', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2021-24122'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.0|<=8.5.59|!=8.5.60', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.0|<=8.5.59|!=8.5.60', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2021-24122', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24122', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/920dddbdb981f92e8d5872a4bb126a10af5ca8a9', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2020-17527'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.0|<=8.5.59|!=8.5.60', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.0|<=8.5.59|!=8.5.60', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2020-17527', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17527', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/21e3408671aac7e0d7e264e720cac8b1b189eb29', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2020-13943'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.0|<=8.5.57|!=8.5.58', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.0|<=8.5.57|!=8.5.58', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2020-13943', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13943', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/9d7def063b47407a09a2f9202beed99f4dcb292a', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2020-13935'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.0|<=8.5.56|!=8.5.57', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.0|<=8.5.56|!=8.5.57', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2020-13935', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13935', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/12d715676038efbf9c728af10163f8277fc019d5', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2020-13934'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.1|<=8.5.56|!=8.5.57', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.1|<=8.5.56|!=8.5.57', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2020-13934', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13934', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/923d834500802a61779318911d7898bd85fc950e', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2020-11996'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.0|<=8.5.55|!=8.5.56', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.0|<=8.5.55|!=8.5.56', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2020-11996', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11996', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/c8acd2ab7371e39aeca7c306f3b5380f00afe552', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2020-9484'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.0|<=8.5.54|!=8.5.55', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.0|<=8.5.54|!=8.5.55', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2020-9484', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9484', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/ec08af18d0f9ddca3f2d800ef66fe7fd20afef2f', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2020-1938'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.0|<=8.5.50|!=8.5.51', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.0|<=8.5.50|!=8.5.51', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2020-1938', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1938', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/69c56080fb3355507e1b55d014ec0ee6767a6150', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/b962835f98b905286b78c414d5aaec2d0e711f75', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/5a5494f023e81aa353e262fb14fff4cd0338a67c', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/9be57601efb8a81e3832feb0dd60b1eb9d2b61d5', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/64159aa1d7cdc2c118fcb5eac098e70129d54a19', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/03c436126db6794db5277a3b3d871016fb9a3f23', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2020-1935'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.0|<=8.5.50|!=8.5.51', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.0|<=8.5.50|!=8.5.51', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2020-1935', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1935', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/8fbe2e962f0ea138d92361921643fe5abe0c4f56', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2019-17569'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.48|<=8.5.50|!=8.5.51', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.48|<=8.5.50|!=8.5.51', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2019-17569', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17569', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/959f1dfd767bf3cb64776b44f7395d1d8d8f7ab3', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2019-17563'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.0|<=8.5.49|!=8.5.50', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.0|<=8.5.49|!=8.5.50', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2019-17563', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17563', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/e19a202ee43b6e2a538be5515ae0ab32d8ef112c', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2019-12418'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.0|<=8.5.47|!=8.5.49', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.0|<=8.5.47|!=8.5.49', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2019-12418', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12418', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/a91d7db4047d372b2f12999d3cf2bc3254c20d00', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2019-10072'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.0|<=8.5.40|!=8.5.41', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.0|<=8.5.40|!=8.5.41', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2019-10072', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10072', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/0bcd69c9dd8ae0ff424f2cd46de51583510b7f35', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/8d14c6f21d29768a39be4b6b9517060dc6606758', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2019-0232'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.0|<=8.5.39|!=8.5.40', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.0|<=8.5.39|!=8.5.40', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2019-0232', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0232', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/5bc4e6d7b1c22dc1bf99f475b7e70594ebdd83b9', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2019-0221'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.0|<=8.5.39|!=8.5.40', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.0|<=8.5.39|!=8.5.40', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2019-0221', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0221', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/4fcdf706f3ecf35912a600242f89637f5acb32da', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2019-0199'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.0|<=8.5.37|!=8.5.38', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.0|<=8.5.37|!=8.5.38', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2019-0199', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0199', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1852707', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1852711', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1852712', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1852713', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1852714', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1852715', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1852717', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1852718', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1852719', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1852722', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1852723', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1852724', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/60a3af1738879ec06fac1ecb8a149608782f7cc9', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2018-11784'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.0|<=8.5.33|!=8.5.34', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.0|<=8.5.33|!=8.5.34', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2018-11784', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11784', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1840056', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2018-8034'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.0.0+RC1|<=8.0.52|!=8.0.53', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.0.0.RC1|<=8.0.52|!=8.0.53', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2018-8034', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8034', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1833759', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2018-8014'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.0.0+RC1|<=8.0.52|!=8.0.53', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.0.0.RC1|<=8.0.52|!=8.0.53', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2018-8014', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8014', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1831729', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2018-8037'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.5|<=8.5.31|!=8.5.32', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.5|<=8.5.31|!=8.5.32', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2018-8037', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8037', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1833826', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1833832', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1837531', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1833907', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2018-8034'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.0|<=8.5.31|!=8.5.32', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.0|<=8.5.31|!=8.5.32', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2018-8034', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8034', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1833758', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2018-8014'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.0|<=8.5.31|!=8.5.32', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.0|<=8.5.31|!=8.5.32', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2018-8014', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8014', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1831728', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2018-1336'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.0.0+RC1|<=8.0.51|!=8.0.52', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.0.0.RC1|<=8.0.51|!=8.0.52', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2018-1336', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1336', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1830375', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2018-1336'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.0|<=8.5.30|!=8.5.31', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.0|<=8.5.30|!=8.5.31', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2018-1336', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1336', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1830374', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2018-1305'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.0.0+RC1|<=8.0.49|!=8.0.50', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.0.0.RC1|<=8.0.49|!=8.0.50', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2018-1305', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1305', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1823319', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1824359', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2018-1304'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.0.0+RC1|<=8.0.49|!=8.0.50', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.0.0.RC1|<=8.0.49|!=8.0.50', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2018-1304', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1304', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1823308', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2018-1305'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.0|<=8.5.27|!=8.5.28', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.0|<=8.5.27|!=8.5.28', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2018-1305', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1305', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1823314', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1824358', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2018-1304'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.0|<=8.5.27|!=8.5.28', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.0|<=8.5.27|!=8.5.28', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2018-1304', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1304', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1823307', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2017-15706'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.0.45|<=8.0.47|!=8.0.48', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.0.45|<=8.0.47|!=8.0.48', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2017-15706', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15706', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1814827', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2017-15706'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.16|<=8.5.23|!=8.5.24', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.16|<=8.5.23|!=8.5.24', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2017-15706', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15706', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1814826', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2017-12617'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.0.0+RC1|<=8.0.46|!=8.0.47', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.0.0.RC1|<=8.0.46|!=8.0.47', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2017-12617', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12617', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1809921', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2017-12617'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.0|<=8.5.22|!=8.5.23', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.0|<=8.5.22|!=8.5.23', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2017-12617', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12617', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1809673', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1809675', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1809896', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2017-7674'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.0.0+RC1|<=8.0.44|!=8.0.45', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.0.0.RC1|<=8.0.44|!=8.0.45', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2017-7674', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7674', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1795815', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2017-7675'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.0|<=8.5.15|!=8.5.16', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.0|<=8.5.15|!=8.5.16', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2017-7675', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7675', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1796091', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2017-7674'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.0|<=8.5.15|!=8.5.16', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.0|<=8.5.15|!=8.5.16', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2017-7674', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7674', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1795814', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2017-5664'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.0.0+RC1|<=8.0.43|!=8.0.44', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.0.0.RC1|<=8.0.43|!=8.0.44', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2017-5664', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5664', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1793470', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1793489', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2017-5664'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.0|<=8.5.14|!=8.5.15', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.0|<=8.5.14|!=8.5.15', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2017-5664', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5664', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1793469', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1793488', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2017-5647'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.0.0+RC1|<=8.0.42|!=8.0.43', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.0.0.RC1|<=8.0.42|!=8.0.43', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2017-5647', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5647', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1788999', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2017-5651'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.0|<=8.5.12|!=8.5.13', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.0|<=8.5.12|!=8.5.13', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2017-5651', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5651', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1788546', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2017-5650'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.0|<=8.5.12|!=8.5.13', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.0|<=8.5.12|!=8.5.13', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2017-5650', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5650', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1788480', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2017-5647'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.0|<=8.5.12|!=8.5.13', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.0|<=8.5.12|!=8.5.13', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2017-5647', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5647', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1788932', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2017-5648'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.0.0+RC1|<=8.0.41|!=8.0.42', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.0.0.RC1|<=8.0.41|!=8.0.42', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2017-5648', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5648', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1785776', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2017-5648'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.0|<=8.5.11|!=8.5.12', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.0|<=8.5.11|!=8.5.12', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2017-5648', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5648', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1785775', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-8745'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.0.0+RC1|<=8.0.39|!=8.0.41', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.0.0.RC1|<=8.0.39|!=8.0.41', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-8745', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8745', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1777469', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-8747'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.7|<=8.5.9|!=8.5.11', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.7|<=8.5.9|!=8.5.11', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-8747', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8747', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1774166', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-8745'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.0|<=8.5.8|!=8.5.9', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.0|<=8.5.8|!=8.5.9', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-8745', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8745', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1771857', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-8735'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.0.0+RC1|<=8.0.38|!=8.0.39', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.0.0.RC1|<=8.0.38|!=8.0.39', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-8735', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8735', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1767656', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-6816'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.0.0+RC1|<=8.0.38|!=8.0.39', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.0.0.RC1|<=8.0.38|!=8.0.39', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-6816', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6816', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1767653', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-8735'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.0|<=8.5.6|!=8.5.8', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.0|<=8.5.6|!=8.5.8', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-8735', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8735', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1767646', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-6817'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.0|<=8.5.6|!=8.5.8', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.0|<=8.5.6|!=8.5.8', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-6817', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6817', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1765798', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-6816'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.0|<=8.5.6|!=8.5.8', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.0|<=8.5.6|!=8.5.8', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-6816', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6816', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1767645', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-6797'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.0.0+RC1|<=8.0.36|!=8.0.37|>=8.5.0|<=8.5.4|!=8.5.5', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.0.0.RC1|<=8.0.36|!=8.0.37|>=8.5.0|<=8.5.4|!=8.5.5', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-6797', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6797', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1757272', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1757273', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-6796'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.0.0+RC1|<=8.0.36|!=8.0.37|>=8.5.0|<=8.5.4|!=8.5.5', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.0.0.RC1|<=8.0.36|!=8.0.37|>=8.5.0|<=8.5.4|!=8.5.5', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-6796', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6796', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1758493', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1763233', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1758494', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1763234', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-6794'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.0.0+RC1|<=8.0.36|!=8.0.37|>=8.5.0|<=8.5.4|!=8.5.5', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.0.0.RC1|<=8.0.36|!=8.0.37|>=8.5.0|<=8.5.4|!=8.5.5', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-6794', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6794', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1754726', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1754727', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-5018'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.0.0+RC1|<=8.0.36|!=8.0.37|>=8.5.0|<=8.5.4|!=8.5.5', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.0.0.RC1|<=8.0.36|!=8.0.37|>=8.5.0|<=8.5.4|!=8.5.5', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-5018', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5018', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1754900', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1760305', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1754901', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1760307', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-0762'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.0.0+RC1|<=8.0.36|!=8.0.37|>=8.5.0|<=8.5.4|!=8.5.5', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.0.0.RC1|<=8.0.36|!=8.0.37|>=8.5.0|<=8.5.4|!=8.5.5', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-0762', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0762', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1758500', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1758501', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-3092'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.0.0+RC1|<=8.0.35|!=8.0.36|>=8.5.0|<=8.5.2|!=8.5.3', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.0.0.RC1|<=8.0.35|!=8.0.36|>=8.5.0|<=8.5.2|!=8.5.3', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-3092', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3092', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1743722', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1743738', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2015-5346'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.0.0+RC1|<=8.0.30|!=8.0.32', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.0.0.RC1|<=8.0.30|!=8.0.32', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2015-5346', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5346', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1713185', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1723506', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2015-5351'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.0.0+RC1|<=8.0.30|!=8.0.32', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.0.0.RC1|<=8.0.30|!=8.0.32', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2015-5351', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5351', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1720658', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1720660', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-0706'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.0.0+RC1|<=8.0.30|!=8.0.32', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.0.0.RC1|<=8.0.30|!=8.0.32', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-0706', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0706', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1722800', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-0714'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.0.0+RC1|<=8.0.30|!=8.0.32', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.0.0.RC1|<=8.0.30|!=8.0.32', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-0714', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0714', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1726196', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1726203', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-0763'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.0.0+RC1|<=8.0.30|!=8.0.32', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.0.0.RC1|<=8.0.30|!=8.0.32', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-0763', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0763', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1725929', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2015-5345'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.0.0+RC1|<=8.0.29|!=8.0.30', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.0.0.RC1|<=8.0.29|!=8.0.30', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2015-5345', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5345', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1715207', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1717209', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2015-5174'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.0.0-RC1|<=8.0.26|!=8.0.27', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.0.0-RC1|<=8.0.26|!=8.0.27', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2015-5174', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5174', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1696281', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1700897', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2014-7810'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.0.0-RC1|<=8.0.15|!=8.0.17', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.0.0-RC1|<=8.0.15|!=8.0.17', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2014-7810', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7810', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1644018', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1645642', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2014-0227'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.0.0-RC1|<=8.0.8|!=8.0.9', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.0.0-RC1|<=8.0.8|!=8.0.9', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2014-0227', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0227', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1600984', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1601329', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1601330', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1601332', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2014-0230'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.0.0-RC1|<=8.0.8|!=8.0.9', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.0.0-RC1|<=8.0.8|!=8.0.9', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2014-0230', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0230', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1603770', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1603775', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1603779', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1609175', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1659294', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2014-0119'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.0.0-RC1|<=8.0.5|!=8.0.8', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.0.0-RC1|<=8.0.5|!=8.0.8', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2014-0119', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0119', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1588193', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1589837', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1589980', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1589983', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1589985', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1589990', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1589992', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2014-0075'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.0.0-RC1|<=8.0.3|!=8.0.5', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.0.0-RC1|<=8.0.3|!=8.0.5', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2014-0075', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0075', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1578337', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2014-0095'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.0.0-RC2|<=8.0.3|!=8.0.5', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.0.0-RC2|<=8.0.3|!=8.0.5', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2014-0095', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0095', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1578392', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2014-0096'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.0.0-RC1|<=8.0.3|!=8.0.5', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.0.0-RC1|<=8.0.3|!=8.0.5', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2014-0096', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0096', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1578610', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1578611', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2014-0099'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.0.0-RC1|<=8.0.3|!=8.0.5', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.0.0-RC1|<=8.0.3|!=8.0.5', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2014-0099', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0099', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1578812', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2014-0050'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.0.0-RC1|<=8.0.1|!=8.0.3', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.0.0-RC1|<=8.0.1|!=8.0.3', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2014-0050', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0050', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1565163', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2013-4322'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.0.0-RC1|!=8.0.0-RC10|<=8.0.0-RC5', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.0.0-RC1|<=8.0.0-RC5|!=8.0.0-RC10', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2013-4322', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4322', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1521834', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1549522', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2013-4590'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.0.0-RC1|!=8.0.0-RC10|<=8.0.0-RC5', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.0.0-RC1|<=8.0.0-RC5|!=8.0.0-RC10', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2013-4590', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4590', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1549528', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2013-4286'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/!=8.0.0-RC3|>=8.0.0', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/<=RC1|!=8.0.0-RC3|>=8.0.0', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2013-4286', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4286', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1521829', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2021-30640'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.108|!=7.0.109', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.108|!=7.0.109', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2021-30640', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30640', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/e21eb4764ccda55e5a35a5a7c19a6fd2b0757fe9', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2020-9484'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.107|!=7.0.108', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.107|!=7.0.108', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2020-9484', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9484', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/74b105657ffbd1d1de80455f03446c3bbf30d1f5', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2021-25329'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.107|!=7.0.108', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.107|!=7.0.108', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2021-25329', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25329', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/74b105657ffbd1d1de80455f03446c3bbf30d1f5', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2021-24122'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.106|!=7.0.107', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.106|!=7.0.107', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2021-24122', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24122', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/800b03140e640f8892f27021e681645e8e320177', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2020-13935'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.27|<=7.0.104|!=7.0.105', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.27|<=7.0.104|!=7.0.105', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2020-13935', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13935', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/f9f75c14678b68633f79030ddf4ff827f014cc84', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/4c04982870d6e730c38e21e58fb653b7cf723784', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2020-9484'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.103|!=7.0.104', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.103|!=7.0.104', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2020-9484', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9484', 'severities': [{'system': 'apache_tomcat', 'value': 'High', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/53e30390943c18fca0c9e57dbcc14f1c623cfd06', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2020-1938'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.99|!=7.0.100', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.99|!=7.0.100', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2020-1938', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1938', 'severities': [{'system': 'apache_tomcat', 'value': 'High', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/0d633e72ebc7b3c242d0081c23bba5e4dacd9b72', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/40d5d93bd284033cf4a1f77f5492444f83d803e2', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/b99fba5bd796d876ea536e83299603443842feba', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/f7180bafc74cb1250c9e9287b68a230f0e1f4645', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2020-1935'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.99|!=7.0.100', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.99|!=7.0.100', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2020-1935', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1935', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/702bf15bea292915684d931526d95d4990b2e73d', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2019-17569'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.98|<=7.0.99|!=7.0.100', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.98|<=7.0.99|!=7.0.100', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2019-17569', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17569', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/b191a0d9cf06f4e04257c221bfe41d2b108a9cc8', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2019-17563'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.98|!=7.0.99', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.98|!=7.0.99', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2019-17563', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17563', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2019-12418'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.97|!=7.0.99', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.97|!=7.0.99', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2019-12418', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12418', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/bef3f40400243348d12f4abfe9b413f43897c02b', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2019-0232'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.93|!=7.0.94', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.93|!=7.0.94', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2019-0232', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0232', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/7f0221b904956359f2d739aa3a2b53f8c12ed8c7', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2019-0221'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.93|!=7.0.94', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.93|!=7.0.94', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2019-0221', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0221', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/44ec74c44dcd05cd7e90967c04d40b51440ecd7e', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2018-11784'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.23|<=7.0.90|!=7.0.91', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.23|<=7.0.90|!=7.0.91', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2018-11784', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11784', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1840057', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2018-8034'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.25|<=7.0.88|!=7.0.90', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.25|<=7.0.88|!=7.0.90', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2018-8034', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8034', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1833760', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2018-8014'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.41|<=7.0.88|!=7.0.89', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.41|<=7.0.88|!=7.0.89', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2018-8014', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8014', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1831730', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2018-1336'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.28|<=7.0.86|!=7.0.88', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.28|<=7.0.86|!=7.0.88', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2018-1336', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1336', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1830376', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2018-1305'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.84|!=7.0.85', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.84|!=7.0.85', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2018-1305', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1305', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1823322', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1824360', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2018-1304'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.84|!=7.0.85', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.84|!=7.0.85', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2018-1304', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1304', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1823309', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2017-15706'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.79|<=7.0.82|!=7.0.84', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.79|<=7.0.82|!=7.0.84', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2017-15706', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15706', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1814828', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2017-12617'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.81|!=7.0.82', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.81|!=7.0.82', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2017-12617', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12617', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1809978', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1809992', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1810014', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1810026', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2017-12616'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.80|!=7.0.81', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.80|!=7.0.81', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2017-12616', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12616', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1804729', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2017-12615'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.79|!=7.0.81', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.79|!=7.0.81', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2017-12615', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12615', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1804604', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1804729', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2017-7674'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.41|<=7.0.78|!=7.0.79', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.41|<=7.0.78|!=7.0.79', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2017-7674', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7674', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1795816', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2017-5664'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.77|!=7.0.78', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.77|!=7.0.78', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2017-5664', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5664', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1793471', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1793491', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2017-5647'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.76|!=7.0.77', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.76|!=7.0.77', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2017-5647', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5647', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1789008', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2017-5648'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.75|!=7.0.76', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.75|!=7.0.76', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2017-5648', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5648', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1785777', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-8745'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.73|!=7.0.75', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.73|!=7.0.75', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-8745', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8745', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1777471', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-8735'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.72|!=7.0.73', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.72|!=7.0.73', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-8735', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8735', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1767676', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-6816'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.72|!=7.0.73', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.72|!=7.0.73', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-6816', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6816', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1767675', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-6797'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.70|!=7.0.72', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.70|!=7.0.72', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-6797', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6797', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1757275', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-6796'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.70|!=7.0.72', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.70|!=7.0.72', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-6796', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6796', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1758495', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1763236', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-6794'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.70|!=7.0.72', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.70|!=7.0.72', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-6794', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6794', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1754728', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-5018'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.70|!=7.0.72', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.70|!=7.0.72', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-5018', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5018', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1754902', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1760309', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-0762'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.70|!=7.0.72', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.70|!=7.0.72', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-0762', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0762', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1758502', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-3092'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.69|!=7.0.70', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.69|!=7.0.70', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-3092', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3092', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1743742', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2015-5345'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.67|!=7.0.68', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.67|!=7.0.68', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2015-5345', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5345', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1715213', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1716860', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1717212', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2015-5351'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.1|<=7.0.67|!=7.0.68', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.1|<=7.0.67|!=7.0.68', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2015-5351', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5351', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1720661', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1720663', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-0706'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.67|!=7.0.68', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.67|!=7.0.68', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-0706', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0706', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1722801', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-0714'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.67|!=7.0.68', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.67|!=7.0.68', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-0714', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0714', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1726923', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1727034', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-0763'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.67|!=7.0.68', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.67|!=7.0.68', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-0763', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0763', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1725931', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2015-5346'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.5|<=7.0.65|!=7.0.67', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.5|<=7.0.65|!=7.0.67', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2015-5346', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5346', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1713187', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2015-5174'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.64|!=7.0.65', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.64|!=7.0.65', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2015-5174', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5174', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1696284', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1700898', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2014-7810'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.57|!=7.0.59', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.57|!=7.0.59', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2014-7810', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7810', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1644019', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1645644', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2014-0227'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.54|!=7.0.55', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.54|!=7.0.55', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2014-0227', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0227', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1601333', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2014-0230'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.54|!=7.0.55', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.54|!=7.0.55', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2014-0230', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0230', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1603781', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1603811', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1609176', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1659295', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2014-0119'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.53|!=7.0.54', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.53|!=7.0.54', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2014-0119', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0119', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1588199', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1589997', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1590028', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1590036', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2014-0075'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.52|!=7.0.53', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.52|!=7.0.53', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2014-0075', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0075', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1578341', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2014-0096'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.52|!=7.0.53', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.52|!=7.0.53', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2014-0096', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0096', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1578637', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1578655', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2014-0099'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.52|!=7.0.53', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.52|!=7.0.53', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2014-0099', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0099', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1578814', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2014-0050'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.50|!=7.0.52', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.50|!=7.0.52', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2014-0050', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0050', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1565169', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2013-4322'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.47|!=7.0.50', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.47|!=7.0.50', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2013-4322', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4322', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1521864', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1549523', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2013-4590'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.47|!=7.0.50', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.47|!=7.0.50', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2013-4590', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4590', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1549529', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2013-4286'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.42|!=7.0.47', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.42|!=7.0.47', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2013-4286', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4286', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1521854', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2013-2071'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.39|!=7.0.40', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.39|!=7.0.40', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2013-2071', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2071', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1471372', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2013-4444'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.39|!=7.0.40', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.39|!=7.0.40', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2013-4444', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4444', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1470437', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2013-2067'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.32|!=7.0.33', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.32|!=7.0.33', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2013-2067', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2067', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1408044', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2012-4431'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.31|!=7.0.32', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.31|!=7.0.32', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2012-4431', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4431', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1393088', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2012-3544'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.29|!=7.0.30', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.29|!=7.0.30', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2012-3544', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3544', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1378702', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1378921', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2012-3439'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.29|!=7.0.30', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.29|!=7.0.30', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2012-3439', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3439', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1377807', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2012-3546'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.29|!=7.0.30', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.29|!=7.0.30', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2012-3546', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3546', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1377892', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2012-2733'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.27|!=7.0.28', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.27|!=7.0.28', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2012-2733', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2733', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1350301', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2012-4534'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.27|!=7.0.28', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.27|!=7.0.28', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2012-4534', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4534', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1340218', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2012-0022'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.22|!=7.0.23', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.22|!=7.0.23', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2012-0022', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0022', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1189899', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1190372', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1190482', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1194917', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1195225', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1195226', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1195537', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1195909', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1195944', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1195951', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1195977', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1198641', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2011-3375'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.21|!=7.0.22', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.21|!=7.0.22', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2011-3375', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3375', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1176592', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2011-3376'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.21|!=7.0.22', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.21|!=7.0.22', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2011-3376', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3376', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1176588', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2011-3190'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.20|!=7.0.21', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.20|!=7.0.21', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2011-3190', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3190', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1162958', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2011-2729'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.19|!=7.0.20', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.19|!=7.0.20', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2011-2729', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2729', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1153379', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2011-2526'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.18|!=7.0.19', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.18|!=7.0.19', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2011-2526', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2526', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1145383', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1145489', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1145571', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1145694', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1146005', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2011-2204'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.16|!=7.0.19', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.16|!=7.0.19', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2011-2204', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2204', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1140070', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2011-2481'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.16|!=7.0.19', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.16|!=7.0.19', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2011-2481', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2481', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2011-1582'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.12|<=7.0.13|!=7.0.14', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.12|<=7.0.13|!=7.0.14', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2011-1582', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1582', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1100832', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2011-1475'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.11|!=7.0.12', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.11|!=7.0.12', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2011-1475', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1475', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1086349', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1086352', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2011-1184'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.11|!=7.0.12', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.11|!=7.0.12', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2011-1184', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1184', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1087655', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2011-1183'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/7.0.11|!=7.0.12', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/7.0.11|!=7.0.12', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2011-1183', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1183', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1087643', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2011-1088'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.10|!=7.0.11', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.10|!=7.0.11', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2011-1088', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1088', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1076586', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1076587', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1077995', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1079752', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2011-0534'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.6|!=7.0.8', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.6|!=7.0.8', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2011-0534', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0534', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1065939', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2011-0013'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.5|!=7.0.6', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.5|!=7.0.6', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2011-0013', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0013', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1057279', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2010-4172'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.4|!=7.0.5', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.4|!=7.0.5', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2010-4172', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4172', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1037778', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2010-3718'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.3|!=7.0.4', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.3|!=7.0.4', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2010-3718', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3718', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1022134', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2010-2227'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/7.0.0|!=7.0.2', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/7.0.0|!=7.0.2', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2010-2227', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2227', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=958911', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2017-5647'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.52|!=6.0.53', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.52|!=6.0.53', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2017-5647', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5647', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1789024', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1789155', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1789856', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-8745'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.16|<=6.0.48|!=6.0.50', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.16|<=6.0.48|!=6.0.50', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-8745', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8745', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1777472', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-8735'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.47|!=6.0.48', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.47|!=6.0.48', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-8735', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8735', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1767684', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-6816'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.47|!=6.0.48', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.47|!=6.0.48', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-6816', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6816', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1767683', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-6797'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.45|!=6.0.47', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.45|!=6.0.47', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-6797', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6797', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1757285', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-6796'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.45|!=6.0.47', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.45|!=6.0.47', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-6796', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6796', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1758496', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1763237', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-6794'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.45|!=6.0.47', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.45|!=6.0.47', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-6794', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6794', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1754733', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-5018'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.45|!=6.0.47', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.45|!=6.0.47', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-5018', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5018', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1754904', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1761718', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-0762'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.45|!=6.0.47', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.45|!=6.0.47', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-0762', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0762', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1758506', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2015-5174'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.44|!=6.0.45', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.44|!=6.0.45', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2015-5174', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5174', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1700900', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2015-5345'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.44|!=6.0.45', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.44|!=6.0.45', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2015-5345', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5345', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1715216', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1717216', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-0706'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.44|!=6.0.45', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.44|!=6.0.45', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-0706', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0706', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1722802', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-0714'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.44|!=6.0.45', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.44|!=6.0.45', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-0714', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0714', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1727166', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1727182', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2014-0230'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.43|!=6.0.44', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.43|!=6.0.44', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2014-0230', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0230', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1659537', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2014-7810'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.43|!=6.0.44', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.43|!=6.0.44', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2014-7810', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7810', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1645366', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1659538', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2014-0227'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.41|!=6.0.43', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.41|!=6.0.43', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2014-0227', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0227', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1603628', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2014-0075'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.39|!=6.0.41', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.39|!=6.0.41', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2014-0075', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0075', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1579262', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2014-0096'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.39|!=6.0.41', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.39|!=6.0.41', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2014-0096', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0096', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1585853', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2014-0099'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.39|!=6.0.41', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.39|!=6.0.41', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2014-0099', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0099', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1580473', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2014-0119'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.39|!=6.0.41', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.39|!=6.0.41', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2014-0119', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0119', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1589640', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1593815', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1593821', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2013-1571'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.37|!=6.0.39', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.37|!=6.0.39', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2013-1571', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1571', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2013-4286'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.37|!=6.0.39', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.37|!=6.0.39', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2013-4286', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4286', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1552565', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2013-4322'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.37|!=6.0.39', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.37|!=6.0.39', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2013-4322', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4322', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1556540', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2013-4590'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.37|!=6.0.39', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.37|!=6.0.39', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2013-4590', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4590', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1558828', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2014-0033'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.33|<=6.0.37|!=6.0.39', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.33|<=6.0.37|!=6.0.39', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2014-0033', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0033', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1558822', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2013-2067'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.21|<=6.0.36|!=6.0.37', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.21|<=6.0.36|!=6.0.37', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2013-2067', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2067', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1417891', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2012-3544'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.36|!=6.0.37', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.36|!=6.0.37', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2012-3544', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3544', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1476592', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2012-2733'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.35|!=6.0.36', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.35|!=6.0.36', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2012-2733', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2733', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1356208', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2012-3439'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.35|!=6.0.36', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.35|!