{"id":"CVE-2017-5647","details":"A bug in the handling of the pipelined requests in Apache Tomcat 9.0.0.M1 to 9.0.0.M18, 8.5.0 to 8.5.12, 8.0.0.RC1 to 8.0.42, 7.0.0 to 7.0.76, and 6.0.0 to 6.0.52, when send file was used, results in the pipelined request being lost when send file processing of the previous request completed. This could result in responses appearing to be sent for the wrong request. For example, a user agent that sent requests A, B and C could see the correct response for request A, the response for request C for request B and no response for request C.","aliases":["GHSA-3gv7-3h64-78cm"],"modified":"2026-04-11T12:02:18.674375Z","published":"2017-04-17T16:59:00.320Z","related":["MGASA-2017-0117","SUSE-SU-2017:1229-1","SUSE-SU-2017:1382-1","SUSE-SU-2017:1632-1","SUSE-SU-2017:1660-1","openSUSE-SU-2024:11468-1","openSUSE-SU-2024:13441-1"],"database_specific":{"unresolved_ranges":[{"source":"CPE_FIELD","extracted_events":[{"last_affected":"6.0.0"}],"cpe":"cpe:2.3:a:apache:tomcat:6.0.0:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"6.0.10"}],"cpe":"cpe:2.3:a:apache:tomcat:6.0.10:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"6.0.11"}],"cpe":"cpe:2.3:a:apache:tomcat:6.0.11:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"6.0.12"}],"cpe":"cpe:2.3:a:apache:tomcat:6.0.12:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"6.0.13"}],"cpe":"cpe:2.3:a:apache:tomcat:6.0.13:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"6.0.14"}],"cpe":"cpe:2.3:a:apache:tomcat:6.0.14:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"6.0.15"}],"cpe":"cpe:2.3:a:apache:tomcat:6.0.15:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"6.0.16"}],"cpe":"cpe:2.3:a:apache:tomcat:6.0.16:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"6.0.17"}],"cpe":"cpe:2.3:a:apache:tomcat:6.0.17:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"6.0.18"}],"cpe":"cpe:2.3:a:apache:tomcat:6.0.18:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"6.0.19"}],"cpe":"cpe:2.3:a:apache:tomcat:6.0.19:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"6.0.1"}],"cpe":"cpe:2.3:a:apache:tomcat:6.0.1:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"6.0.20"}],"cpe":"cpe:2.3:a:apache:tomcat:6.0.20:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"6.0.21"}],"cpe":"cpe:2.3:a:apache:tomcat:6.0.21:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"6.0.22"}],"cpe":"cpe:2.3:a:apache:tomcat:6.0.22:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"6.0.23"}],"cpe":"cpe:2.3:a:apache:tomcat:6.0.23:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"6.0.24"}],"cpe":"cpe:2.3:a:apache:tomcat:6.0.24:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"6.0.25"}],"cpe":"cpe:2.3:a:apache:tomcat:6.0.25:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"6.0.26"}],"cpe":"cpe:2.3:a:apache:tomcat:6.0.26:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"6.0.27"}],"cpe":"cpe:2.3:a:apache:tomcat:6.0.27:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"6.0.28"}],"cpe":"cpe:2.3:a:apache:tomcat:6.0.28:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"6.0.29"}],"cpe":"cpe:2.3:a:apache:tomcat:6.0.29:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"6.0.2"}],"cpe":"cpe:2.3:a:apache:tomcat:6.0.2:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"6.0.30"}],"cpe":"cpe:2.3:a:apache:tomcat:6.0.30:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"6.0.31"}],"cpe":"cpe:2.3:a:apache:tomcat:6.0.31:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"6.0.32"}],"cpe":"cpe:2.3:a:apache:tomcat:6.0.32:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"6.0.33"}],"cpe":"cpe:2.3:a:apache:tomcat:6.0.33:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"6.0.34"}],"cpe":"cpe:2.3:a:apache:tomcat:6.0.34:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"6.0.35"}],"cpe":"cpe:2.3:a:apache:tomcat:6.0.35:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"6.0.36"}],"cpe":"