{"cve_id":"CVE-2025-24813","summary":"Path Equivalence: 'file.Name' (Internal Dot) leading to Remote Code Execution and/or Information disclosure and/or malicious content added to uploaded files via write enabled Default Servlet in Apache Tomcat.\n\nThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.2, from 10.1.0-M1 through 10.1.34, from 9.0.0.M1 through 9.0.98.\nThe following versions were EOL at the time the CVE was created but are \nknown to be affected: 8.5.0 though 8.5.100. Other, older, EOL versions \nmay also be affected.\n\n\nIf all of the following were true, a malicious user was able to view       security sensitive files and/or inject content into those files:\n- writes enabled for the default servlet (disabled by default)\n- support for partial PUT (enabled by default)\n- a target URL for security sensitive uploads that was a sub-directory of a target URL for public uploads\n- attacker knowledge of the names of security sensitive files being uploaded\n- the security sensitive files also being uploaded via partial PUT\n\nIf all of the following were true, a malicious user was able to       perform remote code execution:\n- writes enabled for the default servlet (disabled by default)\n- support for partial PUT (enabled by default)\n- application was using Tomcat's file based session persistence with the default storage location\n- application included a library that may be leveraged in a deserialization attack\n\nUsers are recommended to upgrade to version 11.0.3, 10.1.35 or 9.0.99, which fixes the issue.","cvss":9.8,"cvss_version":3,"cvss_v2":null,"cvss_v3":9.8,"cvss_v4":null,"epss":0.94122,"ranking_epss":0.99914,"kev":true,"propose_action":"Apache Tomcat contains a path equivalence vulnerability that allows a remote attacker to execute code, disclose information, or inject malicious content via a partial PUT request.","ransomware_campaign":"Unknown","references":["https://lists.apache.org/thread/j5fkjv2k477os90nczf2v9l61fb0kkgq","http://www.openwall.com/lists/oss-security/2025/03/10/5","https://lists.debian.org/debian-lts-announce/2025/04/msg00003.html","https://security.netapp.com/advisory/ntap-20250321-0001/","https://www.vicarius.io/vsociety/posts/cve-2025-24813-detect-apache-tomcat-rce","https://www.vicarius.io/vsociety/posts/cve-2025-24813-mitigate-apache-tomcat-rce","https://www.vicarius.io/vsociety/posts/cve