=6.0.36', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2012-3439', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3439', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1380829', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2012-3546'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.35|!=6.0.36', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.35|!=6.0.36', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2012-3546', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3546', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1381035', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2012-4431'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.30|<=6.0.35|!=6.0.36', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.30|<=6.0.35|!=6.0.36', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2012-4431', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4431', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1394456', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2012-4534'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.35|!=6.0.36', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.35|!=6.0.36', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2012-4534', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4534', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1372035', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2011-3375'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.30|<=6.0.33|!=6.0.35', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.30|<=6.0.33|!=6.0.35', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2011-3375', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3375', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1185998', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2011-3190'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.33|!=6.0.35', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.33|!=6.0.35', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2011-3190', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3190', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1162959', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2012-0022'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.33|!=6.0.35', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.33|!=6.0.35', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2012-0022', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0022', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1200601', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1206324', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1229027', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2011-1184'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.32|!=6.0.33', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.32|!=6.0.33', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2011-1184', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1184', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1158180', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2011-2204'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.32|!=6.0.33', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.32|!=6.0.33', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2011-2204', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2204', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1140071', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2011-2526'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.32|!=6.0.33', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.32|!=6.0.33', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2011-2526', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2526', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1146703', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2011-2729'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.30|<=6.0.32|!=6.0.33', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.30|<=6.0.32|!=6.0.33', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2011-2729', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2729', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1153824', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2011-0534'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.30|!=6.0.32', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.30|!=6.0.32', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2011-0534', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0534', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1066313', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2011-0013'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.29|!=6.0.30', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.29|!=6.0.30', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2011-0013', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0013', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1057270', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2010-4172'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.12|<=6.0.29|!=6.0.30', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.12|<=6.0.29|!=6.0.30', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2010-4172', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4172', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1037779', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2010-3718'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.29|!=6.0.30', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.29|!=6.0.30', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2010-3718', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3718', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1022560', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2010-2227'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.27|!=6.0.28', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.27|!=6.0.28', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2010-2227', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2227', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2010-1157'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.26|!=6.0.28', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.26|!=6.0.28', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2010-1157', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1157', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=936540', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2009-2693'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.20|!=6.0.24', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.20|!=6.0.24', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2009-2693', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2693', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=892815', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2009-2901'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.20|!=6.0.24', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.20|!=6.0.24', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2009-2901', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2901', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=892815', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2009-2902'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.20|!=6.0.24', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.20|!=6.0.24', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2009-2902', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2902', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=892815', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2009-3548'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.20|!=6.0.24', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.20|!=6.0.24', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2009-3548', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3548', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=881771', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2008-5515'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.18|!=6.0.20', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.18|!=6.0.20', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2008-5515', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5515', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=734734', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2009-0033'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.18|!=6.0.20', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.18|!=6.0.20', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2009-0033', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0033', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=742915', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2009-0580'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.18|!=6.0.20', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.18|!=6.0.20', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2009-0580', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0580', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=747840', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2009-0781'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.18|!=6.0.20', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.18|!=6.0.20', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2009-0781', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0781', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=750924', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2009-0783'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.18|!=6.0.20', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.18|!=6.0.20', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2009-0783', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0783', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=652592', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=739522', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2008-1232'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.16|!=6.0.18', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.16|!=6.0.18', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2008-1232', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1232', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=673834', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2008-1947'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.16|!=6.0.18', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.16|!=6.0.18', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2008-1947', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1947', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=662585', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2008-2370'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.16|!=6.0.18', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.16|!=6.0.18', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2008-2370', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2370', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=673839', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2007-5333'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.14|!=6.0.16', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.14|!=6.0.16', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2007-5333', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5333', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2007-5342'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.15|!=6.0.16', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.15|!=6.0.16', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2007-5342', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5342', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2007-5461'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.14|!=6.0.16', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.14|!=6.0.16', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2007-5461', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5461', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2007-6286'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.15|!=6.0.16', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.15|!=6.0.16', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2007-6286', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6286', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2008-0002'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.5|<=6.0.15|!=6.0.16', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.5|<=6.0.15|!=6.0.16', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2008-0002', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0002', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2007-2449'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.13|!=6.0.14', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.13|!=6.0.14', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2007-2449', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2449', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2007-2450'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.13|!=6.0.14', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.13|!=6.0.14', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2007-2450', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2450', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2007-3382'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.13|!=6.0.14', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.13|!=6.0.14', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2007-3382', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3382', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2007-3385'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.13|!=6.0.14', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.13|!=6.0.14', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2007-3385', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3385', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2007-3386'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.13|!=6.0.14', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.13|!=6.0.14', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2007-3386', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3386', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2007-1355'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.10|!=6.0.11', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.10|!=6.0.11', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2007-1355', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1355', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2005-2090'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.10|!=6.0.11', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.10|!=6.0.11', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2005-2090', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2090', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2007-0450'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.9|!=6.0.10', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.9|!=6.0.10', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2007-0450', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0450', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2008-0128'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.8|!=6.0.9', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.8|!=6.0.9', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2008-0128', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0128', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2007-1358'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.5|!=6.0.6', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.5|!=6.0.6', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2007-1358', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1358', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2012-3439'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.5.0|<=5.5.35|!=5.5.36', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.5.0|<=5.5.35|!=5.5.36', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2012-3439', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3439', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1392248', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2012-0022'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.5.0|<=5.5.34|!=5.5.35', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.5.0|<=5.5.34|!=5.5.35', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2012-0022', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0022', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1221282', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1224640', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1228191', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2011-1184'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.5.0|<=5.5.33|!=5.5.34', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.5.0|<=5.5.33|!=5.5.34', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2011-1184', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1184', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1159309', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2011-2204'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.5.0|<=5.5.33|!=5.5.34', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.5.0|<=5.5.33|!=5.5.34', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2011-2204', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2204', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1140072', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2011-2526'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.5.0|<=5.5.33|!=5.5.34', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.5.0|<=5.5.33|!=5.5.34', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2011-2526', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2526', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1158244', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2011-2729'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.5.32|<=5.5.33|!=5.5.34', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.5.32|<=5.5.33|!=5.5.34', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2011-2729', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2729', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1159346', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2011-3190'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.5.0|<=5.5.33|!=5.5.34', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.5.0|<=5.5.33|!=5.5.34', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2011-3190', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3190', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1162960', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2011-0013'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.5.0|<=5.5.31|!=5.5.32', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.5.0|<=5.5.31|!=5.5.32', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2011-0013', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0013', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1057518', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2010-3718'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.5.0|<=5.5.29|!=5.5.30', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.5.0|<=5.5.29|!=5.5.30', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2010-3718', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3718', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1027610', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2010-2227'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.5.0|<=5.5.29|!=5.5.30', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.5.0|<=5.5.29|!=5.5.30', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2010-2227', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2227', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=959428', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2010-1157'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.5.0|<=5.5.29|!=5.5.30', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.5.0|<=5.5.29|!=5.5.30', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2010-1157', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1157', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=936541', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2009-2693'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.5.0|<=5.5.28|!=5.5.29', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.5.0|<=5.5.28|!=5.5.29', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2009-2693', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2693', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=902650', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2009-2901'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.5.0|<=5.5.28|!=5.5.29', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.5.0|<=5.5.28|!=5.5.29', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2009-2901', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2901', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=902650', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2009-2902'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.5.0|<=5.5.28|!=5.5.29', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.5.0|<=5.5.28|!=5.5.29', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2009-2902', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2902', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=902650', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2009-3548'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.5.0|<=5.5.28|!=5.5.29', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.5.0|<=5.5.28|!=5.5.29', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2009-3548', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3548', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=919006', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2008-5515'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.5.0|<=5.5.27|!=5.5.28', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.5.0|<=5.5.27|!=5.5.28', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2008-5515', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5515', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=782757', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=783291', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2009-0033'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.5.0|<=5.5.27|!=5.5.28', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.5.0|<=5.5.27|!=5.5.28', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2009-0033', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0033', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=781362', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2009-0580'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.5.0|<=5.5.27|!=5.5.28', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.5.0|<=5.5.27|!=5.5.28', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2009-0580', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0580', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=781379', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2009-0781'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.5.0|<=5.5.27|!=5.5.28', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.5.0|<=5.5.27|!=5.5.28', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2009-0781', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0781', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=750928', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2009-0783'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.5.0|<=5.5.27|!=5.5.28', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.5.0|<=5.5.27|!=5.5.28', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2009-0783', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0783', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=681156', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=781542', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2008-1232'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.5.0|<=5.5.26|!=5.5.27', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.5.0|<=5.5.26|!=5.5.27', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2008-1232', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1232', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=680947', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2008-1947'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.5.9|<=5.5.26|!=5.5.27', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.5.9|<=5.5.26|!=5.5.27', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2008-1947', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1947', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=662583', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2008-2370'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.5.0|<=5.5.26|!=5.5.27', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.5.0|<=5.5.26|!=5.5.27', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2008-2370', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2370', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=680949', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2007-5333'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.5.0|<=5.5.25|!=5.5.26', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.5.0|<=5.5.25|!=5.5.26', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2007-5333', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5333', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2007-5342'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.5.9|<=5.5.25|!=5.5.26', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.5.9|<=5.5.25|!=5.5.26', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2007-5342', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5342', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2007-5461'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.5.0|<=5.5.25|!=5.5.26', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.5.0|<=5.5.25|!=5.5.26', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2007-5461', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5461', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2007-6286'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.5.11|<=5.5.25|!=5.5.26', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.5.11|<=5.5.25|!=5.5.26', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2007-6286', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6286', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2007-2449'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.0.0|<=5.0.30|>=5.5.0|<=5.5.24|!=5.5.25', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.0.0|<=5.0.30|>=5.5.0|<=5.5.24|!=5.5.25,', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2007-2449', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2449', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2007-2450'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.0.0|<=5.0.30|>=5.5.0|<=5.5.24|!=5.5.25', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.0.0|<=5.0.30|>=5.5.0|<=5.5.24|!=5.5.25,', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2007-2450', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2450', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2007-3382'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.0.0|<=5.0.30|>=5.5.0|<=5.5.24|!=5.5.25', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.0.0|<=5.0.30|>=5.5.0|<=5.5.24|!=5.5.25,', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2007-3382', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3382', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2007-3385'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.0.0|<=5.0.30|>=5.5.0|<=5.5.24|!=5.5.25', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.0.0|<=5.0.30|>=5.5.0|<=5.5.24|!=5.5.25,', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2007-3385', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3385', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2007-3386'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.5.0|<=5.5.24|!=5.5.25', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.5.0|<=5.5.24|!=5.5.25,', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2007-3386', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3386', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2007-1355'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.0.0|<=5.0.30|>=5.5.0|<=5.5.23|!=5.5.24', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.0.0|<=5.0.30|>=5.5.0|<=5.5.23|!=5.5.24,', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2007-1355', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1355', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2005-2090'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.0.0|<=5.0.30|>=5.5.0|<=5.5.22|!=5.5.23', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.0.0|<=5.0.30|>=5.5.0|<=5.5.22|!=5.5.23,', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2005-2090', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2090', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2007-0450'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.0.0|<=5.0.30|>=5.5.0|<=5.5.21|!=5.5.22', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.0.0|<=5.0.30|>=5.5.0|<=5.5.21|!=5.5.22,', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2007-0450', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0450', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2007-1358'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.0.0|<=5.0.30|>=5.5.0|<=5.5.20|!=5.5.21', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.0.0|<=5.0.30|>=5.5.0|<=5.5.20|!=5.5.21,', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2007-1358', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1358', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2008-0128'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.0.0|<=5.0.0+SVN|>=5.5.0|<=5.5.20|!=5.5.21', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.0.0|<=5.0.SVN|>=5.5.0|<=5.5.20|!=5.5.21', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2008-0128', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0128', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2008-4308'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.5.10|<=5.5.20|!=5.5.21', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.5.10|<=5.5.20|!=5.5.21', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2008-4308', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4308', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2006-7195'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.0.0|<=5.0.30|>=5.5.0|<=5.5.17|!=5.5.18', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.0.0|<=5.0.30|>=5.5.0|<=5.5.17|!=5.5.18,', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2006-7195', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7195', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2007-1858'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.0.0|<=5.0.30|>=5.5.0|<=5.5.16|!=5.5.17', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.0.0|<=5.0.30|>=5.5.0|<=5.5.16|!=5.5.17,', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2007-1858', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1858', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2006-7196'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.0.0|<=5.0.30|>=5.5.0|<=5.5.15|!=5.5.16', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.0.0|<=5.0.30|>=5.5.0|<=5.5.15|!=5.5.16,', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2006-7196', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7196', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2006-3835'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.0.0|<=5.0.30|>=5.5.0|<=5.5.12|!=5.5.13', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.0.0|<=5.0.30|>=5.5.0|<=5.5.12|!=5.5.13,', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2006-3835', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3835', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2005-3510'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.0.0|<=5.0.30|>=5.5.0|<=5.5.12|!=5.5.13', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.0.0|<=5.0.30|>=5.5.0|<=5.5.12|!=5.5.13,', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2005-3510', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3510', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2005-4838'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.0.0|<=5.0.30|>=5.5.0|<=5.5.6|!=5.5.7', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.0.0|<=5.0.30|>=5.5.0|<=5.5.6|!=5.5.7,', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2005-4838', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4838', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2008-3271'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/5.5.0|!=5.5.1', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/5.5.0|!=5.5.1', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2008-3271', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3271', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2005-4836'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/<=4.1.0+SVN|>=4.1.15', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/<=4.1.SVN|>=4.1.15', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2005-4836', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4836', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2008-5515'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=4.1.0|<=4.1.39|!=4.1.40', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=4.1.0|<=4.1.39|!=4.1.40', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2008-5515', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5515', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=782763', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=783292', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2009-0033'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=4.1.0|<=4.1.39|!=4.1.40', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=4.1.0|<=4.1.39|!=4.1.40', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2009-0033', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0033', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=781362', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2009-0580'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=4.1.0|<=4.1.39|!=4.1.40', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=4.1.0|<=4.1.39|!=4.1.40', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2009-0580', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0580', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=781382', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2009-0781'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=4.1.0|<=4.1.39|!=4.1.40', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=4.1.0|<=4.1.39|!=4.1.40', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2009-0781', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0781', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=750927', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2009-0783'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=4.1.0|<=4.1.39|!=4.1.40', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=4.1.0|<=4.1.39|!=4.1.40', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2009-0783', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0783', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=781708', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2008-0128'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=4.1.0|<=4.1.37|!=4.1.39', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=4.1.0|<=4.1.37|!=4.1.39', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2008-0128', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0128', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=684900', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2008-1232'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=4.1.0|<=4.1.37|!=4.1.39', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=4.1.0|<=4.1.37|!=4.1.39', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2008-1232', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1232', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=680947', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2008-2370'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=4.1.0|<=4.1.37|!=4.1.39', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=4.1.0|<=4.1.37|!=4.1.39', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2008-2370', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2370', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=680950', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2005-3164'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=4.0.1|<=4.0.6|>=4.1.0|<=4.1.36|!=4.1.37', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=4.0.1|<=4.0.6|>=4.1.0|<=4.1.36|!=4.1.37', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2005-3164', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3164', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2007-1355'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=4.0.1|<=4.0.6|>=4.1.0|<=4.1.36|!=4.1.37', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=4.0.1|<=4.0.6|>=4.1.0|<=4.1.36|!=4.1.37', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2007-1355', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1355', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2007-2449'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=4.0.0|<=4.0.6|>=4.1.0|<=4.1.36|!=4.1.37', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=4.0.0|<=4.0.6|>=4.1.0|<=4.1.36|!=4.1.37', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2007-2449', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2449', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2007-2450'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=4.0.1|<=4.0.6|>=4.1.0|<=4.1.36|!=4.1.37', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=4.0.1|<=4.0.6|>=4.1.0|<=4.1.36|!=4.1.37', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2007-2450', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2450', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2007-3382'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=4.1.0|<=4.1.36|!=4.1.37', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=4.1.0|<=4.1.36|!=4.1.37', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2007-3382', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3382', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2007-3383'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=4.0.0|<=4.0.6|>=4.1.0|<=4.1.36|!=4.1.37', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=4.0.0|<=4.0.6|>=4.1.0|<=4.1.36|!=4.1.37', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2007-3383', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3383', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2007-3385'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=4.1.0|<=4.1.36|!=4.1.37', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=4.1.0|<=4.1.36|!=4.1.37', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2007-3385', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3385', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2007-5333'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=4.1.0|<=4.1.36|!=4.1.37', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=4.1.0|<=4.1.36|!=4.1.37', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2007-5333', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5333', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2007-5461'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=4.0.0|<=4.0.6|>=4.1.0|<=4.1.36|!=4.1.37', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=4.0.0|<=4.0.6|>=4.1.0|<=4.1.36|!=4.1.37', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2007-5461', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5461', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2005-2090'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=4.0.0|<=4.0.6|>=4.1.0|<=4.1.34|!=4.1.36', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=4.0.0|<=4.0.6|>=4.1.0|<=4.1.34|!=4.1.36', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2005-2090', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2090', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2007-0450'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=4.0.0|<=4.0.6|>=4.1.0|<=4.1.34|!=4.1.36', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=4.0.0|<=4.0.6|>=4.1.0|<=4.1.34|!=4.1.36', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2007-0450', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0450', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2007-1358'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=4.0.0|<=4.0.6|>=4.1.0|<=4.1.34|!=4.1.36', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=4.0.0|<=4.0.6|>=4.1.0|<=4.1.34|!=4.1.36', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2007-1358', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1358', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2008-4308'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=4.1.32|<=4.1.34|!=4.1.35', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=4.1.32|<=4.1.34|!=4.1.35', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2008-4308', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4308', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2008-3271'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=4.1.0|<=4.1.31|!=4.1.32', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=4.1.0|<=4.1.31|!=4.1.32', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2008-3271', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3271', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2007-1858'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=4.1.28|<=4.1.31|!=4.1.32', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=4.1.28|<=4.1.31|!=4.1.32', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2007-1858', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1858', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2006-7196'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=4.0.0|<=4.0.6|>=4.1.0|<=4.1.31|!=4.1.32', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=4.0.0|<=4.0.6|>=4.1.0|<=4.1.31|!=4.1.32', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2006-7196', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7196', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2006-3835'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=4.0.0|<=4.0.6|>=4.1.0|<=4.1.31|!=4.1.32', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=4.0.0|<=4.0.6|>=4.1.0|<=4.1.31|!=4.1.32', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2006-3835', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3835', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2005-4838'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=4.0.0|<=4.0.6|>=4.1.0|<=4.1.31|!=4.1.32', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=4.0.0|<=4.0.6|>=4.1.0|<=4.1.31|!=4.1.32', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2005-4838', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4838', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2005-3510'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=4.0.0|<=4.0.6|>=4.1.0|<=4.1.31|!=4.1.32', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=4.0.0|<=4.0.6|>=4.1.0|<=4.1.31|!=4.1.32', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2005-3510', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3510', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2002-1567'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=4.1.0|<=4.1.28|!=4.1.29', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=4.1.0|<=4.1.28|!=4.1.29', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2002-1567', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1567', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2002-1394'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=4.0.0|<=4.0.5|>=4.1.0|<=4.1.12|!=4.1.13', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=4.0.0|<=4.0.5|>=4.1.0|<=4.1.12|!=4.1.13,', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2002-1394', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1394', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2002-0682'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=4.0.0|<=4.0.5|>=4.1.0|<=4.1.12|!=4.1.13', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=4.0.0|<=4.0.5|>=4.1.0|<=4.1.12|!=4.1.13,', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2002-0682', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0682', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2002-1148'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=4.0.0|<=4.0.4|>=4.1.0|<=4.1.11|!=4.1.12', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=4.0.0|<=4.0.4|>=4.1.0|<=4.1.11|!=4.1.12,', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2002-1148', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1148', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2002-0935'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=4.0.0|<=4.0.2|4.0.3|>=4.0.4|<=4.0.6|>=4.1.0|<=4.1.2|!=4.1.3', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=4.0.0|<=4.0.2|4.0.3|>=4.0.4|<=4.0.6|>=4.1.0|<=4.1.2|!=4.1.3', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2002-0935', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0935', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2003-0866'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=4.0.0|<=4.0.6|!=4.1.0', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=4.0.0|<=4.0.6|!=4.1.0', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2003-0866', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0866', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2002-2006'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=4.0.0|<=4.0.6|!=4.1.0', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=4.0.0|<=4.0.6|!=4.1.0', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2002-2006', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2006', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2002-2009'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=4.0.0|<=4.0.1|!=4.0.2', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=4.0.0|<=4.0.1|!=4.0.2', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2002-2009', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2009', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2001-0917'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=4.0.0|<=4.0.1|!=4.0.2', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=4.0.0|<=4.0.1|!=4.0.2', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2001-0917', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0917', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2002-0493'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/!=4.0.0|<4.0.0', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/!=4.0.0|<4.0.0', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2002-0493', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0493', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2005-0808'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/3.0.0|>=3.1.0|<=3.1.1|>=3.2.0|<=3.2.4|>=3.3.0-a|<=3.3.2', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/3.0|>=3.1|<=3.1.1|>=3.2|<=3.2.4|>=3.3a|<=3.3.2', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2005-0808', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0808', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2007-3382'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=3.3.0|<=3.3.2', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=3.3|<=3.3.2', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2007-3382', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3382', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2007-3384'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=3.3.0|<=3.3.2', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=3.3|<=3.3.2', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2007-3384', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3384', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2007-3385'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=3.3.0|<=3.3.2', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=3.3|<=3.3.2', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2007-3385', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3385', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2003-0044'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/3.0.0|>=3.1.0|<=3.1.1|>=3.2.0|<=3.2.4|>=3.3.0-a|<=3.3.1-a|!=3.3.2', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/3.0|>=3.1|<=3.1.1|>=3.2|<=3.2.4|>=3.3a|<=3.3.1a|!=3.3.2', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2003-0044', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0044', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2003-0043'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/3.0.0|>=3.1.0|<=3.1.1|>=3.2.0|<=3.2.4|>=3.3.0-a|!=3.3.1-a|<=3.3.1', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/3.0|>=3.1|<=3.1.1|>=3.2|<=3.2.4|>=3.3a|<=3.3.1|!=3.3.1a', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2003-0043', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0043', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2003-0042'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/3.0.0|>=3.1.0|<=3.1.1|>=3.2.0|<=3.2.4|>=3.3.0-a|!=3.3.1-a|<=3.3.1', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/3.0|>=3.1|<=3.1.1|>=3.2|<=3.2.4|>=3.3a|<=3.3.1|!=3.3.1a', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2003-0042', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0042', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2003-0045'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/3.0.0|>=3.1.0|<=3.1.1|>=3.2.0|<=3.2.4|3.3.0-a|!=3.3.1', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/3.0|>=3.1|<=3.1.1|>=3.2|<=3.2.4|3.3a|!=3.3.1', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2003-0045', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0045', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2002-2007'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=3.2.3|<=3.2.4|!=3.3.0-a', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=3.2.3|<=3.2.4|!=3.3a', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2002-2007', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2007', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2002-2006'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=3.1.0|<=3.1.1|>=3.2.0|<=3.2.4|!=3.3.0-a', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=3.1|<=3.1.1|>=3.2|<=3.2.4|!=3.3a', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2002-2006', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2006', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2000-0760'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=3.1.0|<=3.1.1|>=3.2.0|<=3.2.4|!=3.3.0-a', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=3.1|<=3.1.1|>=3.2|<=3.2.4|!=3.3a', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2000-0760', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0760', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2001-1563'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/3.2.0|3.2.1|>=3.2.2|<=3.2.3|!=3.2.4', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/3.2|3.2.1|>=3.2.2|<=3.2.3|!=3.2.4', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2001-1563', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-1563', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2001-0829'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/3.0.0|>=3.1.0|<=3.1.1|>=3.2.0|<=3.2.1|!=3.2.2', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/3.0|>=3.1|<=3.1.1|>=3.2|<=3.2.1|!=3.2.2', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2001-0829', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0829', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2001-0590'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/3.0.0|>=3.1.0|<=3.1.1|>=3.2.0|<=3.2.1|!=3.2.2', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/3.0|>=3.1|<=3.1.1|>=3.2|<=3.2.1|!=3.2.2', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2001-0590', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0590', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2000-0759'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/3.1.0|!=3.2.0', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/3.1|!=3.2', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2000-0759', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0759', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2000-0672'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/3.1.0|!=3.2.0', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/3.1|!=3.2', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2000-0672', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0672', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2000-1210'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/3.0.0|!=3.1.0', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/3.0|!=3.1', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2000-1210', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-1210', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}], 'date_published': None} diff --git a/vulnerabilities/tests/test_data/apache_tomcat/trace/record_of_all_reported_advisories_test02-2023-01-06-00.txt b/vulnerabilities/tests/test_data/apache_tomcat/trace/record_of_all_reported_advisories_test02-2023-01-06-00.txt deleted file mode 100644 index f8ed62c52..000000000 --- a/vulnerabilities/tests/test_data/apache_tomcat/trace/record_of_all_reported_advisories_test02-2023-01-06-00.txt +++ /dev/null @@ -1,452 +0,0 @@ -{'aliases': ['CVE-2020-9484'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.41|!=9.0.43', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.41|!=9.0.43', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2020-9484', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9484', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/4785433a226a20df6acbea49296e1ce7e23de453', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2021-25329'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.41|!=9.0.43', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.41|!=9.0.43', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2021-25329', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25329', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/4785433a226a20df6acbea49296e1ce7e23de453', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2021-25122'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.41|!=9.0.43', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.41|!=9.0.43', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2021-25122', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25122', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/d47c20a776e8919eaca8da9390a32bc8bf8210b1', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2020-9484'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.34|!=9.0.35', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.34|!=9.0.35', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2020-9484', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9484', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/3aa8f28db7efb311cdd1b6fe15a9cd3b167a2222', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2018-8014'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.8|!=9.0.9', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.8|!=9.0.9', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2018-8014', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8014', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1831726', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-3092'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.0.0+RC1|<=8.0.35|!=8.0.36|>=8.5.0|<=8.5.2|!=8.5.3', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.0.0.RC1|<=8.0.35|!=8.0.36|>=8.5.0|<=8.5.2|!=8.5.3', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-3092', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3092', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1743722', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1743738', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2008-5515'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.5.0|<=5.5.27|!=5.5.28', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.5.0|<=5.5.27|!=5.5.28', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2008-5515', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5515', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=782757', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=783291', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2009-0033'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.5.0|<=5.5.27|!=5.5.28', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.5.0|<=5.5.27|!=5.5.28', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2009-0033', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0033', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=781362', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2009-0580'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.5.0|<=5.5.27|!=5.5.28', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.5.0|<=5.5.27|!=5.5.28', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2009-0580', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0580', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=781379', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2009-0781'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.5.0|<=5.5.27|!=5.5.28', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.5.0|<=5.5.27|!=5.5.28', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2009-0781', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0781', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=750928', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2009-0783'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.5.0|<=5.5.27|!=5.5.28', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.5.0|<=5.5.27|!=5.5.28', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2009-0783', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0783', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=681156', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=781542', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2005-4836'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/<=4.1.0+SVN|>=4.1.15', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/<=4.1.SVN|>=4.1.15', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2005-4836', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4836', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2008-4308'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=4.1.32|<=4.1.34|!=4.1.35', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=4.1.32|<=4.1.34|!=4.1.35', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2008-4308', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4308', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2002-0935'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=4.0.0|<=4.0.2|4.0.3|>=4.0.4|<=4.0.6|>=4.1.0|<=4.1.2|!=4.1.3', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=4.0.0|<=4.0.2|4.0.3|>=4.0.4|<=4.0.6|>=4.1.0|<=4.1.2|!=4.1.3', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2002-0935', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0935', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2002-2007'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=3.2.3|<=3.2.4|!=3.3.0-a', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=3.2.3|<=3.2.4|!=3.3a', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2002-2007', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2007', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2002-2006'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=3.1.0|<=3.1.1|>=3.2.0|<=3.2.4|!=3.3.0-a', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=3.1|<=3.1.1|>=3.2|<=3.2.4|!=3.3a', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2002-2006', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2006', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2000-0760'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=3.1.0|<=3.1.1|>=3.2.0|<=3.2.4|!=3.3.0-a', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=3.1|<=3.1.1|>=3.2|<=3.2.4|!=3.3a', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2000-0760', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0760', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2022-42252'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=10.0.0-M1|<=10.0.26|!=10.0.27', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=10.0.0-M1|<=10.0.26|!=10.0.27', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2022-42252', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42252', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/0d089a15047faf9cb3c82f80f4d28febd4798920', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2022-45143'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=10.1.0-M1|<=10.1.1|!=10.1.2', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=10.1.0-M1|<=10.1.1|!=10.1.2', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2022-45143', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45143', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/6a0ac6a438cbbb66b6e9c5223842f53bf0cb50aa', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2022-42252'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=10.1.0-M1|<=10.1.0|!=10.1.1', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=10.1.0-M1|<=10.1.0|!=10.1.1', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2022-42252', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42252', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/c9fe754e5d17e262dfbd3eab2a03ca96ff372dc3', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2022-34305'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=10.0.0-M1|<=10.0.22|!=10.0.23', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=10.0.0-M1|<=10.0.22|!=10.0.23', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2022-34305', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34305', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/1a7e95d9c3ef18c4efb5eb997fd1553a71dc6c80', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2022-34305'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=10.1.0-M1|<=10.1.0-M16|!=10.1.0-M17', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=10.1.0-M1|<=10.1.0-M16|!=10.1.0-M17', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2022-34305', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34305', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/d6251d1cfb683f1bdd00ed022ac8e9b9a7e7792c', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2022-29885'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=10.0.0-M1|<=10.0.20|!=10.0.21', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=10.0.0-M1|<=10.0.20|!=10.0.21', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2022-29885', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29885', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/36826ea638457d7e17876a70f89cb435b6db0d91', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2022-29885'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=10.1.0-M1|<=10.1.0-M14|!=10.1.0-M15', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=10.1.0-M1|<=10.1.0-M14|!=10.1.0-M15', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2022-29885', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29885', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/0fa7721f11d565a2cd2e44366c388ad6a3e6357d', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2021-43980'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=10.0.0-M1|<=10.0.18|!=10.0.20', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=10.0.0-M1|<=10.0.18|!=10.0.20', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2021-43980', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43980', 'severities': [{'system': 'apache_tomcat', 'value': 'High', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/17f177eeb7df5938f67ef9ea580411b120195f13', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2021-43980'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=10.1.0-M1|<=10.1.0-M12|!=10.1.0-M14', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=10.1.0-M1|<=10.1.0-M12|!=10.1.0-M14', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2021-43980', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43980', 'severities': [{'system': 'apache_tomcat', 'value': 'High', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/9651b83a1d04583791525e5f0c4c9089f678d9fc', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2022-23181'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=10.0.0-M5|<=10.0.14|!=10.0.16', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=10.0.0-M5|<=10.0.14|!=10.0.16', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2022-23181', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23181', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/094800b12d6c958d7b4540372c5a95698658ada1', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2022-23181'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=10.1.0-M1|!=10.1.0-M10|<=10.1.0-M8', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=10.1.0-M1|<=10.1.0-M8|!=10.1.0-M10', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2022-23181', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23181', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/70da1aaa51e0f9d088438e9d958812a144e12754', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2021-42340'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=10.0.0-M10|<=10.0.11|!=10.0.12', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=10.0.0-M10|<=10.0.11|!=10.0.12', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2021-42340', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42340', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/31d62426645824bdfe076a0c0eafa904d90b4fb9', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2021-42340'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=10.1.0-M1|<=10.1.0-M5|!=10.1.0-M6', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=10.1.0-M1|<=10.1.0-M5|!=10.1.0-M6', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2021-42340', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42340', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/d5a6660cba7f51589468937bf3bbad4db7810371', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2021-33037'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=10.0.0-M1|<=10.0.6|!=10.0.7', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=10.0.0-M1|<=10.0.6|!=10.0.7', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2021-33037', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33037', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/eee0d024c1b3171560c92eaba79dd6eb8eb11bcd', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/506134f957a4be2c5b4a9334f7b3435fc954dbc1', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/19d11556d0db99df291df33605f137976d152475', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2021-30640'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=10.0.0-M1|<=10.0.5|!=10.0.6', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=10.0.0-M1|<=10.0.5|!=10.0.6', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2021-30640', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30640', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/f4d9bdef53ec009b7717620d890465fa273721a6', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/4e61e1d625a4a64d6b775e3a03c77a0b100d56d7', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/d5303a506c7533803d2b3bc46e6120ce673a6667', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/b930d0b3161d9ec78d5fa57f886ed2de4680518b', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/17208c645d68d2af1444ee8c64f36a9b8f0ba76f', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/bd4d1fbe9146dff4714130594afd668406a6a5ef', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/81f16b0a7186ed02efbfac336589d6cff28d1e89', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/eeb7351219bd8803c0053e1e80444664a7cf5b51', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2021-30639'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=10.0.3|<=10.0.4|!=10.0.5', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=10.0.3|<=10.0.4|!=10.0.5', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2021-30639', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30639', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/b59099e4ca501a039510334ebe1024971cd6f959', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2021-41079'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=10.0.0-M1|<=10.0.2|!=10.0.4', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=10.0.0-M1|<=10.0.2|!=10.0.4', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2021-41079', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41079', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/34115fb3c83f6cd97772232316a492a4cc5729e0', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2020-9484'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=10.0.0-M1|<=10.0.0|!=10.0.2', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=10.0.0-M1|<=10.0.0|!=10.0.2', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2020-9484', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9484', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/6d66e99ef85da93e4d2c2a536ca51aa3418bfaf4', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2021-25329'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=10.0.0-M1|<=10.0.0|!=10.0.2', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=10.0.0-M1|<=10.0.0|!=10.0.2', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2021-25329', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25329', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/6d66e99ef85da93e4d2c2a536ca51aa3418bfaf4', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2021-25122'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=10.0.0-M1|<=10.0.0|!=10.0.2', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=10.0.0-M1|<=10.0.0|!=10.0.2', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2021-25122', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25122', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/dd757c0a893e2e35f8bc1385d6967221ae8b9b9b', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2021-24122'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=10.0.0-M1|!=10.0.0-M10|<=10.0.0-M9', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=10.0.0-M1|<=10.0.0-M9|!=10.0.0-M10', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2021-24122', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24122', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/7f004ac4531c45f9a2a2d1470561fe135cf27bc2', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2020-17527'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=10.0.0-M1|!=10.0.0-M10|<=10.0.0-M9', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=10.0.0-M1|<=10.0.0-M9|!=10.0.0-M10', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2020-17527', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17527', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/8d2fe6894d6e258a6d615d7f786acca80e6020cb', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2020-13943'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=10.0.0-M1|<=10.0.0-M7|!=10.0.0-M8', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=10.0.0-M1|<=10.0.0-M7|!=10.0.0-M8', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2020-13943', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13943', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/1bbc650cbc3f08d85a1ec6d803c47ae53a84f3bb', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2020-13935'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=10.0.0-M1|<=10.0.0-M6|!=10.0.0-M7', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=10.0.0-M1|<=10.0.0-M6|!=10.0.0-M7', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2020-13935', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13935', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/1c1c77b0efb667cea80b532440b44cea1dc427c3', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2020-13934'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=10.0.0-M1|<=10.0.0-M6|!=10.0.0-M7', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=10.0.0-M1|<=10.0.0-M6|!=10.0.0-M7', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2020-13934', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13934', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/c9167ae30f3b03b112f3d81772e3450b7d0e6a25', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2020-11996'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=10.0.0-M1|<=10.0.0-M5|!=10.0.0-M6', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=10.0.0-M1|<=10.0.0-M5|!=10.0.0-M6', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2020-11996', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11996', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/9434a44d3449d620b1be70206819f8275b4a7509', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2020-9484'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=10.0.0-M1|<=10.0.0-M4|!=10.0.0-M5', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=10.0.0-M1|<=10.0.0-M4|!=10.0.0-M5', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2020-9484', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9484', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/bb33048e3f9b4f2b70e4da2e6c4e34ca89023b1b', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2022-45143'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.40|<=9.0.68|!=9.0.69', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.40|<=9.0.68|!=9.0.69', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2022-45143', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45143', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/b336f4e58893ea35114f1e4a415657f723b1298e', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2022-42252'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0-M1|<=9.0.67|!=9.0.68', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0-M1|<=9.0.67|!=9.0.68', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2022-42252', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42252', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/4c7f4fd09d2cc1692112ef70b8ee23a7a037ae77', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2022-34305'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.30|<=9.0.64|!=9.0.65', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.30|<=9.0.64|!=9.0.65', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2022-34305', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34305', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/8b60af90b99945379c2d1003277e0cabc6776bac', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2022-29885'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.13|<=9.0.62|!=9.0.63', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.13|<=9.0.62|!=9.0.63', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2022-29885', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29885', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/eaafd28296c54d983e28a47953c1f5cb2c334f48', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2021-43980'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0-M1|<=9.0.60|!=9.0.62', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0-M1|<=9.0.60|!=9.0.62', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2021-43980', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43980', 'severities': [{'system': 'apache_tomcat', 'value': 'High', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/170e0f792bd18ff031677890ba2fe50eb7a376c1', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2022-23181'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.35|<=9.0.56|!=9.0.58', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.35|<=9.0.56|!=9.0.58', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2022-23181', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23181', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/1385c624b4a1e994426e810075c850edc38a700e', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2021-42340'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.40|<=9.0.53|!=9.0.54', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.40|<=9.0.53|!=9.0.54', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2021-42340', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42340', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/80f1438ec45e77a07b96419808971838d259eb47', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2021-33037'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.46|!=9.0.48', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.46|!=9.0.48', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2021-33037', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33037', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/45d70a86a901cbd534f8f570bed2aec9f7f7b88e', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/05f9e8b00f5d9251fcd3c95dcfd6cf84177f46c8', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/a2c3dc4c96168743ac0bab613709a5bbdaec41d0', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2021-30640'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.45|!=9.0.46', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.45|!=9.0.46', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2021-30640', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30640', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/c4df8d44a959a937d507d15e5b1ca35c3dbc41eb', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/749f3cc192c68c34f2375509aea087be45fc4434', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/c6b6e1015ae44c936971b6bf8bce70987935b92e', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/91ecdc61ce3420054c04114baaaf1c1e0cbd5d56', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/e50067486cf86564175ca0cfdcbf7d209c6df862', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/b5585a9e5d4fec020cc5ebadb82f899fae22bc43', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/329932012d3a9b95fde0b18618416e659ecffdc0', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/3ce84512ed8783577d9945df28da5a033465b945', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2021-30639'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/9.0.44|!=9.0.45', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/9.0.44|!=9.0.45', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2021-30639', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30639', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/8ece47c4a9fb9349e8862c84358a4dd23c643a24', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2021-41079'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0-M1|<=9.0.43|!=9.0.44', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0-M1|<=9.0.43|!=9.0.44', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2021-41079', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41079', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/d4b340fa8feaf55831f9a59350578f7b6ca048b8', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2020-9484'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.41|!=9.0.43', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.41|!=9.0.43', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2020-9484', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9484', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/4785433a226a20df6acbea49296e1ce7e23de453', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2021-25329'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.41|!=9.0.43', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.41|!=9.0.43', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2021-25329', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25329', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/4785433a226a20df6acbea49296e1ce7e23de453', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2021-25122'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.41|!