cpe:2.3:a:apache:tomcat:6.0.36:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"6.0.37"}],"cpe":"cpe:2.3:a:apache:tomcat:6.0.37:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"6.0.38"}],"cpe":"cpe:2.3:a:apache:tomcat:6.0.38:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"6.0.39"}],"cpe":"cpe:2.3:a:apache:tomcat:6.0.39:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"6.0.3"}],"cpe":"cpe:2.3:a:apache:tomcat:6.0.3:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"6.0.40"}],"cpe":"cpe:2.3:a:apache:tomcat:6.0.40:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"6.0.41"}],"cpe":"cpe:2.3:a:apache:tomcat:6.0.41:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"6.0.42"}],"cpe":"cpe:2.3:a:apache:tomcat:6.0.42:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"6.0.43"}],"cpe":"cpe:2.3:a:apache:tomcat:6.0.43:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"6.0.44"}],"cpe":"cpe:2.3:a:apache:tomcat:6.0.44:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"6.0.45"}],"cpe":"cpe:2.3:a:apache:tomcat:6.0.45:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"6.0.46"}],"cpe":"cpe:2.3:a:apache:tomcat:6.0.46:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"6.0.47"}],"cpe":"cpe:2.3:a:apache:tomcat:6.0.47:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"6.0.48"}],"cpe":"cpe:2.3:a:apache:tomcat:6.0.48:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"6.0.49"}],"cpe":"cpe:2.3:a:apache:tomcat:6.0.49:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"6.0.4"}],"cpe":"cpe:2.3:a:apache:tomcat:6.0.4:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"6.0.50"}],"cpe":"cpe:2.3:a:apache:tomcat:6.0.50:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"6.0.51"}],"cpe":"cpe:2.3:a:apache:tomcat:6.0.51:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"6.0.52"}],"cpe":"cpe:2.3:a:apache:tomcat:6.0.52:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"6.0.5"}],"cpe":"cpe:2.3:a:apache:tomcat:6.0.5:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"6.0.6"}],"cpe":"cpe:2.3:a:apache:tomcat:6.0.6:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"6.0.7"}],"cpe":"cpe:2.3:a:apache:tomcat:6.0.7:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"6.0.8"}],"cpe":"cpe:2.3:a:apache:tomcat:6.0.8:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"6.0.9"}],"cpe":"cpe:2.3:a:apache:tomcat:6.0.9:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"8.0.0"}],"cpe":"cpe:2.3:a:apache:tomcat:8.0.0:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"8.0.0-rc1"}],"cpe":"cpe:2.3:a:apache:tomcat:8.0.0:rc1:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"8.0.10"}],"cpe":"cpe:2.3:a:apache:tomcat:8.0.10:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"8.0.11"}],"cpe":"cpe:2.3:a:apache:tomcat:8.0.11:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"8.0.12"}],"cpe":"cpe:2.3:a:apache:tomcat:8.0.12:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"8.0.13"}],"cpe":"cpe:2.3:a:apache:tomcat:8.0.13:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"8.0.14"}],"cpe":"cpe:2.3:a:apache:tomcat:8.0.14:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"8.0.15"}],"cpe":"cpe:2.3:a:apache:tomcat:8.0.15:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"8.0.16"}],"cpe":"cpe:2.3:a:apache:tomcat:8.0.16:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"8.0.17"}],"cpe":"cpe:2.3:a:apache:tomcat:8.0.17:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"8.0.18"}],"cpe":"cpe:2.3:a:apache:tomcat:8.0.18:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"8.0.19"}],"cpe":"cpe:2.3:a:apache:tomcat:8.0.19:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"8.0.1"}],"cpe":"cpe:2.3:a:apache:tomcat:8.0.1:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"8.0.20"}],"cpe":"cpe:2.3:a:apache:tomcat:8.0.20:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"8.0.21"}],"cpe":"cpe:2.3:a:apache:tomcat:8.0.21:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