-2025-24813-tomcat-detect-vulnerability","https://www.vicarius.io/vsociety/posts/cve-2025-24813-tomcat-mitigation-vulnerability","https://github.com/absholi7ly/POC-CVE-2025-24813/blob/main/README.md","https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-24813"],"published_time":"2025-03-10T17:15:35","cpes":["cpe:2.3:a:apache:tomcat:-","cpe:2.3:a:apache:tomcat:1.1.3","cpe:2.3:a:apache:tomcat:10.1.0","cpe:2.3:a:apache:tomcat:10.1.1","cpe:2.3:a:apache:tomcat:10.1.10","cpe:2.3:a:apache:tomcat:10.1.11","cpe:2.3:a:apache:tomcat:10.1.12","cpe:2.3:a:apache:tomcat:10.1.13","cpe:2.3:a:apache:tomcat:10.1.14","cpe:2.3:a:apache:tomcat:10.1.15","cpe:2.3:a:apache:tomcat:10.1.16","cpe:2.3:a:apache:tomcat:10.1.17","cpe:2.3:a:apache:tomcat:10.1.18","cpe:2.3:a:apache:tomcat:10.1.19","cpe:2.3:a:apache:tomcat:10.1.2","cpe:2.3:a:apache:tomcat:10.1.20","cpe:2.3:a:apache:tomcat:10.1.22","cpe:2.3:a:apache:tomcat:10.1.23","cpe:2.3:a:apache:tomcat:10.1.24","cpe:2.3:a:apache:tomcat:10.1.25","cpe:2.3:a:apache:tomcat:10.1.26","cpe:2.3:a:apache:tomcat:10.1.27","cpe:2.3:a:apache:tomcat:10.1.28","cpe:2.3:a:apache:tomcat:10.1.29","cpe:2.3:a:apache:tomcat:10.1.30","cpe:2.3:a:apache:tomcat:10.1.31","cpe:2.3:a:apache:tomcat:10.1.32","cpe:2.3:a:apache:tomcat:10.1.33","cpe:2.3:a:apache:tomcat:10.1.34","cpe:2.3:a:apache:tomcat:10.1.5","cpe:2.3:a:apache:tomcat:10.1.6","cpe:2.3:a:apache:tomcat:10.1.7","cpe:2.3:a:apache:tomcat:10.1.8","cpe:2.3:a:apache:tomcat:10.1.9","cpe:2.3:a:apache:tomcat:11.0.0","cpe:2.3:a:apache:tomcat:11.0.1","cpe:2.3:a:apache:tomcat:11.0.2","cpe:2.3:a:apache:tomcat:3.0","cpe:2.3:a:apache:tomcat:3.1","cpe:2.3:a:apache:tomcat:3.1.1","cpe:2.3:a:apache:tomcat:3.2","cpe:2.3:a:apache:tomcat:3.2.1","cpe:2.3:a:apache:tomcat:3.2.2","cpe:2.3:a:apache:tomcat:3.2.3","cpe:2.3:a:apache:tomcat:3.2.4","cpe:2.3:a:apache:tomcat:3.3","cpe:2.3:a:apache:tomcat:3.3.1","cpe:2.3:a:apache:tomcat:3.3.1a","cpe:2.3:a:apache:tomcat:3.3.2","cpe:2.3:a:apache:tomcat:4","cpe:2.3:a:apache:tomcat:4.0.0","cpe:2.3:a:apache:tomcat:4.0.1","cpe:2.3:a:apache:tomcat:4.0.2","cpe:2.3:a:apache:tomcat:4.0.3","cpe:2.3:a:apache:tomcat:4.0.4","cpe:2.3:a:apache:tomcat:4.0.5","cpe:2.3:a:apache:tomcat:4.0.6","cpe:2.3:a:apache:tomcat:4.1.0","cpe:2.3:a:apache:tomcat:4.1.1","cpe:2.3:a:apache:tomcat:4.1.10","cpe:2.3:a:apache:tomcat:4.1.11","cpe:2.3:a:apache:tomcat:4.1.12","cpe:2.3:a:apache:tomcat:4.1.