=9.0.43', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.41|!=9.0.43', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2021-25122', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25122', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/d47c20a776e8919eaca8da9390a32bc8bf8210b1', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2021-24122'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.39|!=9.0.40', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.39|!=9.0.40', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2021-24122', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24122', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/935fc5582dc25ae10bab6f9d5629ff8d996cb533', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2020-17527'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0-M1|<=9.0.39|!=9.0.40', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0-M1|<=9.0.39|!=9.0.40', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2020-17527', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17527', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/d56293f816d6dc9e2b47107f208fa9e95db58c65', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2020-13943'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.37|!=9.0.38', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.37|!=9.0.38', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2020-13943', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13943', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/55911430df13f8c9998fbdee1f9716994d2db59b', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2020-13935'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.36|!=9.0.37', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.36|!=9.0.37', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2020-13935', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13935', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/40fa74c74822711ab878079d0a69f7357926723d', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2020-13934'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M5|<=9.0.36|!=9.0.37', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M5|<=9.0.36|!=9.0.37', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2020-13934', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13934', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/172977f04a5215128f1e278a688983dcd230f399', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2020-11996'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.35|!=9.0.36', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.35|!=9.0.36', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2020-11996', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11996', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/9a0231683a77e2957cea0fdee88b193b30b0c976', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2020-9484'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.34|!=9.0.35', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.34|!=9.0.35', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2020-9484', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9484', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/3aa8f28db7efb311cdd1b6fe15a9cd3b167a2222', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2020-1938'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.30|!=9.0.31', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.30|!=9.0.31', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2020-1938', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1938', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/0e8a50f0a5958744bea1fd6768c862e04d3b7e75', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/9ac90532e9a7d239f90952edb229b07c80a9a3eb', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/64fa5b99442589ef0bf2a7fcd71ad2bc68b35fad', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/7a1406a3cd20fdd90656add6cd8f27ef8f24e957', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/49ad3f954f69c6e838c8cd112ad79aa5fa8e7153', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2020-1935'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.30|!=9.0.31', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.30|!=9.0.31', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2020-1935', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1935', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/8bfb0ff7f25fe7555a5eb2f7984f73546c11aa26', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2019-17569'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.28|<=9.0.30|!=9.0.31', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.28|<=9.0.30|!=9.0.31', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2019-17569', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17569', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/060ecc5eb839208687b7fcc9e35287ac8eb46998', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2019-17563'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.29|!=9.0.30', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.29|!=9.0.30', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2019-17563', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17563', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/1ecba14e690cf5f3f143eef6ae7037a6d3c16652', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2019-12418'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.28|!=9.0.29', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.28|!=9.0.29', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2019-12418', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12418', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/1fc9f589dbdd8295cf313b2667ab041c425f99c3', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2022-25762'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.20|!=9.0.21', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.20|!=9.0.21', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2022-25762', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25762', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/e2d5a040b962a904db5264b3cb3282c6b05f823c', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/7046644bf361b89afc246b6643e24ce2ae60cacc', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/339b40bc07bdba9ded565929b9a3448c5a78f015', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/65fb1ee548111021edde247f3b3c409ec95a5183', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2019-10072'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.19|!=9.0.20', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.19|!=9.0.20', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2019-10072', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10072', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/7f748eb6bfaba5207c89dbd7d5adf50fae847145', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/ada725a50a60867af3422c8e612aecaeea856a9a', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2019-0232'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.17|!=9.0.19', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.17|!=9.0.19', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2019-0232', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0232', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/4b244d827ade2a36ef3b8734939541207b78f35c', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2019-0221'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.17|!=9.0.19', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.17|!=9.0.19', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2019-0221', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0221', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/15fcd166ea2c1bb79e8541b8e1a43da9c452ceea', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2019-0199'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.14|!=9.0.16', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.14|!=9.0.16', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2019-0199', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0199', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1852698', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1852699', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1852700', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1852701', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1852702', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1852703', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1852704', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1852705', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1852706', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/a1cb1ac77e3a8fec1b00eb0e944842555da14f7d', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2018-11784'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.11|!=9.0.12', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.11|!=9.0.12', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2018-11784', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11784', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1840055', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2018-8034'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.9|!=9.0.10', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.9|!=9.0.10', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2018-8034', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8034', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1833757', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2018-8037'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M9|<=9.0.9|!=9.0.10', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M9|<=9.0.9|!=9.0.10', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2018-8037', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8037', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1833825', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1833831', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1837530', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1833906', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2018-8014'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.8|!=9.0.9', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.8|!=9.0.9', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2018-8014', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8014', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1831726', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2018-1336'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.7|!=9.0.8', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.7|!=9.0.8', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2018-1336', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1336', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1830373', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2018-1305'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.4|!=9.0.5', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.4|!=9.0.5', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2018-1305', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1305', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1823310', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1824323', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2018-1304'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.4|!=9.0.5', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.4|!=9.0.5', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2018-1304', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1304', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1823306', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2017-15706'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M22|<=9.0.1|!=9.0.2', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M22|<=9.0.1|!=9.0.2', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2017-15706', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15706', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1814825', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2017-12617'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.0|!=9.0.1', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.0|!=9.0.1', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2017-12617', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12617', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1809669', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1809674', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1809684', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1809711', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2017-7675'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.0+M21|!=9.0.0+M22', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.0.M21|!=9.0.0.M22', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2017-7675', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7675', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1796090', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2017-7674'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.0+M21|!=9.0.0+M22', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.0.M21|!=9.0.0.M22', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2017-7674', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7674', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1795813', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2017-5664'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.0+M20|!=9.0.0+M21', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.0.M20|!=9.0.0.M21', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2017-5664', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5664', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1793468', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1793487', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2017-5651'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.0+M18|!=9.0.0+M19', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.0.M18|!=9.0.0.M19', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2017-5651', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5651', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1788544', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2017-5650'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.0+M18|!=9.0.0+M19', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.0.M18|!=9.0.0.M19', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2017-5650', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5650', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1788460', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2017-5647'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.0+M18|!=9.0.0+M19', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.0.M18|!=9.0.0.M19', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2017-5647', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5647', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1788890', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2017-5648'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.0+M17|!=9.0.0+M18', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.0.M17|!=9.0.0.M18', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2017-5648', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5648', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1785774', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-8747'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M11|<=9.0.0+M15|!=9.0.0+M17', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M11|<=9.0.0.M15|!=9.0.0.M17', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-8747', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8747', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1774161', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-8745'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.0+M13|!=9.0.0+M15', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.0.M13|!=9.0.0.M15', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-8745', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8745', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1771853', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-8735'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.0+M11|!=9.0.0+M13', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.0.M11|!=9.0.0.M13', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-8735', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8735', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1767644', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-6817'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.0+M11|!=9.0.0+M13', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.0.M11|!=9.0.0.M13', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-6817', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6817', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1765794', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-6816'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.0+M11|!=9.0.0+M13', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.0.M11|!=9.0.0.M13', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-6816', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6816', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1767641', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-6797'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.0+M9|!=9.0.0+M10', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.0.M9|!=9.0.0.M10', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-6797', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6797', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1757271', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-6796'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.0+M9|!=9.0.0+M10', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.0.M9|!=9.0.0.M10', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-6796', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6796', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1758487', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1763232', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-6794'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.0+M9|!=9.0.0+M10', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.0.M9|!=9.0.0.M10', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-6794', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6794', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1754445', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-5018'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.0+M9|!=9.0.0+M10', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.0.M9|!=9.0.0.M10', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-5018', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5018', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1754714', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1760300', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-0762'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.0+M9|!=9.0.0+M10', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.0.M9|!=9.0.0.M10', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-0762', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0762', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1758499', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-3092'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.0+M6|!=9.0.0+M8', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.0.M6|!=9.0.0.M8', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-3092', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3092', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1743700', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-0763'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=9.0.0+M1|<=9.0.0+M2|!=9.0.0+M3', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=9.0.0.M1|<=9.0.0.M2|!=9.0.0.M3', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-0763', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0763', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1725926', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2015-5345'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/9.0.0+M1|!=9.0.0+M3', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/9.0.0.M1|!=9.0.0.M3', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2015-5345', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5345', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1715206', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1716882', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1716894', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2015-5346'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/9.0.0+M1|!=9.0.0+M3', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/9.0.0.M1|!=9.0.0.M3', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2015-5346', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5346', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1713184', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1723414', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2015-5351'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/9.0.0+M1|!=9.0.0+M3', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/9.0.0.M1|!=9.0.0.M3', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2015-5351', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5351', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1720652', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1720655', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-0706'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/9.0.0+M1|!=9.0.0+M3', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/9.0.0.M1|!=9.0.0.M3', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-0706', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0706', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1722799', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-0714'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/9.0.0+M1|!=9.0.0+M3', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/9.0.0.M1|!=9.0.0.M3', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-0714', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0714', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1725263', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1725914', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2022-45143'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/8.5.83|!=8.5.84', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/8.5.83|!=8.5.84', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2022-45143', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45143', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/0cab3a56bd89f70e7481bb0d68395dc7e130dbbf', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2022-42252'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.0|<=8.5.82|!=8.5.83', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.0|<=8.5.82|!=8.5.83', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2022-42252', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42252', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/a1c07906d8dcaf7957e5cc97f5cdbac7d18a205a', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2022-34305'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.50|<=8.5.81|!=8.5.82', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.50|<=8.5.81|!=8.5.82', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2022-34305', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34305', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/5f6c88b054b0e4fbccff8b7f15974ed55d59a9f7', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2022-29885'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.38|<=8.5.78|!=8.5.79', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.38|<=8.5.78|!=8.5.79', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2022-29885', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29885', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/b679bc627f5a4ea6510af95adfb7476b07eba890', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2021-43980'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.0|<=8.5.77|!=8.5.78', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.0|<=8.5.77|!=8.5.78', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2021-43980', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43980', 'severities': [{'system': 'apache_tomcat', 'value': 'High', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/4a00b0c0890538b9d3107eef8f2e0afadd119beb', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2022-25762'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.0|<=8.5.75|!=8.5.76', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.0|<=8.5.75|!=8.5.76', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2022-25762', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25762', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/01f2cf25b270a84d0daeefc4f215aa2f56e1df99', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2022-23181'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.55|<=8.5.73|!=8.5.75', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.55|<=8.5.73|!=8.5.75', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2022-23181', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23181', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/97943959ba721ad5e8e8ba765a68d2b153348530', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2021-42340'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.60|<=8.5.71|!=8.5.72', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.60|<=8.5.71|!=8.5.72', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2021-42340', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42340', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/d27535bdee95d252418201eb21e9d29476aa6b6a', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2021-33037'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.0|<=8.5.66|!=8.5.68', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.0|<=8.5.66|!=8.5.68', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2021-33037', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33037', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/3202703e6d635e39b74262e81f0cb4bcbe2170dc', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/da0e7cb093cf68b052d9175e469dbd0464441b0b', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/8874fa02e9b36baa9ca6b226c0882c0190ca5a02', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2021-30640'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.0|<=8.5.65|!=8.5.66', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.0|<=8.5.65|!=8.5.66', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2021-30640', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30640', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/24dfb30076997b640e5123e92c4b8d7f206f609c', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/0a272b00aed57526dbfc8b881ab253c23c61f100', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/c9f21a2a7908c7c4ecd4f9bb495d3ee36a2bd822', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/4e86b4ea0d1a9b00fa93971c31b93ad1bd49c7fe', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/79580e7f70a07c083be07307376511bb864d5a7b', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/d3407672774e372fae8b5898d55f85d16f22b972', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/6a9129ac9bd06555ce04bb564a76fc3987311f38', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/ad22db641dcd61c2e8078f658fa709897b5da375', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2021-30639'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/8.5.64|!=8.5.65', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/8.5.64|!=8.5.65', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2021-30639', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30639', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/411caf29ac1c16e6ac291b6e5543b2371dbd25e2', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2021-41079'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.0|<=8.5.63|!=8.5.64', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.0|<=8.5.63|!=8.5.64', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2021-41079', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41079', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/b90d4fc1ff44f30e4b3aba622ba6677e3f003822', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2020-9484'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.0|<=8.5.61|!=8.5.63', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.0|<=8.5.61|!=8.5.63', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2020-9484', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9484', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/93f0cc403a9210d469afc2bd9cf03ab3251c6f35', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2021-25329'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.0|<=8.5.61|!=8.5.63', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.0|<=8.5.61|!=8.5.63', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2021-25329', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25329', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/93f0cc403a9210d469afc2bd9cf03ab3251c6f35', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2021-25122'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.0|<=8.5.61|!=8.5.63', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.0|<=8.5.61|!=8.5.63', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2021-25122', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25122', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/bb0e7c1e0d737a0de7d794572517bce0e91d30fa', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2021-24122'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.0|<=8.5.59|!=8.5.60', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.0|<=8.5.59|!=8.5.60', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2021-24122', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24122', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/920dddbdb981f92e8d5872a4bb126a10af5ca8a9', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2020-17527'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.0|<=8.5.59|!=8.5.60', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.0|<=8.5.59|!=8.5.60', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2020-17527', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17527', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/21e3408671aac7e0d7e264e720cac8b1b189eb29', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2020-13943'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.0|<=8.5.57|!=8.5.58', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.0|<=8.5.57|!=8.5.58', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2020-13943', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13943', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/9d7def063b47407a09a2f9202beed99f4dcb292a', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2020-13935'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.0|<=8.5.56|!=8.5.57', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.0|<=8.5.56|!=8.5.57', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2020-13935', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13935', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/12d715676038efbf9c728af10163f8277fc019d5', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2020-13934'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.1|<=8.5.56|!=8.5.57', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.1|<=8.5.56|!=8.5.57', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2020-13934', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13934', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/923d834500802a61779318911d7898bd85fc950e', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2020-11996'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.0|<=8.5.55|!=8.5.56', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.0|<=8.5.55|!=8.5.56', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2020-11996', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11996', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/c8acd2ab7371e39aeca7c306f3b5380f00afe552', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2020-9484'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.0|<=8.5.54|!=8.5.55', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.0|<=8.5.54|!=8.5.55', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2020-9484', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9484', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/ec08af18d0f9ddca3f2d800ef66fe7fd20afef2f', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2020-1938'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.0|<=8.5.50|!=8.5.51', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.0|<=8.5.50|!=8.5.51', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2020-1938', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1938', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/69c56080fb3355507e1b55d014ec0ee6767a6150', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/b962835f98b905286b78c414d5aaec2d0e711f75', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/5a5494f023e81aa353e262fb14fff4cd0338a67c', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/9be57601efb8a81e3832feb0dd60b1eb9d2b61d5', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/64159aa1d7cdc2c118fcb5eac098e70129d54a19', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/03c436126db6794db5277a3b3d871016fb9a3f23', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2020-1935'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.0|<=8.5.50|!=8.5.51', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.0|<=8.5.50|!=8.5.51', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2020-1935', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1935', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/8fbe2e962f0ea138d92361921643fe5abe0c4f56', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2019-17569'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.48|<=8.5.50|!=8.5.51', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.48|<=8.5.50|!=8.5.51', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2019-17569', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17569', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/959f1dfd767bf3cb64776b44f7395d1d8d8f7ab3', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2019-17563'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.0|<=8.5.49|!=8.5.50', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.0|<=8.5.49|!=8.5.50', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2019-17563', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17563', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/e19a202ee43b6e2a538be5515ae0ab32d8ef112c', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2019-12418'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.0|<=8.5.47|!=8.5.49', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.0|<=8.5.47|!=8.5.49', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2019-12418', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12418', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/a91d7db4047d372b2f12999d3cf2bc3254c20d00', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2019-10072'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.0|<=8.5.40|!=8.5.41', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.0|<=8.5.40|!=8.5.41', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2019-10072', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10072', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/0bcd69c9dd8ae0ff424f2cd46de51583510b7f35', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/8d14c6f21d29768a39be4b6b9517060dc6606758', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2019-0232'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.0|<=8.5.39|!=8.5.40', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.0|<=8.5.39|!=8.5.40', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2019-0232', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0232', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/5bc4e6d7b1c22dc1bf99f475b7e70594ebdd83b9', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2019-0221'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.0|<=8.5.39|!=8.5.40', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.0|<=8.5.39|!=8.5.40', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2019-0221', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0221', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/4fcdf706f3ecf35912a600242f89637f5acb32da', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2019-0199'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.0|<=8.5.37|!=8.5.38', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.0|<=8.5.37|!=8.5.38', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2019-0199', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0199', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1852707', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1852711', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1852712', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1852713', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1852714', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1852715', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1852717', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1852718', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1852719', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1852722', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1852723', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1852724', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/60a3af1738879ec06fac1ecb8a149608782f7cc9', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2018-11784'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.0|<=8.5.33|!=8.5.34', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.0|<=8.5.33|!=8.5.34', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2018-11784', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11784', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1840056', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2018-8034'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.0.0+RC1|<=8.0.52|!=8.0.53', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.0.0.RC1|<=8.0.52|!=8.0.53', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2018-8034', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8034', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1833759', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2018-8014'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.0.0+RC1|<=8.0.52|!=8.0.53', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.0.0.RC1|<=8.0.52|!=8.0.53', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2018-8014', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8014', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1831729', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2018-8037'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.5|<=8.5.31|!=8.5.32', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.5|<=8.5.31|!=8.5.32', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2018-8037', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8037', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1833826', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1833832', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1837531', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1833907', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2018-8034'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.0|<=8.5.31|!=8.5.32', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.0|<=8.5.31|!=8.5.32', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2018-8034', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8034', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1833758', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2018-8014'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.0|<=8.5.31|!=8.5.32', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.0|<=8.5.31|!=8.5.32', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2018-8014', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8014', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1831728', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2018-1336'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.0.0+RC1|<=8.0.51|!=8.0.52', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.0.0.RC1|<=8.0.51|!=8.0.52', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2018-1336', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1336', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1830375', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2018-1336'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.0|<=8.5.30|!=8.5.31', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.0|<=8.5.30|!=8.5.31', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2018-1336', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1336', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1830374', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2018-1305'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.0.0+RC1|<=8.0.49|!=8.0.50', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.0.0.RC1|<=8.0.49|!=8.0.50', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2018-1305', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1305', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1823319', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1824359', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2018-1304'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.0.0+RC1|<=8.0.49|!=8.0.50', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.0.0.RC1|<=8.0.49|!=8.0.50', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2018-1304', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1304', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1823308', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2018-1305'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.0|<=8.5.27|!=8.5.28', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.0|<=8.5.27|!=8.5.28', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2018-1305', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1305', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1823314', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1824358', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2018-1304'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.0|<=8.5.27|!=8.5.28', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.0|<=8.5.27|!=8.5.28', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2018-1304', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1304', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1823307', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2017-15706'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.0.45|<=8.0.47|!=8.0.48', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.0.45|<=8.0.47|!=8.0.48', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2017-15706', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15706', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1814827', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2017-15706'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.16|<=8.5.23|!=8.5.24', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.16|<=8.5.23|!=8.5.24', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2017-15706', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15706', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1814826', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2017-12617'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.0.0+RC1|<=8.0.46|!=8.0.47', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.0.0.RC1|<=8.0.46|!=8.0.47', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2017-12617', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12617', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1809921', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2017-12617'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.0|<=8.5.22|!=8.5.23', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.0|<=8.5.22|!=8.5.23', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2017-12617', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12617', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1809673', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1809675', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1809896', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2017-7674'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.0.0+RC1|<=8.0.44|!=8.0.45', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.0.0.RC1|<=8.0.44|!=8.0.45', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2017-7674', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7674', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1795815', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2017-7675'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.0|<=8.5.15|!=8.5.16', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.0|<=8.5.15|!=8.5.16', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2017-7675', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7675', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1796091', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2017-7674'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.0|<=8.5.15|!=8.5.16', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.0|<=8.5.15|!=8.5.16', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2017-7674', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7674', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1795814', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2017-5664'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.0.0+RC1|<=8.0.43|!=8.0.44', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.0.0.RC1|<=8.0.43|!=8.0.44', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2017-5664', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5664', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1793470', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1793489', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2017-5664'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.0|<=8.5.14|!=8.5.15', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.0|<=8.5.14|!=8.5.15', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2017-5664', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5664', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1793469', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1793488', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2017-5647'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.0.0+RC1|<=8.0.42|!=8.0.43', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.0.0.RC1|<=8.0.42|!=8.0.43', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2017-5647', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5647', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1788999', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2017-5651'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.0|<=8.5.12|!=8.5.13', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.0|<=8.5.12|!=8.5.13', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2017-5651', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5651', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1788546', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2017-5650'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.0|<=8.5.12|!=8.5.13', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.0|<=8.5.12|!=8.5.13', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2017-5650', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5650', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1788480', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2017-5647'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.0|<=8.5.12|!=8.5.13', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.0|<=8.5.12|!=8.5.13', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2017-5647', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5647', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1788932', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2017-5648'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.0.0+RC1|<=8.0.41|!=8.0.42', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.0.0.RC1|<=8.0.41|!=8.0.42', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2017-5648', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5648', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1785776', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2017-5648'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.0|<=8.5.11|!=8.5.12', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.0|<=8.5.11|!=8.5.12', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2017-5648', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5648', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1785775', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-8745'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.0.0+RC1|<=8.0.39|!=8.0.41', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.0.0.RC1|<=8.0.39|!=8.0.41', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-8745', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8745', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1777469', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-8747'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.7|<=8.5.9|!=8.5.11', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.7|<=8.5.9|!=8.5.11', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-8747', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8747', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1774166', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-8745'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.0|<=8.5.8|!=8.5.9', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.0|<=8.5.8|!=8.5.9', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-8745', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8745', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1771857', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-8735'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.0.0+RC1|<=8.0.38|!=8.0.39', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.0.0.RC1|<=8.0.38|!=8.0.39', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-8735', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8735', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1767656', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-6816'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.0.0+RC1|<=8.0.38|!=8.0.39', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.0.0.RC1|<=8.0.38|!=8.0.39', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-6816', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6816', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1767653', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-8735'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.0|<=8.5.6|!=8.5.8', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.0|<=8.5.6|!=8.5.8', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-8735', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8735', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1767646', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-6817'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.0|<=8.5.6|!=8.5.8', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.0|<=8.5.6|!=8.5.8', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-6817', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6817', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1765798', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-6816'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.5.0|<=8.5.6|!=8.5.8', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.5.0|<=8.5.6|!=8.5.8', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-6816', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6816', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1767645', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-6797'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.0.0+RC1|<=8.0.36|!=8.0.37|>=8.5.0|<=8.5.4|!=8.5.5', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.0.0.RC1|<=8.0.36|!=8.0.37|>=8.5.0|<=8.5.4|!=8.5.5', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-6797', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6797', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1757272', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1757273', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-6796'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.0.0+RC1|<=8.0.36|!=8.0.37|>=8.5.0|<=8.5.4|!=8.5.5', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.0.0.RC1|<=8.0.36|!=8.0.37|>=8.5.0|<=8.5.4|!=8.5.5', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-6796', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6796', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1758493', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1763233', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1758494', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1763234', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-6794'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.0.0+RC1|<=8.0.36|!=8.0.37|>=8.5.0|<=8.5.4|!=8.5.5', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.0.0.RC1|<=8.0.36|!=8.0.37|>=8.5.0|<=8.5.4|!=8.5.5', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-6794', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6794', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1754726', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1754727', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-5018'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.0.0+RC1|<=8.0.36|!=8.0.37|>=8.5.0|<=8.5.4|!=8.5.5', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.0.0.RC1|<=8.0.36|!=8.0.37|>=8.5.0|<=8.5.4|!=8.5.5', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-5018', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5018', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1754900', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1760305', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1754901', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1760307', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-0762'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.0.0+RC1|<=8.0.36|!=8.0.37|>=8.5.0|<=8.5.4|!=8.5.5', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.0.0.RC1|<=8.0.36|!=8.0.37|>=8.5.0|<=8.5.4|!=8.5.5', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-0762', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0762', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1758500', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1758501', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-3092'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.0.0+RC1|<=8.0.35|!=8.0.36|>=8.5.0|<=8.5.2|!=8.5.3', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.0.0.RC1|<=8.0.35|!=8.0.36|>=8.5.0|<=8.5.2|!=8.5.3', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-3092', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3092', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1743722', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1743738', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2015-5346'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.0.0+RC1|<=8.0.30|!=8.0.32', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.0.0.RC1|<=8.0.30|!=8.0.32', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2015-5346', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5346', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1713185', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1723506', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2015-5351'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.0.0+RC1|<=8.0.30|!=8.0.32', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.0.0.RC1|<=8.0.30|!=8.0.32', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2015-5351', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5351', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1720658', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1720660', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-0706'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.0.0+RC1|<=8.0.30|!=8.0.32', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.0.0.RC1|<=8.0.30|!=8.0.32', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-0706', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0706', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1722800', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-0714'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.0.0+RC1|<=8.0.30|!=8.0.32', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.0.0.RC1|<=8.0.30|!=8.0.32', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-0714', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0714', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1726196', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1726203', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-0763'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.0.0+RC1|<=8.0.30|!=8.0.32', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.0.0.RC1|<=8.0.30|!=8.0.32', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-0763', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0763', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1725929', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2015-5345'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.0.0+RC1|<=8.0.29|!=8.0.30', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.0.0.RC1|<=8.0.29|!=8.0.30', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2015-5345', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5345', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1715207', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1717209', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2015-5174'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.0.0-RC1|<=8.0.26|!=8.0.27', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.0.0-RC1|<=8.0.26|!=8.0.27', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2015-5174', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5174', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1696281', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1700897', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2014-7810'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.0.0-RC1|<=8.0.15|!=8.0.17', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.0.0-RC1|<=8.0.15|!=8.0.17', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2014-7810', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7810', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1644018', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1645642', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2014-0227'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.0.0-RC1|<=8.0.8|!=8.0.9', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.0.0-RC1|<=8.0.8|!=8.0.9', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2014-0227', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0227', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1600984', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1601329', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1601330', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1601332', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2014-0230'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.0.0-RC1|<=8.0.8|!=8.0.9', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.0.0-RC1|<=8.0.8|!=8.0.9', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2014-0230', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0230', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1603770', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1603775', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1603779', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1609175', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1659294', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2014-0119'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.0.0-RC1|<=8.0.5|!=8.0.8', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.0.0-RC1|<=8.0.5|!=8.0.8', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2014-0119', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0119', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1588193', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1589837', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1589980', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1589983', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1589985', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1589990', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1589992', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2014-0075'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.0.0-RC1|<=8.0.3|!=8.0.5', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.0.0-RC1|<=8.0.3|!=8.0.5', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2014-0075', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0075', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1578337', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2014-0095'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.0.0-RC2|<=8.0.3|!=8.0.5', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.0.0-RC2|<=8.0.3|!=8.0.5', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2014-0095', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0095', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1578392', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2014-0096'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.0.0-RC1|<=8.0.3|!=8.0.5', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.0.0-RC1|<=8.0.3|!=8.0.5', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2014-0096', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0096', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1578610', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1578611', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2014-0099'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.0.0-RC1|<=8.0.3|!=8.0.5', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.0.0-RC1|<=8.0.3|!=8.0.5', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2014-0099', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0099', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1578812', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2014-0050'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.0.0-RC1|<=8.0.1|!=8.0.3', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.0.0-RC1|<=8.0.1|!=8.0.3', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2014-0050', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0050', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1565163', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2013-4322'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.0.0-RC1|!=8.0.0-RC10|<=8.0.0-RC5', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.0.0-RC1|<=8.0.0-RC5|!=8.0.0-RC10', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2013-4322', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4322', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1521834', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1549522', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2013-4590'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=8.0.0-RC1|!=8.0.0-RC10|<=8.0.0-RC5', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=8.0.0-RC1|<=8.0.0-RC5|!=8.0.0-RC10', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2013-4590', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4590', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1549528', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2013-4286'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/!=8.0.0-RC3|>=8.0.0', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/<=RC1|!=8.0.0-RC3|>=8.0.0', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2013-4286', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4286', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1521829', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2021-30640'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.108|!=7.0.109', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.108|!=7.0.109', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2021-30640', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30640', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/e21eb4764ccda55e5a35a5a7c19a6fd2b0757fe9', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2020-9484'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.107|!=7.0.108', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.107|!=7.0.108', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2020-9484', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9484', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/74b105657ffbd1d1de80455f03446c3bbf30d1f5', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2021-25329'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.107|!=7.0.108', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.107|!=7.0.108', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2021-25329', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25329', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/74b105657ffbd1d1de80455f03446c3bbf30d1f5', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2021-24122'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.106|!=7.0.107', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.106|!=7.0.107', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2021-24122', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24122', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/800b03140e640f8892f27021e681645e8e320177', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2020-13935'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.27|<=7.0.104|!=7.0.105', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.27|<=7.0.104|!=7.0.105', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2020-13935', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13935', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/f9f75c14678b68633f79030ddf4ff827f014cc84', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/4c04982870d6e730c38e21e58fb653b7cf723784', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2020-9484'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.103|!=7.0.104', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.103|!=7.0.104', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2020-9484', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9484', 'severities': [{'system': 'apache_tomcat', 'value': 'High', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/53e30390943c18fca0c9e57dbcc14f1c623cfd06', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2020-1938'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.99|!=7.0.100', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.99|!=7.0.100', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2020-1938', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1938', 'severities': [{'system': 'apache_tomcat', 'value': 'High', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/0d633e72ebc7b3c242d0081c23bba5e4dacd9b72', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/40d5d93bd284033cf4a1f77f5492444f83d803e2', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/b99fba5bd796d876ea536e83299603443842feba', 'severities': []}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/f7180bafc74cb1250c9e9287b68a230f0e1f4645', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2020-1935'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.99|!=7.0.100', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.99|!=7.0.100', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2020-1935', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1935', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/702bf15bea292915684d931526d95d4990b2e73d', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2019-17569'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.98|<=7.0.99|!=7.0.100', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.98|<=7.0.99|!=7.0.100', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2019-17569', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17569', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/b191a0d9cf06f4e04257c221bfe41d2b108a9cc8', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2019-17563'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.98|!=7.0.99', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.98|!=7.0.99', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2019-17563', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17563', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2019-12418'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.97|!=7.0.99', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.97|!=7.0.99', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2019-12418', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12418', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/bef3f40400243348d12f4abfe9b413f43897c02b', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2019-0232'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.93|!=7.0.94', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.93|!=7.0.94', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2019-0232', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0232', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/7f0221b904956359f2d739aa3a2b53f8c12ed8c7', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2019-0221'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.93|!=7.0.94', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.93|!=7.0.94', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2019-0221', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0221', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://github.com/apache/tomcat/commit/44ec74c44dcd05cd7e90967c04d40b51440ecd7e', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2018-11784'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.23|<=7.0.90|!=7.0.91', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.23|<=7.0.90|!=7.0.91', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2018-11784', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11784', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1840057', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2018-8034'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.25|<=7.0.88|!=7.0.90', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.25|<=7.0.88|!=7.0.90', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2018-8034', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8034', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1833760', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2018-8014'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.41|<=7.0.88|!=7.0.89', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.41|<=7.0.88|!=7.0.89', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2018-8014', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8014', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1831730', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2018-1336'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.28|<=7.0.86|!=7.0.88', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.28|<=7.0.86|!=7.0.88', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2018-1336', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1336', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1830376', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2018-1305'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.84|!=7.0.85', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.84|!=7.0.85', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2018-1305', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1305', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1823322', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1824360', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2018-1304'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.84|!=7.0.85', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.84|!=7.0.85', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2018-1304', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1304', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1823309', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2017-15706'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.79|<=7.0.82|!=7.0.84', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.79|<=7.0.82|!=7.0.84', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2017-15706', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15706', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1814828', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2017-12617'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.81|!=7.0.82', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.81|!=7.0.82', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2017-12617', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12617', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1809978', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1809992', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1810014', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1810026', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2017-12616'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.80|!=7.0.81', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.80|!=7.0.81', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2017-12616', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12616', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1804729', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2017-12615'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.79|!=7.0.81', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.79|!=7.0.81', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2017-12615', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12615', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1804604', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1804729', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2017-7674'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.41|<=7.0.78|!=7.0.79', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.41|<=7.0.78|!=7.0.79', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2017-7674', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7674', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1795816', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2017-5664'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.77|!=7.0.78', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.77|!=7.0.78', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2017-5664', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5664', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1793471', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1793491', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2017-5647'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.76|!=7.0.77', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.76|!=7.0.77', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2017-5647', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5647', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1789008', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2017-5648'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.75|!=7.0.76', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.75|!=7.0.76', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2017-5648', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5648', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1785777', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-8745'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.73|!=7.0.75', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.73|!=7.0.75', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-8745', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8745', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1777471', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-8735'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.72|!=7.0.73', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.72|!=7.0.73', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-8735', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8735', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1767676', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-6816'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.72|!=7.0.73', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.72|!=7.0.73', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-6816', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6816', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1767675', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-6797'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.70|!=7.0.72', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.70|!=7.0.72', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-6797', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6797', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1757275', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-6796'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.70|!=7.0.72', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.70|!=7.0.72', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-6796', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6796', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1758495', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1763236', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-6794'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.70|!=7.0.72', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.70|!=7.0.72', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-6794', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6794', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1754728', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-5018'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.70|!=7.0.72', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.70|!=7.0.72', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-5018', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5018', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1754902', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1760309', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-0762'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.70|!=7.0.72', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.70|!=7.0.72', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-0762', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0762', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1758502', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-3092'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.69|!=7.0.70', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.69|!=7.0.70', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-3092', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3092', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1743742', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2015-5345'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.67|!=7.0.68', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.67|!=7.0.68', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2015-5345', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5345', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1715213', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1716860', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1717212', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2015-5351'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.1|<=7.0.67|!