"8.0.22"}],"cpe":"cpe:2.3:a:apache:tomcat:8.0.22:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"8.0.23"}],"cpe":"cpe:2.3:a:apache:tomcat:8.0.23:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"8.0.24"}],"cpe":"cpe:2.3:a:apache:tomcat:8.0.24:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"8.0.25"}],"cpe":"cpe:2.3:a:apache:tomcat:8.0.25:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"8.0.26"}],"cpe":"cpe:2.3:a:apache:tomcat:8.0.26:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"8.0.27"}],"cpe":"cpe:2.3:a:apache:tomcat:8.0.27:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"8.0.28"}],"cpe":"cpe:2.3:a:apache:tomcat:8.0.28:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"8.0.29"}],"cpe":"cpe:2.3:a:apache:tomcat:8.0.29:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"8.0.2"}],"cpe":"cpe:2.3:a:apache:tomcat:8.0.2:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"8.0.30"}],"cpe":"cpe:2.3:a:apache:tomcat:8.0.30:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"8.0.31"}],"cpe":"cpe:2.3:a:apache:tomcat:8.0.31:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"8.0.32"}],"cpe":"cpe:2.3:a:apache:tomcat:8.0.32:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"8.0.33"}],"cpe":"cpe:2.3:a:apache:tomcat:8.0.33:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"8.0.34"}],"cpe":"cpe:2.3:a:apache:tomcat:8.0.34:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"8.0.35"}],"cpe":"cpe:2.3:a:apache:tomcat:8.0.35:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"8.0.36"}],"cpe":"cpe:2.3:a:apache:tomcat:8.0.36:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"8.0.37"}],"cpe":"cpe:2.3:a:apache:tomcat:8.0.37:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"8.0.38"}],"cpe":"cpe:2.3:a:apache:tomcat:8.0.38:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"8.0.39"}],"cpe":"cpe:2.3:a:apache:tomcat:8.0.39:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"8.0.3"}],"cpe":"cpe:2.3:a:apache:tomcat:8.0.3:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"8.0.40"}],"cpe":"cpe:2.3:a:apache:tomcat:8.0.40:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"8.0.41"}],"cpe":"cpe:2.3:a:apache:tomcat:8.0.41:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"8.0.42"}],"cpe":"cpe:2.3:a:apache:tomcat:8.0.42:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"8.0.4"}],"cpe":"cpe:2.3:a:apache:tomcat:8.0.4:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"8.0.5"}],"cpe":"cpe:2.3:a:apache:tomcat:8.0.5:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"8.0.6"}],"cpe":"cpe:2.3:a:apache:tomcat:8.0.6:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"8.0.7"}],"cpe":"cpe:2.3:a:apache:tomcat:8.0.7:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"8.0.8"}],"cpe":"cpe:2.3:a:apache:tomcat:8.0.8:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"8.0.9"}],"cpe":"cpe:2.3:a:apache:tomcat:8.0.9:*:*:*:*:*:*:*"}]},"references":[{"type":"WEB","url":"http://www.arubanetworks.com/assets/alert/HPESBHF03730.txt"},{"type":"WEB","url":"http://www.securitytracker.com/id/1038218"},{"type":"WEB","url":"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03730en_us"},{"type":"WEB","url":"https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E"},{"type":"WEB","url":"https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E"},{"type":"WEB","url":"https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E"},{"type":"WEB","url":"https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E"},{"type":"WEB","url":"https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E"},{"type":"WEB","url":"https://lists.apache.org/thread.html/5796678c5a773c6f3ff57c178ac247d85ceca0dee9190ba48171451a%40%3Cusers.tomcat.apache.org%3E"},{"type":"WEB","url":"https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb%40%3Cdev.tomcat.apache.org%3E"},{"type":"WEB","url":"https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3E"},{"type