13","cpe:2.3:a:apache:tomcat:4.1.14","cpe:2.3:a:apache:tomcat:4.1.15","cpe:2.3:a:apache:tomcat:4.1.16","cpe:2.3:a:apache:tomcat:4.1.17","cpe:2.3:a:apache:tomcat:4.1.18","cpe:2.3:a:apache:tomcat:4.1.19","cpe:2.3:a:apache:tomcat:4.1.2","cpe:2.3:a:apache:tomcat:4.1.20","cpe:2.3:a:apache:tomcat:4.1.21","cpe:2.3:a:apache:tomcat:4.1.22","cpe:2.3:a:apache:tomcat:4.1.23","cpe:2.3:a:apache:tomcat:4.1.24","cpe:2.3:a:apache:tomcat:4.1.25","cpe:2.3:a:apache:tomcat:4.1.26","cpe:2.3:a:apache:tomcat:4.1.27","cpe:2.3:a:apache:tomcat:4.1.28","cpe:2.3:a:apache:tomcat:4.1.29","cpe:2.3:a:apache:tomcat:4.1.3","cpe:2.3:a:apache:tomcat:4.1.30","cpe:2.3:a:apache:tomcat:4.1.31","cpe:2.3:a:apache:tomcat:4.1.32","cpe:2.3:a:apache:tomcat:4.1.33","cpe:2.3:a:apache:tomcat:4.1.35","cpe:2.3:a:apache:tomcat:4.1.36","cpe:2.3:a:apache:tomcat:4.1.37","cpe:2.3:a:apache:tomcat:4.1.38","cpe:2.3:a:apache:tomcat:4.1.39","cpe:2.3:a:apache:tomcat:4.1.4","cpe:2.3:a:apache:tomcat:4.1.5","cpe:2.3:a:apache:tomcat:4.1.6","cpe:2.3:a:apache:tomcat:4.1.8","cpe:2.3:a:apache:tomcat:4.1.9","cpe:2.3:a:apache:tomcat:5","cpe:2.3:a:apache:tomcat:5.0.0","cpe:2.3:a:apache:tomcat:5.0.1","cpe:2.3:a:apache:tomcat:5.0.10","cpe:2.3:a:apache:tomcat:5.0.11","cpe:2.3:a:apache:tomcat:5.0.12","cpe:2.3:a:apache:tomcat:5.0.13","cpe:2.3:a:apache:tomcat:5.0.14","cpe:2.3:a:apache:tomcat:5.0.15","cpe:2.3:a:apache:tomcat:5.0.16","cpe:2.3:a:apache:tomcat:5.0.17","cpe:2.3:a:apache:tomcat:5.0.18","cpe:2.3:a:apache:tomcat:5.0.19","cpe:2.3:a:apache:tomcat:5.0.2","cpe:2.3:a:apache:tomcat:5.0.21","cpe:2.3:a:apache:tomcat:5.0.22","cpe:2.3:a:apache:tomcat:5.0.23","cpe:2.3:a:apache:tomcat:5.0.24","cpe:2.3:a:apache:tomcat:5.0.25","cpe:2.3:a:apache:tomcat:5.0.26","cpe:2.3:a:apache:tomcat:5.0.27","cpe:2.3:a:apache:tomcat:5.0.28","cpe:2.3:a:apache:tomcat:5.0.29","cpe:2.3:a:apache:tomcat:5.0.3","cpe:2.3:a:apache:tomcat:5.0.30","cpe:2.3:a:apache:tomcat:5.0.4","cpe:2.3:a:apache:tomcat:5.0.5","cpe:2.3:a:apache:tomcat:5.0.6","cpe:2.3:a:apache:tomcat:5.0.7","cpe:2.3:a:apache:tomcat:5.0.8","cpe:2.3:a:apache:tomcat:5.0.9","cpe:2.3:a:apache:tomcat:5.5.0","cpe:2.3:a:apache:tomcat:5.5.1","cpe:2.3:a:apache:tomcat:5.5.10","cpe:2.3:a:apache:tomcat:5.5.11","cpe:2.3:a:apache:tomcat:5.5.12","cpe:2.3:a:apache:tomcat:5.5.13","cpe:2.3:a:apache:tomcat:5.5.14","cpe:2.3:a:apache:tomcat:5.5.15","cpe:2.3:a:apache:tomcat:5.5.16","cpe:2.3:a:apache:tomcat:5.5.17","cpe:2.3:a:apache:tomcat:5.5.18","cpe:2.3:a:apache:tomcat:5.5.19","cpe:2.3:a:apache:tomcat:5.5.2","cpe:2.3:a:apache:tomcat:5.5.20","cpe:2.3:a:apache:tomcat:5.5.21","cpe:2.3:a:apache:tomcat:5.5.22","cpe:2.3:a:apache:tomcat:5.5.23","cpe:2.3:a:apache:tomcat:5.5.24","cpe:2.3:a:apache:tomcat:5.5.25","cpe:2.3:a:apache:tomcat:5.5.26","cpe:2.3:a:apache:tomcat:5.5.27","cpe:2.3:a:apache:tomcat:5.5.28","cpe:2.3:a:apache:tomcat:5.5.29","cpe:2.3:a:apache:tomcat:5.5.3","cpe:2.3:a:apache:tomcat:5.5.30","cpe:2.3:a:apache:tomcat:5.5.31","cpe:2.3:a:apache:tomcat:5.5.32","cpe:2.3:a:apache:tomcat:5.5.33","cpe:2.3:a:apache:tomcat:5.5.34","cpe:2.3:a:apache:tomcat:5.5.35","cpe:2.3:a:apache:tomcat:5.5.36","cpe:2.3:a:apache:tomcat:5.5.4","cpe:2.3:a:apache:tomcat:5.5.5","cpe:2.3:a:apache:tomcat:5.5.6","cpe:2.3:a:apache:tomcat:5.5.7","cpe:2.3:a:apache:tomcat:5.5.8","cpe:2.3:a:apache:tomcat:5.5.9","cpe:2.3:a:apache:tomcat:6","cpe:2.3:a:apache:tomcat:6.0","cpe:2.3:a:apache:tomcat:6.0.0","cpe:2.3:a:apache:tomcat:6.0.1","cpe:2.3:a:apache:tomcat:6.0.10","cpe:2.3:a:apache:tomcat:6.0.11","cpe:2.3:a:apache:tomcat:6.0.12","cpe:2.3:a:apache:tomcat:6.0.13","cpe:2.3:a:apache:tomcat:6.0.14","cpe:2.3:a:apache:tomcat:6.0.15","cpe:2.3:a:apache:tomcat:6.0.16","cpe:2.3:a:apache:tomcat:6.0.17","cpe:2.3:a:apache:tomcat:6.0.18","cpe:2.3:a:apache:tomcat:6.0.19","cpe:2.3:a:apache:tomcat:6.0.2","cpe:2.3:a:apache:tomcat:6.0.20","cpe:2.3:a:apache:tomcat:6.0.21","cpe:2.3:a:apache:tomcat:6.0.22","cpe:2.3:a:apache:tomcat:6.0.23","cpe:2.3:a:apache:tomcat:6.0.24","cpe:2.3:a:apache:tomcat:6.0.25","cpe:2.3:a:apache:tomcat:6.0.26","cpe:2.3:a:apache:tomcat:6.0.27","cpe:2.3:a:apache:tomcat:6.0.28","cpe:2.3:a:apache:tomcat:6.0.29","cpe:2.3:a:apache:tomcat:6.0.3","cpe:2.3:a:apache:tomcat:6.0.30","cpe:2.3:a:apache:tomcat:6.0.31","cpe:2.3:a:apache:tomcat:6.0.32","cpe:2.3:a:apache:tomcat:6.0.33","cpe:2.3:a:apache:tomcat:6.0.34","cpe:2.3:a:apache:tomcat:6.0.35","cpe:2.3:a:apache:tomcat:6.0.36","cpe:2.3:a:apache:tomcat:6.0.37","cpe:2.3:a:apache:tomcat:6.0.38","cpe:2.3:a:apache:tomcat:6.0.4","cpe:2.3:a:apache:tomcat:6.0.40","cpe:2.3:a:apache:tomcat:6.0.41","cpe:2.3:a:apache:tomcat:6.0.42","cpe:2.3:a:apache:tomcat:6.0.43","cpe:2.3:a:apache:tomcat:6.0.44","cpe:2.3:a:apache:tomcat:6.0.45","cpe:2.3:a:apache:tomcat:6.0.46","cpe:2.3:a:apache:tomcat:6.0.47","cpe:2.3:a:apache:tomcat:6.0.48","cpe:2.3:a:apache:tomcat:6.0.49","cpe:2.3:a:apache:tomcat:6.0.5","cpe:2.3:a:apache:tomcat:6.0.50","cpe:2.3:a:apache:tomcat:6.0.51","cpe:2.3:a:apache:tomcat:6.0.52","cpe:2.3:a:apache:tomcat:6.0.53","cpe:2.3:a:apache:tomcat:6.0.6","cpe:2.3:a:apache:tomcat:6.0.7","cpe:2.3:a:apache:tomcat:6.0.8","cpe:2.3:a:apache:tomcat:6.0.9","cpe:2.3:a:apache:tomcat:7.0","cpe:2.3:a:apache:tomcat:7.0.0","cpe:2.3:a:apache:tomcat:7.0.1","cpe:2.3:a:apache:tomcat:7.0.10","cpe:2.3:a:apache:tomcat:7.0.100","cpe:2.3:a:apache:tomcat:7.0.101","cpe:2.3:a:apache:tomcat:7.0.102","cpe:2.3:a:apache:tomcat:7.0.103","cpe:2.3:a:apache:tomcat:7.0.104","cpe:2.3:a:apache:tomcat:7.0.105","cpe:2.3:a:apache:tomcat:7.0.106","cpe:2.3:a:apache:tomcat:7.0.107","cpe:2.3:a:apache:tomcat:7.0.108","cpe:2.3:a:apache:tomcat:7.0.109","cpe:2.3:a:apache:tomcat:7.0.11","cpe:2.3:a:apache:tomcat:7.0.12","cpe:2.3:a:apache:tomcat:7.0.13","cpe:2.3:a:apache:tomcat:7.0.14","cpe:2.3:a:apache:tomcat:7.0.15","cpe:2.3:a:apache:tomcat:7.0.16","cpe:2.3:a:apache:tomcat:7.0.17","cpe:2.3:a:apache:tomcat:7.0.18","cpe:2.3:a:apache:tomcat:7.0.19","cpe:2.3:a:apache:tomcat:7.0.2","cpe:2.3:a:apache:tomcat:7.0.20","cpe:2.3:a:apache:tomcat:7.0.21","cpe:2.3:a:apache:tomcat:7.0.22","cpe:2.3:a:apache:tomcat:7.0.23","cpe:2.3:a:apache:tomcat:7.0.24","cpe:2.3:a:apache:tomcat:7.0.25","cpe:2.3:a:apache:tomcat:7.0.26","cpe:2.3:a:apache:tomcat:7.0.27","cpe:2.3:a:apache:tomcat:7.0.28","cpe:2.3:a:apache:tomcat:7.0.29","cpe:2.3:a:apache:tomcat:7.0.3","cpe:2.3:a:apache:tomcat:7.0.30","cpe:2.3:a:apache:tomcat:7.0.31","cpe:2.3:a:apache:tomcat:7.0.32","cpe:2.3:a:apache:tomcat:7.0.33","cpe:2.3:a:apache:tomcat:7.0.34","cpe:2.3:a:apache:tomcat:7.0.35","cpe:2.3:a:apache:tomcat:7.0.36","cpe:2.3:a:apache:tomcat:7.0.37","cpe:2.3:a:apache:tomcat:7.0.38","cpe:2.3:a:apache:tomcat:7.0.39","cpe:2.3:a:apache:tomcat:7.0.4","cpe:2.3:a:apache:tomcat:7.0.40","cpe:2.3:a:apache:tomcat:7.0.41","cpe:2.3:a:apache:tomcat:7.0.42","cpe:2.3:a:apache:tomcat:7.0.43","cpe:2.3:a:apache:tomcat:7.0.44","cpe:2.3:a:apache:tomcat:7.0.45","cpe:2.3:a:apache:tomcat:7.0.46","cpe:2.3:a:apache:tomcat:7.0.47","cpe:2.3:a:apache:tomcat:7.0.48","cpe:2.3:a:apache:tomcat:7.0.49","cpe:2.3:a:apache:tomcat:7.0.5","cpe:2.3:a:apache:tomcat:7.0.50","cpe:2.3:a:apache:tomcat:7.0.51","cpe:2.3:a:apache:tomcat:7.0.52","cpe:2.3:a:apache:tomcat:7.0.53","cpe:2.3:a:apache:tomcat:7.0.54","cpe:2.