=7.0.68', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.1|<=7.0.67|!=7.0.68', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2015-5351', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5351', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1720661', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1720663', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-0706'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.67|!=7.0.68', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.67|!=7.0.68', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-0706', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0706', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1722801', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-0714'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.67|!=7.0.68', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.67|!=7.0.68', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-0714', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0714', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1726923', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1727034', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-0763'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.67|!=7.0.68', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.67|!=7.0.68', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-0763', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0763', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1725931', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2015-5346'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.5|<=7.0.65|!=7.0.67', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.5|<=7.0.65|!=7.0.67', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2015-5346', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5346', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1713187', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2015-5174'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.64|!=7.0.65', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.64|!=7.0.65', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2015-5174', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5174', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1696284', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1700898', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2014-7810'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.57|!=7.0.59', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.57|!=7.0.59', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2014-7810', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7810', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1644019', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1645644', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2014-0227'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.54|!=7.0.55', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.54|!=7.0.55', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2014-0227', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0227', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1601333', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2014-0230'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.54|!=7.0.55', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.54|!=7.0.55', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2014-0230', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0230', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1603781', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1603811', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1609176', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1659295', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2014-0119'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.53|!=7.0.54', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.53|!=7.0.54', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2014-0119', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0119', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1588199', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1589997', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1590028', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1590036', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2014-0075'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.52|!=7.0.53', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.52|!=7.0.53', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2014-0075', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0075', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1578341', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2014-0096'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.52|!=7.0.53', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.52|!=7.0.53', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2014-0096', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0096', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1578637', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1578655', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2014-0099'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.52|!=7.0.53', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.52|!=7.0.53', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2014-0099', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0099', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1578814', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2014-0050'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.50|!=7.0.52', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.50|!=7.0.52', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2014-0050', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0050', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1565169', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2013-4322'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.47|!=7.0.50', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.47|!=7.0.50', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2013-4322', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4322', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1521864', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1549523', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2013-4590'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.47|!=7.0.50', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.47|!=7.0.50', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2013-4590', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4590', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1549529', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2013-4286'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.42|!=7.0.47', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.42|!=7.0.47', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2013-4286', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4286', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1521854', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2013-2071'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.39|!=7.0.40', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.39|!=7.0.40', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2013-2071', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2071', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1471372', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2013-4444'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.39|!=7.0.40', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.39|!=7.0.40', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2013-4444', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4444', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1470437', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2013-2067'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.32|!=7.0.33', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.32|!=7.0.33', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2013-2067', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2067', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1408044', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2012-4431'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.31|!=7.0.32', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.31|!=7.0.32', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2012-4431', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4431', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1393088', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2012-3544'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.29|!=7.0.30', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.29|!=7.0.30', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2012-3544', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3544', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1378702', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1378921', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2012-3439'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.29|!=7.0.30', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.29|!=7.0.30', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2012-3439', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3439', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1377807', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2012-3546'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.29|!=7.0.30', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.29|!=7.0.30', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2012-3546', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3546', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1377892', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2012-2733'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.27|!=7.0.28', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.27|!=7.0.28', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2012-2733', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2733', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1350301', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2012-4534'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.27|!=7.0.28', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.27|!=7.0.28', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2012-4534', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4534', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1340218', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2012-0022'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.22|!=7.0.23', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.22|!=7.0.23', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2012-0022', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0022', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1189899', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1190372', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1190482', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1194917', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1195225', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1195226', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1195537', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1195909', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1195944', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1195951', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1195977', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1198641', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2011-3375'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.21|!=7.0.22', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.21|!=7.0.22', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2011-3375', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3375', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1176592', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2011-3376'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.21|!=7.0.22', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.21|!=7.0.22', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2011-3376', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3376', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1176588', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2011-3190'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.20|!=7.0.21', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.20|!=7.0.21', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2011-3190', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3190', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1162958', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2011-2729'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.19|!=7.0.20', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.19|!=7.0.20', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2011-2729', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2729', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1153379', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2011-2526'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.18|!=7.0.19', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.18|!=7.0.19', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2011-2526', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2526', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1145383', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1145489', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1145571', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1145694', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1146005', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2011-2204'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.16|!=7.0.19', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.16|!=7.0.19', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2011-2204', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2204', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1140070', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2011-2481'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.16|!=7.0.19', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.16|!=7.0.19', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2011-2481', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2481', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2011-1582'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.12|<=7.0.13|!=7.0.14', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.12|<=7.0.13|!=7.0.14', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2011-1582', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1582', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1100832', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2011-1475'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.11|!=7.0.12', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.11|!=7.0.12', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2011-1475', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1475', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1086349', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1086352', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2011-1184'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.11|!=7.0.12', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.11|!=7.0.12', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2011-1184', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1184', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1087655', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2011-1183'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/7.0.11|!=7.0.12', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/7.0.11|!=7.0.12', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2011-1183', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1183', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1087643', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2011-1088'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.10|!=7.0.11', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.10|!=7.0.11', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2011-1088', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1088', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1076586', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1076587', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1077995', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1079752', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2011-0534'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.6|!=7.0.8', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.6|!=7.0.8', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2011-0534', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0534', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1065939', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2011-0013'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.5|!=7.0.6', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.5|!=7.0.6', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2011-0013', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0013', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1057279', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2010-4172'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.4|!=7.0.5', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.4|!=7.0.5', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2010-4172', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4172', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1037778', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2010-3718'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=7.0.0|<=7.0.3|!=7.0.4', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=7.0.0|<=7.0.3|!=7.0.4', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2010-3718', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3718', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1022134', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2010-2227'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/7.0.0|!=7.0.2', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/7.0.0|!=7.0.2', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2010-2227', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2227', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=958911', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2017-5647'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.52|!=6.0.53', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.52|!=6.0.53', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2017-5647', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5647', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1789024', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1789155', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1789856', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-8745'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.16|<=6.0.48|!=6.0.50', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.16|<=6.0.48|!=6.0.50', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-8745', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8745', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1777472', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-8735'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.47|!=6.0.48', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.47|!=6.0.48', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-8735', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8735', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1767684', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-6816'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.47|!=6.0.48', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.47|!=6.0.48', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-6816', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6816', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1767683', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-6797'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.45|!=6.0.47', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.45|!=6.0.47', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-6797', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6797', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1757285', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-6796'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.45|!=6.0.47', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.45|!=6.0.47', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-6796', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6796', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1758496', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1763237', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-6794'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.45|!=6.0.47', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.45|!=6.0.47', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-6794', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6794', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1754733', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-5018'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.45|!=6.0.47', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.45|!=6.0.47', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-5018', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5018', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1754904', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1761718', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-0762'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.45|!=6.0.47', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.45|!=6.0.47', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-0762', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0762', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1758506', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2015-5174'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.44|!=6.0.45', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.44|!=6.0.45', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2015-5174', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5174', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1700900', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2015-5345'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.44|!=6.0.45', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.44|!=6.0.45', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2015-5345', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5345', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1715216', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1717216', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-0706'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.44|!=6.0.45', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.44|!=6.0.45', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-0706', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0706', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1722802', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2016-0714'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.44|!=6.0.45', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.44|!=6.0.45', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2016-0714', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0714', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1727166', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1727182', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2014-0230'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.43|!=6.0.44', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.43|!=6.0.44', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2014-0230', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0230', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1659537', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2014-7810'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.43|!=6.0.44', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.43|!=6.0.44', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2014-7810', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7810', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1645366', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1659538', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2014-0227'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.41|!=6.0.43', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.41|!=6.0.43', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2014-0227', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0227', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1603628', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2014-0075'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.39|!=6.0.41', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.39|!=6.0.41', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2014-0075', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0075', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1579262', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2014-0096'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.39|!=6.0.41', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.39|!=6.0.41', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2014-0096', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0096', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1585853', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2014-0099'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.39|!=6.0.41', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.39|!=6.0.41', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2014-0099', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0099', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1580473', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2014-0119'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.39|!=6.0.41', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.39|!=6.0.41', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2014-0119', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0119', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1589640', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1593815', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1593821', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2013-1571'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.37|!=6.0.39', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.37|!=6.0.39', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2013-1571', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1571', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2013-4286'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.37|!=6.0.39', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.37|!=6.0.39', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2013-4286', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4286', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1552565', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2013-4322'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.37|!=6.0.39', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.37|!=6.0.39', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2013-4322', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4322', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1556540', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2013-4590'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.37|!=6.0.39', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.37|!=6.0.39', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2013-4590', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4590', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1558828', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2014-0033'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.33|<=6.0.37|!=6.0.39', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.33|<=6.0.37|!=6.0.39', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2014-0033', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0033', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1558822', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2013-2067'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.21|<=6.0.36|!=6.0.37', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.21|<=6.0.36|!=6.0.37', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2013-2067', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2067', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1417891', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2012-3544'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.36|!=6.0.37', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.36|!=6.0.37', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2012-3544', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3544', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1476592', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2012-2733'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.35|!=6.0.36', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.35|!=6.0.36', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2012-2733', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2733', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1356208', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2012-3439'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.35|!=6.0.36', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.35|!=6.0.36', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2012-3439', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3439', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1380829', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2012-3546'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.35|!=6.0.36', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.35|!=6.0.36', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2012-3546', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3546', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1381035', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2012-4431'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.30|<=6.0.35|!=6.0.36', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.30|<=6.0.35|!=6.0.36', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2012-4431', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4431', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1394456', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2012-4534'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.35|!=6.0.36', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.35|!=6.0.36', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2012-4534', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4534', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1372035', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2011-3375'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.30|<=6.0.33|!=6.0.35', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.30|<=6.0.33|!=6.0.35', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2011-3375', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3375', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1185998', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2011-3190'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.33|!=6.0.35', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.33|!=6.0.35', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2011-3190', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3190', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1162959', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2012-0022'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.33|!=6.0.35', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.33|!=6.0.35', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2012-0022', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0022', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1200601', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1206324', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1229027', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2011-1184'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.32|!=6.0.33', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.32|!=6.0.33', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2011-1184', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1184', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1158180', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2011-2204'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.32|!=6.0.33', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.32|!=6.0.33', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2011-2204', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2204', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1140071', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2011-2526'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.32|!=6.0.33', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.32|!=6.0.33', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2011-2526', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2526', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1146703', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2011-2729'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.30|<=6.0.32|!=6.0.33', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.30|<=6.0.32|!=6.0.33', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2011-2729', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2729', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1153824', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2011-0534'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.30|!=6.0.32', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.30|!=6.0.32', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2011-0534', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0534', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1066313', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2011-0013'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.29|!=6.0.30', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.29|!=6.0.30', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2011-0013', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0013', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1057270', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2010-4172'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.12|<=6.0.29|!=6.0.30', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.12|<=6.0.29|!=6.0.30', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2010-4172', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4172', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1037779', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2010-3718'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.29|!=6.0.30', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.29|!=6.0.30', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2010-3718', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3718', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1022560', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2010-2227'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.27|!=6.0.28', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.27|!=6.0.28', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2010-2227', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2227', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2010-1157'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.26|!=6.0.28', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.26|!=6.0.28', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2010-1157', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1157', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=936540', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2009-2693'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.20|!=6.0.24', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.20|!=6.0.24', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2009-2693', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2693', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=892815', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2009-2901'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.20|!=6.0.24', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.20|!=6.0.24', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2009-2901', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2901', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=892815', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2009-2902'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.20|!=6.0.24', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.20|!=6.0.24', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2009-2902', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2902', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=892815', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2009-3548'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.20|!=6.0.24', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.20|!=6.0.24', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2009-3548', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3548', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=881771', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2008-5515'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.18|!=6.0.20', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.18|!=6.0.20', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2008-5515', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5515', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=734734', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2009-0033'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.18|!=6.0.20', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.18|!=6.0.20', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2009-0033', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0033', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=742915', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2009-0580'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.18|!=6.0.20', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.18|!=6.0.20', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2009-0580', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0580', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=747840', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2009-0781'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.18|!=6.0.20', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.18|!=6.0.20', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2009-0781', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0781', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=750924', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2009-0783'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.18|!=6.0.20', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.18|!=6.0.20', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2009-0783', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0783', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=652592', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=739522', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2008-1232'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.16|!=6.0.18', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.16|!=6.0.18', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2008-1232', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1232', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=673834', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2008-1947'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.16|!=6.0.18', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.16|!=6.0.18', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2008-1947', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1947', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=662585', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2008-2370'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.16|!=6.0.18', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.16|!=6.0.18', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2008-2370', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2370', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=673839', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2007-5333'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.14|!=6.0.16', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.14|!=6.0.16', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2007-5333', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5333', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2007-5342'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.15|!=6.0.16', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.15|!=6.0.16', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2007-5342', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5342', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2007-5461'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.14|!=6.0.16', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.14|!=6.0.16', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2007-5461', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5461', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2007-6286'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.15|!=6.0.16', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.15|!=6.0.16', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2007-6286', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6286', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2008-0002'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.5|<=6.0.15|!=6.0.16', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.5|<=6.0.15|!=6.0.16', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2008-0002', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0002', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2007-2449'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.13|!=6.0.14', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.13|!=6.0.14', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2007-2449', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2449', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2007-2450'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.13|!=6.0.14', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.13|!=6.0.14', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2007-2450', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2450', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2007-3382'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.13|!=6.0.14', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.13|!=6.0.14', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2007-3382', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3382', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2007-3385'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.13|!=6.0.14', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.13|!=6.0.14', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2007-3385', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3385', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2007-3386'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.13|!=6.0.14', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.13|!=6.0.14', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2007-3386', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3386', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2007-1355'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.10|!=6.0.11', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.10|!=6.0.11', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2007-1355', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1355', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2005-2090'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.10|!=6.0.11', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.10|!=6.0.11', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2005-2090', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2090', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2007-0450'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.9|!=6.0.10', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.9|!=6.0.10', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2007-0450', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0450', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2008-0128'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.8|!=6.0.9', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.8|!=6.0.9', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2008-0128', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0128', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2007-1358'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=6.0.0|<=6.0.5|!=6.0.6', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=6.0.0|<=6.0.5|!=6.0.6', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2007-1358', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1358', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2012-3439'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.5.0|<=5.5.35|!=5.5.36', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.5.0|<=5.5.35|!=5.5.36', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2012-3439', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3439', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1392248', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2012-0022'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.5.0|<=5.5.34|!=5.5.35', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.5.0|<=5.5.34|!=5.5.35', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2012-0022', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0022', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1221282', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1224640', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1228191', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2011-1184'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.5.0|<=5.5.33|!=5.5.34', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.5.0|<=5.5.33|!=5.5.34', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2011-1184', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1184', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1159309', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2011-2204'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.5.0|<=5.5.33|!=5.5.34', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.5.0|<=5.5.33|!=5.5.34', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2011-2204', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2204', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1140072', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2011-2526'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.5.0|<=5.5.33|!=5.5.34', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.5.0|<=5.5.33|!=5.5.34', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2011-2526', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2526', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1158244', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2011-2729'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.5.32|<=5.5.33|!=5.5.34', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.5.32|<=5.5.33|!=5.5.34', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2011-2729', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2729', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1159346', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2011-3190'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.5.0|<=5.5.33|!=5.5.34', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.5.0|<=5.5.33|!=5.5.34', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2011-3190', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3190', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1162960', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2011-0013'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.5.0|<=5.5.31|!=5.5.32', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.5.0|<=5.5.31|!=5.5.32', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2011-0013', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0013', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1057518', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2010-3718'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.5.0|<=5.5.29|!=5.5.30', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.5.0|<=5.5.29|!=5.5.30', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2010-3718', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3718', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=1027610', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2010-2227'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.5.0|<=5.5.29|!=5.5.30', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.5.0|<=5.5.29|!=5.5.30', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2010-2227', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2227', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=959428', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2010-1157'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.5.0|<=5.5.29|!=5.5.30', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.5.0|<=5.5.29|!=5.5.30', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2010-1157', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1157', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=936541', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2009-2693'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.5.0|<=5.5.28|!=5.5.29', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.5.0|<=5.5.28|!=5.5.29', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2009-2693', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2693', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=902650', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2009-2901'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.5.0|<=5.5.28|!=5.5.29', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.5.0|<=5.5.28|!=5.5.29', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2009-2901', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2901', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=902650', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2009-2902'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.5.0|<=5.5.28|!=5.5.29', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.5.0|<=5.5.28|!=5.5.29', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2009-2902', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2902', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=902650', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2009-3548'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.5.0|<=5.5.28|!=5.5.29', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.5.0|<=5.5.28|!=5.5.29', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2009-3548', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3548', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=919006', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2008-5515'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.5.0|<=5.5.27|!=5.5.28', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.5.0|<=5.5.27|!=5.5.28', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2008-5515', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5515', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=782757', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=783291', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2009-0033'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.5.0|<=5.5.27|!=5.5.28', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.5.0|<=5.5.27|!=5.5.28', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2009-0033', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0033', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=781362', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2009-0580'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.5.0|<=5.5.27|!=5.5.28', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.5.0|<=5.5.27|!=5.5.28', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2009-0580', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0580', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=781379', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2009-0781'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.5.0|<=5.5.27|!=5.5.28', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.5.0|<=5.5.27|!=5.5.28', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2009-0781', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0781', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=750928', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2009-0783'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.5.0|<=5.5.27|!=5.5.28', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.5.0|<=5.5.27|!=5.5.28', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2009-0783', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0783', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=681156', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=781542', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2008-1232'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.5.0|<=5.5.26|!=5.5.27', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.5.0|<=5.5.26|!=5.5.27', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2008-1232', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1232', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=680947', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2008-1947'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.5.9|<=5.5.26|!=5.5.27', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.5.9|<=5.5.26|!=5.5.27', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2008-1947', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1947', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=662583', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2008-2370'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.5.0|<=5.5.26|!=5.5.27', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.5.0|<=5.5.26|!=5.5.27', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2008-2370', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2370', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=680949', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2007-5333'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.5.0|<=5.5.25|!=5.5.26', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.5.0|<=5.5.25|!=5.5.26', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2007-5333', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5333', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2007-5342'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.5.9|<=5.5.25|!=5.5.26', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.5.9|<=5.5.25|!=5.5.26', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2007-5342', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5342', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2007-5461'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.5.0|<=5.5.25|!=5.5.26', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.5.0|<=5.5.25|!=5.5.26', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2007-5461', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5461', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2007-6286'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.5.11|<=5.5.25|!=5.5.26', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.5.11|<=5.5.25|!=5.5.26', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2007-6286', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6286', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2007-2449'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.0.0|<=5.0.30|>=5.5.0|<=5.5.24|!=5.5.25', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.0.0|<=5.0.30|>=5.5.0|<=5.5.24|!=5.5.25,', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2007-2449', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2449', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2007-2450'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.0.0|<=5.0.30|>=5.5.0|<=5.5.24|!=5.5.25', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.0.0|<=5.0.30|>=5.5.0|<=5.5.24|!=5.5.25,', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2007-2450', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2450', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2007-3382'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.0.0|<=5.0.30|>=5.5.0|<=5.5.24|!=5.5.25', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.0.0|<=5.0.30|>=5.5.0|<=5.5.24|!=5.5.25,', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2007-3382', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3382', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2007-3385'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.0.0|<=5.0.30|>=5.5.0|<=5.5.24|!=5.5.25', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.0.0|<=5.0.30|>=5.5.0|<=5.5.24|!=5.5.25,', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2007-3385', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3385', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2007-3386'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.5.0|<=5.5.24|!=5.5.25', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.5.0|<=5.5.24|!=5.5.25,', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2007-3386', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3386', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2007-1355'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.0.0|<=5.0.30|>=5.5.0|<=5.5.23|!=5.5.24', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.0.0|<=5.0.30|>=5.5.0|<=5.5.23|!=5.5.24,', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2007-1355', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1355', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2005-2090'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.0.0|<=5.0.30|>=5.5.0|<=5.5.22|!=5.5.23', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.0.0|<=5.0.30|>=5.5.0|<=5.5.22|!=5.5.23,', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2005-2090', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2090', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2007-0450'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.0.0|<=5.0.30|>=5.5.0|<=5.5.21|!=5.5.22', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.0.0|<=5.0.30|>=5.5.0|<=5.5.21|!=5.5.22,', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2007-0450', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0450', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2007-1358'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.0.0|<=5.0.30|>=5.5.0|<=5.5.20|!=5.5.21', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.0.0|<=5.0.30|>=5.5.0|<=5.5.20|!=5.5.21,', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2007-1358', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1358', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2008-0128'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.0.0|<=5.0.0+SVN|>=5.5.0|<=5.5.20|!=5.5.21', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.0.0|<=5.0.SVN|>=5.5.0|<=5.5.20|!=5.5.21', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2008-0128', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0128', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2008-4308'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.5.10|<=5.5.20|!=5.5.21', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.5.10|<=5.5.20|!=5.5.21', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2008-4308', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4308', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2006-7195'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.0.0|<=5.0.30|>=5.5.0|<=5.5.17|!=5.5.18', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.0.0|<=5.0.30|>=5.5.0|<=5.5.17|!=5.5.18,', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2006-7195', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7195', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2007-1858'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.0.0|<=5.0.30|>=5.5.0|<=5.5.16|!=5.5.17', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.0.0|<=5.0.30|>=5.5.0|<=5.5.16|!=5.5.17,', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2007-1858', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1858', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2006-7196'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.0.0|<=5.0.30|>=5.5.0|<=5.5.15|!=5.5.16', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.0.0|<=5.0.30|>=5.5.0|<=5.5.15|!=5.5.16,', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2006-7196', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7196', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2006-3835'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.0.0|<=5.0.30|>=5.5.0|<=5.5.12|!=5.5.13', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.0.0|<=5.0.30|>=5.5.0|<=5.5.12|!=5.5.13,', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2006-3835', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3835', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2005-3510'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.0.0|<=5.0.30|>=5.5.0|<=5.5.12|!=5.5.13', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.0.0|<=5.0.30|>=5.5.0|<=5.5.12|!=5.5.13,', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2005-3510', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3510', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2005-4838'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=5.0.0|<=5.0.30|>=5.5.0|<=5.5.6|!=5.5.7', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=5.0.0|<=5.0.30|>=5.5.0|<=5.5.6|!=5.5.7,', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2005-4838', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4838', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2008-3271'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/5.5.0|!=5.5.1', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/5.5.0|!=5.5.1', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2008-3271', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3271', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2005-4836'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/<=4.1.0+SVN|>=4.1.15', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/<=4.1.SVN|>=4.1.15', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2005-4836', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4836', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2008-5515'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=4.1.0|<=4.1.39|!=4.1.40', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=4.1.0|<=4.1.39|!=4.1.40', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2008-5515', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5515', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=782763', 'severities': []}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=783292', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2009-0033'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=4.1.0|<=4.1.39|!=4.1.40', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=4.1.0|<=4.1.39|!=4.1.40', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2009-0033', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0033', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=781362', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2009-0580'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=4.1.0|<=4.1.39|!=4.1.40', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=4.1.0|<=4.1.39|!=4.1.40', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2009-0580', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0580', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=781382', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2009-0781'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=4.1.0|<=4.1.39|!=4.1.40', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=4.1.0|<=4.1.39|!=4.1.40', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2009-0781', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0781', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=750927', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2009-0783'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=4.1.0|<=4.1.39|!=4.1.40', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=4.1.0|<=4.1.39|!=4.1.40', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2009-0783', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0783', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=781708', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2008-0128'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=4.1.0|<=4.1.37|!=4.1.39', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=4.1.0|<=4.1.37|!=4.1.39', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2008-0128', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0128', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=684900', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2008-1232'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=4.1.0|<=4.1.37|!=4.1.39', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=4.1.0|<=4.1.37|!=4.1.39', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2008-1232', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1232', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=680947', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2008-2370'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=4.1.0|<=4.1.37|!=4.1.39', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=4.1.0|<=4.1.37|!=4.1.39', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2008-2370', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2370', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}, {'reference_id': '', 'url': 'https://svn.apache.org/viewvc?view=rev&rev=680950', 'severities': []}], 'date_published': None} -{'aliases': ['CVE-2005-3164'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=4.0.1|<=4.0.6|>=4.1.0|<=4.1.36|!=4.1.37', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=4.0.1|<=4.0.6|>=4.1.0|<=4.1.36|!=4.1.37', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2005-3164', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3164', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2007-1355'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=4.0.1|<=4.0.6|>=4.1.0|<=4.1.36|!=4.1.37', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=4.0.1|<=4.0.6|>=4.1.0|<=4.1.36|!=4.1.37', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2007-1355', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1355', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2007-2449'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=4.0.0|<=4.0.6|>=4.1.0|<=4.1.36|!=4.1.37', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=4.0.0|<=4.0.6|>=4.1.0|<=4.1.36|!=4.1.37', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2007-2449', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2449', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2007-2450'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=4.0.1|<=4.0.6|>=4.1.0|<=4.1.36|!=4.1.37', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=4.0.1|<=4.0.6|>=4.1.0|<=4.1.36|!=4.1.37', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2007-2450', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2450', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2007-3382'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=4.1.0|<=4.1.36|!=4.1.37', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=4.1.0|<=4.1.36|!=4.1.37', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2007-3382', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3382', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2007-3383'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=4.0.0|<=4.0.6|>=4.1.0|<=4.1.36|!=4.1.37', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=4.0.0|<=4.0.6|>=4.1.0|<=4.1.36|!=4.1.37', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2007-3383', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3383', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2007-3385'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=4.1.0|<=4.1.36|!=4.1.37', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=4.1.0|<=4.1.36|!=4.1.37', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2007-3385', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3385', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2007-5333'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=4.1.0|<=4.1.36|!=4.1.37', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=4.1.0|<=4.1.36|!=4.1.37', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2007-5333', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5333', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2007-5461'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=4.0.0|<=4.0.6|>=4.1.0|<=4.1.36|!=4.1.37', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=4.0.0|<=4.0.6|>=4.1.0|<=4.1.36|!=4.1.37', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2007-5461', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5461', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2005-2090'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=4.0.0|<=4.0.6|>=4.1.0|<=4.1.34|!=4.1.36', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=4.0.0|<=4.0.6|>=4.1.0|<=4.1.34|!=4.1.36', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2005-2090', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2090', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2007-0450'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=4.0.0|<=4.0.6|>=4.1.0|<=4.1.34|!=4.1.36', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=4.0.0|<=4.0.6|>=4.1.0|<=4.1.34|!=4.1.36', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2007-0450', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0450', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2007-1358'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=4.0.0|<=4.0.6|>=4.1.0|<=4.1.34|!=4.1.36', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=4.0.0|<=4.0.6|>=4.1.0|<=4.1.34|!=4.1.36', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2007-1358', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1358', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2008-4308'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=4.1.32|<=4.1.34|!=4.1.35', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=4.1.32|<=4.1.34|!=4.1.35', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2008-4308', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4308', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2008-3271'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=4.1.0|<=4.1.31|!=4.1.32', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=4.1.0|<=4.1.31|!=4.1.32', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2008-3271', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3271', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2007-1858'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=4.1.28|<=4.1.31|!=4.1.32', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=4.1.28|<=4.1.31|!=4.1.32', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2007-1858', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1858', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2006-7196'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=4.0.0|<=4.0.6|>=4.1.0|<=4.1.31|!=4.1.32', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=4.0.0|<=4.0.6|>=4.1.0|<=4.1.31|!=4.1.32', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2006-7196', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7196', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2006-3835'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=4.0.0|<=4.0.6|>=4.1.0|<=4.1.31|!=4.1.32', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=4.0.0|<=4.0.6|>=4.1.0|<=4.1.31|!=4.1.32', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2006-3835', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3835', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2005-4838'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=4.0.0|<=4.0.6|>=4.1.0|<=4.1.31|!=4.1.32', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=4.0.0|<=4.0.6|>=4.1.0|<=4.1.31|!=4.1.32', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2005-4838', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4838', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2005-3510'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=4.0.0|<=4.0.6|>=4.1.0|<=4.1.31|!=4.1.32', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=4.0.0|<=4.0.6|>=4.1.0|<=4.1.31|!=4.1.32', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2005-3510', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3510', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2002-1567'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=4.1.0|<=4.1.28|!=4.1.29', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=4.1.0|<=4.1.28|!=4.1.29', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2002-1567', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1567', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2002-1394'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=4.0.0|<=4.0.5|>=4.1.0|<=4.1.12|!=4.1.13', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=4.0.0|<=4.0.5|>=4.1.0|<=4.1.12|!=4.1.13,', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2002-1394', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1394', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2002-0682'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=4.0.0|<=4.0.5|>=4.1.0|<=4.1.12|!=4.1.13', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=4.0.0|<=4.0.5|>=4.1.0|<=4.1.12|!=4.1.13,', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2002-0682', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0682', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2002-1148'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=4.0.0|<=4.0.4|>=4.1.0|<=4.1.11|!=4.1.12', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=4.0.0|<=4.0.4|>=4.1.0|<=4.1.11|!=4.1.12,', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2002-1148', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1148', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2002-0935'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=4.0.0|<=4.0.2|4.0.3|>=4.0.4|<=4.0.6|>=4.1.0|<=4.1.2|!=4.1.3', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=4.0.0|<=4.0.2|4.0.3|>=4.0.4|<=4.0.6|>=4.1.0|<=4.1.2|!=4.1.3', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2002-0935', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0935', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2003-0866'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=4.0.0|<=4.0.6|!=4.1.0', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=4.0.0|<=4.0.6|!=4.1.0', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2003-0866', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0866', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2002-2006'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=4.0.0|<=4.0.6|!=4.1.0', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=4.0.0|<=4.0.6|!=4.1.0', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2002-2006', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2006', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2002-2009'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=4.0.0|<=4.0.1|!=4.0.2', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=4.0.0|<=4.0.1|!=4.0.2', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2002-2009', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2009', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2001-0917'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=4.0.0|<=4.0.1|!=4.0.2', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=4.0.0|<=4.0.1|!=4.0.2', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2001-0917', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0917', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2002-0493'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/!=4.0.0|<4.0.0', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/!=4.0.0|<4.0.0', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2002-0493', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0493', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2005-0808'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/3.0.0|>=3.1.0|<=3.1.1|>=3.2.0|<=3.2.4|>=3.3.0-a|<=3.3.2', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/3.0|>=3.1|<=3.1.1|>=3.2|<=3.2.4|>=3.3a|<=3.3.2', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2005-0808', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0808', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2007-3382'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=3.3.0|<=3.3.2', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=3.3|<=3.3.2', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2007-3382', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3382', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2007-3384'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=3.3.0|<=3.3.2', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=3.3|<=3.3.2', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2007-3384', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3384', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2007-3385'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=3.3.0|<=3.3.2', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=3.3|<=3.3.2', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2007-3385', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3385', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2003-0044'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/3.0.0|>=3.1.0|<=3.1.1|>=3.2.0|<=3.2.4|>=3.3.0-a|<=3.3.1-a|!=3.3.2', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/3.0|>=3.1|<=3.1.1|>=3.2|<=3.2.4|>=3.3a|<=3.3.1a|!=3.3.2', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2003-0044', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0044', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2003-0043'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/3.0.0|>=3.1.0|<=3.1.1|>=3.2.0|<=3.2.4|>=3.3.0-a|!=3.3.1-a|<=3.3.1', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/3.0|>=3.1|<=3.1.1|>=3.2|<=3.2.4|>=3.3a|<=3.3.1|!=3.3.1a', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2003-0043', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0043', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2003-0042'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/3.0.0|>=3.1.0|<=3.1.1|>=3.2.0|<=3.2.4|>=3.3.0-a|!=3.3.1-a|<=3.3.1', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/3.0|>=3.1|<=3.1.1|>=3.2|<=3.2.4|>=3.3a|<=3.3.1|!=3.3.1a', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2003-0042', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0042', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2003-0045'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/3.0.0|>=3.1.0|<=3.1.1|>=3.2.0|<=3.2.4|3.3.0-a|!=3.3.1', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/3.0|>=3.1|<=3.1.1|>=3.2|<=3.2.4|3.3a|!=3.3.1', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2003-0045', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0045', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2002-2007'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=3.2.3|<=3.2.4|!