":"WEB","url":"https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E"},{"type":"WEB","url":"https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a%40%3Cdev.tomcat.apache.org%3E"},{"type":"WEB","url":"https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E"},{"type":"WEB","url":"https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E"},{"type":"WEB","url":"https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E"},{"type":"WEB","url":"https://lists.apache.org/thread.html/eb6efa8d59c45a7a9eff94c4b925467d3b3fec8ba7697f3daa314b04%40%3Cdev.tomcat.apache.org%3E"},{"type":"WEB","url":"https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E"},{"type":"WEB","url":"https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d%40%3Cdev.tomcat.apache.org%3E"},{"type":"WEB","url":"https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0%40%3Cdev.tomcat.apache.org%3E"},{"type":"WEB","url":"https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E"},{"type":"WEB","url":"https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E"},{"type":"ADVISORY","url":"http://www.debian.org/security/2017/dsa-3842"},{"type":"ADVISORY","url":"http://www.debian.org/security/2017/dsa-3843"},{"type":"ADVISORY","url":"http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2017:1801"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2017:1802"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2017:2493"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2017:2494"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2017:3080"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2017:3081"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/201705-09"},{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20180614-0001/"},{"type":"ADVISORY","url":"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/apache/tomcat","events":[{"introduced":"0"},{"last_affected":"e498667bd7811e846771a852b16ce9f1e524b81b"},{"last_affected":"72a8a7c601a7bff56723650d5bb1e353d095af3d"},{"last_affected":"511d6f15e4254f3af12c75e5199b66448342eabf"},{"last_affected":"6ba80e64fca2badb0a0630f36969365a32a50808"},{"last_affected":"53728ececd4dc0134c2e17de849db53ce08219c9"},{"last_affected":"bc8b8705a9713cbd0232ab2d326d96ceb4aef1ad"},{"last_affected":"4a39288c6eab999452c72af9fd1a0c12b054ca9f"},{"last_affected":"6ebe68b8319cbd8c4fa9b629f38b10c09ca38b61"},{"last_affected":"04d13f45b4268945a0bee7a56fc4cf3782db0c71"},{"last_affected":"7b9e8b1024e03903deca4b4cdd52f368463c723b"},{"last_affected":"8b83cefaf2a454706f03f509944ca46103db4d13"},{"last_affected":"85cfeb746b8ea0d0e51cc4ced6053075f5460a36"},{"last_affected":"de47b464201769870a06764cdd5143a59cd95302"},{"last_affected":"0002c728a93f7866b8e3ecf00d5a008327acdc66"},{"last_affected":"c845090723d1118dbce1928f9468e1726b79c3b1"},{"last_affected":"ec8e60ab88259d3d51c8651a8f72a7a6b1347885"},{"last_affected":"9e0d31f12dbd5441097dbec493895ad4e07a6832"},{"last_affected":"08611c1dab45979e3e68c25b898f9dcb82888da1"},{"last_affected":"4d09baa427e4f70a3198eb06bae39d3b81d52290"},{"last_affected":"892c777b9d5c051dc20aacfefc280ab02dbe2143"},{"last_affected":"eae5ead3864c4e2d528a874069828c6c12dee8a5"},{"last_affected":"ddd8de1c64ef852caca10ab876fed02cfe827ef1"},{"last_affected":"6e2c7f6227de95874c79f77bafe5ed26dfeb4021"},{"last_affected":"9f62bc56a0887353e58579153a30c64c5369efdb"},{"last_affected":"f397fe02d89f7a10a7dc6f38f36b61bad04dfdc7"},{"last_affected":"009cf0448025b6227b026e66f5351f0dcb3dd733"},{"last_affected":"68e114cf9fe0a83a888099c084b3036040afa518"},{"last_affected":"efa0e79f82f17880c0d7427918bc34a83243dfa6"},{"last_affected":"5e096bfd5a387f057766dc6b5217feae75b08331"},{"last_affected":"b7b373b84f1b80602ed62fb056be7c7ce429a15c"},{"last_affected":"86ecd2ad87b805992b9e4c2f2317feaab7a1e3fb"},{"last_affected":"247f896633a8a84e2e389d055980fb90cfebffa1"},{"last_affected":"7cfeba335a41dd3b0e423f12534e5936c461711c"},{"last_affected":"ba53773f48f31de787edb559db38