3:a:apache:tomcat:7.0.55","cpe:2.3:a:apache:tomcat:7.0.56","cpe:2.3:a:apache:tomcat:7.0.57","cpe:2.3:a:apache:tomcat:7.0.58","cpe:2.3:a:apache:tomcat:7.0.59","cpe:2.3:a:apache:tomcat:7.0.6","cpe:2.3:a:apache:tomcat:7.0.60","cpe:2.3:a:apache:tomcat:7.0.61","cpe:2.3:a:apache:tomcat:7.0.62","cpe:2.3:a:apache:tomcat:7.0.63","cpe:2.3:a:apache:tomcat:7.0.64","cpe:2.3:a:apache:tomcat:7.0.65","cpe:2.3:a:apache:tomcat:7.0.66","cpe:2.3:a:apache:tomcat:7.0.67","cpe:2.3:a:apache:tomcat:7.0.68","cpe:2.3:a:apache:tomcat:7.0.69","cpe:2.3:a:apache:tomcat:7.0.7","cpe:2.3:a:apache:tomcat:7.0.70","cpe:2.3:a:apache:tomcat:7.0.71","cpe:2.3:a:apache:tomcat:7.0.72","cpe:2.3:a:apache:tomcat:7.0.73","cpe:2.3:a:apache:tomcat:7.0.74","cpe:2.3:a:apache:tomcat:7.0.75","cpe:2.3:a:apache:tomcat:7.0.76","cpe:2.3:a:apache:tomcat:7.0.77","cpe:2.3:a:apache:tomcat:7.0.78","cpe:2.3:a:apache:tomcat:7.0.79","cpe:2.3:a:apache:tomcat:7.0.8","cpe:2.3:a:apache:tomcat:7.0.80","cpe:2.3:a:apache:tomcat:7.0.81","cpe:2.3:a:apache:tomcat:7.0.82","cpe:2.3:a:apache:tomcat:7.0.83","cpe:2.3:a:apache:tomcat:7.0.84","cpe:2.3:a:apache:tomcat:7.0.85","cpe:2.3:a:apache:tomcat:7.0.86","cpe:2.3:a:apache:tomcat:7.0.87","cpe:2.3:a:apache:tomcat:7.0.88","cpe:2.3:a:apache:tomcat:7.0.89","cpe:2.3:a:apache:tomcat:7.0.9","cpe:2.3:a:apache:tomcat:7.0.90","cpe:2.3:a:apache:tomcat:7.0.91","cpe:2.3:a:apache:tomcat:7.0.92","cpe:2.3:a:apache:tomcat:7.0.93","cpe:2.3:a:apache:tomcat:7.0.94","cpe:2.3:a:apache:tomcat:7.0.95","cpe:2.3:a:apache:tomcat:7.0.96","cpe:2.3:a:apache:tomcat:7.0.97","cpe:2.3:a:apache:tomcat:7.0.98","cpe:2.3:a:apache:tomcat:7.0.99","cpe:2.3:a:apache:tomcat:8.0","cpe:2.3:a:apache:tomcat:8.0.0","cpe:2.3:a:apache:tomcat:8.0.1","cpe:2.3:a:apache:tomcat:8.0.10","cpe:2.3:a:apache:tomcat:8.0.11","cpe:2.3:a:apache:tomcat:8.0.12","cpe:2.3:a:apache:tomcat:8.0.13","cpe:2.3:a:apache:tomcat:8.0.14","cpe:2.3:a:apache:tomcat:8.0.15","cpe:2.3:a:apache:tomcat:8.0.16","cpe:2.3:a:apache:tomcat:8.0.17","cpe:2.3:a:apache:tomcat:8.0.18","cpe:2.3:a:apache:tomcat:8.0.19","cpe:2.3:a:apache:tomcat:8.0.2","cpe:2.3:a:apache:tomcat:8.0.20","cpe:2.3:a:apache:tomcat:8.0.21","cpe:2.3:a:apache:tomcat:8.0.22","cpe:2.3:a:apache:tomcat:8.0.23","cpe:2.3:a:apache:tomcat:8.0.24","cpe:2.3:a:apache:tomcat:8.0.25","cpe:2.3:a:apache:tomcat:8.0.26","cpe:2.3:a:apache:tomcat:8.0.27","cpe:2.3:a:apache:tomcat:8.0.28","cpe:2.3:a:apache