=3.3.0-a', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=3.2.3|<=3.2.4|!=3.3a', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2002-2007', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2007', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2002-2006'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=3.1.0|<=3.1.1|>=3.2.0|<=3.2.4|!=3.3.0-a', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=3.1|<=3.1.1|>=3.2|<=3.2.4|!=3.3a', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2002-2006', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2006', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2000-0760'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/>=3.1.0|<=3.1.1|>=3.2.0|<=3.2.4|!=3.3.0-a', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/>=3.1|<=3.1.1|>=3.2|<=3.2.4|!=3.3a', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2000-0760', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0760', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2001-1563'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/3.2.0|3.2.1|>=3.2.2|<=3.2.3|!=3.2.4', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/3.2|3.2.1|>=3.2.2|<=3.2.3|!=3.2.4', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2001-1563', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-1563', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2001-0829'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/3.0.0|>=3.1.0|<=3.1.1|>=3.2.0|<=3.2.1|!=3.2.2', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/3.0|>=3.1|<=3.1.1|>=3.2|<=3.2.1|!=3.2.2', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2001-0829', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0829', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2001-0590'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/3.0.0|>=3.1.0|<=3.1.1|>=3.2.0|<=3.2.1|!=3.2.2', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/3.0|>=3.1|<=3.1.1|>=3.2|<=3.2.1|!=3.2.2', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2001-0590', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0590', 'severities': [{'system': 'apache_tomcat', 'value': 'Moderate', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2000-0759'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/3.1.0|!=3.2.0', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/3.1|!=3.2', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2000-0759', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0759', 'severities': [{'system': 'apache_tomcat', 'value': 'Low', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2000-0672'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/3.1.0|!=3.2.0', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/3.1|!=3.2', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2000-0672', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0672', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}], 'date_published': None} -{'aliases': ['CVE-2000-1210'], 'summary': '', 'affected_packages': [{'package': {'type': 'apache', 'namespace': None, 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:apache/3.0.0|!=3.1.0', 'fixed_version': None}, {'package': {'type': 'maven', 'namespace': 'org.apache.tomcat', 'name': 'tomcat', 'version': None, 'qualifiers': None, 'subpath': None}, 'affected_version_range': 'vers:maven/3.0|!=3.1', 'fixed_version': None}], 'references': [{'reference_id': 'CVE-2000-1210', 'url': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-1210', 'severities': [{'system': 'apache_tomcat', 'value': 'Important', 'scoring_elements': ''}]}], 'date_published': None} diff --git a/vulnerabilities/tests/test_data/apache_tomcat/trace/record_of_all_reported_advisories_test03-2023-01-06-00.txt b/vulnerabilities/tests/test_data/apache_tomcat/trace/record_of_all_reported_advisories_test03-2023-01-06-00.txt deleted file mode 100644 index 4915f8ba7..000000000 --- a/vulnerabilities/tests/test_data/apache_tomcat/trace/record_of_all_reported_advisories_test03-2023-01-06-00.txt +++ /dev/null @@ -1,452 +0,0 @@ -AdvisoryData(aliases=['CVE-2020-9484'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=SemverVersion(string='9.0.41')), VersionConstraint(comparator='!=', version=SemverVersion(string='9.0.43')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=MavenVersion(string='9.0.41')), VersionConstraint(comparator='!=', version=MavenVersion(string='9.0.43')))), fixed_version=None)], references=[Reference(reference_id='CVE-2020-9484', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9484', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/4785433a226a20df6acbea49296e1ce7e23de453', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2021-25329'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=SemverVersion(string='9.0.41')), VersionConstraint(comparator='!=', version=SemverVersion(string='9.0.43')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=MavenVersion(string='9.0.41')), VersionConstraint(comparator='!=', version=MavenVersion(string='9.0.43')))), fixed_version=None)], references=[Reference(reference_id='CVE-2021-25329', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25329', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/4785433a226a20df6acbea49296e1ce7e23de453', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2021-25122'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=SemverVersion(string='9.0.41')), VersionConstraint(comparator='!=', version=SemverVersion(string='9.0.43')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=MavenVersion(string='9.0.41')), VersionConstraint(comparator='!=', version=MavenVersion(string='9.0.43')))), fixed_version=None)], references=[Reference(reference_id='CVE-2021-25122', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25122', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/d47c20a776e8919eaca8da9390a32bc8bf8210b1', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2020-9484'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=SemverVersion(string='9.0.34')), VersionConstraint(comparator='!=', version=SemverVersion(string='9.0.35')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=MavenVersion(string='9.0.34')), VersionConstraint(comparator='!=', version=MavenVersion(string='9.0.35')))), fixed_version=None)], references=[Reference(reference_id='CVE-2020-9484', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9484', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/3aa8f28db7efb311cdd1b6fe15a9cd3b167a2222', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2018-8014'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=SemverVersion(string='9.0.8')), VersionConstraint(comparator='!=', version=SemverVersion(string='9.0.9')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=MavenVersion(string='9.0.8')), VersionConstraint(comparator='!=', version=MavenVersion(string='9.0.9')))), fixed_version=None)], references=[Reference(reference_id='CVE-2018-8014', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8014', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1831726', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2016-3092'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='8.0.0.RC1')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.0.35')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.0.36')), VersionConstraint(comparator='>=', version=SemverVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.5.2')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.5.3')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='8.0.0.RC1')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.0.35')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.0.36')), VersionConstraint(comparator='>=', version=MavenVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.5.2')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.5.3')))), fixed_version=None)], references=[Reference(reference_id='CVE-2016-3092', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3092', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Moderate', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1743722', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1743738', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2008-5515'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='5.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='5.5.27')), VersionConstraint(comparator='!=', version=SemverVersion(string='5.5.28')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='5.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='5.5.27')), VersionConstraint(comparator='!=', version=MavenVersion(string='5.5.28')))), fixed_version=None)], references=[Reference(reference_id='CVE-2008-5515', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5515', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=782757', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=783291', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2009-0033'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='5.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='5.5.27')), VersionConstraint(comparator='!=', version=SemverVersion(string='5.5.28')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='5.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='5.5.27')), VersionConstraint(comparator='!=', version=MavenVersion(string='5.5.28')))), fixed_version=None)], references=[Reference(reference_id='CVE-2009-0033', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0033', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=781362', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2009-0580'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='5.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='5.5.27')), VersionConstraint(comparator='!=', version=SemverVersion(string='5.5.28')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='5.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='5.5.27')), VersionConstraint(comparator='!=', version=MavenVersion(string='5.5.28')))), fixed_version=None)], references=[Reference(reference_id='CVE-2009-0580', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0580', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=781379', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2009-0781'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='5.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='5.5.27')), VersionConstraint(comparator='!=', version=SemverVersion(string='5.5.28')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='5.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='5.5.27')), VersionConstraint(comparator='!=', version=MavenVersion(string='5.5.28')))), fixed_version=None)], references=[Reference(reference_id='CVE-2009-0781', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0781', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=750928', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2009-0783'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='5.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='5.5.27')), VersionConstraint(comparator='!=', version=SemverVersion(string='5.5.28')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='5.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='5.5.27')), VersionConstraint(comparator='!=', version=MavenVersion(string='5.5.28')))), fixed_version=None)], references=[Reference(reference_id='CVE-2009-0783', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0783', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=681156', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=781542', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2005-4836'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='<=', version=SemverVersion(string='4.1.SVN')), VersionConstraint(comparator='>=', version=SemverVersion(string='4.1.15')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='<=', version=MavenVersion(string='4.1.SVN')), VersionConstraint(comparator='>=', version=MavenVersion(string='4.1.15')))), fixed_version=None)], references=[Reference(reference_id='CVE-2005-4836', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4836', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Moderate', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2008-4308'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='4.1.32')), VersionConstraint(comparator='<=', version=SemverVersion(string='4.1.34')), VersionConstraint(comparator='!=', version=SemverVersion(string='4.1.35')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='4.1.32')), VersionConstraint(comparator='<=', version=MavenVersion(string='4.1.34')), VersionConstraint(comparator='!=', version=MavenVersion(string='4.1.35')))), fixed_version=None)], references=[Reference(reference_id='CVE-2008-4308', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4308', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2002-0935'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='4.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='4.0.2')), VersionConstraint(comparator='=', version=SemverVersion(string='4.0.3')), VersionConstraint(comparator='>=', version=SemverVersion(string='4.0.4')), VersionConstraint(comparator='<=', version=SemverVersion(string='4.0.6')), VersionConstraint(comparator='>=', version=SemverVersion(string='4.1.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='4.1.2')), VersionConstraint(comparator='!=', version=SemverVersion(string='4.1.3')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='4.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='4.0.2')), VersionConstraint(comparator='=', version=MavenVersion(string='4.0.3')), VersionConstraint(comparator='>=', version=MavenVersion(string='4.0.4')), VersionConstraint(comparator='<=', version=MavenVersion(string='4.0.6')), VersionConstraint(comparator='>=', version=MavenVersion(string='4.1.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='4.1.2')), VersionConstraint(comparator='!=', version=MavenVersion(string='4.1.3')))), fixed_version=None)], references=[Reference(reference_id='CVE-2002-0935', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0935', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2002-2007'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='3.2.3')), VersionConstraint(comparator='<=', version=SemverVersion(string='3.2.4')), VersionConstraint(comparator='!=', version=SemverVersion(string='3.3a')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='3.2.3')), VersionConstraint(comparator='<=', version=MavenVersion(string='3.2.4')), VersionConstraint(comparator='!=', version=MavenVersion(string='3.3a')))), fixed_version=None)], references=[Reference(reference_id='CVE-2002-2007', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2007', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Moderate', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2002-2006'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='3.1')), VersionConstraint(comparator='<=', version=SemverVersion(string='3.1.1')), VersionConstraint(comparator='>=', version=SemverVersion(string='3.2')), VersionConstraint(comparator='<=', version=SemverVersion(string='3.2.4')), VersionConstraint(comparator='!=', version=SemverVersion(string='3.3a')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='3.1')), VersionConstraint(comparator='<=', version=MavenVersion(string='3.1.1')), VersionConstraint(comparator='>=', version=MavenVersion(string='3.2')), VersionConstraint(comparator='<=', version=MavenVersion(string='3.2.4')), VersionConstraint(comparator='!=', version=MavenVersion(string='3.3a')))), fixed_version=None)], references=[Reference(reference_id='CVE-2002-2006', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2006', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2000-0760'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='3.1')), VersionConstraint(comparator='<=', version=SemverVersion(string='3.1.1')), VersionConstraint(comparator='>=', version=SemverVersion(string='3.2')), VersionConstraint(comparator='<=', version=SemverVersion(string='3.2.4')), VersionConstraint(comparator='!=', version=SemverVersion(string='3.3a')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='3.1')), VersionConstraint(comparator='<=', version=MavenVersion(string='3.1.1')), VersionConstraint(comparator='>=', version=MavenVersion(string='3.2')), VersionConstraint(comparator='<=', version=MavenVersion(string='3.2.4')), VersionConstraint(comparator='!=', version=MavenVersion(string='3.3a')))), fixed_version=None)], references=[Reference(reference_id='CVE-2000-0760', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0760', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2022-42252'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='10.0.0-M1')), VersionConstraint(comparator='<=', version=SemverVersion(string='10.0.26')), VersionConstraint(comparator='!=', version=SemverVersion(string='10.0.27')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='10.0.0-M1')), VersionConstraint(comparator='<=', version=MavenVersion(string='10.0.26')), VersionConstraint(comparator='!=', version=MavenVersion(string='10.0.27')))), fixed_version=None)], references=[Reference(reference_id='CVE-2022-42252', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42252', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/0d089a15047faf9cb3c82f80f4d28febd4798920', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2022-45143'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='10.1.0-M1')), VersionConstraint(comparator='<=', version=SemverVersion(string='10.1.1')), VersionConstraint(comparator='!=', version=SemverVersion(string='10.1.2')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='10.1.0-M1')), VersionConstraint(comparator='<=', version=MavenVersion(string='10.1.1')), VersionConstraint(comparator='!=', version=MavenVersion(string='10.1.2')))), fixed_version=None)], references=[Reference(reference_id='CVE-2022-45143', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45143', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/6a0ac6a438cbbb66b6e9c5223842f53bf0cb50aa', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2022-42252'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='10.1.0-M1')), VersionConstraint(comparator='<=', version=SemverVersion(string='10.1.0')), VersionConstraint(comparator='!=', version=SemverVersion(string='10.1.1')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='10.1.0-M1')), VersionConstraint(comparator='<=', version=MavenVersion(string='10.1.0')), VersionConstraint(comparator='!=', version=MavenVersion(string='10.1.1')))), fixed_version=None)], references=[Reference(reference_id='CVE-2022-42252', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42252', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/c9fe754e5d17e262dfbd3eab2a03ca96ff372dc3', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2022-34305'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='10.0.0-M1')), VersionConstraint(comparator='<=', version=SemverVersion(string='10.0.22')), VersionConstraint(comparator='!=', version=SemverVersion(string='10.0.23')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='10.0.0-M1')), VersionConstraint(comparator='<=', version=MavenVersion(string='10.0.22')), VersionConstraint(comparator='!=', version=MavenVersion(string='10.0.23')))), fixed_version=None)], references=[Reference(reference_id='CVE-2022-34305', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34305', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/1a7e95d9c3ef18c4efb5eb997fd1553a71dc6c80', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2022-34305'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='10.1.0-M1')), VersionConstraint(comparator='<=', version=SemverVersion(string='10.1.0-M16')), VersionConstraint(comparator='!=', version=SemverVersion(string='10.1.0-M17')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='10.1.0-M1')), VersionConstraint(comparator='<=', version=MavenVersion(string='10.1.0-M16')), VersionConstraint(comparator='!=', version=MavenVersion(string='10.1.0-M17')))), fixed_version=None)], references=[Reference(reference_id='CVE-2022-34305', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34305', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/d6251d1cfb683f1bdd00ed022ac8e9b9a7e7792c', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2022-29885'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='10.0.0-M1')), VersionConstraint(comparator='<=', version=SemverVersion(string='10.0.20')), VersionConstraint(comparator='!=', version=SemverVersion(string='10.0.21')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='10.0.0-M1')), VersionConstraint(comparator='<=', version=MavenVersion(string='10.0.20')), VersionConstraint(comparator='!=', version=MavenVersion(string='10.0.21')))), fixed_version=None)], references=[Reference(reference_id='CVE-2022-29885', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29885', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/36826ea638457d7e17876a70f89cb435b6db0d91', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2022-29885'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='10.1.0-M1')), VersionConstraint(comparator='<=', version=SemverVersion(string='10.1.0-M14')), VersionConstraint(comparator='!=', version=SemverVersion(string='10.1.0-M15')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='10.1.0-M1')), VersionConstraint(comparator='<=', version=MavenVersion(string='10.1.0-M14')), VersionConstraint(comparator='!=', version=MavenVersion(string='10.1.0-M15')))), fixed_version=None)], references=[Reference(reference_id='CVE-2022-29885', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29885', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/0fa7721f11d565a2cd2e44366c388ad6a3e6357d', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2021-43980'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='10.0.0-M1')), VersionConstraint(comparator='<=', version=SemverVersion(string='10.0.18')), VersionConstraint(comparator='!=', version=SemverVersion(string='10.0.20')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='10.0.0-M1')), VersionConstraint(comparator='<=', version=MavenVersion(string='10.0.18')), VersionConstraint(comparator='!=', version=MavenVersion(string='10.0.20')))), fixed_version=None)], references=[Reference(reference_id='CVE-2021-43980', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43980', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='High', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/17f177eeb7df5938f67ef9ea580411b120195f13', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2021-43980'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='10.1.0-M1')), VersionConstraint(comparator='<=', version=SemverVersion(string='10.1.0-M12')), VersionConstraint(comparator='!=', version=SemverVersion(string='10.1.0-M14')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='10.1.0-M1')), VersionConstraint(comparator='<=', version=MavenVersion(string='10.1.0-M12')), VersionConstraint(comparator='!=', version=MavenVersion(string='10.1.0-M14')))), fixed_version=None)], references=[Reference(reference_id='CVE-2021-43980', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43980', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='High', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/9651b83a1d04583791525e5f0c4c9089f678d9fc', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2022-23181'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='10.0.0-M5')), VersionConstraint(comparator='<=', version=SemverVersion(string='10.0.14')), VersionConstraint(comparator='!=', version=SemverVersion(string='10.0.16')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='10.0.0-M5')), VersionConstraint(comparator='<=', version=MavenVersion(string='10.0.14')), VersionConstraint(comparator='!=', version=MavenVersion(string='10.0.16')))), fixed_version=None)], references=[Reference(reference_id='CVE-2022-23181', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23181', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/094800b12d6c958d7b4540372c5a95698658ada1', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2022-23181'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='10.1.0-M1')), VersionConstraint(comparator='!=', version=SemverVersion(string='10.1.0-M10')), VersionConstraint(comparator='<=', version=SemverVersion(string='10.1.0-M8')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='10.1.0-M1')), VersionConstraint(comparator='<=', version=MavenVersion(string='10.1.0-M8')), VersionConstraint(comparator='!=', version=MavenVersion(string='10.1.0-M10')))), fixed_version=None)], references=[Reference(reference_id='CVE-2022-23181', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23181', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/70da1aaa51e0f9d088438e9d958812a144e12754', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2021-42340'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='10.0.0-M10')), VersionConstraint(comparator='<=', version=SemverVersion(string='10.0.11')), VersionConstraint(comparator='!=', version=SemverVersion(string='10.0.12')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='10.0.0-M10')), VersionConstraint(comparator='<=', version=MavenVersion(string='10.0.11')), VersionConstraint(comparator='!=', version=MavenVersion(string='10.0.12')))), fixed_version=None)], references=[Reference(reference_id='CVE-2021-42340', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42340', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/31d62426645824bdfe076a0c0eafa904d90b4fb9', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2021-42340'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='10.1.0-M1')), VersionConstraint(comparator='<=', version=SemverVersion(string='10.1.0-M5')), VersionConstraint(comparator='!=', version=SemverVersion(string='10.1.0-M6')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='10.1.0-M1')), VersionConstraint(comparator='<=', version=MavenVersion(string='10.1.0-M5')), VersionConstraint(comparator='!=', version=MavenVersion(string='10.1.0-M6')))), fixed_version=None)], references=[Reference(reference_id='CVE-2021-42340', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42340', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/d5a6660cba7f51589468937bf3bbad4db7810371', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2021-33037'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='10.0.0-M1')), VersionConstraint(comparator='<=', version=SemverVersion(string='10.0.6')), VersionConstraint(comparator='!=', version=SemverVersion(string='10.0.7')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='10.0.0-M1')), VersionConstraint(comparator='<=', version=MavenVersion(string='10.0.6')), VersionConstraint(comparator='!=', version=MavenVersion(string='10.0.7')))), fixed_version=None)], references=[Reference(reference_id='CVE-2021-33037', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33037', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/eee0d024c1b3171560c92eaba79dd6eb8eb11bcd', severities=[]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/506134f957a4be2c5b4a9334f7b3435fc954dbc1', severities=[]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/19d11556d0db99df291df33605f137976d152475', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2021-30640'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='10.0.0-M1')), VersionConstraint(comparator='<=', version=SemverVersion(string='10.0.5')), VersionConstraint(comparator='!=', version=SemverVersion(string='10.0.6')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='10.0.0-M1')), VersionConstraint(comparator='<=', version=MavenVersion(string='10.0.5')), VersionConstraint(comparator='!=', version=MavenVersion(string='10.0.6')))), fixed_version=None)], references=[Reference(reference_id='CVE-2021-30640', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30640', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/f4d9bdef53ec009b7717620d890465fa273721a6', severities=[]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/4e61e1d625a4a64d6b775e3a03c77a0b100d56d7', severities=[]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/d5303a506c7533803d2b3bc46e6120ce673a6667', severities=[]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/b930d0b3161d9ec78d5fa57f886ed2de4680518b', severities=[]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/17208c645d68d2af1444ee8c64f36a9b8f0ba76f', severities=[]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/bd4d1fbe9146dff4714130594afd668406a6a5ef', severities=[]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/81f16b0a7186ed02efbfac336589d6cff28d1e89', severities=[]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/eeb7351219bd8803c0053e1e80444664a7cf5b51', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2021-30639'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='10.0.3')), VersionConstraint(comparator='<=', version=SemverVersion(string='10.0.4')), VersionConstraint(comparator='!=', version=SemverVersion(string='10.0.5')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='10.0.3')), VersionConstraint(comparator='<=', version=MavenVersion(string='10.0.4')), VersionConstraint(comparator='!=', version=MavenVersion(string='10.0.5')))), fixed_version=None)], references=[Reference(reference_id='CVE-2021-30639', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30639', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/b59099e4ca501a039510334ebe1024971cd6f959', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2021-41079'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='10.0.0-M1')), VersionConstraint(comparator='<=', version=SemverVersion(string='10.0.2')), VersionConstraint(comparator='!=', version=SemverVersion(string='10.0.4')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='10.0.0-M1')), VersionConstraint(comparator='<=', version=MavenVersion(string='10.0.2')), VersionConstraint(comparator='!=', version=MavenVersion(string='10.0.4')))), fixed_version=None)], references=[Reference(reference_id='CVE-2021-41079', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41079', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/34115fb3c83f6cd97772232316a492a4cc5729e0', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2020-9484'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='10.0.0-M1')), VersionConstraint(comparator='<=', version=SemverVersion(string='10.0.0')), VersionConstraint(comparator='!=', version=SemverVersion(string='10.0.2')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='10.0.0-M1')), VersionConstraint(comparator='<=', version=MavenVersion(string='10.0.0')), VersionConstraint(comparator='!=', version=MavenVersion(string='10.0.2')))), fixed_version=None)], references=[Reference(reference_id='CVE-2020-9484', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9484', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/6d66e99ef85da93e4d2c2a536ca51aa3418bfaf4', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2021-25329'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='10.0.0-M1')), VersionConstraint(comparator='<=', version=SemverVersion(string='10.0.0')), VersionConstraint(comparator='!=', version=SemverVersion(string='10.0.2')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='10.0.0-M1')), VersionConstraint(comparator='<=', version=MavenVersion(string='10.0.0')), VersionConstraint(comparator='!=', version=MavenVersion(string='10.0.2')))), fixed_version=None)], references=[Reference(reference_id='CVE-2021-25329', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25329', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/6d66e99ef85da93e4d2c2a536ca51aa3418bfaf4', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2021-25122'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='10.0.0-M1')), VersionConstraint(comparator='<=', version=SemverVersion(string='10.0.0')), VersionConstraint(comparator='!=', version=SemverVersion(string='10.0.2')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='10.0.0-M1')), VersionConstraint(comparator='<=', version=MavenVersion(string='10.0.0')), VersionConstraint(comparator='!=', version=MavenVersion(string='10.0.2')))), fixed_version=None)], references=[Reference(reference_id='CVE-2021-25122', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25122', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/dd757c0a893e2e35f8bc1385d6967221ae8b9b9b', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2021-24122'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='10.0.0-M1')), VersionConstraint(comparator='!=', version=SemverVersion(string='10.0.0-M10')), VersionConstraint(comparator='<=', version=SemverVersion(string='10.0.0-M9')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='10.0.0-M1')), VersionConstraint(comparator='<=', version=MavenVersion(string='10.0.0-M9')), VersionConstraint(comparator='!=', version=MavenVersion(string='10.0.0-M10')))), fixed_version=None)], references=[Reference(reference_id='CVE-2021-24122', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24122', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/7f004ac4531c45f9a2a2d1470561fe135cf27bc2', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2020-17527'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='10.0.0-M1')), VersionConstraint(comparator='!=', version=SemverVersion(string='10.0.0-M10')), VersionConstraint(comparator='<=', version=SemverVersion(string='10.0.0-M9')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='10.0.0-M1')), VersionConstraint(comparator='<=', version=MavenVersion(string='10.0.0-M9')), VersionConstraint(comparator='!=', version=MavenVersion(string='10.0.0-M10')))), fixed_version=None)], references=[Reference(reference_id='CVE-2020-17527', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17527', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Moderate', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/8d2fe6894d6e258a6d615d7f786acca80e6020cb', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2020-13943'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='10.0.0-M1')), VersionConstraint(comparator='<=', version=SemverVersion(string='10.0.0-M7')), VersionConstraint(comparator='!=', version=SemverVersion(string='10.0.0-M8')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='10.0.0-M1')), VersionConstraint(comparator='<=', version=MavenVersion(string='10.0.0-M7')), VersionConstraint(comparator='!=', version=MavenVersion(string='10.0.0-M8')))), fixed_version=None)], references=[Reference(reference_id='CVE-2020-13943', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13943', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Moderate', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/1bbc650cbc3f08d85a1ec6d803c47ae53a84f3bb', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2020-13935'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='10.0.0-M1')), VersionConstraint(comparator='<=', version=SemverVersion(string='10.0.0-M6')), VersionConstraint(comparator='!=', version=SemverVersion(string='10.0.0-M7')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='10.0.0-M1')), VersionConstraint(comparator='<=', version=MavenVersion(string='10.0.0-M6')), VersionConstraint(comparator='!=', version=MavenVersion(string='10.0.0-M7')))), fixed_version=None)], references=[Reference(reference_id='CVE-2020-13935', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13935', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/1c1c77b0efb667cea80b532440b44cea1dc427c3', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2020-13934'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='10.0.0-M1')), VersionConstraint(comparator='<=', version=SemverVersion(string='10.0.0-M6')), VersionConstraint(comparator='!=', version=SemverVersion(string='10.0.0-M7')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='10.0.0-M1')), VersionConstraint(comparator='<=', version=MavenVersion(string='10.0.0-M6')), VersionConstraint(comparator='!=', version=MavenVersion(string='10.0.0-M7')))), fixed_version=None)], references=[Reference(reference_id='CVE-2020-13934', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13934', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Moderate', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/c9167ae30f3b03b112f3d81772e3450b7d0e6a25', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2020-11996'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='10.0.0-M1')), VersionConstraint(comparator='<=', version=SemverVersion(string='10.0.0-M5')), VersionConstraint(comparator='!=', version=SemverVersion(string='10.0.0-M6')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='10.0.0-M1')), VersionConstraint(comparator='<=', version=MavenVersion(string='10.0.0-M5')), VersionConstraint(comparator='!=', version=MavenVersion(string='10.0.0-M6')))), fixed_version=None)], references=[Reference(reference_id='CVE-2020-11996', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11996', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/9434a44d3449d620b1be70206819f8275b4a7509', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2020-9484'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='10.0.0-M1')), VersionConstraint(comparator='<=', version=SemverVersion(string='10.0.0-M4')), VersionConstraint(comparator='!=', version=SemverVersion(string='10.0.0-M5')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='10.0.0-M1')), VersionConstraint(comparator='<=', version=MavenVersion(string='10.0.0-M4')), VersionConstraint(comparator='!=', version=MavenVersion(string='10.0.0-M5')))), fixed_version=None)], references=[Reference(reference_id='CVE-2020-9484', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9484', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/bb33048e3f9b4f2b70e4da2e6c4e34ca89023b1b', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2022-45143'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='9.0.40')), VersionConstraint(comparator='<=', version=SemverVersion(string='9.0.68')), VersionConstraint(comparator='!=', version=SemverVersion(string='9.0.69')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='9.0.40')), VersionConstraint(comparator='<=', version=MavenVersion(string='9.0.68')), VersionConstraint(comparator='!=', version=MavenVersion(string='9.0.69')))), fixed_version=None)], references=[Reference(reference_id='CVE-2022-45143', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45143', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/b336f4e58893ea35114f1e4a415657f723b1298e', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2022-42252'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='9.0.0-M1')), VersionConstraint(comparator='<=', version=SemverVersion(string='9.0.67')), VersionConstraint(comparator='!=', version=SemverVersion(string='9.0.68')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='9.0.0-M1')), VersionConstraint(comparator='<=', version=MavenVersion(string='9.0.67')), VersionConstraint(comparator='!=', version=MavenVersion(string='9.0.68')))), fixed_version=None)], references=[Reference(reference_id='CVE-2022-42252', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42252', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/4c7f4fd09d2cc1692112ef70b8ee23a7a037ae77', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2022-34305'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='9.0.30')), VersionConstraint(comparator='<=', version=SemverVersion(string='9.0.64')), VersionConstraint(comparator='!=', version=SemverVersion(string='9.0.65')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='9.0.30')), VersionConstraint(comparator='<=', version=MavenVersion(string='9.0.64')), VersionConstraint(comparator='!=', version=MavenVersion(string='9.0.65')))), fixed_version=None)], references=[Reference(reference_id='CVE-2022-34305', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34305', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/8b60af90b99945379c2d1003277e0cabc6776bac', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2022-29885'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='9.0.13')), VersionConstraint(comparator='<=', version=SemverVersion(string='9.0.62')), VersionConstraint(comparator='!=', version=SemverVersion(string='9.0.63')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='9.0.13')), VersionConstraint(comparator='<=', version=MavenVersion(string='9.0.62')), VersionConstraint(comparator='!=', version=MavenVersion(string='9.0.63')))), fixed_version=None)], references=[Reference(reference_id='CVE-2022-29885', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29885', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/eaafd28296c54d983e28a47953c1f5cb2c334f48', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2021-43980'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='9.0.0-M1')), VersionConstraint(comparator='<=', version=SemverVersion(string='9.0.60')), VersionConstraint(comparator='!=', version=SemverVersion(string='9.0.62')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='9.0.0-M1')), VersionConstraint(comparator='<=', version=MavenVersion(string='9.0.60')), VersionConstraint(comparator='!=', version=MavenVersion(string='9.0.62')))), fixed_version=None)], references=[Reference(reference_id='CVE-2021-43980', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43980', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='High', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/170e0f792bd18ff031677890ba2fe50eb7a376c1', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2022-23181'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='9.0.35')), VersionConstraint(comparator='<=', version=SemverVersion(string='9.0.56')), VersionConstraint(comparator='!=', version=SemverVersion(string='9.0.58')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='9.0.35')), VersionConstraint(comparator='<=', version=MavenVersion(string='9.0.56')), VersionConstraint(comparator='!=', version=MavenVersion(string='9.0.58')))), fixed_version=None)], references=[Reference(reference_id='CVE-2022-23181', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23181', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/1385c624b4a1e994426e810075c850edc38a700e', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2021-42340'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='9.0.40')), VersionConstraint(comparator='<=', version=SemverVersion(string='9.0.53')), VersionConstraint(comparator='!=', version=SemverVersion(string='9.0.54')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='9.0.40')), VersionConstraint(comparator='<=', version=MavenVersion(string='9.0.53')), VersionConstraint(comparator='!=', version=MavenVersion(string='9.0.54')))), fixed_version=None)], references=[Reference(reference_id='CVE-2021-42340', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42340', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/80f1438ec45e77a07b96419808971838d259eb47', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2021-33037'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=SemverVersion(string='9.0.46')), VersionConstraint(comparator='!=', version=SemverVersion(string='9.0.48')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=MavenVersion(string='9.0.46')), VersionConstraint(comparator='!=', version=MavenVersion(string='9.0.48')))), fixed_version=None)], references=[Reference(reference_id='CVE-2021-33037', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33037', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/45d70a86a901cbd534f8f570bed2aec9f7f7b88e', severities=[]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/05f9e8b00f5d9251fcd3c95dcfd6cf84177f46c8', severities=[]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/a2c3dc4c96168743ac0bab613709a5bbdaec41d0', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2021-30640'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=SemverVersion(string='9.0.45')), VersionConstraint(comparator='!=', version=SemverVersion(string='9.0.46')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=MavenVersion(string='9.0.45')), VersionConstraint(comparator='!=', version=MavenVersion(string='9.0.46')))), fixed_version=None)], references=[Reference(reference_id='CVE-2021-30640', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30640', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/c4df8d44a959a937d507d15e5b1ca35c3dbc41eb', severities=[]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/749f3cc192c68c34f2375509aea087be45fc4434', severities=[]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/c6b6e1015ae44c936971b6bf8bce70987935b92e', severities=[]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/91ecdc61ce3420054c04114baaaf1c1e0cbd5d56', severities=[]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/e50067486cf86564175ca0cfdcbf7d209c6df862', severities=[]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/b5585a9e5d4fec020cc5ebadb82f899fae22bc43', severities=[]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/329932012d3a9b95fde0b18618416e659ecffdc0', severities=[]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/3ce84512ed8783577d9945df28da5a033465b945', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2021-30639'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='=', version=SemverVersion(string='9.0.44')), VersionConstraint(comparator='!=', version=SemverVersion(string='9.0.45')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='=', version=MavenVersion(string='9.0.44')), VersionConstraint(comparator='!=', version=MavenVersion(string='9.0.45')))), fixed_version=None)], references=[Reference(reference_id='CVE-2021-30639', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30639', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/8ece47c4a9fb9349e8862c84358a4dd23c643a24', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2021-41079'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='9.0.0-M1')), VersionConstraint(comparator='<=', version=SemverVersion(string='9.0.43')), VersionConstraint(comparator='!=', version=SemverVersion(string='9.0.44')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='9.0.0-M1')), VersionConstraint(comparator='<=', version=MavenVersion(string='9.0.43')), VersionConstraint(comparator='!=', version=MavenVersion(string='9.0.44')))), fixed_version=None)], references=[Reference(reference_id='CVE-2021-41079', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41079', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/d4b340fa8feaf55831f9a59350578f7b6ca048b8', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2020-9484'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=SemverVersion(string='9.0.41')), VersionConstraint(comparator='!=', version=SemverVersion(string='9.0.43')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=MavenVersion(string='9.0.41')), VersionConstraint(comparator='!=', version=MavenVersion(string='9.0.43')))), fixed_version=None)], references=[Reference(reference_id='CVE-2020-9484', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9484', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/4785433a226a20df6acbea49296e1ce7e23de453', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2021-25329'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=SemverVersion(string='9.0.41')), VersionConstraint(comparator='!=', version=SemverVersion(string='9.0.43')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=MavenVersion(string='9.0.41')), VersionConstraint(comparator='!=', version=MavenVersion(string='9.0.43')))), fixed_version=None)], references=[Reference(reference_id='CVE-2021-25329', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25329', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/4785433a226a20df6acbea49296e1ce7e23de453', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2021-25122'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=SemverVersion(string='9.0.41')), VersionConstraint(comparator='!=', version=SemverVersion(string='9.0.43')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=MavenVersion(string='9.0.41')), VersionConstraint(comparator='!=', version=MavenVersion(string='9.0.43')))), fixed_version=None)], references=[Reference(reference_id='CVE-2021-25122', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25122', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/d47c20a776e8919eaca8da9390a32bc8bf8210b1', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2021-24122'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=SemverVersion(string='9.0.39')), VersionConstraint(comparator='!=', version=SemverVersion(string='9.0.40')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=MavenVersion(string='9.0.39')), VersionConstraint(comparator='!=', version=MavenVersion(string='9.0.40')))), fixed_version=None)], references=[Reference(reference_id='CVE-2021-24122', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24122', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/935fc5582dc25ae10bab6f9d5629ff8d996cb533', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2020-17527'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='9.0.0-M1')), VersionConstraint(comparator='<=', version=SemverVersion(string='9.0.39')), VersionConstraint(comparator='!=', version=SemverVersion(string='9.0.40')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='9.0.0-M1')), VersionConstraint(comparator='<=', version=MavenVersion(string='9.0.39')), VersionConstraint(comparator='!=', version=MavenVersion(string='9.0.40')))), fixed_version=None)], references=[Reference(reference_id='CVE-2020-17527', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17527', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Moderate', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/d56293f816d6dc9e2b47107f208fa9e95db58c65', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2020-13943'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=SemverVersion(string='9.0.37')), VersionConstraint(comparator='!=', version=SemverVersion(string='9.0.38')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=MavenVersion(string='9.0.37')), VersionConstraint(comparator='!=', version=MavenVersion(string='9.0.38')))), fixed_version=None)], references=[Reference(reference_id='CVE-2020-13943', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13943', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Moderate', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/55911430df13f8c9998fbdee1f9716994d2db59b', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2020-13935'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=SemverVersion(string='9.0.36')), VersionConstraint(comparator='!=', version=SemverVersion(string='9.0.37')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=MavenVersion(string='9.0.36')), VersionConstraint(comparator='!=', version=MavenVersion(string='9.0.37')))), fixed_version=None)], references=[Reference(reference_id='CVE-2020-13935', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13935', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/40fa74c74822711ab878079d0a69f7357926723d', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2020-13934'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='9.0.0.M5')), VersionConstraint(comparator='<=', version=SemverVersion(string='9.0.36')), VersionConstraint(comparator='!=', version=SemverVersion(string='9.0.37')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='9.0.0.M5')), VersionConstraint(comparator='<=', version=MavenVersion(string='9.0.36')), VersionConstraint(comparator='!=', version=MavenVersion(string='9.0.37')))), fixed_version=None)], references=[Reference(reference_id='CVE-2020-13934', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13934', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Moderate', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/172977f04a5215128f1e278a688983dcd230f399', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2020-11996'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=SemverVersion(string='9.0.35')), VersionConstraint(comparator='!=', version=SemverVersion(string='9.0.36')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=MavenVersion(string='9.0.35')), VersionConstraint(comparator='!=', version=MavenVersion(string='9.0.36')))), fixed_version=None)], references=[Reference(reference_id='CVE-2020-11996', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11996', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/9a0231683a77e2957cea0fdee88b193b30b0c976', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2020-9484'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=SemverVersion(string='9.0.34')), VersionConstraint(comparator='!=', version=SemverVersion(string='9.0.35')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=MavenVersion(string='9.0.34')), VersionConstraint(comparator='!=', version=MavenVersion(string='9.0.35')))), fixed_version=None)], references=[Reference(reference_id='CVE-2020-9484', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9484', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/3aa8f28db7efb311cdd1b6fe15a9cd3b167a2222', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2020-1938'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=SemverVersion(string='9.0.30')), VersionConstraint(comparator='!=', version=SemverVersion(string='9.0.31')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=MavenVersion(string='9.0.30')), VersionConstraint(comparator='!=', version=MavenVersion(string='9.0.31')))), fixed_version=None)], references=[Reference(reference_id='CVE-2020-1938', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1938', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/0e8a50f0a5958744bea1fd6768c862e04d3b7e75', severities=[]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/9ac90532e9a7d239f90952edb229b07c80a9a3eb', severities=[]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/64fa5b99442589ef0bf2a7fcd71ad2bc68b35fad', severities=[]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/7a1406a3cd20fdd90656add6cd8f27ef8f24e957', severities=[]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/49ad3f954f69c6e838c8cd112ad79aa5fa8e7153', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2020-1935'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=SemverVersion(string='9.0.30')), VersionConstraint(comparator='!=', version=SemverVersion(string='9.0.31')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=MavenVersion(string='9.0.30')), VersionConstraint(comparator='!=', version=MavenVersion(string='9.0.31')))), fixed_version=None)], references=[Reference(reference_id='CVE-2020-1935', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1935', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/8bfb0ff7f25fe7555a5eb2f7984f73546c11aa26', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2019-17569'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='9.0.28')), VersionConstraint(comparator='<=', version=SemverVersion(string='9.0.30')), VersionConstraint(comparator='!=', version=SemverVersion(string='9.0.31')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='9.0.28')), VersionConstraint(comparator='<=', version=MavenVersion(string='9.0.30')), VersionConstraint(comparator='!=', version=MavenVersion(string='9.0.31')))), fixed_version=None)], references=[Reference(reference_id='CVE-2019-17569', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17569', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/060ecc5eb839208687b7fcc9e35287ac8eb46998', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2019-17563'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=SemverVersion(string='9.0.29')), VersionConstraint(comparator='!=', version=SemverVersion(string='9.0.30')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=MavenVersion(string='9.0.29')), VersionConstraint(comparator='!=', version=MavenVersion(string='9.0.30')))), fixed_version=None)], references=[Reference(reference_id='CVE-2019-17563', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17563', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/1ecba14e690cf5f3f143eef6ae7037a6d3c16652', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2019-12418'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=SemverVersion(string='9.0.28')), VersionConstraint(comparator='!=', version=SemverVersion(string='9.0.29')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=MavenVersion(string='9.0.28')), VersionConstraint(comparator='!=', version=MavenVersion(string='9.0.29')))), fixed_version=None)], references=[Reference(reference_id='CVE-2019-12418', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12418', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Moderate', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/1fc9f589dbdd8295cf313b2667ab041c425f99c3', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2022-25762'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=SemverVersion(string='9.0.20')), VersionConstraint(comparator='!=', version=SemverVersion(string='9.0.21')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=MavenVersion(string='9.0.20')), VersionConstraint(comparator='!=', version=MavenVersion(string='9.0.21')))), fixed_version=None)], references=[Reference(reference_id='CVE-2022-25762', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25762', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/e2d5a040b962a904db5264b3cb3282c6b05f823c', severities=[]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/7046644bf361b89afc246b6643e24ce2ae60cacc', severities=[]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/339b40bc07bdba9ded565929b9a3448c5a78f015', severities=[]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/65fb1ee548111021edde247f3b3c409ec95a5183', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2019-10072'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=SemverVersion(string='9.0.19')), VersionConstraint(comparator='!=', version=SemverVersion(string='9.0.20')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=MavenVersion(string='9.0.19')), VersionConstraint(comparator='!=', version=MavenVersion(string='9.0.20')))), fixed_version=None)], references=[Reference(reference_id='CVE-2019-10072', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10072', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/7f748eb6bfaba5207c89dbd7d5adf50fae847145', severities=[]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/ada725a50a60867af3422c8e612aecaeea856a9a', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2019-0232'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=SemverVersion(string='9.0.17')), VersionConstraint(comparator='!=', version=SemverVersion(string='9.0.19')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=MavenVersion(string='9.0.17')), VersionConstraint(comparator='!=', version=MavenVersion(string='9.0.19')))), fixed_version=None)], references=[Reference(reference_id='CVE-2019-0232', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0232', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/4b244d827ade2a36ef3b8734939541207b78f35c', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2019-0221'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=SemverVersion(string='9.0.17')), VersionConstraint(comparator='!=', version=SemverVersion(string='9.0.19')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=MavenVersion(string='9.0.17')), VersionConstraint(comparator='!=', version=MavenVersion(string='9.0.19')))), fixed_version=None)], references=[Reference(reference_id='CVE-2019-0221', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0221', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/15fcd166ea2c1bb79e8541b8e1a43da9c452ceea', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2019-0199'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=SemverVersion(string='9.0.14')), VersionConstraint(comparator='!=', version=SemverVersion(string='9.0.16')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=MavenVersion(string='9.0.14')), VersionConstraint(comparator='!=', version=MavenVersion(string='9.0.16')))), fixed_version=None)], references=[Reference(reference_id='CVE-2019-0199', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0199', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1852698', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1852699', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1852700', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1852701', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1852702', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1852703', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1852704', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1852705', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1852706', severities=[]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/a1cb1ac77e3a8fec1b00eb0e944842555da14f7d', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2018-11784'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=SemverVersion(string='9.0.11')), VersionConstraint(comparator='!=', version=SemverVersion(string='9.0.12')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=MavenVersion(string='9.0.11')), VersionConstraint(comparator='!=', version=MavenVersion(string='9.0.12')))), fixed_version=None)], references=[Reference(reference_id='CVE-2018-11784', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11784', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Moderate', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1840055', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2018-8034'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=SemverVersion(string='9.0.9')), VersionConstraint(comparator='!=', version=SemverVersion(string='9.0.10')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=MavenVersion(string='9.0.9')), VersionConstraint(comparator='!=', version=MavenVersion(string='9.0.10')))), fixed_version=None)], references=[Reference(reference_id='CVE-2018-8034', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8034', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1833757', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2018-8037'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='9.0.0.M9')), VersionConstraint(comparator='<=', version=SemverVersion(string='9.0.9')), VersionConstraint(comparator='!=', version=SemverVersion(string='9.0.10')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='9.0.0.M9')), VersionConstraint(comparator='<=', version=MavenVersion(string='9.0.9')), VersionConstraint(comparator='!=', version=MavenVersion(string='9.0.10')))), fixed_version=None)], references=[Reference(reference_id='CVE-2018-8037', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8037', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1833825', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1833831', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1837530', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1833906', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2018-8014'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=SemverVersion(string='9.0.8')), VersionConstraint(comparator='!=', version=SemverVersion(string='9.0.9')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=MavenVersion(string='9.0.8')), VersionConstraint(comparator='!=', version=MavenVersion(string='9.0.9')))), fixed_version=None)], references=[Reference(reference_id='CVE-2018-8014', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8014', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1831726', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2018-1336'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=SemverVersion(string='9.0.7')), VersionConstraint(comparator='!=', version=SemverVersion(string='9.0.8')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=MavenVersion(string='9.0.7')), VersionConstraint(comparator='!=', version=MavenVersion(string='9.0.8')))), fixed_version=None)], references=[Reference(reference_id='CVE-2018-1336', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1336', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1830373', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2018-1305'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=SemverVersion(string='9.0.4')), VersionConstraint(comparator='!=', version=SemverVersion(string='9.0.5')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=MavenVersion(string='9.0.4')), VersionConstraint(comparator='!=', version=MavenVersion(string='9.0.5')))), fixed_version=None)], references=[Reference(reference_id='CVE-2018-1305', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1305', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1823310', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1824323', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2018-1304'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=SemverVersion(string='9.0.4')), VersionConstraint(comparator='!=', version=SemverVersion(string='9.0.5')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=MavenVersion(string='9.0.4')), VersionConstraint(comparator='!=', version=MavenVersion(string='9.0.5')))), fixed_version=None)], references=[Reference(reference_id='CVE-2018-1304', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1304', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1823306', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2017-15706'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='9.0.0.M22')), VersionConstraint(comparator='<=', version=SemverVersion(string='9.0.1')), VersionConstraint(comparator='!=', version=SemverVersion(string='9.0.2')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='9.0.0.M22')), VersionConstraint(comparator='<=', version=MavenVersion(string='9.0.1')), VersionConstraint(comparator='!=', version=MavenVersion(string='9.0.2')))), fixed_version=None)], references=[Reference(reference_id='CVE-2017-15706', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15706', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1814825', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2017-12617'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=SemverVersion(string='9.0.0')), VersionConstraint(comparator='!=', version=SemverVersion(string='9.0.1')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=MavenVersion(string='9.0.0')), VersionConstraint(comparator='!=', version=MavenVersion(string='9.0.1')))), fixed_version=None)], references=[Reference(reference_id='CVE-2017-12617', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12617', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1809669', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1809674', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1809684', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1809711', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2017-7675'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=SemverVersion(string='9.0.0.M21')), VersionConstraint(comparator='!=', version=SemverVersion(string='9.0.0.M22')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=MavenVersion(string='9.0.0.M21')), VersionConstraint(comparator='!=', version=MavenVersion(string='9.0.0.M22')))), fixed_version=None)], references=[Reference(reference_id='CVE-2017-7675', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7675', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1796090', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2017-7674'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=SemverVersion(string='9.0.0.M21')), VersionConstraint(comparator='!=', version=SemverVersion(string='9.0.0.M22')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=MavenVersion(string='9.0.0.M21')), VersionConstraint(comparator='!=', version=MavenVersion(string='9.0.0.M22')))), fixed_version=None)], references=[Reference(reference_id='CVE-2017-7674', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7674', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Moderate', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1795813', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2017-5664'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=SemverVersion(string='9.0.0.M20')), VersionConstraint(comparator='!=', version=SemverVersion(string='9.0.0.M21')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=MavenVersion(string='9.0.0.M20')), VersionConstraint(comparator='!=', version=MavenVersion(string='9.0.0.M21')))), fixed_version=None)], references=[Reference(reference_id='CVE-2017-5664', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5664', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1793468', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1793487', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2017-5651'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=SemverVersion(string='9.0.0.M18')), VersionConstraint(comparator='!=', version=SemverVersion(string='9.0.0.M19')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=MavenVersion(string='9.0.0.M18')), VersionConstraint(comparator='!=', version=MavenVersion(string='9.0.0.M19')))), fixed_version=None)], references=[Reference(reference_id='CVE-2017-5651', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5651', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1788544', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2017-5650'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=SemverVersion(string='9.0.0.M18')), VersionConstraint(comparator='!=', version=SemverVersion(string='9.0.0.M19')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=MavenVersion(string='9.0.0.M18')), VersionConstraint(comparator='!=', version=MavenVersion(string='9.0.0.M19')))), fixed_version=None)], references=[Reference(reference_id='CVE-2017-5650', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5650', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1788460', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2017-5647'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=SemverVersion(string='9.0.0.M18')), VersionConstraint(comparator='!=', version=SemverVersion(string='9.0.0.M19')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=MavenVersion(string='9.0.0.M18')), VersionConstraint(comparator='!=', version=MavenVersion(string='9.0.0.M19')))), fixed_version=None)], references=[Reference(reference_id='CVE-2017-5647', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5647', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1788890', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2017-5648'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=SemverVersion(string='9.0.0.M17')), VersionConstraint(comparator='!=', version=SemverVersion(string='9.0.0.M18')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=MavenVersion(string='9.0.0.M17')), VersionConstraint(comparator='!=', version=MavenVersion(string='9.0.0.M18')))), fixed_version=None)], references=[Reference(reference_id='CVE-2017-5648', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5648', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1785774', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2016-8747'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='9.0.0.M11')), VersionConstraint(comparator='<=', version=SemverVersion(string='9.0.0.M15')), VersionConstraint(comparator='!=', version=SemverVersion(string='9.0.0.M17')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='9.0.0.M11')), VersionConstraint(comparator='<=', version=MavenVersion(string='9.0.0.M15')), VersionConstraint(comparator='!=', version=MavenVersion(string='9.0.0.M17')))), fixed_version=None)], references=[Reference(reference_id='CVE-2016-8747', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8747', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Moderate', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1774161', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2016-8745'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=SemverVersion(string='9.0.0.M13')), VersionConstraint(comparator='!=', version=SemverVersion(string='9.0.0.M15')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=MavenVersion(string='9.0.0.M13')), VersionConstraint(comparator='!=', version=MavenVersion(string='9.0.0.M15')))), fixed_version=None)], references=[Reference(reference_id='CVE-2016-8745', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8745', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1771853', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2016-8735'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=SemverVersion(string='9.0.0.M11')), VersionConstraint(comparator='!=', version=SemverVersion(string='9.0.0.M13')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=MavenVersion(string='9.0.0.M11')), VersionConstraint(comparator='!=', version=MavenVersion(string='9.0.0.M13')))), fixed_version=None)], references=[Reference(reference_id='CVE-2016-8735', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8735', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1767644', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2016-6817'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=SemverVersion(string='9.0.0.M11')), VersionConstraint(comparator='!=', version=SemverVersion(string='9.0.0.M13')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=MavenVersion(string='9.0.0.M11')), VersionConstraint(comparator='!=', version=MavenVersion(string='9.0.0.M13')))), fixed_version=None)], references=[Reference(reference_id='CVE-2016-6817', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6817', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1765794', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2016-6816'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=SemverVersion(string='9.0.0.M11')), VersionConstraint(comparator='!=', version=SemverVersion(string='9.0.0.M13')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=MavenVersion(string='9.0.0.M11')), VersionConstraint(comparator='!=', version=MavenVersion(string='9.0.0.M13')))), fixed_version=None)], references=[Reference(reference_id='CVE-2016-6816', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6816', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1767641', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2016-6797'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=SemverVersion(string='9.0.0.M9')), VersionConstraint(comparator='!=', version=SemverVersion(string='9.0.0.M10')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=MavenVersion(string='9.0.0.M9')), VersionConstraint(comparator='!=', version=MavenVersion(string='9.0.0.M10')))), fixed_version=None)], references=[Reference(reference_id='CVE-2016-6797', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6797', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1757271', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2016-6796'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=SemverVersion(string='9.0.0.M9')), VersionConstraint(comparator='!=', version=SemverVersion(string='9.0.0.M10')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=MavenVersion(string='9.0.0.M9')), VersionConstraint(comparator='!=', version=MavenVersion(string='9.0.0.M10')))), fixed_version=None)], references=[Reference(reference_id='CVE-2016-6796', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6796', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1758487', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1763232', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2016-6794'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=SemverVersion(string='9.0.0.M9')), VersionConstraint(comparator='!=', version=SemverVersion(string='9.0.0.M10')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=MavenVersion(string='9.0.0.M9')), VersionConstraint(comparator='!=', version=MavenVersion(string='9.0.0.M10')))), fixed_version=None)], references=[Reference(reference_id='CVE-2016-6794', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6794', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1754445', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2016-5018'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=SemverVersion(string='9.0.0.M9')), VersionConstraint(comparator='!=', version=SemverVersion(string='9.0.0.M10')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=MavenVersion(string='9.0.0.M9')), VersionConstraint(comparator='!=', version=MavenVersion(string='9.0.0.M10')))), fixed_version=None)], references=[Reference(reference_id='CVE-2016-5018', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5018', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1754714', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1760300', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2016-0762'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=SemverVersion(string='9.0.0.M9')), VersionConstraint(comparator='!=', version=SemverVersion(string='9.0.0.M10')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=MavenVersion(string='9.0.0.M9')), VersionConstraint(comparator='!=', version=MavenVersion(string='9.0.0.M10')))), fixed_version=None)], references=[Reference(reference_id='CVE-2016-0762', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0762', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1758499', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2016-3092'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=SemverVersion(string='9.0.0.M6')), VersionConstraint(comparator='!=', version=SemverVersion(string='9.0.0.M8')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=MavenVersion(string='9.0.0.M6')), VersionConstraint(comparator='!=', version=MavenVersion(string='9.0.0.M8')))), fixed_version=None)], references=[Reference(reference_id='CVE-2016-3092', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3092', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Moderate', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1743700', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2016-0763'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=SemverVersion(string='9.0.0.M2')), VersionConstraint(comparator='!=', version=SemverVersion(string='9.0.0.M3')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='9.0.0.M1')), VersionConstraint(comparator='<=', version=MavenVersion(string='9.0.0.M2')), VersionConstraint(comparator='!=', version=MavenVersion(string='9.0.0.M3')))), fixed_version=None)], references=[Reference(reference_id='CVE-2016-0763', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0763', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Moderate', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1725926', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2015-5345'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='=', version=SemverVersion(string='9.0.0.M1')), VersionConstraint(comparator='!=', version=SemverVersion(string='9.0.0.M3')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='=', version=MavenVersion(string='9.0.0.M1')), VersionConstraint(comparator='!=', version=MavenVersion(string='9.0.0.M3')))), fixed_version=None)], references=[Reference(reference_id='CVE-2015-5345', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5345', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1715206', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1716882', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1716894', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2015-5346'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='=', version=SemverVersion(string='9.0.0.M1')), VersionConstraint(comparator='!=', version=SemverVersion(string='9.0.0.M3')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='=', version=MavenVersion(string='9.0.0.M1')), VersionConstraint(comparator='!=', version=MavenVersion(string='9.0.0.M3')))), fixed_version=None)], references=[Reference(reference_id='CVE-2015-5346', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5346', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1713184', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1723414', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2015-5351'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='=', version=SemverVersion(string='9.0.0.M1')), VersionConstraint(comparator='!=', version=SemverVersion(string='9.0.0.M3')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='=', version=MavenVersion(string='9.0.0.M1')), VersionConstraint(comparator='!=', version=MavenVersion(string='9.0.0.M3')))), fixed_version=None)], references=[Reference(reference_id='CVE-2015-5351', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5351', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Moderate', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1720652', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1720655', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2016-0706'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='=', version=SemverVersion(string='9.0.0.M1')), VersionConstraint(comparator='!