e3e02d7efffd"},{"last_affected":"7e8629b4ff4152ae6285fa184745e9a1382ca440"},{"last_affected":"fec4a6d1d1f050401aec5c6a3bd0431850472d92"},{"last_affected":"37f91884c4cdaee56669c5ffa51b547847b1aa4e"},{"last_affected":"3477614af783b612341fa6bc00c16b32d1791de8"},{"last_affected":"ddf8c1d016b2fe81f923ed3d9628ba63ce4502a5"},{"last_affected":"5f6f258107e7e463cce41187e13474f3c894693e"},{"last_affected":"2b858c0fce0db18ca733b161d7428f2cca214841"},{"last_affected":"1958059057715d26415839cabad78e685d4d02f1"},{"last_affected":"ad3da1182b0ed370ec233b925c69dcee826a9efe"},{"last_affected":"506ab576d6e086286b79ca7ddebe679223ec3f9f"},{"last_affected":"00ad08058c70b08a9c18555e793d3b6da76d10aa"},{"last_affected":"7f5cc05a61f85b195032fb1edef692fca2512d26"},{"last_affected":"dcd9daab64a7b557b989a1e0001ffaae0254c8bc"},{"last_affected":"81d3e54a46de226a5a8f11bcc65195cddcc24f96"},{"last_affected":"bb7683de19c1e441f7f9b986ae5a64a44977b27b"},{"last_affected":"66a6ce81eaf86fdaeb2e218f985f3de50da53ac0"},{"last_affected":"d70fcee0390d1a82b108979d26a7a397a7418bc7"},{"last_affected":"810f549234921d7f3af43c1604f523eec27eeacb"},{"last_affected":"1b734919fd5ee83a2905070dcbd6ffffff1beb63"},{"last_affected":"32583ea28061391c314a09a43fbee48c072940a9"},{"last_affected":"b7d6e626d03f61ccd6c92e8ea28df12e67d256e6"},{"last_affected":"47af1012111595546f31d9096a37a839f93caa62"},{"last_affected":"feaf3763fb37e4a9176ef46a2c80e34821077884"},{"last_affected":"30a7e7f7b48aa5f9f4a559635966d70901b5f51d"},{"last_affected":"d0c85cd043679c7330066306600b32aa03c22ca3"},{"last_affected":"be7e6137267298d6a7b1b3cd2cb1f3f605f9162b"},{"last_affected":"ab66216975257e473e5bf4e9a7a59254c905c880"},{"last_affected":"8d84136656655a20287cf2dac6ec7fd047979de5"},{"last_affected":"20bd21830dfe7864cac78acb1b7c825baa11bd85"},{"last_affected":"6b77b128188a5ed033da2998ff2f47f65aa4f7f8"},{"last_affected":"f6de6eb5445d266506fcf89d3962a622478c2c6c"},{"last_affected":"a6d2ed3eef40903b661d138ae7c8fbd9790d1928"},{"last_affected":"7a9d8339c97790213f81b43d91606f38be743617"},{"last_affected":"05e76dc1b6edcc2fa87d95de72a8a714267e462d"},{"last_affected":"e0ffdd2535a8cb102c62b5db41170625e9d1bf46"},{"last_affected":"0b2140180148548e012498e2d7c074fb9d208beb"},{"last_affected":"ff181ab22b2b18e77ab9e0f0c2cfe5cfa59c844c"},{"last_affected":"c1c4a30d1cc369b918ee86c34ee09ff62c7c6ca6"},{"last_affected":"22a6f7d8e615b6cfca151b70e8893c9324e17cc5"},{"last_affected":"fe0424f91a9f0af2f6422fe83bfaa769d92aa131"},{"last_affected":"fc5bebc0cc58fcd75f3d5178be49a3abe5ae615f"},{"last_affected":"12bb2050e3694a795f19395d320f406368f09367"},{"last_affected":"73268e886373568fb0c2a150dbbcaf088a2443fb"},{"last_affected":"e37b977db6f47e4380ad67114a49e8568951c953"},{"last_affected":"389365303d986b2a918bc95f39421b27a2c9ff30"},{"last_affected":"f5dffa6e1148080fe5dc3690df917e805c72a714"},{"last_affected":"bdd72e8bc872876689e41631e47942366ca03364"},{"last_affected":"3e5565173dfe107f90419ab63bd4e2e7edc9deb4"},{"last_affected":"c6a2c4ed296c7f8839b72e8e31cb53b84102d02c"},{"last_affected":"61ff12fb282b1d00593b8d16e94ab8ec02f8d5be"},{"last_affected":"b5205c92f41dfd9a67f78bc783db7b022e38226c"},{"last_affected":"4178d385e09435a88ac34cf7025526b7f0055c55"},{"last_affected":"80083369bb8178efc49374a65d7eb73465e77f8b"},{"last_affected":"e14e9824c3087f79621a9796ddf9b3432be02858"},{"last_affected":"20ec6f6f034bb5eebe4f1b52140b680aaff6f380"},{"last_affected":"e95b65a27af4cd6681b6dc1bf17ee5abb897610d"},{"last_affected":"29b07def810d335012e738b22ab44d4e232b50d1"},{"last_affected":"10e04de1946981261a734507f4a6d953e2a206fe"},{"last_affected":"65ddc3a3872ea41ca67fec7b6834c704b6893361"},{"last_affected":"b5a74e3c7913c560648f0ffedfbbb3ebe4318def"},{"last_affected":"de128d72af746184e035ff1b53629f08cb141a04"},{"last_affected":"aac670afe1226e10513021100fce8a12344743c6"},{"last_affected":"c2c8107f0cea4755497a85990807b883b66f6b57"},{"last_affected":"8c48678b110f3fbbe66f6dde0e45d2578fa92c29"},{"last_affected