=', version=SemverVersion(string='9.0.0.M3')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='=', version=MavenVersion(string='9.0.0.M1')), VersionConstraint(comparator='!=', version=MavenVersion(string='9.0.0.M3')))), fixed_version=None)], references=[Reference(reference_id='CVE-2016-0706', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0706', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1722799', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2016-0714'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='=', version=SemverVersion(string='9.0.0.M1')), VersionConstraint(comparator='!=', version=SemverVersion(string='9.0.0.M3')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='=', version=MavenVersion(string='9.0.0.M1')), VersionConstraint(comparator='!=', version=MavenVersion(string='9.0.0.M3')))), fixed_version=None)], references=[Reference(reference_id='CVE-2016-0714', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0714', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Moderate', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1725263', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1725914', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2022-45143'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='=', version=SemverVersion(string='8.5.83')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.5.84')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='=', version=MavenVersion(string='8.5.83')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.5.84')))), fixed_version=None)], references=[Reference(reference_id='CVE-2022-45143', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45143', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/0cab3a56bd89f70e7481bb0d68395dc7e130dbbf', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2022-42252'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.5.82')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.5.83')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.5.82')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.5.83')))), fixed_version=None)], references=[Reference(reference_id='CVE-2022-42252', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42252', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/a1c07906d8dcaf7957e5cc97f5cdbac7d18a205a', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2022-34305'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='8.5.50')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.5.81')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.5.82')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='8.5.50')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.5.81')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.5.82')))), fixed_version=None)], references=[Reference(reference_id='CVE-2022-34305', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34305', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/5f6c88b054b0e4fbccff8b7f15974ed55d59a9f7', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2022-29885'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='8.5.38')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.5.78')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.5.79')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='8.5.38')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.5.78')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.5.79')))), fixed_version=None)], references=[Reference(reference_id='CVE-2022-29885', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29885', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/b679bc627f5a4ea6510af95adfb7476b07eba890', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2021-43980'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.5.77')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.5.78')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.5.77')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.5.78')))), fixed_version=None)], references=[Reference(reference_id='CVE-2021-43980', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43980', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='High', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/4a00b0c0890538b9d3107eef8f2e0afadd119beb', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2022-25762'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.5.75')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.5.76')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.5.75')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.5.76')))), fixed_version=None)], references=[Reference(reference_id='CVE-2022-25762', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25762', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/01f2cf25b270a84d0daeefc4f215aa2f56e1df99', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2022-23181'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='8.5.55')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.5.73')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.5.75')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='8.5.55')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.5.73')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.5.75')))), fixed_version=None)], references=[Reference(reference_id='CVE-2022-23181', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23181', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/97943959ba721ad5e8e8ba765a68d2b153348530', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2021-42340'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='8.5.60')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.5.71')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.5.72')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='8.5.60')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.5.71')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.5.72')))), fixed_version=None)], references=[Reference(reference_id='CVE-2021-42340', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42340', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/d27535bdee95d252418201eb21e9d29476aa6b6a', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2021-33037'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.5.66')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.5.68')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.5.66')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.5.68')))), fixed_version=None)], references=[Reference(reference_id='CVE-2021-33037', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33037', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/3202703e6d635e39b74262e81f0cb4bcbe2170dc', severities=[]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/da0e7cb093cf68b052d9175e469dbd0464441b0b', severities=[]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/8874fa02e9b36baa9ca6b226c0882c0190ca5a02', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2021-30640'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.5.65')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.5.66')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.5.65')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.5.66')))), fixed_version=None)], references=[Reference(reference_id='CVE-2021-30640', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30640', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/24dfb30076997b640e5123e92c4b8d7f206f609c', severities=[]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/0a272b00aed57526dbfc8b881ab253c23c61f100', severities=[]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/c9f21a2a7908c7c4ecd4f9bb495d3ee36a2bd822', severities=[]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/4e86b4ea0d1a9b00fa93971c31b93ad1bd49c7fe', severities=[]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/79580e7f70a07c083be07307376511bb864d5a7b', severities=[]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/d3407672774e372fae8b5898d55f85d16f22b972', severities=[]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/6a9129ac9bd06555ce04bb564a76fc3987311f38', severities=[]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/ad22db641dcd61c2e8078f658fa709897b5da375', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2021-30639'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='=', version=SemverVersion(string='8.5.64')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.5.65')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='=', version=MavenVersion(string='8.5.64')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.5.65')))), fixed_version=None)], references=[Reference(reference_id='CVE-2021-30639', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30639', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/411caf29ac1c16e6ac291b6e5543b2371dbd25e2', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2021-41079'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.5.63')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.5.64')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.5.63')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.5.64')))), fixed_version=None)], references=[Reference(reference_id='CVE-2021-41079', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41079', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/b90d4fc1ff44f30e4b3aba622ba6677e3f003822', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2020-9484'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.5.61')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.5.63')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.5.61')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.5.63')))), fixed_version=None)], references=[Reference(reference_id='CVE-2020-9484', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9484', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/93f0cc403a9210d469afc2bd9cf03ab3251c6f35', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2021-25329'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.5.61')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.5.63')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.5.61')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.5.63')))), fixed_version=None)], references=[Reference(reference_id='CVE-2021-25329', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25329', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/93f0cc403a9210d469afc2bd9cf03ab3251c6f35', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2021-25122'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.5.61')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.5.63')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.5.61')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.5.63')))), fixed_version=None)], references=[Reference(reference_id='CVE-2021-25122', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25122', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/bb0e7c1e0d737a0de7d794572517bce0e91d30fa', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2021-24122'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.5.59')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.5.60')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.5.59')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.5.60')))), fixed_version=None)], references=[Reference(reference_id='CVE-2021-24122', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24122', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/920dddbdb981f92e8d5872a4bb126a10af5ca8a9', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2020-17527'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.5.59')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.5.60')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.5.59')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.5.60')))), fixed_version=None)], references=[Reference(reference_id='CVE-2020-17527', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17527', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Moderate', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/21e3408671aac7e0d7e264e720cac8b1b189eb29', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2020-13943'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.5.57')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.5.58')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.5.57')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.5.58')))), fixed_version=None)], references=[Reference(reference_id='CVE-2020-13943', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13943', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Moderate', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/9d7def063b47407a09a2f9202beed99f4dcb292a', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2020-13935'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.5.56')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.5.57')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.5.56')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.5.57')))), fixed_version=None)], references=[Reference(reference_id='CVE-2020-13935', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13935', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/12d715676038efbf9c728af10163f8277fc019d5', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2020-13934'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='8.5.1')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.5.56')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.5.57')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='8.5.1')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.5.56')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.5.57')))), fixed_version=None)], references=[Reference(reference_id='CVE-2020-13934', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13934', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Moderate', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/923d834500802a61779318911d7898bd85fc950e', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2020-11996'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.5.55')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.5.56')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.5.55')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.5.56')))), fixed_version=None)], references=[Reference(reference_id='CVE-2020-11996', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11996', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/c8acd2ab7371e39aeca7c306f3b5380f00afe552', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2020-9484'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.5.54')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.5.55')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.5.54')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.5.55')))), fixed_version=None)], references=[Reference(reference_id='CVE-2020-9484', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9484', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/ec08af18d0f9ddca3f2d800ef66fe7fd20afef2f', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2020-1938'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.5.50')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.5.51')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.5.50')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.5.51')))), fixed_version=None)], references=[Reference(reference_id='CVE-2020-1938', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1938', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/69c56080fb3355507e1b55d014ec0ee6767a6150', severities=[]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/b962835f98b905286b78c414d5aaec2d0e711f75', severities=[]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/5a5494f023e81aa353e262fb14fff4cd0338a67c', severities=[]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/9be57601efb8a81e3832feb0dd60b1eb9d2b61d5', severities=[]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/64159aa1d7cdc2c118fcb5eac098e70129d54a19', severities=[]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/03c436126db6794db5277a3b3d871016fb9a3f23', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2020-1935'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.5.50')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.5.51')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.5.50')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.5.51')))), fixed_version=None)], references=[Reference(reference_id='CVE-2020-1935', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1935', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/8fbe2e962f0ea138d92361921643fe5abe0c4f56', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2019-17569'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='8.5.48')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.5.50')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.5.51')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='8.5.48')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.5.50')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.5.51')))), fixed_version=None)], references=[Reference(reference_id='CVE-2019-17569', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17569', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/959f1dfd767bf3cb64776b44f7395d1d8d8f7ab3', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2019-17563'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.5.49')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.5.50')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.5.49')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.5.50')))), fixed_version=None)], references=[Reference(reference_id='CVE-2019-17563', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17563', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/e19a202ee43b6e2a538be5515ae0ab32d8ef112c', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2019-12418'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.5.47')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.5.49')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.5.47')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.5.49')))), fixed_version=None)], references=[Reference(reference_id='CVE-2019-12418', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12418', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Moderate', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/a91d7db4047d372b2f12999d3cf2bc3254c20d00', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2019-10072'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.5.40')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.5.41')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.5.40')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.5.41')))), fixed_version=None)], references=[Reference(reference_id='CVE-2019-10072', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10072', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/0bcd69c9dd8ae0ff424f2cd46de51583510b7f35', severities=[]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/8d14c6f21d29768a39be4b6b9517060dc6606758', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2019-0232'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.5.39')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.5.40')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.5.39')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.5.40')))), fixed_version=None)], references=[Reference(reference_id='CVE-2019-0232', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0232', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/5bc4e6d7b1c22dc1bf99f475b7e70594ebdd83b9', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2019-0221'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.5.39')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.5.40')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.5.39')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.5.40')))), fixed_version=None)], references=[Reference(reference_id='CVE-2019-0221', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0221', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/4fcdf706f3ecf35912a600242f89637f5acb32da', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2019-0199'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.5.37')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.5.38')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.5.37')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.5.38')))), fixed_version=None)], references=[Reference(reference_id='CVE-2019-0199', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0199', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1852707', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1852711', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1852712', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1852713', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1852714', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1852715', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1852717', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1852718', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1852719', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1852722', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1852723', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1852724', severities=[]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/60a3af1738879ec06fac1ecb8a149608782f7cc9', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2018-11784'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.5.33')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.5.34')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.5.33')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.5.34')))), fixed_version=None)], references=[Reference(reference_id='CVE-2018-11784', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11784', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Moderate', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1840056', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2018-8034'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='8.0.0.RC1')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.0.52')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.0.53')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='8.0.0.RC1')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.0.52')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.0.53')))), fixed_version=None)], references=[Reference(reference_id='CVE-2018-8034', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8034', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1833759', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2018-8014'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='8.0.0.RC1')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.0.52')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.0.53')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='8.0.0.RC1')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.0.52')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.0.53')))), fixed_version=None)], references=[Reference(reference_id='CVE-2018-8014', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8014', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1831729', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2018-8037'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='8.5.5')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.5.31')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.5.32')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='8.5.5')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.5.31')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.5.32')))), fixed_version=None)], references=[Reference(reference_id='CVE-2018-8037', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8037', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1833826', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1833832', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1837531', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1833907', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2018-8034'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.5.31')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.5.32')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.5.31')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.5.32')))), fixed_version=None)], references=[Reference(reference_id='CVE-2018-8034', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8034', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1833758', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2018-8014'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.5.31')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.5.32')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.5.31')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.5.32')))), fixed_version=None)], references=[Reference(reference_id='CVE-2018-8014', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8014', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1831728', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2018-1336'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='8.0.0.RC1')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.0.51')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.0.52')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='8.0.0.RC1')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.0.51')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.0.52')))), fixed_version=None)], references=[Reference(reference_id='CVE-2018-1336', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1336', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1830375', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2018-1336'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.5.30')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.5.31')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.5.30')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.5.31')))), fixed_version=None)], references=[Reference(reference_id='CVE-2018-1336', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1336', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1830374', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2018-1305'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='8.0.0.RC1')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.0.49')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.0.50')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='8.0.0.RC1')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.0.49')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.0.50')))), fixed_version=None)], references=[Reference(reference_id='CVE-2018-1305', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1305', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1823319', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1824359', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2018-1304'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='8.0.0.RC1')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.0.49')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.0.50')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='8.0.0.RC1')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.0.49')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.0.50')))), fixed_version=None)], references=[Reference(reference_id='CVE-2018-1304', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1304', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1823308', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2018-1305'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.5.27')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.5.28')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.5.27')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.5.28')))), fixed_version=None)], references=[Reference(reference_id='CVE-2018-1305', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1305', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1823314', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1824358', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2018-1304'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.5.27')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.5.28')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.5.27')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.5.28')))), fixed_version=None)], references=[Reference(reference_id='CVE-2018-1304', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1304', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1823307', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2017-15706'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='8.0.45')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.0.47')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.0.48')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='8.0.45')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.0.47')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.0.48')))), fixed_version=None)], references=[Reference(reference_id='CVE-2017-15706', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15706', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1814827', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2017-15706'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='8.5.16')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.5.23')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.5.24')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='8.5.16')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.5.23')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.5.24')))), fixed_version=None)], references=[Reference(reference_id='CVE-2017-15706', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15706', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1814826', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2017-12617'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='8.0.0.RC1')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.0.46')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.0.47')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='8.0.0.RC1')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.0.46')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.0.47')))), fixed_version=None)], references=[Reference(reference_id='CVE-2017-12617', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12617', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1809921', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2017-12617'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.5.22')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.5.23')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.5.22')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.5.23')))), fixed_version=None)], references=[Reference(reference_id='CVE-2017-12617', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12617', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1809673', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1809675', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1809896', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2017-7674'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='8.0.0.RC1')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.0.44')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.0.45')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='8.0.0.RC1')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.0.44')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.0.45')))), fixed_version=None)], references=[Reference(reference_id='CVE-2017-7674', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7674', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Moderate', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1795815', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2017-7675'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.5.15')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.5.16')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.5.15')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.5.16')))), fixed_version=None)], references=[Reference(reference_id='CVE-2017-7675', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7675', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1796091', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2017-7674'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.5.15')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.5.16')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.5.15')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.5.16')))), fixed_version=None)], references=[Reference(reference_id='CVE-2017-7674', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7674', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Moderate', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1795814', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2017-5664'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='8.0.0.RC1')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.0.43')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.0.44')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='8.0.0.RC1')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.0.43')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.0.44')))), fixed_version=None)], references=[Reference(reference_id='CVE-2017-5664', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5664', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1793470', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1793489', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2017-5664'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.5.14')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.5.15')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.5.14')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.5.15')))), fixed_version=None)], references=[Reference(reference_id='CVE-2017-5664', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5664', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1793469', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1793488', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2017-5647'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='8.0.0.RC1')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.0.42')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.0.43')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='8.0.0.RC1')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.0.42')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.0.43')))), fixed_version=None)], references=[Reference(reference_id='CVE-2017-5647', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5647', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1788999', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2017-5651'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.5.12')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.5.13')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.5.12')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.5.13')))), fixed_version=None)], references=[Reference(reference_id='CVE-2017-5651', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5651', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1788546', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2017-5650'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.5.12')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.5.13')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.5.12')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.5.13')))), fixed_version=None)], references=[Reference(reference_id='CVE-2017-5650', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5650', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1788480', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2017-5647'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.5.12')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.5.13')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.5.12')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.5.13')))), fixed_version=None)], references=[Reference(reference_id='CVE-2017-5647', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5647', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1788932', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2017-5648'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='8.0.0.RC1')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.0.41')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.0.42')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='8.0.0.RC1')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.0.41')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.0.42')))), fixed_version=None)], references=[Reference(reference_id='CVE-2017-5648', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5648', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1785776', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2017-5648'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.5.11')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.5.12')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.5.11')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.5.12')))), fixed_version=None)], references=[Reference(reference_id='CVE-2017-5648', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5648', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1785775', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2016-8745'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='8.0.0.RC1')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.0.39')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.0.41')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='8.0.0.RC1')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.0.39')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.0.41')))), fixed_version=None)], references=[Reference(reference_id='CVE-2016-8745', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8745', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1777469', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2016-8747'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='8.5.7')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.5.9')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.5.11')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='8.5.7')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.5.9')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.5.11')))), fixed_version=None)], references=[Reference(reference_id='CVE-2016-8747', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8747', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Moderate', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1774166', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2016-8745'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.5.8')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.5.9')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.5.8')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.5.9')))), fixed_version=None)], references=[Reference(reference_id='CVE-2016-8745', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8745', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1771857', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2016-8735'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='8.0.0.RC1')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.0.38')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.0.39')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='8.0.0.RC1')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.0.38')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.0.39')))), fixed_version=None)], references=[Reference(reference_id='CVE-2016-8735', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8735', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1767656', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2016-6816'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='8.0.0.RC1')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.0.38')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.0.39')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='8.0.0.RC1')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.0.38')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.0.39')))), fixed_version=None)], references=[Reference(reference_id='CVE-2016-6816', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6816', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1767653', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2016-8735'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.5.6')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.5.8')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.5.6')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.5.8')))), fixed_version=None)], references=[Reference(reference_id='CVE-2016-8735', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8735', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1767646', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2016-6817'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.5.6')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.5.8')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.5.6')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.5.8')))), fixed_version=None)], references=[Reference(reference_id='CVE-2016-6817', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6817', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1765798', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2016-6816'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.5.6')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.5.8')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.5.6')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.5.8')))), fixed_version=None)], references=[Reference(reference_id='CVE-2016-6816', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6816', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1767645', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2016-6797'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='8.0.0.RC1')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.0.36')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.0.37')), VersionConstraint(comparator='>=', version=SemverVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.5.4')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.5.5')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='8.0.0.RC1')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.0.36')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.0.37')), VersionConstraint(comparator='>=', version=MavenVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.5.4')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.5.5')))), fixed_version=None)], references=[Reference(reference_id='CVE-2016-6797', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6797', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1757272', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1757273', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2016-6796'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='8.0.0.RC1')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.0.36')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.0.37')), VersionConstraint(comparator='>=', version=SemverVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.5.4')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.5.5')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='8.0.0.RC1')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.0.36')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.0.37')), VersionConstraint(comparator='>=', version=MavenVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.5.4')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.5.5')))), fixed_version=None)], references=[Reference(reference_id='CVE-2016-6796', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6796', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1758493', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1763233', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1758494', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1763234', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2016-6794'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='8.0.0.RC1')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.0.36')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.0.37')), VersionConstraint(comparator='>=', version=SemverVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.5.4')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.5.5')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='8.0.0.RC1')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.0.36')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.0.37')), VersionConstraint(comparator='>=', version=MavenVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.5.4')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.5.5')))), fixed_version=None)], references=[Reference(reference_id='CVE-2016-6794', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6794', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1754726', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1754727', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2016-5018'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='8.0.0.RC1')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.0.36')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.0.37')), VersionConstraint(comparator='>=', version=SemverVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.5.4')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.5.5')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='8.0.0.RC1')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.0.36')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.0.37')), VersionConstraint(comparator='>=', version=MavenVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.5.4')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.5.5')))), fixed_version=None)], references=[Reference(reference_id='CVE-2016-5018', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5018', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1754900', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1760305', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1754901', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1760307', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2016-0762'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='8.0.0.RC1')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.0.36')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.0.37')), VersionConstraint(comparator='>=', version=SemverVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.5.4')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.5.5')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='8.0.0.RC1')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.0.36')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.0.37')), VersionConstraint(comparator='>=', version=MavenVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.5.4')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.5.5')))), fixed_version=None)], references=[Reference(reference_id='CVE-2016-0762', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0762', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1758500', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1758501', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2016-3092'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='8.0.0.RC1')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.0.35')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.0.36')), VersionConstraint(comparator='>=', version=SemverVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.5.2')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.5.3')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='8.0.0.RC1')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.0.35')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.0.36')), VersionConstraint(comparator='>=', version=MavenVersion(string='8.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.5.2')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.5.3')))), fixed_version=None)], references=[Reference(reference_id='CVE-2016-3092', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3092', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Moderate', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1743722', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1743738', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2015-5346'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='8.0.0.RC1')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.0.30')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.0.32')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='8.0.0.RC1')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.0.30')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.0.32')))), fixed_version=None)], references=[Reference(reference_id='CVE-2015-5346', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5346', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1713185', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1723506', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2015-5351'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='8.0.0.RC1')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.0.30')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.0.32')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='8.0.0.RC1')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.0.30')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.0.32')))), fixed_version=None)], references=[Reference(reference_id='CVE-2015-5351', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5351', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Moderate', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1720658', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1720660', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2016-0706'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='8.0.0.RC1')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.0.30')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.0.32')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='8.0.0.RC1')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.0.30')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.0.32')))), fixed_version=None)], references=[Reference(reference_id='CVE-2016-0706', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0706', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1722800', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2016-0714'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='8.0.0.RC1')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.0.30')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.0.32')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='8.0.0.RC1')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.0.30')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.0.32')))), fixed_version=None)], references=[Reference(reference_id='CVE-2016-0714', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0714', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Moderate', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1726196', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1726203', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2016-0763'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='8.0.0.RC1')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.0.30')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.0.32')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='8.0.0.RC1')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.0.30')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.0.32')))), fixed_version=None)], references=[Reference(reference_id='CVE-2016-0763', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0763', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Moderate', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1725929', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2015-5345'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='8.0.0.RC1')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.0.29')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.0.30')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='8.0.0.RC1')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.0.29')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.0.30')))), fixed_version=None)], references=[Reference(reference_id='CVE-2015-5345', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5345', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1715207', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1717209', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2015-5174'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='8.0.0-RC1')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.0.26')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.0.27')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='8.0.0-RC1')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.0.26')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.0.27')))), fixed_version=None)], references=[Reference(reference_id='CVE-2015-5174', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5174', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1696281', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1700897', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2014-7810'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='8.0.0-RC1')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.0.15')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.0.17')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='8.0.0-RC1')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.0.15')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.0.17')))), fixed_version=None)], references=[Reference(reference_id='CVE-2014-7810', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7810', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Moderate', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1644018', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1645642', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2014-0227'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='8.0.0-RC1')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.0.8')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.0.9')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='8.0.0-RC1')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.0.8')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.0.9')))), fixed_version=None)], references=[Reference(reference_id='CVE-2014-0227', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0227', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1600984', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1601329', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1601330', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1601332', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2014-0230'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='8.0.0-RC1')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.0.8')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.0.9')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='8.0.0-RC1')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.0.8')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.0.9')))), fixed_version=None)], references=[Reference(reference_id='CVE-2014-0230', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0230', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1603770', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1603775', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1603779', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1609175', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1659294', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2014-0119'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='8.0.0-RC1')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.0.5')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.0.8')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='8.0.0-RC1')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.0.5')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.0.8')))), fixed_version=None)], references=[Reference(reference_id='CVE-2014-0119', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0119', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1588193', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1589837', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1589980', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1589983', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1589985', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1589990', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1589992', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2014-0075'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='8.0.0-RC1')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.0.3')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.0.5')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='8.0.0-RC1')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.0.3')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.0.5')))), fixed_version=None)], references=[Reference(reference_id='CVE-2014-0075', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0075', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1578337', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2014-0095'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='8.0.0-RC2')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.0.3')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.0.5')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='8.0.0-RC2')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.0.3')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.0.5')))), fixed_version=None)], references=[Reference(reference_id='CVE-2014-0095', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0095', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1578392', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2014-0096'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='8.0.0-RC1')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.0.3')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.0.5')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='8.0.0-RC1')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.0.3')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.0.5')))), fixed_version=None)], references=[Reference(reference_id='CVE-2014-0096', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0096', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1578610', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1578611', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2014-0099'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='8.0.0-RC1')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.0.3')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.0.5')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='8.0.0-RC1')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.0.3')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.0.5')))), fixed_version=None)], references=[Reference(reference_id='CVE-2014-0099', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0099', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1578812', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2014-0050'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='8.0.0-RC1')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.0.1')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.0.3')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='8.0.0-RC1')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.0.1')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.0.3')))), fixed_version=None)], references=[Reference(reference_id='CVE-2014-0050', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0050', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1565163', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2013-4322'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='8.0.0-RC1')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.0.0-RC10')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.0.0-RC5')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='8.0.0-RC1')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.0.0-RC5')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.0.0-RC10')))), fixed_version=None)], references=[Reference(reference_id='CVE-2013-4322', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4322', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1521834', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1549522', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2013-4590'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='8.0.0-RC1')), VersionConstraint(comparator='!=', version=SemverVersion(string='8.0.0-RC10')), VersionConstraint(comparator='<=', version=SemverVersion(string='8.0.0-RC5')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='8.0.0-RC1')), VersionConstraint(comparator='<=', version=MavenVersion(string='8.0.0-RC5')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.0.0-RC10')))), fixed_version=None)], references=[Reference(reference_id='CVE-2013-4590', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4590', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1549528', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2013-4286'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='!=', version=SemverVersion(string='8.0.0-RC3')), VersionConstraint(comparator='>=', version=SemverVersion(string='8.0.0')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='<=', version=MavenVersion(string='RC1')), VersionConstraint(comparator='!=', version=MavenVersion(string='8.0.0-RC3')), VersionConstraint(comparator='>=', version=MavenVersion(string='8.0.0')))), fixed_version=None)], references=[Reference(reference_id='CVE-2013-4286', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4286', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1521829', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2021-30640'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='7.0.108')), VersionConstraint(comparator='!=', version=SemverVersion(string='7.0.109')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='7.0.108')), VersionConstraint(comparator='!=', version=MavenVersion(string='7.0.109')))), fixed_version=None)], references=[Reference(reference_id='CVE-2021-30640', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30640', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/e21eb4764ccda55e5a35a5a7c19a6fd2b0757fe9', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2020-9484'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='7.0.107')), VersionConstraint(comparator='!=', version=SemverVersion(string='7.0.108')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='7.0.107')), VersionConstraint(comparator='!=', version=MavenVersion(string='7.0.108')))), fixed_version=None)], references=[Reference(reference_id='CVE-2020-9484', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9484', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/74b105657ffbd1d1de80455f03446c3bbf30d1f5', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2021-25329'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='7.0.107')), VersionConstraint(comparator='!=', version=SemverVersion(string='7.0.108')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='7.0.107')), VersionConstraint(comparator='!=', version=MavenVersion(string='7.0.108')))), fixed_version=None)], references=[Reference(reference_id='CVE-2021-25329', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25329', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/74b105657ffbd1d1de80455f03446c3bbf30d1f5', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2021-24122'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='7.0.106')), VersionConstraint(comparator='!=', version=SemverVersion(string='7.0.107')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='7.0.106')), VersionConstraint(comparator='!=', version=MavenVersion(string='7.0.107')))), fixed_version=None)], references=[Reference(reference_id='CVE-2021-24122', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24122', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/800b03140e640f8892f27021e681645e8e320177', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2020-13935'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='7.0.27')), VersionConstraint(comparator='<=', version=SemverVersion(string='7.0.104')), VersionConstraint(comparator='!=', version=SemverVersion(string='7.0.105')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='7.0.27')), VersionConstraint(comparator='<=', version=MavenVersion(string='7.0.104')), VersionConstraint(comparator='!=', version=MavenVersion(string='7.0.105')))), fixed_version=None)], references=[Reference(reference_id='CVE-2020-13935', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13935', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/f9f75c14678b68633f79030ddf4ff827f014cc84', severities=[]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/4c04982870d6e730c38e21e58fb653b7cf723784', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2020-9484'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='7.0.103')), VersionConstraint(comparator='!=', version=SemverVersion(string='7.0.104')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='7.0.103')), VersionConstraint(comparator='!=', version=MavenVersion(string='7.0.104')))), fixed_version=None)], references=[Reference(reference_id='CVE-2020-9484', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9484', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='High', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/53e30390943c18fca0c9e57dbcc14f1c623cfd06', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2020-1938'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='7.0.99')), VersionConstraint(comparator='!=', version=SemverVersion(string='7.0.100')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='7.0.99')), VersionConstraint(comparator='!=', version=MavenVersion(string='7.0.100')))), fixed_version=None)], references=[Reference(reference_id='CVE-2020-1938', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1938', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='High', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/0d633e72ebc7b3c242d0081c23bba5e4dacd9b72', severities=[]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/40d5d93bd284033cf4a1f77f5492444f83d803e2', severities=[]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/b99fba5bd796d876ea536e83299603443842feba', severities=[]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/f7180bafc74cb1250c9e9287b68a230f0e1f4645', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2020-1935'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='7.0.99')), VersionConstraint(comparator='!=', version=SemverVersion(string='7.0.100')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='7.0.99')), VersionConstraint(comparator='!=', version=MavenVersion(string='7.0.100')))), fixed_version=None)], references=[Reference(reference_id='CVE-2020-1935', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1935', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/702bf15bea292915684d931526d95d4990b2e73d', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2019-17569'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='7.0.98')), VersionConstraint(comparator='<=', version=SemverVersion(string='7.0.99')), VersionConstraint(comparator='!=', version=SemverVersion(string='7.0.100')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='7.0.98')), VersionConstraint(comparator='<=', version=MavenVersion(string='7.0.99')), VersionConstraint(comparator='!=', version=MavenVersion(string='7.0.100')))), fixed_version=None)], references=[Reference(reference_id='CVE-2019-17569', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17569', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/b191a0d9cf06f4e04257c221bfe41d2b108a9cc8', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2019-17563'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='7.0.98')), VersionConstraint(comparator='!=', version=SemverVersion(string='7.0.99')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='7.0.98')), VersionConstraint(comparator='!=', version=MavenVersion(string='7.0.99')))), fixed_version=None)], references=[Reference(reference_id='CVE-2019-17563', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17563', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2019-12418'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='7.0.97')), VersionConstraint(comparator='!=', version=SemverVersion(string='7.0.99')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='7.0.97')), VersionConstraint(comparator='!=', version=MavenVersion(string='7.0.99')))), fixed_version=None)], references=[Reference(reference_id='CVE-2019-12418', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12418', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Moderate', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/bef3f40400243348d12f4abfe9b413f43897c02b', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2019-0232'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='7.0.93')), VersionConstraint(comparator='!=', version=SemverVersion(string='7.0.94')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='7.0.93')), VersionConstraint(comparator='!=', version=MavenVersion(string='7.0.94')))), fixed_version=None)], references=[Reference(reference_id='CVE-2019-0232', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0232', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/7f0221b904956359f2d739aa3a2b53f8c12ed8c7', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2019-0221'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='7.0.93')), VersionConstraint(comparator='!=', version=SemverVersion(string='7.0.94')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='7.0.93')), VersionConstraint(comparator='!=', version=MavenVersion(string='7.0.94')))), fixed_version=None)], references=[Reference(reference_id='CVE-2019-0221', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0221', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://github.com/apache/tomcat/commit/44ec74c44dcd05cd7e90967c04d40b51440ecd7e', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2018-11784'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='7.0.23')), VersionConstraint(comparator='<=', version=SemverVersion(string='7.0.90')), VersionConstraint(comparator='!=', version=SemverVersion(string='7.0.91')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='7.0.23')), VersionConstraint(comparator='<=', version=MavenVersion(string='7.0.90')), VersionConstraint(comparator='!=', version=MavenVersion(string='7.0.91')))), fixed_version=None)], references=[Reference(reference_id='CVE-2018-11784', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11784', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Moderate', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1840057', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2018-8034'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='7.0.25')), VersionConstraint(comparator='<=', version=SemverVersion(string='7.0.88')), VersionConstraint(comparator='!=', version=SemverVersion(string='7.0.90')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='7.0.25')), VersionConstraint(comparator='<=', version=MavenVersion(string='7.0.88')), VersionConstraint(comparator='!=', version=MavenVersion(string='7.0.90')))), fixed_version=None)], references=[Reference(reference_id='CVE-2018-8034', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8034', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1833760', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2018-8014'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='7.0.41')), VersionConstraint(comparator='<=', version=SemverVersion(string='7.0.88')), VersionConstraint(comparator='!=', version=SemverVersion(string='7.0.89')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='7.0.41')), VersionConstraint(comparator='<=', version=MavenVersion(string='7.0.88')), VersionConstraint(comparator='!=', version=MavenVersion(string='7.0.89')))), fixed_version=None)], references=[Reference(reference_id='CVE-2018-8014', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8014', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1831730', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2018-1336'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='7.0.28')), VersionConstraint(comparator='<=', version=SemverVersion(string='7.0.86')), VersionConstraint(comparator='!=', version=SemverVersion(string='7.0.88')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='7.0.28')), VersionConstraint(comparator='<=', version=MavenVersion(string='7.0.86')), VersionConstraint(comparator='!=', version=MavenVersion(string='7.0.88')))), fixed_version=None)], references=[Reference(reference_id='CVE-2018-1336', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1336', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1830376', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2018-1305'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='7.0.84')), VersionConstraint(comparator='!=', version=SemverVersion(string='7.0.85')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='7.0.84')), VersionConstraint(comparator='!=', version=MavenVersion(string='7.0.85')))), fixed_version=None)], references=[Reference(reference_id='CVE-2018-1305', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1305', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1823322', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1824360', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2018-1304'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='7.0.84')), VersionConstraint(comparator='!=', version=SemverVersion(string='7.0.85')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='7.0.84')), VersionConstraint(comparator='!=', version=MavenVersion(string='7.0.85')))), fixed_version=None)], references=[Reference(reference_id='CVE-2018-1304', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1304', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1823309', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2017-15706'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='7.0.79')), VersionConstraint(comparator='<=', version=SemverVersion(string='7.0.82')), VersionConstraint(comparator='!=', version=SemverVersion(string='7.0.84')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='7.0.79')), VersionConstraint(comparator='<=', version=MavenVersion(string='7.0.82')), VersionConstraint(comparator='!=', version=MavenVersion(string='7.0.84')))), fixed_version=None)], references=[Reference(reference_id='CVE-2017-15706', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15706', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1814828', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2017-12617'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='7.0.81')), VersionConstraint(comparator='!=', version=SemverVersion(string='7.0.82')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='7.0.81')), VersionConstraint(comparator='!=', version=MavenVersion(string='7.0.82')))), fixed_version=None)], references=[Reference(reference_id='CVE-2017-12617', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12617', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1809978', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1809992', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1810014', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1810026', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2017-12616'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='7.0.80')), VersionConstraint(comparator='!=', version=SemverVersion(string='7.0.81')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='7.0.80')), VersionConstraint(comparator='!=', version=MavenVersion(string='7.0.81')))), fixed_version=None)], references=[Reference(reference_id='CVE-2017-12616', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12616', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1804729', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2017-12615'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='7.0.79')), VersionConstraint(comparator='!=', version=SemverVersion(string='7.0.81')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='7.0.79')), VersionConstraint(comparator='!=', version=MavenVersion(string='7.0.81')))), fixed_version=None)], references=[Reference(reference_id='CVE-2017-12615', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12615', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1804604', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1804729', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2017-7674'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='7.0.41')), VersionConstraint(comparator='<=', version=SemverVersion(string='7.0.78')), VersionConstraint(comparator='!=', version=SemverVersion(string='7.0.79')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='7.0.41')), VersionConstraint(comparator='<=', version=MavenVersion(string='7.0.78')), VersionConstraint(comparator='!=', version=MavenVersion(string='7.0.79')))), fixed_version=None)], references=[Reference(reference_id='CVE-2017-7674', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7674', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Moderate', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1795816', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2017-5664'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='7.0.77')), VersionConstraint(comparator='!=', version=SemverVersion(string='7.0.78')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='7.0.77')), VersionConstraint(comparator='!=', version=MavenVersion(string='7.0.78')))), fixed_version=None)], references=[Reference(reference_id='CVE-2017-5664', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5664', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1793471', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1793491', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2017-5647'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='7.0.76')), VersionConstraint(comparator='!=', version=SemverVersion(string='7.0.77')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='7.0.76')), VersionConstraint(comparator='!=', version=MavenVersion(string='7.0.77')))), fixed_version=None)], references=[Reference(reference_id='CVE-2017-5647', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5647', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1789008', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2017-5648'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='7.0.75')), VersionConstraint(comparator='!=', version=SemverVersion(string='7.0.76')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='7.0.75')), VersionConstraint(comparator='!=', version=MavenVersion(string='7.0.76')))), fixed_version=None)], references=[Reference(reference_id='CVE-2017-5648', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5648', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1785777', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2016-8745'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='7.0.73')), VersionConstraint(comparator='!=', version=SemverVersion(string='7.0.75')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='7.0.73')), VersionConstraint(comparator='!=', version=MavenVersion(string='7.0.75')))), fixed_version=None)], references=[Reference(reference_id='CVE-2016-8745', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8745', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1777471', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2016-8735'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='7.0.72')), VersionConstraint(comparator='!=', version=SemverVersion(string='7.0.73')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='7.0.72')), VersionConstraint(comparator='!=', version=MavenVersion(string='7.0.73')))), fixed_version=None)], references=[Reference(reference_id='CVE-2016-8735', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8735', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1767676', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2016-6816'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='7.0.72')), VersionConstraint(comparator='!=', version=SemverVersion(string='7.0.73')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='7.0.72')), VersionConstraint(comparator='!=', version=MavenVersion(string='7.0.73')))), fixed_version=None)], references=[Reference(reference_id='CVE-2016-6816', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6816', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1767675', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2016-6797'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='7.0.70')), VersionConstraint(comparator='!=', version=SemverVersion(string='7.0.72')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='7.0.70')), VersionConstraint(comparator='!=', version=MavenVersion(string='7.0.72')))), fixed_version=None)], references=[Reference(reference_id='CVE-2016-6797', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6797', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1757275', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2016-6796'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='7.0.70')), VersionConstraint(comparator='!=', version=SemverVersion(string='7.0.72')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='7.0.70')), VersionConstraint(comparator='!=', version=MavenVersion(string='7.0.72')))), fixed_version=None)], references=[Reference(reference_id='CVE-2016-6796', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6796', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1758495', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1763236', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2016-6794'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='7.0.70')), VersionConstraint(comparator='!=', version=SemverVersion(string='7.0.72')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='7.0.70')), VersionConstraint(comparator='!=', version=MavenVersion(string='7.0.72')))), fixed_version=None)], references=[Reference(reference_id='CVE-2016-6794', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6794', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1754728', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2016-5018'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='7.0.70')), VersionConstraint(comparator='!=', version=SemverVersion(string='7.0.72')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='7.0.70')), VersionConstraint(comparator='!=', version=MavenVersion(string='7.0.72')))), fixed_version=None)], references=[Reference(reference_id='CVE-2016-5018', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5018', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1754902', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1760309', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2016-0762'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='7.0.70')), VersionConstraint(comparator='!=', version=SemverVersion(string='7.0.72')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='7.0.70')), VersionConstraint(comparator='!=', version=MavenVersion(string='7.0.72')))), fixed_version=None)], references=[Reference(reference_id='CVE-2016-0762', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0762', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1758502', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2016-3092'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='7.0.69')), VersionConstraint(comparator='!=', version=SemverVersion(string='7.0.70')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='7.0.69')), VersionConstraint(comparator='!=', version=MavenVersion(string='7.0.70')))), fixed_version=None)], references=[Reference(reference_id='CVE-2016-3092', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3092', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Moderate', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1743742', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2015-5345'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='7.0.67')), VersionConstraint(comparator='!=', version=SemverVersion(string='7.0.68')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='7.0.67')), VersionConstraint(comparator='!=', version=MavenVersion(string='7.0.68')))), fixed_version=None)], references=[Reference(reference_id='CVE-2015-5345', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5345', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1715213', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1716860', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1717212', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2015-5351'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='7.0.1')), VersionConstraint(comparator='<=', version=SemverVersion(string='7.0.67')), VersionConstraint(comparator='!=', version=SemverVersion(string='7.0.68')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='7.0.1')), VersionConstraint(comparator='<=', version=MavenVersion(string='7.0.67')), VersionConstraint(comparator='!=', version=MavenVersion(string='7.0.68')))), fixed_version=None)], references=[Reference(reference_id='CVE-2015-5351', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5351', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Moderate', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1720661', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1720663', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2016-0706'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='7.0.67')), VersionConstraint(comparator='!=', version=SemverVersion(string='7.0.68')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='7.0.67')), VersionConstraint(comparator='!=', version=MavenVersion(string='7.0.68')))), fixed_version=None)], references=[Reference(reference_id='CVE-2016-0706', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0706', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1722801', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2016-0714'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='7.0.67')), VersionConstraint(comparator='!=', version=SemverVersion(string='7.0.68')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='7.0.67')), VersionConstraint(comparator='!=', version=MavenVersion(string='7.0.68')))), fixed_version=None)], references=[Reference(reference_id='CVE-2016-0714', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0714', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Moderate', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1726923', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1727034', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2016-0763'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='7.0.67')), VersionConstraint(comparator='!=', version=SemverVersion(string='7.0.68')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='7.0.67')), VersionConstraint(comparator='!=', version=MavenVersion(string='7.0.68')))), fixed_version=None)], references=[Reference(reference_id='CVE-2016-0763', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0763', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Moderate', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1725931', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2015-5346'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='7.0.5')), VersionConstraint(comparator='<=', version=SemverVersion(string='7.0.65')), VersionConstraint(comparator='!=', version=SemverVersion(string='7.0.67')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='7.0.5')), VersionConstraint(comparator='<=', version=MavenVersion(string='7.0.65')), VersionConstraint(comparator='!=', version=MavenVersion(string='7.0.67')))), fixed_version=None)], references=[Reference(reference_id='CVE-2015-5346', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5346', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1713187', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2015-5174'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='7.0.64')), VersionConstraint(comparator='!=', version=SemverVersion(string='7.0.65')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='7.0.64')), VersionConstraint(comparator='!=', version=MavenVersion(string='7.0.65')))), fixed_version=None)], references=[Reference(reference_id='CVE-2015-5174', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5174', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1696284', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1700898', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2014-7810'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='7.0.57')), VersionConstraint(comparator='!=', version=SemverVersion(string='7.0.59')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='7.0.57')), VersionConstraint(comparator='!=', version=MavenVersion(string='7.0.59')))), fixed_version=None)], references=[Reference(reference_id='CVE-2014-7810', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7810', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Moderate', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1644019', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1645644', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2014-0227'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='7.0.54')), VersionConstraint(comparator='!=', version=SemverVersion(string='7.0.55')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='7.0.54')), VersionConstraint(comparator='!=', version=MavenVersion(string='7.0.55')))), fixed_version=None)], references=[Reference(reference_id='CVE-2014-0227', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0227', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1601333', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2014-0230'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='7.0.54')), VersionConstraint(comparator='!=', version=SemverVersion(string='7.0.55')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='7.0.54')), VersionConstraint(comparator='!=', version=MavenVersion(string='7.0.55')))), fixed_version=None)], references=[Reference(reference_id='CVE-2014-0230', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0230', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1603781', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1603811', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1609176', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1659295', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2014-0119'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='7.0.53')), VersionConstraint(comparator='!=', version=SemverVersion(string='7.0.54')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='7.0.53')), VersionConstraint(comparator='!=', version=MavenVersion(string='7.0.54')))), fixed_version=None)], references=[Reference(reference_id='CVE-2014-0119', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0119', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1588199', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1589997', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1590028', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1590036', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2014-0075'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='7.0.52')), VersionConstraint(comparator='!=', version=SemverVersion(string='7.0.53')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='7.0.52')), VersionConstraint(comparator='!=', version=MavenVersion(string='7.0.53')))), fixed_version=None)], references=[Reference(reference_id='CVE-2014-0075', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0075', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1578341', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2014-0096'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='7.0.52')), VersionConstraint(comparator='!=', version=SemverVersion(string='7.0.53')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='7.0.52')), VersionConstraint(comparator='!=', version=MavenVersion(string='7.0.53')))), fixed_version=None)], references=[Reference(reference_id='CVE-2014-0096', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0096', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1578637', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1578655', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2014-0099'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='7.0.52')), VersionConstraint(comparator='!=', version=SemverVersion(string='7.0.53')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='7.0.52')), VersionConstraint(comparator='!=', version=MavenVersion(string='7.0.53')))), fixed_version=None)], references=[Reference(reference_id='CVE-2014-0099', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0099', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1578814', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2014-0050'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='7.0.50')), VersionConstraint(comparator='!=', version=SemverVersion(string='7.0.52')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='7.0.50')), VersionConstraint(comparator='!=', version=MavenVersion(string='7.0.52')))), fixed_version=None)], references=[Reference(reference_id='CVE-2014-0050', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0050', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1565169', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2013-4322'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='7.0.47')), VersionConstraint(comparator='!=', version=SemverVersion(string='7.0.50')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='7.0.47')), VersionConstraint(comparator='!=', version=MavenVersion(string='7.0.50')))), fixed_version=None)], references=[Reference(reference_id='CVE-2013-4322', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4322', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1521864', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1549523', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2013-4590'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='7.0.47')), VersionConstraint(comparator='!=', version=SemverVersion(string='7.0.50')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='7.0.47')), VersionConstraint(comparator='!=', version=MavenVersion(string='7.0.50')))), fixed_version=None)], references=[Reference(reference_id='CVE-2013-4590', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4590', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1549529', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2013-4286'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='7.0.42')), VersionConstraint(comparator='!=', version=SemverVersion(string='7.0.47')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='7.0.42')), VersionConstraint(comparator='!=', version=MavenVersion(string='7.0.47')))), fixed_version=None)], references=[Reference(reference_id='CVE-2013-4286', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4286', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1521854', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2013-2071'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='7.0.39')), VersionConstraint(comparator='!=', version=SemverVersion(string='7.0.40')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='7.0.39')), VersionConstraint(comparator='!=', version=MavenVersion(string='7.0.40')))), fixed_version=None)], references=[Reference(reference_id='CVE-2013-2071', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2071', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Moderate', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1471372', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2013-4444'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='7.0.39')), VersionConstraint(comparator='!=', version=SemverVersion(string='7.0.40')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='7.0.39')), VersionConstraint(comparator='!=', version=MavenVersion(string='7.0.40')))), fixed_version=None)], references=[Reference(reference_id='CVE-2013-4444', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4444', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1470437', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2013-2067'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='7.0.32')), VersionConstraint(comparator='!=', version=SemverVersion(string='7.0.33')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='7.0.32')), VersionConstraint(comparator='!=', version=MavenVersion(string='7.0.33')))), fixed_version=None)], references=[Reference(reference_id='CVE-2013-2067', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2067', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1408044', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2012-4431'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='7.0.31')), VersionConstraint(comparator='!=', version=SemverVersion(string='7.0.32')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='7.0.31')), VersionConstraint(comparator='!=', version=MavenVersion(string='7.0.32')))), fixed_version=None)], references=[Reference(reference_id='CVE-2012-4431', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4431', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1393088', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2012-3544'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='7.0.29')), VersionConstraint(comparator='!=', version=SemverVersion(string='7.0.30')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='7.0.29')), VersionConstraint(comparator='!=', version=MavenVersion(string='7.0.30')))), fixed_version=None)], references=[Reference(reference_id='CVE-2012-3544', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3544', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1378702', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1378921', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2012-3439'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='7.0.29')), VersionConstraint(comparator='!=', version=SemverVersion(string='7.0.30')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='7.0.29')), VersionConstraint(comparator='!=', version=MavenVersion(string='7.0.30')))), fixed_version=None)], references=[Reference(reference_id='CVE-2012-3439', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3439', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Moderate', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1377807', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2012-3546'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='7.0.29')), VersionConstraint(comparator='!=', version=SemverVersion(string='7.0.30')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='7.0.29')), VersionConstraint(comparator='!=', version=MavenVersion(string='7.0.30')))), fixed_version=None)], references=[Reference(reference_id='CVE-2012-3546', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3546', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1377892', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2012-2733'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='7.0.27')), VersionConstraint(comparator='!=', version=SemverVersion(string='7.0.28')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='7.0.27')), VersionConstraint(comparator='!=', version=MavenVersion(string='7.0.28')))), fixed_version=None)], references=[Reference(reference_id='CVE-2012-2733', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2733', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1350301', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2012-4534'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='7.0.27')), VersionConstraint(comparator='!=', version=SemverVersion(string='7.0.28')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='7.0.27')), VersionConstraint(comparator='!=', version=MavenVersion(string='7.0.28')))), fixed_version=None)], references=[Reference(reference_id='CVE-2012-4534', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4534', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1340218', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2012-0022'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='7.0.22')), VersionConstraint(comparator='!=', version=SemverVersion(string='7.0.23')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='7.0.22')), VersionConstraint(comparator='!=', version=MavenVersion(string='7.0.23')))), fixed_version=None)], references=[Reference(reference_id='CVE-2012-0022', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0022', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1189899', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1190372', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1190482', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1194917', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1195225', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1195226', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1195537', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1195909', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1195944', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1195951', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1195977', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1198641', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2011-3375'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='7.0.21')), VersionConstraint(comparator='!=', version=SemverVersion(string='7.0.22')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='7.0.21')), VersionConstraint(comparator='!=', version=MavenVersion(string='7.0.22')))), fixed_version=None)], references=[Reference(reference_id='CVE-2011-3375', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3375', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1176592', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2011-3376'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='7.0.21')), VersionConstraint(comparator='!=', version=SemverVersion(string='7.0.22')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='7.0.21')), VersionConstraint(comparator='!=', version=MavenVersion(string='7.0.22')))), fixed_version=None)], references=[Reference(reference_id='CVE-2011-3376', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3376', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1176588', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2011-3190'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='7.0.20')), VersionConstraint(comparator='!=', version=SemverVersion(string='7.0.21')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='7.0.20')), VersionConstraint(comparator='!=', version=MavenVersion(string='7.0.21')))), fixed_version=None)], references=[Reference(reference_id='CVE-2011-3190', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3190', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1162958', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2011-2729'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='7.0.19')), VersionConstraint(comparator='!=', version=SemverVersion(string='7.0.20')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='7.0.19')), VersionConstraint(comparator='!=', version=MavenVersion(string='7.0.20')))), fixed_version=None)], references=[Reference(reference_id='CVE-2011-2729', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2729', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1153379', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2011-2526'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='7.0.18')), VersionConstraint(comparator='!=', version=SemverVersion(string='7.0.19')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='7.0.18')), VersionConstraint(comparator='!=', version=MavenVersion(string='7.0.19')))), fixed_version=None)], references=[Reference(reference_id='CVE-2011-2526', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2526', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1145383', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1145489', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1145571', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1145694', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1146005', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2011-2204'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='7.0.16')), VersionConstraint(comparator='!=', version=SemverVersion(string='7.0.19')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='7.0.16')), VersionConstraint(comparator='!=', version=MavenVersion(string='7.0.19')))), fixed_version=None)], references=[Reference(reference_id='CVE-2011-2204', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2204', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1140070', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2011-2481'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='7.0.16')), VersionConstraint(comparator='!=', version=SemverVersion(string='7.0.19')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='7.0.16')), VersionConstraint(comparator='!=', version=MavenVersion(string='7.0.19')))), fixed_version=None)], references=[Reference(reference_id='CVE-2011-2481', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2481', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2011-1582'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='7.0.12')), VersionConstraint(comparator='<=', version=SemverVersion(string='7.0.13')), VersionConstraint(comparator='!=', version=SemverVersion(string='7.0.14')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='7.0.12')), VersionConstraint(comparator='<=', version=MavenVersion(string='7.0.13')), VersionConstraint(comparator='!=', version=MavenVersion(string='7.0.14')))), fixed_version=None)], references=[Reference(reference_id='CVE-2011-1582', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1582', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1100832', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2011-1475'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='7.0.11')), VersionConstraint(comparator='!=', version=SemverVersion(string='7.0.12')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='7.0.11')), VersionConstraint(comparator='!=', version=MavenVersion(string='7.0.12')))), fixed_version=None)], references=[Reference(reference_id='CVE-2011-1475', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1475', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1086349', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1086352', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2011-1184'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='7.0.11')), VersionConstraint(comparator='!=', version=SemverVersion(string='7.0.12')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='7.0.11')), VersionConstraint(comparator='!=', version=MavenVersion(string='7.0.12')))), fixed_version=None)], references=[Reference(reference_id='CVE-2011-1184', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1184', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Moderate', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1087655', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2011-1183'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='=', version=SemverVersion(string='7.0.11')), VersionConstraint(comparator='!=', version=SemverVersion(string='7.0.12')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='=', version=MavenVersion(string='7.0.11')), VersionConstraint(comparator='!=', version=MavenVersion(string='7.0.12')))), fixed_version=None)], references=[Reference(reference_id='CVE-2011-1183', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1183', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1087643', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2011-1088'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='7.0.10')), VersionConstraint(comparator='!=', version=SemverVersion(string='7.0.11')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='7.0.10')), VersionConstraint(comparator='!=', version=MavenVersion(string='7.0.11')))), fixed_version=None)], references=[Reference(reference_id='CVE-2011-1088', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1088', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1076586', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1076587', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1077995', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1079752', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2011-0534'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='7.0.6')), VersionConstraint(comparator='!=', version=SemverVersion(string='7.0.8')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='7.0.6')), VersionConstraint(comparator='!=', version=MavenVersion(string='7.0.8')))), fixed_version=None)], references=[Reference(reference_id='CVE-2011-0534', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0534', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1065939', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2011-0013'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='7.0.5')), VersionConstraint(comparator='!=', version=SemverVersion(string='7.0.6')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='7.0.5')), VersionConstraint(comparator='!=', version=MavenVersion(string='7.0.6')))), fixed_version=None)], references=[Reference(reference_id='CVE-2011-0013', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0013', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1057279', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2010-4172'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='7.0.4')), VersionConstraint(comparator='!=', version=SemverVersion(string='7.0.5')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='7.0.4')), VersionConstraint(comparator='!=', version=MavenVersion(string='7.0.5')))), fixed_version=None)], references=[Reference(reference_id='CVE-2010-4172', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4172', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1037778', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2010-3718'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='7.0.3')), VersionConstraint(comparator='!=', version=SemverVersion(string='7.0.4')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='7.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='7.0.3')), VersionConstraint(comparator='!=', version=MavenVersion(string='7.0.4')))), fixed_version=None)], references=[Reference(reference_id='CVE-2010-3718', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3718', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1022134', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2010-2227'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='=', version=SemverVersion(string='7.0.0')), VersionConstraint(comparator='!=', version=SemverVersion(string='7.0.2')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='=', version=MavenVersion(string='7.0.0')), VersionConstraint(comparator='!=', version=MavenVersion(string='7.0.2')))), fixed_version=None)], references=[Reference(reference_id='CVE-2010-2227', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2227', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=958911', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2017-5647'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='6.0.52')), VersionConstraint(comparator='!=', version=SemverVersion(string='6.0.53')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='6.0.52')), VersionConstraint(comparator='!=', version=MavenVersion(string='6.0.53')))), fixed_version=None)], references=[Reference(reference_id='CVE-2017-5647', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5647', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1789024', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1789155', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1789856', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2016-8745'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='6.0.16')), VersionConstraint(comparator='<=', version=SemverVersion(string='6.0.48')), VersionConstraint(comparator='!=', version=SemverVersion(string='6.0.50')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='6.0.16')), VersionConstraint(comparator='<=', version=MavenVersion(string='6.0.48')), VersionConstraint(comparator='!=', version=MavenVersion(string='6.0.50')))), fixed_version=None)], references=[Reference(reference_id='CVE-2016-8745', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8745', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1777472', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2016-8735'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='6.0.47')), VersionConstraint(comparator='!=', version=SemverVersion(string='6.0.48')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='6.0.47')), VersionConstraint(comparator='!=', version=MavenVersion(string='6.0.48')))), fixed_version=None)], references=[Reference(reference_id='CVE-2016-8735', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8735', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1767684', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2016-6816'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='6.0.47')), VersionConstraint(comparator='!=', version=SemverVersion(string='6.0.48')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='6.0.47')), VersionConstraint(comparator='!=', version=MavenVersion(string='6.0.48')))), fixed_version=None)], references=[Reference(reference_id='CVE-2016-6816', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6816', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1767683', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2016-6797'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='6.0.45')), VersionConstraint(comparator='!=', version=SemverVersion(string='6.0.47')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='6.0.45')), VersionConstraint(comparator='!=', version=MavenVersion(string='6.0.47')))), fixed_version=None)], references=[Reference(reference_id='CVE-2016-6797', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6797', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1757285', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2016-6796'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='6.0.45')), VersionConstraint(comparator='!=', version=SemverVersion(string='6.0.47')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='6.0.45')), VersionConstraint(comparator='!=', version=MavenVersion(string='6.0.47')))), fixed_version=None)], references=[Reference(reference_id='CVE-2016-6796', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6796', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1758496', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1763237', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2016-6794'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='6.0.45')), VersionConstraint(comparator='!=', version=SemverVersion(string='6.0.47')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='6.0.45')), VersionConstraint(comparator='!=', version=MavenVersion(string='6.0.47')))), fixed_version=None)], references=[Reference(reference_id='CVE-2016-6794', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6794', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1754733', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2016-5018'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='6.0.45')), VersionConstraint(comparator='!=', version=SemverVersion(string='6.0.47')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='6.0.45')), VersionConstraint(comparator='!=', version=MavenVersion(string='6.0.47')))), fixed_version=None)], references=[Reference(reference_id='CVE-2016-5018', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5018', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1754904', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1761718', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2016-0762'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='6.0.45')), VersionConstraint(comparator='!=', version=SemverVersion(string='6.0.47')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='6.0.45')), VersionConstraint(comparator='!=', version=MavenVersion(string='6.0.47')))), fixed_version=None)], references=[Reference(reference_id='CVE-2016-0762', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0762', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1758506', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2015-5174'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='6.0.44')), VersionConstraint(comparator='!=', version=SemverVersion(string='6.0.45')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='6.0.44')), VersionConstraint(comparator='!=', version=MavenVersion(string='6.0.45')))), fixed_version=None)], references=[Reference(reference_id='CVE-2015-5174', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5174', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1700900', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2015-5345'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='6.0.44')), VersionConstraint(comparator='!=', version=SemverVersion(string='6.0.45')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='6.0.44')), VersionConstraint(comparator='!=', version=MavenVersion(string='6.0.45')))), fixed_version=None)], references=[Reference(reference_id='CVE-2015-5345', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5345', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1715216', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1717216', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2016-0706'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='6.0.44')), VersionConstraint(comparator='!=', version=SemverVersion(string='6.0.45')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='6.0.44')), VersionConstraint(comparator='!=', version=MavenVersion(string='6.0.45')))), fixed_version=None)], references=[Reference(reference_id='CVE-2016-0706', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0706', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1722802', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2016-0714'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='6.0.44')), VersionConstraint(comparator='!=', version=SemverVersion(string='6.0.45')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='6.0.44')), VersionConstraint(comparator='!=', version=MavenVersion(string='6.0.45')))), fixed_version=None)], references=[Reference(reference_id='CVE-2016-0714', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0714', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Moderate', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1727166', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1727182', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2014-0230'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='6.0.43')), VersionConstraint(comparator='!=', version=SemverVersion(string='6.0.44')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='6.0.43')), VersionConstraint(comparator='!=', version=MavenVersion(string='6.0.44')))), fixed_version=None)], references=[Reference(reference_id='CVE-2014-0230', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0230', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1659537', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2014-7810'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='6.0.43')), VersionConstraint(comparator='!=', version=SemverVersion(string='6.0.44')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='6.0.43')), VersionConstraint(comparator='!=', version=MavenVersion(string='6.0.44')))), fixed_version=None)], references=[Reference(reference_id='CVE-2014-7810', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7810', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Moderate', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1645366', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1659538', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2014-0227'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='6.0.41')), VersionConstraint(comparator='!=', version=SemverVersion(string='6.0.43')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='6.0.41')), VersionConstraint(comparator='!=', version=MavenVersion(string='6.0.43')))), fixed_version=None)], references=[Reference(reference_id='CVE-2014-0227', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0227', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1603628', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2014-0075'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='6.0.39')), VersionConstraint(comparator='!=', version=SemverVersion(string='6.0.41')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='6.0.39')), VersionConstraint(comparator='!=', version=MavenVersion(string='6.0.41')))), fixed_version=None)], references=[Reference(reference_id='CVE-2014-0075', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0075', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1579262', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2014-0096'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='6.0.39')), VersionConstraint(comparator='!=', version=SemverVersion(string='6.0.41')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='6.0.39')), VersionConstraint(comparator='!=', version=MavenVersion(string='6.0.41')))), fixed_version=None)], references=[Reference(reference_id='CVE-2014-0096', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0096', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1585853', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2014-0099'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='6.0.39')), VersionConstraint(comparator='!=', version=SemverVersion(string='6.0.41')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='6.0.39')), VersionConstraint(comparator='!=', version=MavenVersion(string='6.0.41')))), fixed_version=None)], references=[Reference(reference_id='CVE-2014-0099', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0099', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1580473', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2014-0119'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='6.0.39')), VersionConstraint(comparator='!=', version=SemverVersion(string='6.0.41')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='6.0.39')), VersionConstraint(comparator='!=', version=MavenVersion(string='6.0.41')))), fixed_version=None)], references=[Reference(reference_id='CVE-2014-0119', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0119', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1589640', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1593815', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1593821', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2013-1571'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='6.0.37')), VersionConstraint(comparator='!=', version=SemverVersion(string='6.0.39')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='6.0.37')), VersionConstraint(comparator='!=', version=MavenVersion(string='6.0.39')))), fixed_version=None)], references=[Reference(reference_id='CVE-2013-1571', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1571', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2013-4286'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='6.0.37')), VersionConstraint(comparator='!=', version=SemverVersion(string='6.0.39')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='6.0.37')), VersionConstraint(comparator='!=', version=MavenVersion(string='6.0.39')))), fixed_version=None)], references=[Reference(reference_id='CVE-2013-4286', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4286', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1552565', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2013-4322'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='6.0.37')), VersionConstraint(comparator='!=', version=SemverVersion(string='6.0.39')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='6.0.37')), VersionConstraint(comparator='!=', version=MavenVersion(string='6.0.39')))), fixed_version=None)], references=[Reference(reference_id='CVE-2013-4322', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4322', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1556540', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2013-4590'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='6.0.37')), VersionConstraint(comparator='!=', version=SemverVersion(string='6.0.39')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='6.0.37')), VersionConstraint(comparator='!=', version=MavenVersion(string='6.0.39')))), fixed_version=None)], references=[Reference(reference_id='CVE-2013-4590', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4590', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1558828', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2014-0033'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='6.0.33')), VersionConstraint(comparator='<=', version=SemverVersion(string='6.0.37')), VersionConstraint(comparator='!=', version=SemverVersion(string='6.0.39')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='6.0.33')), VersionConstraint(comparator='<=', version=MavenVersion(string='6.0.37')), VersionConstraint(comparator='!=', version=MavenVersion(string='6.0.39')))), fixed_version=None)], references=[Reference(reference_id='CVE-2014-0033', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0033', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1558822', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2013-2067'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='6.0.21')), VersionConstraint(comparator='<=', version=SemverVersion(string='6.0.36')), VersionConstraint(comparator='!=', version=SemverVersion(string='6.0.37')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='6.0.21')), VersionConstraint(comparator='<=', version=MavenVersion(string='6.0.36')), VersionConstraint(comparator='!=', version=MavenVersion(string='6.0.37')))), fixed_version=None)], references=[Reference(reference_id='CVE-2013-2067', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2067', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1417891', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2012-3544'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='6.0.36')), VersionConstraint(comparator='!=', version=SemverVersion(string='6.0.37')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='6.0.36')), VersionConstraint(comparator='!=', version=MavenVersion(string='6.0.37')))), fixed_version=None)], references=[Reference(reference_id='CVE-2012-3544', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3544', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1476592', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2012-2733'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='6.0.35')), VersionConstraint(comparator='!=', version=SemverVersion(string='6.0.36')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='6.0.35')), VersionConstraint(comparator='!=', version=MavenVersion(string='6.0.36')))), fixed_version=None)], references=[Reference(reference_id='CVE-2012-2733', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2733', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1356208', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2012-3439'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='6.0.35')), VersionConstraint(comparator='!=', version=SemverVersion(string='6.0.36')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='6.0.35')), VersionConstraint(comparator='!=', version=MavenVersion(string='6.0.36')))), fixed_version=None)], references=[Reference(reference_id='CVE-2012-3439', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3439', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Moderate', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1380829', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2012-3546'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='6.0.35')), VersionConstraint(comparator='!=', version=SemverVersion(string='6.0.36')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='6.0.35')), VersionConstraint(comparator='!=', version=MavenVersion(string='6.0.36')))), fixed_version=None)], references=[Reference(reference_id='CVE-2012-3546', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3546', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1381035', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2012-4431'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='6.0.30')), VersionConstraint(comparator='<=', version=SemverVersion(string='6.0.35')), VersionConstraint(comparator='!=', version=SemverVersion(string='6.0.36')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='6.0.30')), VersionConstraint(comparator='<=', version=MavenVersion(string='6.0.35')), VersionConstraint(comparator='!=', version=MavenVersion(string='6.0.36')))), fixed_version=None)], references=[Reference(reference_id='CVE-2012-4431', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4431', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1394456', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2012-4534'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='6.0.35')), VersionConstraint(comparator='!=', version=SemverVersion(string='6.0.36')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='6.0.35')), VersionConstraint(comparator='!=', version=MavenVersion(string='6.0.36')))), fixed_version=None)], references=[Reference(reference_id='CVE-2012-4534', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4534', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1372035', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2011-3375'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='6.0.30')), VersionConstraint(comparator='<=', version=SemverVersion(string='6.0.33')), VersionConstraint(comparator='!=', version=SemverVersion(string='6.0.35')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='6.0.30')), VersionConstraint(comparator='<=', version=MavenVersion(string='6.0.33')), VersionConstraint(comparator='!=', version=MavenVersion(string='6.0.35')))), fixed_version=None)], references=[Reference(reference_id='CVE-2011-3375', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3375', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1185998', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2011-3190'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='6.0.33')), VersionConstraint(comparator='!=', version=SemverVersion(string='6.0.35')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='6.0.33')), VersionConstraint(comparator='!=', version=MavenVersion(string='6.0.35')))), fixed_version=None)], references=[Reference(reference_id='CVE-2011-3190', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3190', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1162959', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2012-0022'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='6.0.33')), VersionConstraint(comparator='!=', version=SemverVersion(string='6.0.35')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='6.0.33')), VersionConstraint(comparator='!=', version=MavenVersion(string='6.0.35')))), fixed_version=None)], references=[Reference(reference_id='CVE-2012-0022', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0022', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1200601', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1206324', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1229027', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2011-1184'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='6.0.32')), VersionConstraint(comparator='!=', version=SemverVersion(string='6.0.33')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='6.0.32')), VersionConstraint(comparator='!=', version=MavenVersion(string='6.0.33')))), fixed_version=None)], references=[Reference(reference_id='CVE-2011-1184', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1184', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Moderate', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1158180', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2011-2204'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='6.0.32')), VersionConstraint(comparator='!=', version=SemverVersion(string='6.0.33')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='6.0.32')), VersionConstraint(comparator='!=', version=MavenVersion(string='6.0.33')))), fixed_version=None)], references=[Reference(reference_id='CVE-2011-2204', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2204', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1140071', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2011-2526'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='6.0.32')), VersionConstraint(comparator='!=', version=SemverVersion(string='6.0.33')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='6.0.32')), VersionConstraint(comparator='!=', version=MavenVersion(string='6.0.33')))), fixed_version=None)], references=[Reference(reference_id='CVE-2011-2526', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2526', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1146703', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2011-2729'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='6.0.30')), VersionConstraint(comparator='<=', version=SemverVersion(string='6.0.32')), VersionConstraint(comparator='!=', version=SemverVersion(string='6.0.33')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='6.0.30')), VersionConstraint(comparator='<=', version=MavenVersion(string='6.0.32')), VersionConstraint(comparator='!=', version=MavenVersion(string='6.0.33')))), fixed_version=None)], references=[Reference(reference_id='CVE-2011-2729', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2729', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1153824', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2011-0534'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='6.0.30')), VersionConstraint(comparator='!=', version=SemverVersion(string='6.0.32')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='6.0.30')), VersionConstraint(comparator='!=', version=MavenVersion(string='6.0.32')))), fixed_version=None)], references=[Reference(reference_id='CVE-2011-0534', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0534', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1066313', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2011-0013'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='6.0.29')), VersionConstraint(comparator='!=', version=SemverVersion(string='6.0.30')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='6.0.29')), VersionConstraint(comparator='!=', version=MavenVersion(string='6.0.30')))), fixed_version=None)], references=[Reference(reference_id='CVE-2011-0013', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0013', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1057270', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2010-4172'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='6.0.12')), VersionConstraint(comparator='<=', version=SemverVersion(string='6.0.29')), VersionConstraint(comparator='!=', version=SemverVersion(string='6.0.30')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='6.0.12')), VersionConstraint(comparator='<=', version=MavenVersion(string='6.0.29')), VersionConstraint(comparator='!=', version=MavenVersion(string='6.0.30')))), fixed_version=None)], references=[Reference(reference_id='CVE-2010-4172', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4172', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Moderate', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1037779', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2010-3718'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='6.0.29')), VersionConstraint(comparator='!=', version=SemverVersion(string='6.0.30')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='6.0.29')), VersionConstraint(comparator='!=', version=MavenVersion(string='6.0.30')))), fixed_version=None)], references=[Reference(reference_id='CVE-2010-3718', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3718', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1022560', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2010-2227'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='6.0.27')), VersionConstraint(comparator='!=', version=SemverVersion(string='6.0.28')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='6.0.27')), VersionConstraint(comparator='!=', version=MavenVersion(string='6.0.28')))), fixed_version=None)], references=[Reference(reference_id='CVE-2010-2227', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2227', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2010-1157'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='6.0.26')), VersionConstraint(comparator='!=', version=SemverVersion(string='6.0.28')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='6.0.26')), VersionConstraint(comparator='!=', version=MavenVersion(string='6.0.28')))), fixed_version=None)], references=[Reference(reference_id='CVE-2010-1157', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1157', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=936540', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2009-2693'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='6.0.20')), VersionConstraint(comparator='!=', version=SemverVersion(string='6.0.24')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='6.0.20')), VersionConstraint(comparator='!=', version=MavenVersion(string='6.0.24')))), fixed_version=None)], references=[Reference(reference_id='CVE-2009-2693', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2693', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=892815', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2009-2901'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='6.0.20')), VersionConstraint(comparator='!=', version=SemverVersion(string='6.0.24')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='6.0.20')), VersionConstraint(comparator='!=', version=MavenVersion(string='6.0.24')))), fixed_version=None)], references=[Reference(reference_id='CVE-2009-2901', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2901', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=892815', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2009-2902'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='6.0.20')), VersionConstraint(comparator='!=', version=SemverVersion(string='6.0.24')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='6.0.20')), VersionConstraint(comparator='!=', version=MavenVersion(string='6.0.24')))), fixed_version=None)], references=[Reference(reference_id='CVE-2009-2902', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2902', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=892815', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2009-3548'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='6.0.20')), VersionConstraint(comparator='!=', version=SemverVersion(string='6.0.24')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='6.0.20')), VersionConstraint(comparator='!=', version=MavenVersion(string='6.0.24')))), fixed_version=None)], references=[Reference(reference_id='CVE-2009-3548', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3548', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=881771', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2008-5515'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='6.0.18')), VersionConstraint(comparator='!=', version=SemverVersion(string='6.0.20')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='6.0.18')), VersionConstraint(comparator='!=', version=MavenVersion(string='6.0.20')))), fixed_version=None)], references=[Reference(reference_id='CVE-2008-5515', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5515', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=734734', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2009-0033'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='6.0.18')), VersionConstraint(comparator='!=', version=SemverVersion(string='6.0.20')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='6.0.18')), VersionConstraint(comparator='!=', version=MavenVersion(string='6.0.20')))), fixed_version=None)], references=[Reference(reference_id='CVE-2009-0033', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0033', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=742915', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2009-0580'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='6.0.18')), VersionConstraint(comparator='!=', version=SemverVersion(string='6.0.20')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='6.0.18')), VersionConstraint(comparator='!=', version=MavenVersion(string='6.0.20')))), fixed_version=None)], references=[Reference(reference_id='CVE-2009-0580', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0580', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=747840', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2009-0781'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='6.0.18')), VersionConstraint(comparator='!=', version=SemverVersion(string='6.0.20')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='6.0.18')), VersionConstraint(comparator='!=', version=MavenVersion(string='6.0.20')))), fixed_version=None)], references=[Reference(reference_id='CVE-2009-0781', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0781', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=750924', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2009-0783'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='6.0.18')), VersionConstraint(comparator='!=', version=SemverVersion(string='6.0.20')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='6.0.18')), VersionConstraint(comparator='!=', version=MavenVersion(string='6.0.20')))), fixed_version=None)], references=[Reference(reference_id='CVE-2009-0783', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0783', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=652592', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=739522', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2008-1232'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='6.0.16')), VersionConstraint(comparator='!=', version=SemverVersion(string='6.0.18')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='6.0.16')), VersionConstraint(comparator='!=', version=MavenVersion(string='6.0.18')))), fixed_version=None)], references=[Reference(reference_id='CVE-2008-1232', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1232', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=673834', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2008-1947'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='6.0.16')), VersionConstraint(comparator='!=', version=SemverVersion(string='6.0.18')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='6.0.16')), VersionConstraint(comparator='!=', version=MavenVersion(string='6.0.18')))), fixed_version=None)], references=[Reference(reference_id='CVE-2008-1947', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1947', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=662585', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2008-2370'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='6.0.16')), VersionConstraint(comparator='!=', version=SemverVersion(string='6.0.18')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='6.0.16')), VersionConstraint(comparator='!=', version=MavenVersion(string='6.0.18')))), fixed_version=None)], references=[Reference(reference_id='CVE-2008-2370', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2370', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=673839', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2007-5333'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='6.0.14')), VersionConstraint(comparator='!=', version=SemverVersion(string='6.0.16')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='6.0.14')), VersionConstraint(comparator='!=', version=MavenVersion(string='6.0.16')))), fixed_version=None)], references=[Reference(reference_id='CVE-2007-5333', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5333', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2007-5342'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='6.0.15')), VersionConstraint(comparator='!=', version=SemverVersion(string='6.0.16')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='6.0.15')), VersionConstraint(comparator='!=', version=MavenVersion(string='6.0.16')))), fixed_version=None)], references=[Reference(reference_id='CVE-2007-5342', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5342', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2007-5461'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='6.0.14')), VersionConstraint(comparator='!=', version=SemverVersion(string='6.0.16')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='6.0.14')), VersionConstraint(comparator='!=', version=MavenVersion(string='6.0.16')))), fixed_version=None)], references=[Reference(reference_id='CVE-2007-5461', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5461', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2007-6286'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='6.0.15')), VersionConstraint(comparator='!=', version=SemverVersion(string='6.0.16')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='6.0.15')), VersionConstraint(comparator='!=', version=MavenVersion(string='6.0.16')))), fixed_version=None)], references=[Reference(reference_id='CVE-2007-6286', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6286', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2008-0002'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='6.0.5')), VersionConstraint(comparator='<=', version=SemverVersion(string='6.0.15')), VersionConstraint(comparator='!=', version=SemverVersion(string='6.0.16')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='6.0.5')), VersionConstraint(comparator='<=', version=MavenVersion(string='6.0.15')), VersionConstraint(comparator='!=', version=MavenVersion(string='6.0.16')))), fixed_version=None)], references=[Reference(reference_id='CVE-2008-0002', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0002', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2007-2449'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='6.0.13')), VersionConstraint(comparator='!=', version=SemverVersion(string='6.0.14')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='6.0.13')), VersionConstraint(comparator='!=', version=MavenVersion(string='6.0.14')))), fixed_version=None)], references=[Reference(reference_id='CVE-2007-2449', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2449', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2007-2450'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='6.0.13')), VersionConstraint(comparator='!=', version=SemverVersion(string='6.0.14')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='6.0.13')), VersionConstraint(comparator='!=', version=MavenVersion(string='6.0.14')))), fixed_version=None)], references=[Reference(reference_id='CVE-2007-2450', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2450', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2007-3382'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='6.0.13')), VersionConstraint(comparator='!=', version=SemverVersion(string='6.0.14')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='6.0.13')), VersionConstraint(comparator='!=', version=MavenVersion(string='6.0.14')))), fixed_version=None)], references=[Reference(reference_id='CVE-2007-3382', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3382', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2007-3385'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='6.0.13')), VersionConstraint(comparator='!=', version=SemverVersion(string='6.0.14')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='6.0.13')), VersionConstraint(comparator='!=', version=MavenVersion(string='6.0.14')))), fixed_version=None)], references=[Reference(reference_id='CVE-2007-3385', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3385', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2007-3386'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='6.0.13')), VersionConstraint(comparator='!=', version=SemverVersion(string='6.0.14')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='6.0.13')), VersionConstraint(comparator='!=', version=MavenVersion(string='6.0.14')))), fixed_version=None)], references=[Reference(reference_id='CVE-2007-3386', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3386', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2007-1355'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='6.0.10')), VersionConstraint(comparator='!=', version=SemverVersion(string='6.0.11')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='6.0.10')), VersionConstraint(comparator='!=', version=MavenVersion(string='6.0.11')))), fixed_version=None)], references=[Reference(reference_id='CVE-2007-1355', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1355', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Moderate', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2005-2090'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='6.0.10')), VersionConstraint(comparator='!=', version=SemverVersion(string='6.0.11')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='6.0.10')), VersionConstraint(comparator='!=', version=MavenVersion(string='6.0.11')))), fixed_version=None)], references=[Reference(reference_id='CVE-2005-2090', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2090', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2007-0450'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='6.0.9')), VersionConstraint(comparator='!=', version=SemverVersion(string='6.0.10')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='6.0.9')), VersionConstraint(comparator='!=', version=MavenVersion(string='6.0.10')))), fixed_version=None)], references=[Reference(reference_id='CVE-2007-0450', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0450', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2008-0128'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='6.0.8')), VersionConstraint(comparator='!=', version=SemverVersion(string='6.0.9')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='6.0.8')), VersionConstraint(comparator='!=', version=MavenVersion(string='6.0.9')))), fixed_version=None)], references=[Reference(reference_id='CVE-2008-0128', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0128', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Moderate', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2007-1358'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='6.0.5')), VersionConstraint(comparator='!=', version=SemverVersion(string='6.0.6')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='6.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='6.0.5')), VersionConstraint(comparator='!=', version=MavenVersion(string='6.0.6')))), fixed_version=None)], references=[Reference(reference_id='CVE-2007-1358', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1358', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2012-3439'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='5.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='5.5.35')), VersionConstraint(comparator='!=', version=SemverVersion(string='5.5.36')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='5.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='5.5.35')), VersionConstraint(comparator='!=', version=MavenVersion(string='5.5.36')))), fixed_version=None)], references=[Reference(reference_id='CVE-2012-3439', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3439', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Moderate', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1392248', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2012-0022'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='5.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='5.5.34')), VersionConstraint(comparator='!=', version=SemverVersion(string='5.5.35')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='5.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='5.5.34')), VersionConstraint(comparator='!=', version=MavenVersion(string='5.5.35')))), fixed_version=None)], references=[Reference(reference_id='CVE-2012-0022', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0022', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1221282', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1224640', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1228191', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2011-1184'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='5.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='5.5.33')), VersionConstraint(comparator='!=', version=SemverVersion(string='5.5.34')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='5.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='5.5.33')), VersionConstraint(comparator='!=', version=MavenVersion(string='5.5.34')))), fixed_version=None)], references=[Reference(reference_id='CVE-2011-1184', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1184', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Moderate', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1159309', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2011-2204'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='5.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='5.5.33')), VersionConstraint(comparator='!=', version=SemverVersion(string='5.5.34')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='5.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='5.5.33')), VersionConstraint(comparator='!=', version=MavenVersion(string='5.5.34')))), fixed_version=None)], references=[Reference(reference_id='CVE-2011-2204', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2204', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1140072', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2011-2526'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='5.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='5.5.33')), VersionConstraint(comparator='!=', version=SemverVersion(string='5.5.34')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='5.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='5.5.33')), VersionConstraint(comparator='!=', version=MavenVersion(string='5.5.34')))), fixed_version=None)], references=[Reference(reference_id='CVE-2011-2526', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2526', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1158244', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2011-2729'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='5.5.32')), VersionConstraint(comparator='<=', version=SemverVersion(string='5.5.33')), VersionConstraint(comparator='!=', version=SemverVersion(string='5.5.34')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='5.5.32')), VersionConstraint(comparator='<=', version=MavenVersion(string='5.5.33')), VersionConstraint(comparator='!=', version=MavenVersion(string='5.5.34')))), fixed_version=None)], references=[Reference(reference_id='CVE-2011-2729', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2729', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1159346', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2011-3190'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='5.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='5.5.33')), VersionConstraint(comparator='!=', version=SemverVersion(string='5.5.34')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='5.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='5.5.33')), VersionConstraint(comparator='!=', version=MavenVersion(string='5.5.34')))), fixed_version=None)], references=[Reference(reference_id='CVE-2011-3190', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3190', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1162960', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2011-0013'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='5.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='5.5.31')), VersionConstraint(comparator='!=', version=SemverVersion(string='5.5.32')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='5.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='5.5.31')), VersionConstraint(comparator='!=', version=MavenVersion(string='5.5.32')))), fixed_version=None)], references=[Reference(reference_id='CVE-2011-0013', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0013', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1057518', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2010-3718'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='5.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='5.5.29')), VersionConstraint(comparator='!=', version=SemverVersion(string='5.5.30')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='5.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='5.5.29')), VersionConstraint(comparator='!=', version=MavenVersion(string='5.5.30')))), fixed_version=None)], references=[Reference(reference_id='CVE-2010-3718', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3718', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=1027610', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2010-2227'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='5.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='5.5.29')), VersionConstraint(comparator='!=', version=SemverVersion(string='5.5.30')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='5.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='5.5.29')), VersionConstraint(comparator='!=', version=MavenVersion(string='5.5.30')))), fixed_version=None)], references=[Reference(reference_id='CVE-2010-2227', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2227', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=959428', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2010-1157'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='5.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='5.5.29')), VersionConstraint(comparator='!=', version=SemverVersion(string='5.5.30')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='5.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='5.5.29')), VersionConstraint(comparator='!=', version=MavenVersion(string='5.5.30')))), fixed_version=None)], references=[Reference(reference_id='CVE-2010-1157', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1157', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=936541', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2009-2693'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='5.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='5.5.28')), VersionConstraint(comparator='!=', version=SemverVersion(string='5.5.29')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='5.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='5.5.28')), VersionConstraint(comparator='!=', version=MavenVersion(string='5.5.29')))), fixed_version=None)], references=[Reference(reference_id='CVE-2009-2693', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2693', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=902650', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2009-2901'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='5.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='5.5.28')), VersionConstraint(comparator='!=', version=SemverVersion(string='5.5.29')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='5.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='5.5.28')), VersionConstraint(comparator='!=', version=MavenVersion(string='5.5.29')))), fixed_version=None)], references=[Reference(reference_id='CVE-2009-2901', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2901', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=902650', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2009-2902'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='5.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='5.5.28')), VersionConstraint(comparator='!=', version=SemverVersion(string='5.5.29')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='5.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='5.5.28')), VersionConstraint(comparator='!=', version=MavenVersion(string='5.5.29')))), fixed_version=None)], references=[Reference(reference_id='CVE-2009-2902', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2902', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=902650', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2009-3548'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='5.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='5.5.28')), VersionConstraint(comparator='!=', version=SemverVersion(string='5.5.29')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='5.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='5.5.28')), VersionConstraint(comparator='!