":"9c5edb840d9413c1408e7c191bc0e1bbfcd9e07f"},{"last_affected":"59e713216cf2256aacc54f6ba627865f356f9e4e"},{"last_affected":"18b014d8691909be6153ae7db022a6c35f9c93ea"},{"last_affected":"d1dc05e934e089ea8907998cf850760017a0ed82"},{"last_affected":"fd7f13635e6855f6ba3fead0bf37ba2fbf8b68cf"},{"last_affected":"c7b84102600d600bcc527560d9c4d10c3fd440ab"},{"last_affected":"d8ebf61e51b4455e3c226751e492a533f9002d48"},{"last_affected":"aba238718ac9b149d25feaa9a14ecad3b0e3a5e2"},{"last_affected":"fe854ab1f111396458d98fa2ab08c693ce9407e1"},{"last_affected":"45f8fd74cdb96490fab8709263a4d862f0d429cf"}],"database_specific":{"source":"CPE_FIELD","extracted_events":[{"introduced":"0"},{"last_affected":"7.0.0"},{"last_affected":"7.0.1"},{"last_affected":"7.0.2"},{"last_affected":"7.0.3"},{"last_affected":"7.0.4"},{"last_affected":"7.0.5"},{"last_affected":"7.0.6"},{"last_affected":"7.0.7"},{"last_affected":"7.0.8"},{"last_affected":"7.0.9"},{"last_affected":"7.0.10"},{"last_affected":"7.0.11"},{"last_affected":"7.0.12"},{"last_affected":"7.0.13"},{"last_affected":"7.0.14"},{"last_affected":"7.0.15"},{"last_affected":"7.0.16"},{"last_affected":"7.0.17"},{"last_affected":"7.0.18"},{"last_affected":"7.0.19"},{"last_affected":"7.0.20"},{"last_affected":"7.0.21"},{"last_affected":"7.0.22"},{"last_affected":"7.0.23"},{"last_affected":"7.0.24"},{"last_affected":"7.0.25"},{"last_affected":"7.0.26"},{"last_affected":"7.0.27"},{"last_affected":"7.0.28"},{"last_affected":"7.0.29"},{"last_affected":"7.0.30"},{"last_affected":"7.0.31"},{"last_affected":"7.0.32"},{"last_affected":"7.0.33"},{"last_affected":"7.0.34"},{"last_affected":"7.0.35"},{"last_affected":"7.0.36"},{"last_affected":"7.0.37"},{"last_affected":"7.0.38"},{"last_affected":"7.0.39"},{"last_affected":"7.0.40"},{"last_affected":"7.0.41"},{"last_affected":"7.0.42"},{"last_affected":"7.0.43"},{"last_affected":"7.0.44"},{"last_affected":"7.0.45"},{"last_affected":"7.0.46"},{"last_affected":"7.0.47"},{"last_affected":"7.0.48"},{"last_affected":"7.0.49"},{"last_affected":"7.0.50"},{"last_affected":"7.0.51"},{"last_affected":"7.0.52"},{"last_affected":"7.0.53"},{"last_affected":"7.0.54"},{"last_affected":"7.0.55"},{"last_affected":"7.0.56"},{"last_affected":"7.0.57"},{"last_affected":"7.0.58"},{"last_affected":"7.0.59"},{"last_affected":"7.0.60"},{"last_affected":"7.0.61"},{"last_affected":"7.0.62"},{"last_affected":"7.0.63"},{"last_affected":"7.0.64"},{"last_affected":"7.0.65"},{"last_affected":"7.0.66"},{"last_affected":"7.0.67"},{"last_affected":"7.0.68"},{"last_affected":"7.0.69"},{"last_affected":"7.0.70"},{"last_affected":"7.0.71"},{"last_affected":"7.0.72"},{"last_affected":"7.0.73"},{"last_affected":"7.0.74"},{"last_affected":"7.0.75"},{"last_affected":"7.0.76"},{"last_affected":"8.5.0"},{"last_affected":"8.5.1"},{"last_affected":"8.5.2"},{"last_affected":"8.5.3"},{"last_affected":"8.5.4"},{"last_affected":"8.5.5"},{"last_affected":"8.5.6"},{"last_affected":"8.5.7"},{"last_affected":"8.5.8"},{"last_affected":"8.5.9"},{"last_affected":"8.5.10"},{"last_affected":"8.5.11"},{"last_affected":"8.5.12"},{"last_affected":"9.0.0-milestone1"},{"last_affected":"9.0.0-milestone10"},{"last_affected":"9.0.0-milestone11"},{"last_affected":"9.0.0-milestone12"},{"last_affected":"9.0.0-milestone13"},{"last_affected":"9.0.0-milestone14"},{"last_affected":"9.0.0-milestone15"},{"last_affected":"9.0.0-milestone16"},{"last_affected":"9.0.0-milestone17"},{"last_affected":"9.0.0-milestone18"},{"last_affected":"9.0.0-milestone2"},{"last_affected":"9.0.0-milestone3"},{"last_affected":"9.0.0-milestone4"},{"last_affected":"9.0.0-milestone5"},{"last_affected":"9.0.0-milestone6"},{"last_affected":"9.0.0-milestone7"},{"last_affected":"9.0.0-milestone8"},{"last_affected":"9.0.0-milestone9"}],"cpe":["cpe:2.3:a:apache:tomcat:7.0.0:*:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:7.0.1:*:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:7.0.2:*:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:7.0.3:*:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:7.0.4:*:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:7.0.5:*:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:7.0.6:*:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:7.0.7:*:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:7.0.8:*:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:7.0.9:*:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:7.0.10:*:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:7.0.11:*:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:7.0.12:*:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:7.0.13:*:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:7.0.14:*:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:7.0.15:*:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:7.0.16:*:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:7.0.17:*:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:7.0.18:*:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:7.0.19:*:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:7.0.20:*:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:7.0.21:*:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:7.0.22:*:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:7.0.23:*:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:7.0.24:*:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:7.0.25:*:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:7.0.26:*:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:7.0.27:*:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:7.0.28:*:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:7.0.29:*:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:7.0.30:*:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:7.0.31:*:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:7.0.32:*:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:7.0.33:*:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:7.0.34:*:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:7.0.35:*:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:7.0.36:*:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:7.0.37:*:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:7.0.38:*:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:7.0.39:*:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:7.0.40:*:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:7.0.41:*:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:7.0.42:*:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:7.0.43:*:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:7.0.44:*:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:7.0.45:*:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:7.0.46:*:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:7.0.47:*:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:7.0.48:*:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:7.0.49:*:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:7.0.50:*:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:7.0.51:*:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:7.0.52:*:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:7.0.53:*:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:7.0.54:*:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:7.0.55:*:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:7.0.56:*:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:7.0.57:*:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:7.0.58:*:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:7.0.59:*:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:7.0.60:*:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:7.0.61:*:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:7.0.62:*:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:7.0.63:*:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:7.0.64:*:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