=', version=MavenVersion(string='5.5.29')))), fixed_version=None)], references=[Reference(reference_id='CVE-2009-3548', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3548', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=919006', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2008-5515'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='5.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='5.5.27')), VersionConstraint(comparator='!=', version=SemverVersion(string='5.5.28')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='5.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='5.5.27')), VersionConstraint(comparator='!=', version=MavenVersion(string='5.5.28')))), fixed_version=None)], references=[Reference(reference_id='CVE-2008-5515', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5515', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=782757', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=783291', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2009-0033'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='5.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='5.5.27')), VersionConstraint(comparator='!=', version=SemverVersion(string='5.5.28')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='5.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='5.5.27')), VersionConstraint(comparator='!=', version=MavenVersion(string='5.5.28')))), fixed_version=None)], references=[Reference(reference_id='CVE-2009-0033', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0033', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=781362', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2009-0580'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='5.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='5.5.27')), VersionConstraint(comparator='!=', version=SemverVersion(string='5.5.28')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='5.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='5.5.27')), VersionConstraint(comparator='!=', version=MavenVersion(string='5.5.28')))), fixed_version=None)], references=[Reference(reference_id='CVE-2009-0580', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0580', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=781379', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2009-0781'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='5.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='5.5.27')), VersionConstraint(comparator='!=', version=SemverVersion(string='5.5.28')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='5.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='5.5.27')), VersionConstraint(comparator='!=', version=MavenVersion(string='5.5.28')))), fixed_version=None)], references=[Reference(reference_id='CVE-2009-0781', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0781', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=750928', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2009-0783'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='5.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='5.5.27')), VersionConstraint(comparator='!=', version=SemverVersion(string='5.5.28')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='5.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='5.5.27')), VersionConstraint(comparator='!=', version=MavenVersion(string='5.5.28')))), fixed_version=None)], references=[Reference(reference_id='CVE-2009-0783', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0783', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=681156', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=781542', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2008-1232'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='5.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='5.5.26')), VersionConstraint(comparator='!=', version=SemverVersion(string='5.5.27')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='5.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='5.5.26')), VersionConstraint(comparator='!=', version=MavenVersion(string='5.5.27')))), fixed_version=None)], references=[Reference(reference_id='CVE-2008-1232', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1232', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=680947', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2008-1947'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='5.5.9')), VersionConstraint(comparator='<=', version=SemverVersion(string='5.5.26')), VersionConstraint(comparator='!=', version=SemverVersion(string='5.5.27')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='5.5.9')), VersionConstraint(comparator='<=', version=MavenVersion(string='5.5.26')), VersionConstraint(comparator='!=', version=MavenVersion(string='5.5.27')))), fixed_version=None)], references=[Reference(reference_id='CVE-2008-1947', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1947', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=662583', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2008-2370'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='5.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='5.5.26')), VersionConstraint(comparator='!=', version=SemverVersion(string='5.5.27')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='5.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='5.5.26')), VersionConstraint(comparator='!=', version=MavenVersion(string='5.5.27')))), fixed_version=None)], references=[Reference(reference_id='CVE-2008-2370', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2370', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=680949', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2007-5333'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='5.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='5.5.25')), VersionConstraint(comparator='!=', version=SemverVersion(string='5.5.26')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='5.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='5.5.25')), VersionConstraint(comparator='!=', version=MavenVersion(string='5.5.26')))), fixed_version=None)], references=[Reference(reference_id='CVE-2007-5333', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5333', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2007-5342'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='5.5.9')), VersionConstraint(comparator='<=', version=SemverVersion(string='5.5.25')), VersionConstraint(comparator='!=', version=SemverVersion(string='5.5.26')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='5.5.9')), VersionConstraint(comparator='<=', version=MavenVersion(string='5.5.25')), VersionConstraint(comparator='!=', version=MavenVersion(string='5.5.26')))), fixed_version=None)], references=[Reference(reference_id='CVE-2007-5342', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5342', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2007-5461'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='5.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='5.5.25')), VersionConstraint(comparator='!=', version=SemverVersion(string='5.5.26')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='5.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='5.5.25')), VersionConstraint(comparator='!=', version=MavenVersion(string='5.5.26')))), fixed_version=None)], references=[Reference(reference_id='CVE-2007-5461', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5461', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2007-6286'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='5.5.11')), VersionConstraint(comparator='<=', version=SemverVersion(string='5.5.25')), VersionConstraint(comparator='!=', version=SemverVersion(string='5.5.26')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='5.5.11')), VersionConstraint(comparator='<=', version=MavenVersion(string='5.5.25')), VersionConstraint(comparator='!=', version=MavenVersion(string='5.5.26')))), fixed_version=None)], references=[Reference(reference_id='CVE-2007-6286', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6286', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2007-2449'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='5.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='5.0.30')), VersionConstraint(comparator='>=', version=SemverVersion(string='5.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='5.5.24')), VersionConstraint(comparator='!=', version=SemverVersion(string='5.5.25,')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='5.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='5.0.30')), VersionConstraint(comparator='>=', version=MavenVersion(string='5.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='5.5.24')), VersionConstraint(comparator='!=', version=MavenVersion(string='5.5.25,')))), fixed_version=None)], references=[Reference(reference_id='CVE-2007-2449', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2449', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2007-2450'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='5.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='5.0.30')), VersionConstraint(comparator='>=', version=SemverVersion(string='5.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='5.5.24')), VersionConstraint(comparator='!=', version=SemverVersion(string='5.5.25,')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='5.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='5.0.30')), VersionConstraint(comparator='>=', version=MavenVersion(string='5.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='5.5.24')), VersionConstraint(comparator='!=', version=MavenVersion(string='5.5.25,')))), fixed_version=None)], references=[Reference(reference_id='CVE-2007-2450', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2450', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2007-3382'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='5.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='5.0.30')), VersionConstraint(comparator='>=', version=SemverVersion(string='5.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='5.5.24')), VersionConstraint(comparator='!=', version=SemverVersion(string='5.5.25,')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='5.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='5.0.30')), VersionConstraint(comparator='>=', version=MavenVersion(string='5.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='5.5.24')), VersionConstraint(comparator='!=', version=MavenVersion(string='5.5.25,')))), fixed_version=None)], references=[Reference(reference_id='CVE-2007-3382', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3382', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2007-3385'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='5.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='5.0.30')), VersionConstraint(comparator='>=', version=SemverVersion(string='5.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='5.5.24')), VersionConstraint(comparator='!=', version=SemverVersion(string='5.5.25,')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='5.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='5.0.30')), VersionConstraint(comparator='>=', version=MavenVersion(string='5.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='5.5.24')), VersionConstraint(comparator='!=', version=MavenVersion(string='5.5.25,')))), fixed_version=None)], references=[Reference(reference_id='CVE-2007-3385', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3385', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2007-3386'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='5.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='5.5.24')), VersionConstraint(comparator='!=', version=SemverVersion(string='5.5.25,')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='5.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='5.5.24')), VersionConstraint(comparator='!=', version=MavenVersion(string='5.5.25,')))), fixed_version=None)], references=[Reference(reference_id='CVE-2007-3386', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3386', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2007-1355'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='5.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='5.0.30')), VersionConstraint(comparator='>=', version=SemverVersion(string='5.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='5.5.23')), VersionConstraint(comparator='!=', version=SemverVersion(string='5.5.24,')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='5.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='5.0.30')), VersionConstraint(comparator='>=', version=MavenVersion(string='5.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='5.5.23')), VersionConstraint(comparator='!=', version=MavenVersion(string='5.5.24,')))), fixed_version=None)], references=[Reference(reference_id='CVE-2007-1355', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1355', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Moderate', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2005-2090'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='5.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='5.0.30')), VersionConstraint(comparator='>=', version=SemverVersion(string='5.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='5.5.22')), VersionConstraint(comparator='!=', version=SemverVersion(string='5.5.23,')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='5.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='5.0.30')), VersionConstraint(comparator='>=', version=MavenVersion(string='5.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='5.5.22')), VersionConstraint(comparator='!=', version=MavenVersion(string='5.5.23,')))), fixed_version=None)], references=[Reference(reference_id='CVE-2005-2090', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2090', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2007-0450'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='5.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='5.0.30')), VersionConstraint(comparator='>=', version=SemverVersion(string='5.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='5.5.21')), VersionConstraint(comparator='!=', version=SemverVersion(string='5.5.22,')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='5.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='5.0.30')), VersionConstraint(comparator='>=', version=MavenVersion(string='5.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='5.5.21')), VersionConstraint(comparator='!=', version=MavenVersion(string='5.5.22,')))), fixed_version=None)], references=[Reference(reference_id='CVE-2007-0450', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0450', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2007-1358'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='5.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='5.0.30')), VersionConstraint(comparator='>=', version=SemverVersion(string='5.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='5.5.20')), VersionConstraint(comparator='!=', version=SemverVersion(string='5.5.21,')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='5.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='5.0.30')), VersionConstraint(comparator='>=', version=MavenVersion(string='5.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='5.5.20')), VersionConstraint(comparator='!=', version=MavenVersion(string='5.5.21,')))), fixed_version=None)], references=[Reference(reference_id='CVE-2007-1358', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1358', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2008-0128'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='5.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='5.0.SVN')), VersionConstraint(comparator='>=', version=SemverVersion(string='5.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='5.5.20')), VersionConstraint(comparator='!=', version=SemverVersion(string='5.5.21')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='5.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='5.0.SVN')), VersionConstraint(comparator='>=', version=MavenVersion(string='5.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='5.5.20')), VersionConstraint(comparator='!=', version=MavenVersion(string='5.5.21')))), fixed_version=None)], references=[Reference(reference_id='CVE-2008-0128', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0128', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Moderate', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2008-4308'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='5.5.10')), VersionConstraint(comparator='<=', version=SemverVersion(string='5.5.20')), VersionConstraint(comparator='!=', version=SemverVersion(string='5.5.21')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='5.5.10')), VersionConstraint(comparator='<=', version=MavenVersion(string='5.5.20')), VersionConstraint(comparator='!=', version=MavenVersion(string='5.5.21')))), fixed_version=None)], references=[Reference(reference_id='CVE-2008-4308', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4308', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2006-7195'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='5.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='5.0.30')), VersionConstraint(comparator='>=', version=SemverVersion(string='5.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='5.5.17')), VersionConstraint(comparator='!=', version=SemverVersion(string='5.5.18,')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='5.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='5.0.30')), VersionConstraint(comparator='>=', version=MavenVersion(string='5.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='5.5.17')), VersionConstraint(comparator='!=', version=MavenVersion(string='5.5.18,')))), fixed_version=None)], references=[Reference(reference_id='CVE-2006-7195', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7195', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Moderate', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2007-1858'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='5.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='5.0.30')), VersionConstraint(comparator='>=', version=SemverVersion(string='5.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='5.5.16')), VersionConstraint(comparator='!=', version=SemverVersion(string='5.5.17,')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='5.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='5.0.30')), VersionConstraint(comparator='>=', version=MavenVersion(string='5.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='5.5.16')), VersionConstraint(comparator='!=', version=MavenVersion(string='5.5.17,')))), fixed_version=None)], references=[Reference(reference_id='CVE-2007-1858', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1858', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2006-7196'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='5.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='5.0.30')), VersionConstraint(comparator='>=', version=SemverVersion(string='5.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='5.5.15')), VersionConstraint(comparator='!=', version=SemverVersion(string='5.5.16,')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='5.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='5.0.30')), VersionConstraint(comparator='>=', version=MavenVersion(string='5.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='5.5.15')), VersionConstraint(comparator='!=', version=MavenVersion(string='5.5.16,')))), fixed_version=None)], references=[Reference(reference_id='CVE-2006-7196', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7196', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2006-3835'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='5.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='5.0.30')), VersionConstraint(comparator='>=', version=SemverVersion(string='5.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='5.5.12')), VersionConstraint(comparator='!=', version=SemverVersion(string='5.5.13,')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='5.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='5.0.30')), VersionConstraint(comparator='>=', version=MavenVersion(string='5.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='5.5.12')), VersionConstraint(comparator='!=', version=MavenVersion(string='5.5.13,')))), fixed_version=None)], references=[Reference(reference_id='CVE-2006-3835', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3835', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2005-3510'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='5.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='5.0.30')), VersionConstraint(comparator='>=', version=SemverVersion(string='5.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='5.5.12')), VersionConstraint(comparator='!=', version=SemverVersion(string='5.5.13,')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='5.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='5.0.30')), VersionConstraint(comparator='>=', version=MavenVersion(string='5.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='5.5.12')), VersionConstraint(comparator='!=', version=MavenVersion(string='5.5.13,')))), fixed_version=None)], references=[Reference(reference_id='CVE-2005-3510', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3510', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2005-4838'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='5.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='5.0.30')), VersionConstraint(comparator='>=', version=SemverVersion(string='5.5.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='5.5.6')), VersionConstraint(comparator='!=', version=SemverVersion(string='5.5.7,')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='5.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='5.0.30')), VersionConstraint(comparator='>=', version=MavenVersion(string='5.5.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='5.5.6')), VersionConstraint(comparator='!=', version=MavenVersion(string='5.5.7,')))), fixed_version=None)], references=[Reference(reference_id='CVE-2005-4838', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4838', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2008-3271'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='=', version=SemverVersion(string='5.5.0')), VersionConstraint(comparator='!=', version=SemverVersion(string='5.5.1')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='=', version=MavenVersion(string='5.5.0')), VersionConstraint(comparator='!=', version=MavenVersion(string='5.5.1')))), fixed_version=None)], references=[Reference(reference_id='CVE-2008-3271', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3271', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2005-4836'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='<=', version=SemverVersion(string='4.1.SVN')), VersionConstraint(comparator='>=', version=SemverVersion(string='4.1.15')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='<=', version=MavenVersion(string='4.1.SVN')), VersionConstraint(comparator='>=', version=MavenVersion(string='4.1.15')))), fixed_version=None)], references=[Reference(reference_id='CVE-2005-4836', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4836', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Moderate', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2008-5515'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='4.1.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='4.1.39')), VersionConstraint(comparator='!=', version=SemverVersion(string='4.1.40')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='4.1.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='4.1.39')), VersionConstraint(comparator='!=', version=MavenVersion(string='4.1.40')))), fixed_version=None)], references=[Reference(reference_id='CVE-2008-5515', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5515', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=782763', severities=[]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=783292', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2009-0033'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='4.1.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='4.1.39')), VersionConstraint(comparator='!=', version=SemverVersion(string='4.1.40')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='4.1.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='4.1.39')), VersionConstraint(comparator='!=', version=MavenVersion(string='4.1.40')))), fixed_version=None)], references=[Reference(reference_id='CVE-2009-0033', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0033', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=781362', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2009-0580'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='4.1.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='4.1.39')), VersionConstraint(comparator='!=', version=SemverVersion(string='4.1.40')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='4.1.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='4.1.39')), VersionConstraint(comparator='!=', version=MavenVersion(string='4.1.40')))), fixed_version=None)], references=[Reference(reference_id='CVE-2009-0580', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0580', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=781382', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2009-0781'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='4.1.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='4.1.39')), VersionConstraint(comparator='!=', version=SemverVersion(string='4.1.40')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='4.1.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='4.1.39')), VersionConstraint(comparator='!=', version=MavenVersion(string='4.1.40')))), fixed_version=None)], references=[Reference(reference_id='CVE-2009-0781', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0781', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=750927', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2009-0783'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='4.1.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='4.1.39')), VersionConstraint(comparator='!=', version=SemverVersion(string='4.1.40')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='4.1.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='4.1.39')), VersionConstraint(comparator='!=', version=MavenVersion(string='4.1.40')))), fixed_version=None)], references=[Reference(reference_id='CVE-2009-0783', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0783', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=781708', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2008-0128'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='4.1.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='4.1.37')), VersionConstraint(comparator='!=', version=SemverVersion(string='4.1.39')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='4.1.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='4.1.37')), VersionConstraint(comparator='!=', version=MavenVersion(string='4.1.39')))), fixed_version=None)], references=[Reference(reference_id='CVE-2008-0128', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0128', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Moderate', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=684900', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2008-1232'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='4.1.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='4.1.37')), VersionConstraint(comparator='!=', version=SemverVersion(string='4.1.39')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='4.1.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='4.1.37')), VersionConstraint(comparator='!=', version=MavenVersion(string='4.1.39')))), fixed_version=None)], references=[Reference(reference_id='CVE-2008-1232', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1232', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=680947', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2008-2370'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='4.1.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='4.1.37')), VersionConstraint(comparator='!=', version=SemverVersion(string='4.1.39')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='4.1.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='4.1.37')), VersionConstraint(comparator='!=', version=MavenVersion(string='4.1.39')))), fixed_version=None)], references=[Reference(reference_id='CVE-2008-2370', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2370', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')]), Reference(reference_id='', url='https://svn.apache.org/viewvc?view=rev&rev=680950', severities=[])], date_published=None) -AdvisoryData(aliases=['CVE-2005-3164'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='4.0.1')), VersionConstraint(comparator='<=', version=SemverVersion(string='4.0.6')), VersionConstraint(comparator='>=', version=SemverVersion(string='4.1.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='4.1.36')), VersionConstraint(comparator='!=', version=SemverVersion(string='4.1.37')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='4.0.1')), VersionConstraint(comparator='<=', version=MavenVersion(string='4.0.6')), VersionConstraint(comparator='>=', version=MavenVersion(string='4.1.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='4.1.36')), VersionConstraint(comparator='!=', version=MavenVersion(string='4.1.37')))), fixed_version=None)], references=[Reference(reference_id='CVE-2005-3164', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3164', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2007-1355'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='4.0.1')), VersionConstraint(comparator='<=', version=SemverVersion(string='4.0.6')), VersionConstraint(comparator='>=', version=SemverVersion(string='4.1.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='4.1.36')), VersionConstraint(comparator='!=', version=SemverVersion(string='4.1.37')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='4.0.1')), VersionConstraint(comparator='<=', version=MavenVersion(string='4.0.6')), VersionConstraint(comparator='>=', version=MavenVersion(string='4.1.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='4.1.36')), VersionConstraint(comparator='!=', version=MavenVersion(string='4.1.37')))), fixed_version=None)], references=[Reference(reference_id='CVE-2007-1355', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1355', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Moderate', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2007-2449'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='4.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='4.0.6')), VersionConstraint(comparator='>=', version=SemverVersion(string='4.1.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='4.1.36')), VersionConstraint(comparator='!=', version=SemverVersion(string='4.1.37')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='4.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='4.0.6')), VersionConstraint(comparator='>=', version=MavenVersion(string='4.1.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='4.1.36')), VersionConstraint(comparator='!=', version=MavenVersion(string='4.1.37')))), fixed_version=None)], references=[Reference(reference_id='CVE-2007-2449', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2449', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2007-2450'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='4.0.1')), VersionConstraint(comparator='<=', version=SemverVersion(string='4.0.6')), VersionConstraint(comparator='>=', version=SemverVersion(string='4.1.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='4.1.36')), VersionConstraint(comparator='!=', version=SemverVersion(string='4.1.37')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='4.0.1')), VersionConstraint(comparator='<=', version=MavenVersion(string='4.0.6')), VersionConstraint(comparator='>=', version=MavenVersion(string='4.1.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='4.1.36')), VersionConstraint(comparator='!=', version=MavenVersion(string='4.1.37')))), fixed_version=None)], references=[Reference(reference_id='CVE-2007-2450', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2450', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2007-3382'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='4.1.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='4.1.36')), VersionConstraint(comparator='!=', version=SemverVersion(string='4.1.37')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='4.1.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='4.1.36')), VersionConstraint(comparator='!=', version=MavenVersion(string='4.1.37')))), fixed_version=None)], references=[Reference(reference_id='CVE-2007-3382', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3382', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2007-3383'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='4.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='4.0.6')), VersionConstraint(comparator='>=', version=SemverVersion(string='4.1.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='4.1.36')), VersionConstraint(comparator='!=', version=SemverVersion(string='4.1.37')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='4.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='4.0.6')), VersionConstraint(comparator='>=', version=MavenVersion(string='4.1.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='4.1.36')), VersionConstraint(comparator='!=', version=MavenVersion(string='4.1.37')))), fixed_version=None)], references=[Reference(reference_id='CVE-2007-3383', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3383', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2007-3385'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='4.1.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='4.1.36')), VersionConstraint(comparator='!=', version=SemverVersion(string='4.1.37')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='4.1.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='4.1.36')), VersionConstraint(comparator='!=', version=MavenVersion(string='4.1.37')))), fixed_version=None)], references=[Reference(reference_id='CVE-2007-3385', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3385', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2007-5333'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='4.1.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='4.1.36')), VersionConstraint(comparator='!=', version=SemverVersion(string='4.1.37')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='4.1.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='4.1.36')), VersionConstraint(comparator='!=', version=MavenVersion(string='4.1.37')))), fixed_version=None)], references=[Reference(reference_id='CVE-2007-5333', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5333', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2007-5461'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='4.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='4.0.6')), VersionConstraint(comparator='>=', version=SemverVersion(string='4.1.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='4.1.36')), VersionConstraint(comparator='!=', version=SemverVersion(string='4.1.37')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='4.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='4.0.6')), VersionConstraint(comparator='>=', version=MavenVersion(string='4.1.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='4.1.36')), VersionConstraint(comparator='!=', version=MavenVersion(string='4.1.37')))), fixed_version=None)], references=[Reference(reference_id='CVE-2007-5461', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5461', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2005-2090'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='4.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='4.0.6')), VersionConstraint(comparator='>=', version=SemverVersion(string='4.1.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='4.1.34')), VersionConstraint(comparator='!=', version=SemverVersion(string='4.1.36')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='4.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='4.0.6')), VersionConstraint(comparator='>=', version=MavenVersion(string='4.1.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='4.1.34')), VersionConstraint(comparator='!=', version=MavenVersion(string='4.1.36')))), fixed_version=None)], references=[Reference(reference_id='CVE-2005-2090', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2090', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2007-0450'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='4.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='4.0.6')), VersionConstraint(comparator='>=', version=SemverVersion(string='4.1.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='4.1.34')), VersionConstraint(comparator='!=', version=SemverVersion(string='4.1.36')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='4.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='4.0.6')), VersionConstraint(comparator='>=', version=MavenVersion(string='4.1.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='4.1.34')), VersionConstraint(comparator='!=', version=MavenVersion(string='4.1.36')))), fixed_version=None)], references=[Reference(reference_id='CVE-2007-0450', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0450', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2007-1358'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='4.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='4.0.6')), VersionConstraint(comparator='>=', version=SemverVersion(string='4.1.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='4.1.34')), VersionConstraint(comparator='!=', version=SemverVersion(string='4.1.36')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='4.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='4.0.6')), VersionConstraint(comparator='>=', version=MavenVersion(string='4.1.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='4.1.34')), VersionConstraint(comparator='!=', version=MavenVersion(string='4.1.36')))), fixed_version=None)], references=[Reference(reference_id='CVE-2007-1358', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1358', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2008-4308'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='4.1.32')), VersionConstraint(comparator='<=', version=SemverVersion(string='4.1.34')), VersionConstraint(comparator='!=', version=SemverVersion(string='4.1.35')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='4.1.32')), VersionConstraint(comparator='<=', version=MavenVersion(string='4.1.34')), VersionConstraint(comparator='!=', version=MavenVersion(string='4.1.35')))), fixed_version=None)], references=[Reference(reference_id='CVE-2008-4308', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4308', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2008-3271'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='4.1.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='4.1.31')), VersionConstraint(comparator='!=', version=SemverVersion(string='4.1.32')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='4.1.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='4.1.31')), VersionConstraint(comparator='!=', version=MavenVersion(string='4.1.32')))), fixed_version=None)], references=[Reference(reference_id='CVE-2008-3271', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3271', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2007-1858'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='4.1.28')), VersionConstraint(comparator='<=', version=SemverVersion(string='4.1.31')), VersionConstraint(comparator='!=', version=SemverVersion(string='4.1.32')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='4.1.28')), VersionConstraint(comparator='<=', version=MavenVersion(string='4.1.31')), VersionConstraint(comparator='!=', version=MavenVersion(string='4.1.32')))), fixed_version=None)], references=[Reference(reference_id='CVE-2007-1858', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1858', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2006-7196'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='4.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='4.0.6')), VersionConstraint(comparator='>=', version=SemverVersion(string='4.1.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='4.1.31')), VersionConstraint(comparator='!=', version=SemverVersion(string='4.1.32')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='4.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='4.0.6')), VersionConstraint(comparator='>=', version=MavenVersion(string='4.1.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='4.1.31')), VersionConstraint(comparator='!=', version=MavenVersion(string='4.1.32')))), fixed_version=None)], references=[Reference(reference_id='CVE-2006-7196', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7196', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2006-3835'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='4.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='4.0.6')), VersionConstraint(comparator='>=', version=SemverVersion(string='4.1.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='4.1.31')), VersionConstraint(comparator='!=', version=SemverVersion(string='4.1.32')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='4.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='4.0.6')), VersionConstraint(comparator='>=', version=MavenVersion(string='4.1.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='4.1.31')), VersionConstraint(comparator='!=', version=MavenVersion(string='4.1.32')))), fixed_version=None)], references=[Reference(reference_id='CVE-2006-3835', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3835', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2005-4838'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='4.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='4.0.6')), VersionConstraint(comparator='>=', version=SemverVersion(string='4.1.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='4.1.31')), VersionConstraint(comparator='!=', version=SemverVersion(string='4.1.32')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='4.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='4.0.6')), VersionConstraint(comparator='>=', version=MavenVersion(string='4.1.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='4.1.31')), VersionConstraint(comparator='!=', version=MavenVersion(string='4.1.32')))), fixed_version=None)], references=[Reference(reference_id='CVE-2005-4838', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4838', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2005-3510'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='4.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='4.0.6')), VersionConstraint(comparator='>=', version=SemverVersion(string='4.1.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='4.1.31')), VersionConstraint(comparator='!=', version=SemverVersion(string='4.1.32')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='4.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='4.0.6')), VersionConstraint(comparator='>=', version=MavenVersion(string='4.1.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='4.1.31')), VersionConstraint(comparator='!=', version=MavenVersion(string='4.1.32')))), fixed_version=None)], references=[Reference(reference_id='CVE-2005-3510', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3510', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2002-1567'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='4.1.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='4.1.28')), VersionConstraint(comparator='!=', version=SemverVersion(string='4.1.29')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='4.1.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='4.1.28')), VersionConstraint(comparator='!=', version=MavenVersion(string='4.1.29')))), fixed_version=None)], references=[Reference(reference_id='CVE-2002-1567', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1567', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Moderate', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2002-1394'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='4.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='4.0.5')), VersionConstraint(comparator='>=', version=SemverVersion(string='4.1.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='4.1.12')), VersionConstraint(comparator='!=', version=SemverVersion(string='4.1.13,')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='4.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='4.0.5')), VersionConstraint(comparator='>=', version=MavenVersion(string='4.1.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='4.1.12')), VersionConstraint(comparator='!=', version=MavenVersion(string='4.1.13,')))), fixed_version=None)], references=[Reference(reference_id='CVE-2002-1394', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1394', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2002-0682'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='4.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='4.0.5')), VersionConstraint(comparator='>=', version=SemverVersion(string='4.1.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='4.1.12')), VersionConstraint(comparator='!=', version=SemverVersion(string='4.1.13,')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='4.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='4.0.5')), VersionConstraint(comparator='>=', version=MavenVersion(string='4.1.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='4.1.12')), VersionConstraint(comparator='!=', version=MavenVersion(string='4.1.13,')))), fixed_version=None)], references=[Reference(reference_id='CVE-2002-0682', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0682', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Moderate', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2002-1148'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='4.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='4.0.4')), VersionConstraint(comparator='>=', version=SemverVersion(string='4.1.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='4.1.11')), VersionConstraint(comparator='!=', version=SemverVersion(string='4.1.12,')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='4.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='4.0.4')), VersionConstraint(comparator='>=', version=MavenVersion(string='4.1.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='4.1.11')), VersionConstraint(comparator='!=', version=MavenVersion(string='4.1.12,')))), fixed_version=None)], references=[Reference(reference_id='CVE-2002-1148', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1148', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2002-0935'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='4.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='4.0.2')), VersionConstraint(comparator='=', version=SemverVersion(string='4.0.3')), VersionConstraint(comparator='>=', version=SemverVersion(string='4.0.4')), VersionConstraint(comparator='<=', version=SemverVersion(string='4.0.6')), VersionConstraint(comparator='>=', version=SemverVersion(string='4.1.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='4.1.2')), VersionConstraint(comparator='!=', version=SemverVersion(string='4.1.3')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='4.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='4.0.2')), VersionConstraint(comparator='=', version=MavenVersion(string='4.0.3')), VersionConstraint(comparator='>=', version=MavenVersion(string='4.0.4')), VersionConstraint(comparator='<=', version=MavenVersion(string='4.0.6')), VersionConstraint(comparator='>=', version=MavenVersion(string='4.1.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='4.1.2')), VersionConstraint(comparator='!=', version=MavenVersion(string='4.1.3')))), fixed_version=None)], references=[Reference(reference_id='CVE-2002-0935', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0935', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2003-0866'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='4.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='4.0.6')), VersionConstraint(comparator='!=', version=SemverVersion(string='4.1.0')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='4.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='4.0.6')), VersionConstraint(comparator='!=', version=MavenVersion(string='4.1.0')))), fixed_version=None)], references=[Reference(reference_id='CVE-2003-0866', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0866', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2002-2006'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='4.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='4.0.6')), VersionConstraint(comparator='!=', version=SemverVersion(string='4.1.0')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='4.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='4.0.6')), VersionConstraint(comparator='!=', version=MavenVersion(string='4.1.0')))), fixed_version=None)], references=[Reference(reference_id='CVE-2002-2006', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2006', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2002-2009'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='4.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='4.0.1')), VersionConstraint(comparator='!=', version=SemverVersion(string='4.0.2')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='4.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='4.0.1')), VersionConstraint(comparator='!=', version=MavenVersion(string='4.0.2')))), fixed_version=None)], references=[Reference(reference_id='CVE-2002-2009', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2009', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2001-0917'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='4.0.0')), VersionConstraint(comparator='<=', version=SemverVersion(string='4.0.1')), VersionConstraint(comparator='!=', version=SemverVersion(string='4.0.2')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='4.0.0')), VersionConstraint(comparator='<=', version=MavenVersion(string='4.0.1')), VersionConstraint(comparator='!=', version=MavenVersion(string='4.0.2')))), fixed_version=None)], references=[Reference(reference_id='CVE-2001-0917', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0917', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2002-0493'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='!=', version=SemverVersion(string='4.0.0')), VersionConstraint(comparator='<', version=SemverVersion(string='4.0.0')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='!=', version=MavenVersion(string='4.0.0')), VersionConstraint(comparator='<', version=MavenVersion(string='4.0.0')))), fixed_version=None)], references=[Reference(reference_id='CVE-2002-0493', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0493', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Moderate', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2005-0808'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='=', version=SemverVersion(string='3.0')), VersionConstraint(comparator='>=', version=SemverVersion(string='3.1')), VersionConstraint(comparator='<=', version=SemverVersion(string='3.1.1')), VersionConstraint(comparator='>=', version=SemverVersion(string='3.2')), VersionConstraint(comparator='<=', version=SemverVersion(string='3.2.4')), VersionConstraint(comparator='>=', version=SemverVersion(string='3.3a')), VersionConstraint(comparator='<=', version=SemverVersion(string='3.3.2')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='=', version=MavenVersion(string='3.0')), VersionConstraint(comparator='>=', version=MavenVersion(string='3.1')), VersionConstraint(comparator='<=', version=MavenVersion(string='3.1.1')), VersionConstraint(comparator='>=', version=MavenVersion(string='3.2')), VersionConstraint(comparator='<=', version=MavenVersion(string='3.2.4')), VersionConstraint(comparator='>=', version=MavenVersion(string='3.3a')), VersionConstraint(comparator='<=', version=MavenVersion(string='3.3.2')))), fixed_version=None)], references=[Reference(reference_id='CVE-2005-0808', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0808', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2007-3382'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='3.3')), VersionConstraint(comparator='<=', version=SemverVersion(string='3.3.2')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='3.3')), VersionConstraint(comparator='<=', version=MavenVersion(string='3.3.2')))), fixed_version=None)], references=[Reference(reference_id='CVE-2007-3382', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3382', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2007-3384'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='3.3')), VersionConstraint(comparator='<=', version=SemverVersion(string='3.3.2')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='3.3')), VersionConstraint(comparator='<=', version=MavenVersion(string='3.3.2')))), fixed_version=None)], references=[Reference(reference_id='CVE-2007-3384', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3384', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2007-3385'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='3.3')), VersionConstraint(comparator='<=', version=SemverVersion(string='3.3.2')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='3.3')), VersionConstraint(comparator='<=', version=MavenVersion(string='3.3.2')))), fixed_version=None)], references=[Reference(reference_id='CVE-2007-3385', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3385', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2003-0044'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='=', version=SemverVersion(string='3.0')), VersionConstraint(comparator='>=', version=SemverVersion(string='3.1')), VersionConstraint(comparator='<=', version=SemverVersion(string='3.1.1')), VersionConstraint(comparator='>=', version=SemverVersion(string='3.2')), VersionConstraint(comparator='<=', version=SemverVersion(string='3.2.4')), VersionConstraint(comparator='>=', version=SemverVersion(string='3.3a')), VersionConstraint(comparator='<=', version=SemverVersion(string='3.3.1a')), VersionConstraint(comparator='!=', version=SemverVersion(string='3.3.2')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='=', version=MavenVersion(string='3.0')), VersionConstraint(comparator='>=', version=MavenVersion(string='3.1')), VersionConstraint(comparator='<=', version=MavenVersion(string='3.1.1')), VersionConstraint(comparator='>=', version=MavenVersion(string='3.2')), VersionConstraint(comparator='<=', version=MavenVersion(string='3.2.4')), VersionConstraint(comparator='>=', version=MavenVersion(string='3.3a')), VersionConstraint(comparator='<=', version=MavenVersion(string='3.3.1a')), VersionConstraint(comparator='!=', version=MavenVersion(string='3.3.2')))), fixed_version=None)], references=[Reference(reference_id='CVE-2003-0044', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0044', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Moderate', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2003-0043'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='=', version=SemverVersion(string='3.0')), VersionConstraint(comparator='>=', version=SemverVersion(string='3.1')), VersionConstraint(comparator='<=', version=SemverVersion(string='3.1.1')), VersionConstraint(comparator='>=', version=SemverVersion(string='3.2')), VersionConstraint(comparator='<=', version=SemverVersion(string='3.2.4')), VersionConstraint(comparator='>=', version=SemverVersion(string='3.3a')), VersionConstraint(comparator='!=', version=SemverVersion(string='3.3.1a')), VersionConstraint(comparator='<=', version=SemverVersion(string='3.3.1')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='=', version=MavenVersion(string='3.0')), VersionConstraint(comparator='>=', version=MavenVersion(string='3.1')), VersionConstraint(comparator='<=', version=MavenVersion(string='3.1.1')), VersionConstraint(comparator='>=', version=MavenVersion(string='3.2')), VersionConstraint(comparator='<=', version=MavenVersion(string='3.2.4')), VersionConstraint(comparator='>=', version=MavenVersion(string='3.3a')), VersionConstraint(comparator='<=', version=MavenVersion(string='3.3.1')), VersionConstraint(comparator='!=', version=MavenVersion(string='3.3.1a')))), fixed_version=None)], references=[Reference(reference_id='CVE-2003-0043', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0043', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2003-0042'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='=', version=SemverVersion(string='3.0')), VersionConstraint(comparator='>=', version=SemverVersion(string='3.1')), VersionConstraint(comparator='<=', version=SemverVersion(string='3.1.1')), VersionConstraint(comparator='>=', version=SemverVersion(string='3.2')), VersionConstraint(comparator='<=', version=SemverVersion(string='3.2.4')), VersionConstraint(comparator='>=', version=SemverVersion(string='3.3a')), VersionConstraint(comparator='!=', version=SemverVersion(string='3.3.1a')), VersionConstraint(comparator='<=', version=SemverVersion(string='3.3.1')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='=', version=MavenVersion(string='3.0')), VersionConstraint(comparator='>=', version=MavenVersion(string='3.1')), VersionConstraint(comparator='<=', version=MavenVersion(string='3.1.1')), VersionConstraint(comparator='>=', version=MavenVersion(string='3.2')), VersionConstraint(comparator='<=', version=MavenVersion(string='3.2.4')), VersionConstraint(comparator='>=', version=MavenVersion(string='3.3a')), VersionConstraint(comparator='<=', version=MavenVersion(string='3.3.1')), VersionConstraint(comparator='!=', version=MavenVersion(string='3.3.1a')))), fixed_version=None)], references=[Reference(reference_id='CVE-2003-0042', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0042', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2003-0045'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='=', version=SemverVersion(string='3.0')), VersionConstraint(comparator='>=', version=SemverVersion(string='3.1')), VersionConstraint(comparator='<=', version=SemverVersion(string='3.1.1')), VersionConstraint(comparator='>=', version=SemverVersion(string='3.2')), VersionConstraint(comparator='<=', version=SemverVersion(string='3.2.4')), VersionConstraint(comparator='=', version=SemverVersion(string='3.3a')), VersionConstraint(comparator='!=', version=SemverVersion(string='3.3.1')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='=', version=MavenVersion(string='3.0')), VersionConstraint(comparator='>=', version=MavenVersion(string='3.1')), VersionConstraint(comparator='<=', version=MavenVersion(string='3.1.1')), VersionConstraint(comparator='>=', version=MavenVersion(string='3.2')), VersionConstraint(comparator='<=', version=MavenVersion(string='3.2.4')), VersionConstraint(comparator='=', version=MavenVersion(string='3.3a')), VersionConstraint(comparator='!=', version=MavenVersion(string='3.3.1')))), fixed_version=None)], references=[Reference(reference_id='CVE-2003-0045', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0045', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2002-2007'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='3.2.3')), VersionConstraint(comparator='<=', version=SemverVersion(string='3.2.4')), VersionConstraint(comparator='!=', version=SemverVersion(string='3.3a')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='3.2.3')), VersionConstraint(comparator='<=', version=MavenVersion(string='3.2.4')), VersionConstraint(comparator='!=', version=MavenVersion(string='3.3a')))), fixed_version=None)], references=[Reference(reference_id='CVE-2002-2007', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2007', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Moderate', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2002-2006'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='3.1')), VersionConstraint(comparator='<=', version=SemverVersion(string='3.1.1')), VersionConstraint(comparator='>=', version=SemverVersion(string='3.2')), VersionConstraint(comparator='<=', version=SemverVersion(string='3.2.4')), VersionConstraint(comparator='!=', version=SemverVersion(string='3.3a')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='3.1')), VersionConstraint(comparator='<=', version=MavenVersion(string='3.1.1')), VersionConstraint(comparator='>=', version=MavenVersion(string='3.2')), VersionConstraint(comparator='<=', version=MavenVersion(string='3.2.4')), VersionConstraint(comparator='!=', version=MavenVersion(string='3.3a')))), fixed_version=None)], references=[Reference(reference_id='CVE-2002-2006', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2006', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2000-0760'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='>=', version=SemverVersion(string='3.1')), VersionConstraint(comparator='<=', version=SemverVersion(string='3.1.1')), VersionConstraint(comparator='>=', version=SemverVersion(string='3.2')), VersionConstraint(comparator='<=', version=SemverVersion(string='3.2.4')), VersionConstraint(comparator='!=', version=SemverVersion(string='3.3a')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='>=', version=MavenVersion(string='3.1')), VersionConstraint(comparator='<=', version=MavenVersion(string='3.1.1')), VersionConstraint(comparator='>=', version=MavenVersion(string='3.2')), VersionConstraint(comparator='<=', version=MavenVersion(string='3.2.4')), VersionConstraint(comparator='!=', version=MavenVersion(string='3.3a')))), fixed_version=None)], references=[Reference(reference_id='CVE-2000-0760', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0760', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2001-1563'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='=', version=SemverVersion(string='3.2')), VersionConstraint(comparator='=', version=SemverVersion(string='3.2.1')), VersionConstraint(comparator='>=', version=SemverVersion(string='3.2.2')), VersionConstraint(comparator='<=', version=SemverVersion(string='3.2.3')), VersionConstraint(comparator='!=', version=SemverVersion(string='3.2.4')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='=', version=MavenVersion(string='3.2')), VersionConstraint(comparator='=', version=MavenVersion(string='3.2.1')), VersionConstraint(comparator='>=', version=MavenVersion(string='3.2.2')), VersionConstraint(comparator='<=', version=MavenVersion(string='3.2.3')), VersionConstraint(comparator='!=', version=MavenVersion(string='3.2.4')))), fixed_version=None)], references=[Reference(reference_id='CVE-2001-1563', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-1563', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Moderate', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2001-0829'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='=', version=SemverVersion(string='3.0')), VersionConstraint(comparator='>=', version=SemverVersion(string='3.1')), VersionConstraint(comparator='<=', version=SemverVersion(string='3.1.1')), VersionConstraint(comparator='>=', version=SemverVersion(string='3.2')), VersionConstraint(comparator='<=', version=SemverVersion(string='3.2.1')), VersionConstraint(comparator='!=', version=SemverVersion(string='3.2.2')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='=', version=MavenVersion(string='3.0')), VersionConstraint(comparator='>=', version=MavenVersion(string='3.1')), VersionConstraint(comparator='<=', version=MavenVersion(string='3.1.1')), VersionConstraint(comparator='>=', version=MavenVersion(string='3.2')), VersionConstraint(comparator='<=', version=MavenVersion(string='3.2.1')), VersionConstraint(comparator='!=', version=MavenVersion(string='3.2.2')))), fixed_version=None)], references=[Reference(reference_id='CVE-2001-0829', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0829', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Moderate', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2001-0590'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='=', version=SemverVersion(string='3.0')), VersionConstraint(comparator='>=', version=SemverVersion(string='3.1')), VersionConstraint(comparator='<=', version=SemverVersion(string='3.1.1')), VersionConstraint(comparator='>=', version=SemverVersion(string='3.2')), VersionConstraint(comparator='<=', version=SemverVersion(string='3.2.1')), VersionConstraint(comparator='!=', version=SemverVersion(string='3.2.2')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='=', version=MavenVersion(string='3.0')), VersionConstraint(comparator='>=', version=MavenVersion(string='3.1')), VersionConstraint(comparator='<=', version=MavenVersion(string='3.1.1')), VersionConstraint(comparator='>=', version=MavenVersion(string='3.2')), VersionConstraint(comparator='<=', version=MavenVersion(string='3.2.1')), VersionConstraint(comparator='!=', version=MavenVersion(string='3.2.2')))), fixed_version=None)], references=[Reference(reference_id='CVE-2001-0590', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0590', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Moderate', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2000-0759'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='=', version=SemverVersion(string='3.1')), VersionConstraint(comparator='!=', version=SemverVersion(string='3.2')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='=', version=MavenVersion(string='3.1')), VersionConstraint(comparator='!=', version=MavenVersion(string='3.2')))), fixed_version=None)], references=[Reference(reference_id='CVE-2000-0759', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0759', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Low', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2000-0672'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='=', version=SemverVersion(string='3.1')), VersionConstraint(comparator='!=', version=SemverVersion(string='3.2')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='=', version=MavenVersion(string='3.1')), VersionConstraint(comparator='!=', version=MavenVersion(string='3.2')))), fixed_version=None)], references=[Reference(reference_id='CVE-2000-0672', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0672', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')])], date_published=None) -AdvisoryData(aliases=['CVE-2000-1210'], summary='', affected_packages=[AffectedPackage(package=PackageURL(type='apache', namespace=None, name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=ApacheVersionRange(constraints=(VersionConstraint(comparator='=', version=SemverVersion(string='3.0')), VersionConstraint(comparator='!=', version=SemverVersion(string='3.1')))), fixed_version=None), AffectedPackage(package=PackageURL(type='maven', namespace='org.apache.tomcat', name='tomcat', version=None, qualifiers={}, subpath=None), affected_version_range=MavenVersionRange(constraints=(VersionConstraint(comparator='=', version=MavenVersion(string='3.0')), VersionConstraint(comparator='!=', version=MavenVersion(string='3.1')))), fixed_version=None)], references=[Reference(reference_id='CVE-2000-1210', url='https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-1210', severities=[VulnerabilitySeverity(system=ScoringSystem(identifier='apache_tomcat', name='Apache Tomcat Severity', url='https://tomcat.apache.org/security-impact.html', notes=''), value='Important', scoring_elements='')])], date_published=None) diff --git a/vulnerabilities/tests/test_data/apache_tomcat/trace/record_of_all_reported_cves-2023-01-04-00.txt b/vulnerabilities/tests/test_data/apache_tomcat/trace/record_of_all_reported_cves-2023-01-04-00.txt deleted file mode 100644 index 0b46de281..000000000 --- a/vulnerabilities/tests/test_data/apache_tomcat/trace/record_of_all_reported_cves-2023-01-04-00.txt +++ /dev/null @@ -1,452 +0,0 @@ -CVE-2020-9484 -CVE-2021-25329 -CVE-2021-25122 -CVE-2020-9484 -CVE-2018-8014 -CVE-2016-3092 -CVE-2008-5515 -CVE-2009-0033 -CVE-2009-0580 -CVE-2009-0781 -CVE-2009-0783 -CVE-2005-4836 -CVE-2008-4308 -CVE-2002-0935 -CVE-2002-2007 -CVE-2002-2006 -CVE-2000-0760 -CVE-2022-42252 -CVE-2022-45143 -CVE-2022-42252 -CVE-2022-34305 -CVE-2022-34305 -CVE-2022-29885 -CVE-2022-29885 -CVE-2021-43980 -CVE-2021-43980 -CVE-2022-23181 -CVE-2022-23181 -CVE-2021-42340 -CVE-2021-42340 -CVE-2021-33037 -CVE-2021-30640 -CVE-2021-30639 -CVE-2021-41079 -CVE-2020-9484 -CVE-2021-25329 -CVE-2021-25122 -CVE-2021-24122 -CVE-2020-17527 -CVE-2020-13943 -CVE-2020-13935 -CVE-2020-13934 -CVE-2020-11996 -CVE-2020-9484 -CVE-2022-45143 -CVE-2022-42252 -CVE-2022-34305 -CVE-2022-29885 -CVE-2021-43980 -CVE-2022-23181 -CVE-2021-42340 -CVE-2021-33037 -CVE-2021-30640 -CVE-2021-30639 -CVE-2021-41079 -CVE-2020-9484 -CVE-2021-25329 -CVE-2021-25122 -CVE-2021-24122 -CVE-2020-17527 -CVE-2020-13943 -CVE-2020-13935 -CVE-2020-13934 -CVE-2020-11996 -CVE-2020-9484 -CVE-2020-1938 -CVE-2020-1935 -CVE-2019-17569 -CVE-2019-17563 -CVE-2019-12418 -CVE-2022-25762 -CVE-2019-10072 -CVE-2019-0232 -CVE-2019-0221 -CVE-2019-0199 -CVE-2018-11784 -CVE-2018-8034 -CVE-2018-8037 -CVE-2018-8014 -CVE-2018-1336 -CVE-2018-1305 -CVE-2018-1304 -CVE-2017-15706 -CVE-2017-12617 -CVE-2017-7675 -CVE-2017-7674 -CVE-2017-5664 -CVE-2017-5651 -CVE-2017-5650 -CVE-2017-5647 -CVE-2017-5648 -CVE-2016-8747 -CVE-2016-8745 -CVE-2016-8735 -CVE-2016-6817 -CVE-2016-6816 -CVE-2016-6797 -CVE-2016-6796 -CVE-2016-6794 -CVE-2016-5018 -CVE-2016-0762 -CVE-2016-3092 -CVE-2016-0763 -CVE-2015-5345 -CVE-2015-5346 -CVE-2015-5351 -CVE-2016-0706 -CVE-2016-0714 -CVE-2022-45143 -CVE-2022-42252 -CVE-2022-34305 -CVE-2022-29885 -CVE-2021-43980 -CVE-2022-25762 -CVE-2022-23181 -CVE-2021-42340 -CVE-2021-33037 -CVE-2021-30640 -CVE-2021-30639 -CVE-2021-41079 -CVE-2020-9484 -CVE-2021-25329 -CVE-2021-25122 -CVE-2021-24122 -CVE-2020-17527 -CVE-2020-13943 -CVE-2020-13935 -CVE-2020-13934 -CVE-2020-11996 -CVE-2020-9484 -CVE-2020-1938 -CVE-2020-1935 -CVE-2019-17569 -CVE-2019-17563 -CVE-2019-12418 -CVE-2019-10072 -CVE-2019-0232 -CVE-2019-0221 -CVE-2019-0199 -CVE-2018-11784 -CVE-2018-8034 -CVE-2018-8014 -CVE-2018-8037 -CVE-2018-8034 -CVE-2018-8014 -CVE-2018-1336 -CVE-2018-1336 -CVE-2018-1305 -CVE-2018-1304 -CVE-2018-1305 -CVE-2018-1304 -CVE-2017-15706 -CVE-2017-15706 -CVE-2017-12617 -CVE-2017-12617 -CVE-2017-7674 -CVE-2017-7675 -CVE-2017-7674 -CVE-2017-5664 -CVE-2017-5664 -CVE-2017-5647 -CVE-2017-5651 -CVE-2017-5650 -CVE-2017-5647 -CVE-2017-5648 -CVE-2017-5648 -CVE-2016-8745 -CVE-2016-8747 -CVE-2016-8745 -CVE-2016-8735 -CVE-2016-6816 -CVE-2016-8735 -CVE-2016-6817 -CVE-2016-6816 -CVE-2016-6797 -CVE-2016-6796 -CVE-2016-6794 -CVE-2016-5018 -CVE-2016-0762 -CVE-2016-3092 -CVE-2015-5346 -CVE-2015-5351 -CVE-2016-0706 -CVE-2016-0714 -CVE-2016-0763 -CVE-2015-5345 -CVE-2015-5174 -CVE-2014-7810 -CVE-2014-0227 -CVE-2014-0230 -CVE-2014-0119 -CVE-2014-0075 -CVE-2014-0095 -CVE-2014-0096 -CVE-2014-0099 -CVE-2014-0050 -CVE-2013-4322 -CVE-2013-4590 -CVE-2013-4286 -CVE-2021-30640 -CVE-2020-9484 -CVE-2021-25329 -CVE-2021-24122 -CVE-2020-13935 -CVE-2020-9484 -CVE-2020-1938 -CVE-2020-1935 -CVE-2019-17569 -CVE-2019-17563 -CVE-2019-12418 -CVE-2019-0232 -CVE-2019-0221 -CVE-2018-11784 -CVE-2018-8034 -CVE-2018-8014 -CVE-2018-1336 -CVE-2018-1305 -CVE-2018-1304 -CVE-2017-15706 -CVE-2017-12617 -CVE-2017-12616 -CVE-2017-12615 -CVE-2017-7674 -CVE-2017-5664 -CVE-2017-5647 -CVE-2017-5648 -CVE-2016-8745 -CVE-2016-8735 -CVE-2016-6816 -CVE-2016-6797 -CVE-2016-6796 -CVE-2016-6794 -CVE-2016-5018 -CVE-2016-0762 -CVE-2016-3092 -CVE-2015-5345 -CVE-2015-5351 -CVE-2016-0706 -CVE-2016-0714 -CVE-2016-0763 -CVE-2015-5346 -CVE-2015-5174 -CVE-2014-7810 -CVE-2014-0227 -CVE-2014-0230 -CVE-2014-0119 -CVE-2014-0075 -CVE-2014-0096 -CVE-2014-0099 -CVE-2014-0050 -CVE-2013-4322 -CVE-2013-4590 -CVE-2013-4286 -CVE-2013-2071 -CVE-2013-4444 -CVE-2013-2067 -CVE-2012-4431 -CVE-2012-3544 -CVE-2012-3439 -CVE-2012-3546 -CVE-2012-2733 -CVE-2012-4534 -CVE-2012-0022 -CVE-2011-3375 -CVE-2011-3376 -CVE-2011-3190 -CVE-2011-2729 -CVE-2011-2526 -CVE-2011-2204 -CVE-2011-2481 -CVE-2011-1582 -CVE-2011-1475 -CVE-2011-1184 -CVE-2011-1183 -CVE-2011-1088 -CVE-2011-0534 -CVE-2011-0013 -CVE-2010-4172 -CVE-2010-3718 -CVE-2010-2227 -CVE-2017-5647 -CVE-2016-8745 -CVE-2016-8735 -CVE-2016-6816 -CVE-2016-6797 -CVE-2016-6796 -CVE-2016-6794 -CVE-2016-5018 -CVE-2016-0762 -CVE-2015-5174 -CVE-2015-5345 -CVE-2016-0706 -CVE-2016-0714 -CVE-2014-0230 -CVE-2014-7810 -CVE-2014-0227 -CVE-2014-0075 -CVE-2014-0096 -CVE-2014-0099 -CVE-2014-0119 -CVE-2013-1571 -CVE-2013-4286 -CVE-2013-4322 -CVE-2013-4590 -CVE-2014-0033 -CVE-2013-2067 -CVE-2012-3544 -CVE-2012-2733 -CVE-2012-3439 -CVE-2012-3546 -CVE-2012-4431 -CVE-2012-4534 -CVE-2011-3375 -CVE-2011-3190 -CVE-2012-0022 -CVE-2011-1184 -CVE-2011-2204 -CVE-2011-2526 -CVE-2011-2729 -CVE-2011-0534 -CVE-2011-0013 -CVE-2010-4172 -CVE-2010-3718 -CVE-2010-2227 -CVE-2010-1157 -CVE-2009-2693 -CVE-2009-2901 -CVE-2009-2902 -CVE-2009-3548 -CVE-2008-5515 -CVE-2009-0033 -CVE-2009-0580 -CVE-2009-0781 -CVE-2009-0783 -CVE-2008-1232 -CVE-2008-1947 -CVE-2008-2370 -CVE-2007-5333 -CVE-2007-5342 -CVE-2007-5461 -CVE-2007-6286 -CVE-2008-0002 -CVE-2007-2449 -CVE-2007-2450 -CVE-2007-3382 -CVE-2007-3385 -CVE-2007-3386 -CVE-2007-1355 -CVE-2005-2090 -CVE-2007-0450 -CVE-2008-0128 -CVE-2007-1358 -CVE-2012-3439 -CVE-2012-0022 -CVE-2011-1184 -CVE-2011-2204 -CVE-2011-2526 -CVE-2011-2729 -CVE-2011-3190 -CVE-2011-0013 -CVE-2010-3718 -CVE-2010-2227 -CVE-2010-1157 -CVE-2009-2693 -CVE-2009-2901 -CVE-2009-2902 -CVE-2009-3548 -CVE-2008-5515 -CVE-2009-0033 -CVE-2009-0580 -CVE-2009-0781 -CVE-2009-0783 -CVE-2008-1232 -CVE-2008-1947 -CVE-2008-2370 -CVE-2007-5333 -CVE-2007-5342 -CVE-2007-5461 -CVE-2007-6286 -CVE-2007-2449 -CVE-2007-2450 -CVE-2007-3382 -CVE-2007-3385 -CVE-2007-3386 -CVE-2007-1355 -CVE-2005-2090 -CVE-2007-0450 -CVE-2007-1358 -CVE-2008-0128 -CVE-2008-4308 -CVE-2006-7195 -CVE-2007-1858 -CVE-2006-7196 -CVE-2006-3835 -CVE-2005-3510 -CVE-2005-4838 -CVE-2008-3271 -CVE-2005-4836 -CVE-2008-5515 -CVE-2009-0033 -CVE-2009-0580 -CVE-2009-0781 -CVE-2009-0783 -CVE-2008-0128 -CVE-2008-1232 -CVE-2008-2370 -CVE-2005-3164 -CVE-2007-1355 -CVE-2007-2449 -CVE-2007-2450 -CVE-2007-3382 -CVE-2007-3383 -CVE-2007-3385 -CVE-2007-5333 -CVE-2007-5461 -CVE-2005-2090 -CVE-2007-0450 -CVE-2007-1358 -CVE-2008-4308 -CVE-2008-3271 -CVE-2007-1858 -CVE-2006-7196 -CVE-2006-3835 -CVE-2005-4838 -CVE-2005-3510 -CVE-2002-1567 -CVE-2002-1394 -CVE-2002-0682 -CVE-2002-1148 -CVE-2002-0935 -CVE-2003-0866 -CVE-2002-2006 -CVE-2002-2009 -CVE-2001-0917 -CVE-2002-0493 -CVE-2005-0808 -CVE-2007-3382 -CVE-2007-3384 -CVE-2007-3385 -CVE-2003-0044 -CVE-2003-0043 -CVE-2003-0042 -CVE-2003-0045 -CVE-2002-2007 -CVE-2002-2006 -CVE-2000-0760 -CVE-2001-1563 -CVE-2001-0829 -CVE-2001-0590 -CVE-2000-0759 -CVE-2000-0672 -CVE-2000-1210 From d00d3ddec552510b9cf9ad04502df588e23b622f Mon Sep 17 00:00:00 2001 From: "John M. Horan" Date: Fri, 20 Jan 2023 11:29:13 -0800 Subject: [PATCH 12/15] Prepare to run apache_tomcat importer #970 Reference: https://github.com/nexB/vulnerablecode/issues/970 Signed-off-by: John M. Horan --- vulnerabilities/importers/__init__.py | 2 ++ vulnerabilities/tests/conftest.py | 1 - 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/vulnerabilities/importers/__init__.py b/vulnerabilities/importers/__init__.py index 13b6e12c7..d0c473ea5 100644 --- a/vulnerabilities/importers/__init__.py +++ b/vulnerabilities/importers/__init__.py @@ -9,6 +9,7 @@ from vulnerabilities.importers import alpine_linux from vulnerabilities.importers import apache_httpd +from vulnerabilities.importers import apache_tomcat from vulnerabilities.importers import archlinux from vulnerabilities.importers import debian from vulnerabilities.importers import debian_oval @@ -55,6 +56,7 @@ project_kb_msr2019.ProjectKBMSRImporter, suse_scores.SUSESeverityScoreImporter, elixir_security.ElixirSecurityImporter, + apache_tomcat.ApacheTomcatImporter, ] IMPORTERS_REGISTRY = {x.qualified_name: x for x in IMPORTERS_REGISTRY} diff --git a/vulnerabilities/tests/conftest.py b/vulnerabilities/tests/conftest.py index 8ee0affda..c692c2a80 100644 --- a/vulnerabilities/tests/conftest.py +++ b/vulnerabilities/tests/conftest.py @@ -26,7 +26,6 @@ def no_rmtree(monkeypatch): # Step 3: Migrate all the tests collect_ignore = [ "test_apache_kafka.py", - "test_apache_tomcat.py", "test_api.py", "test_models.py", "test_package_managers.py", From b8d806acbc814b31145c38a2b57ff2fece916c3e Mon Sep 17 00:00:00 2001 From: "John M. Horan" Date: Fri, 20 Jan 2023 13:55:21 -0800 Subject: [PATCH 13/15] Correct handling of generator objects #970 Reference: https://github.com/nexB/vulnerablecode/issues/970 Signed-off-by: John M. Horan --- vulnerabilities/importers/apache_tomcat.py | 8 +------- vulnerabilities/tests/test_apache_tomcat.py | 3 ++- 2 files changed, 3 insertions(+), 8 deletions(-) diff --git a/vulnerabilities/importers/apache_tomcat.py b/vulnerabilities/importers/apache_tomcat.py index 24a28fb79..7e4d99264 100644 --- a/vulnerabilities/importers/apache_tomcat.py +++ b/vulnerabilities/importers/apache_tomcat.py @@ -156,19 +156,13 @@ def extract_advisories_from_page(self, apache_tomcat_advisory_html): """ Return a list of AdvisoryData objects extracted from the HTML text ``apache_tomcat_advisory_html``. """ - advisories = [] - # This yields groups of advisories organized by Tomcat fixed versions -- 1+ per group. fixed_version_advisory_groups = extract_tomcat_advisory_data_from_page( apache_tomcat_advisory_html ) for advisory_group in fixed_version_advisory_groups: - advisory_data_objects = generate_advisory_data_objects(advisory_group) - - advisories.append(advisory_data_objects) - - return advisories + yield from generate_advisory_data_objects(advisory_group) @dataclasses.dataclass(order=True) diff --git a/vulnerabilities/tests/test_apache_tomcat.py b/vulnerabilities/tests/test_apache_tomcat.py index 7ef02f598..01b8f3971 100644 --- a/vulnerabilities/tests/test_apache_tomcat.py +++ b/vulnerabilities/tests/test_apache_tomcat.py @@ -31,7 +31,8 @@ def test_method_extract_advisories_from_page(): raw_data = f.read() extracted_advisories = ApacheTomcatImporter().extract_advisories_from_page(raw_data) - results = [adv.to_dict() for d in extracted_advisories for adv in d] + # results = [adv.to_dict() for d in extracted_advisories for adv in d] + results = [adv.to_dict() for adv in extracted_advisories] expected_file = os.path.join( TEST_DATA, f"parse-apache_tomcat-selected-advisories-expected.json" From a51f3fc6732e5e0813e7b2b27904416cd347ed84 Mon Sep 17 00:00:00 2001 From: "John M. Horan" Date: Fri, 20 Jan 2023 18:56:25 -0800 Subject: [PATCH 14/15] Clean test file #970 Reference: https://github.com/nexB/vulnerablecode/issues/970 Signed-off-by: John M. Horan --- vulnerabilities/tests/test_apache_tomcat.py | 1 - 1 file changed, 1 deletion(-) diff --git a/vulnerabilities/tests/test_apache_tomcat.py b/vulnerabilities/tests/test_apache_tomcat.py index 01b8f3971..4c5033e14 100644 --- a/vulnerabilities/tests/test_apache_tomcat.py +++ b/vulnerabilities/tests/test_apache_tomcat.py @@ -31,7 +31,6 @@ def test_method_extract_advisories_from_page(): raw_data = f.read() extracted_advisories = ApacheTomcatImporter().extract_advisories_from_page(raw_data) - # results = [adv.to_dict() for d in extracted_advisories for adv in d] results = [adv.to_dict() for adv in extracted_advisories] expected_file = os.path.join( From bda164918a413888cd11fcf24d47223a0fd0f55f Mon Sep 17 00:00:00 2001 From: "John M. Horan" Date: Sun, 22 Jan 2023 10:11:14 -0800 Subject: [PATCH 15/15] Update docstring #970 Reference: https://github.com/nexB/vulnerablecode/issues/970 Signed-off-by: John M. Horan --- vulnerabilities/importers/apache_tomcat.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/vulnerabilities/importers/apache_tomcat.py b/vulnerabilities/importers/apache_tomcat.py index 7e4d99264..3d754d6df 100644 --- a/vulnerabilities/importers/apache_tomcat.py +++ b/vulnerabilities/importers/apache_tomcat.py @@ -154,7 +154,7 @@ def advisory_data(self): def extract_advisories_from_page(self, apache_tomcat_advisory_html): """ - Return a list of AdvisoryData objects extracted from the HTML text ``apache_tomcat_advisory_html``. + Yield AdvisoryData objects extracted from the HTML text ``apache_tomcat_advisory_html``. """ # This yields groups of advisories organized by Tomcat fixed versions -- 1+ per group. fixed_version_advisory_groups = extract_tomcat_advisory_data_from_page(