:7.0.65:*:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:7.0.66:*:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:7.0.67:*:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:7.0.68:*:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:7.0.69:*:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:7.0.70:*:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:7.0.71:*:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:7.0.72:*:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:7.0.73:*:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:7.0.74:*:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:7.0.75:*:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:7.0.76:*:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:8.5.0:*:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:8.5.1:*:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:8.5.2:*:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:8.5.3:*:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:8.5.4:*:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:8.5.5:*:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:8.5.6:*:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:8.5.7:*:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:8.5.8:*:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:8.5.9:*:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:8.5.10:*:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:8.5.11:*:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:8.5.12:*:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:9.0.0:milestone1:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:9.0.0:milestone10:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:9.0.0:milestone11:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:9.0.0:milestone12:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:9.0.0:milestone13:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:9.0.0:milestone14:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:9.0.0:milestone15:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:9.0.0:milestone16:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:9.0.0:milestone17:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:9.0.0:milestone18:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:9.0.0:milestone2:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:9.0.0:milestone3:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:9.0.0:milestone4:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:9.0.0:milestone5:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:9.0.0:milestone6:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:9.0.0:milestone7:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:9.0.0:milestone8:*:*:*:*:*:*","cpe:2.3:a:apache:tomcat:9.0.0:milestone9:*:*:*:*:*:*"]}}],"versions":["7.0.0","7.0.1","7.0.10","7.0.11","7.0.12","7.0.13","7.0.14","7.0.15","7.0.16","7.0.17","7.0.18","7.0.19","7.0.2","7.0.20","7.0.21","7.0.22","7.0.23","7.0.24","7.0.25","7.0.26","7.0.27","7.0.28","7.0.29","7.0.3","7.0.30","7.0.31","7.0.32","7.0.33","7.0.34","7.0.35","7.0.36","7.0.37","7.0.38","7.0.39","7.0.4","7.0.40","7.0.41","7.0.42","7.0.43","7.0.44","7.0.45","7.0.46","7.0.47","7.0.48","7.0.49","7.0.5","7.0.50","7.0.51","7.0.52","7.0.53","7.0.54","7.0.55","7.0.56","7.0.57","7.0.58","7.0.59","7.0.6","7.0.60","7.0.61","7.0.62","7.0.63","7.0.64","7.0.65","7.0.66","7.0.67","7.0.68","7.0.69","7.0.7","7.0.70","7.0.71","7.0.72","7.0.73","7.0.74","7.0.75","7.0.76","7.0.8","7.0.9","8.5.0","8.5.1","8.5.10","8.5.11","8.5.12","8.5.2","8.5.3","8.5.4","8.5.5","8.5.6","8.5.7","8.5.8","8.5.9","9.0.0-M1","9.0.0-M10","9.0.0-M11","9.0.0-M12","9.0.0-M13","9.0.0-M14","9.0.0-M15","9.0.0-M16","9.0.0-M17","9.0.0-M18","9.0.0-M2","9.0.0-M3","9.0.0-M4","9.0.0-M5","9.0.0-M6","9.0.0-M7","9.0.0-M8","9.0.0-M9"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-5647.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}]}