:tomcat:8.0.29","cpe:2.3:a:apache:tomcat:8.0.3","cpe:2.3:a:apache:tomcat:8.0.30","cpe:2.3:a:apache:tomcat:8.0.31","cpe:2.3:a:apache:tomcat:8.0.32","cpe:2.3:a:apache:tomcat:8.0.33","cpe:2.3:a:apache:tomcat:8.0.34","cpe:2.3:a:apache:tomcat:8.0.35","cpe:2.3:a:apache:tomcat:8.0.36","cpe:2.3:a:apache:tomcat:8.0.37","cpe:2.3:a:apache:tomcat:8.0.38","cpe:2.3:a:apache:tomcat:8.0.39","cpe:2.3:a:apache:tomcat:8.0.4","cpe:2.3:a:apache:tomcat:8.0.40","cpe:2.3:a:apache:tomcat:8.0.41","cpe:2.3:a:apache:tomcat:8.0.42","cpe:2.3:a:apache:tomcat:8.0.43","cpe:2.3:a:apache:tomcat:8.0.44","cpe:2.3:a:apache:tomcat:8.0.45","cpe:2.3:a:apache:tomcat:8.0.46","cpe:2.3:a:apache:tomcat:8.0.47","cpe:2.3:a:apache:tomcat:8.0.48","cpe:2.3:a:apache:tomcat:8.0.49","cpe:2.3:a:apache:tomcat:8.0.5","cpe:2.3:a:apache:tomcat:8.0.50","cpe:2.3:a:apache:tomcat:8.0.51","cpe:2.3:a:apache:tomcat:8.0.52","cpe:2.3:a:apache:tomcat:8.0.53","cpe:2.3:a:apache:tomcat:8.0.53-29.32.1","cpe:2.3:a:apache:tomcat:8.0.6","cpe:2.3:a:apache:tomcat:8.0.7","cpe:2.3:a:apache:tomcat:8.0.8","cpe:2.3:a:apache:tomcat:8.0.9","cpe:2.3:a:apache:tomcat:8.5.0","cpe:2.3:a:apache:tomcat:8.5.1","cpe:2.3:a:apache:tomcat:8.5.10","cpe:2.3:a:apache:tomcat:8.5.100","cpe:2.3:a:apache:tomcat:8.5.11","cpe:2.3:a:apache:tomcat:8.5.12","cpe:2.3:a:apache:tomcat:8.5.13","cpe:2.3:a:apache:tomcat:8.5.14","cpe:2.3:a:apache:tomcat:8.5.15","cpe:2.3:a:apache:tomcat:8.5.16","cpe:2.3:a:apache:tomcat:8.5.17","cpe:2.3:a:apache:tomcat:8.5.18","cpe:2.3:a:apache:tomcat:8.5.19","cpe:2.3:a:apache:tomcat:8.5.2","cpe:2.3:a:apache:tomcat:8.5.20","cpe:2.3:a:apache:tomcat:8.5.21","cpe:2.3:a:apache:tomcat:8.5.22","cpe:2.3:a:apache:tomcat:8.5.23","cpe:2.3:a:apache:tomcat:8.5.24","cpe:2.3:a:apache:tomcat:8.5.25","cpe:2.3:a:apache:tomcat:8.5.26","cpe:2.3:a:apache:tomcat:8.5.27","cpe:2.3:a:apache:tomcat:8.5.28","cpe:2.3:a:apache:tomcat:8.5.29","cpe:2.3:a:apache:tomcat:8.5.3","cpe:2.3:a:apache:tomcat:8.5.30","cpe:2.3:a:apache:tomcat:8.5.31","cpe:2.3:a:apache:tomcat:8.5.32","cpe:2.3:a:apache:tomcat:8.5.33","cpe:2.3:a:apache:tomcat:8.5.34","cpe:2.3:a:apache:tomcat:8.5.35","cpe:2.3:a:apache:tomcat:8.5.36","cpe:2.3:a:apache:tomcat:8.5.37","cpe:2.3:a:apache:tomcat:8.5.38","cpe:2.3:a:apache:tomcat:8.5.39","cpe:2.3:a:apache:tomcat:8.5.4","cpe:2.3:a:apache:tomcat:8.5.40","cpe:2.3:a:apache:tomcat:8.5.41","cpe:2.3:a:apache:tomcat:8.5.42","cpe:2.3:a:apache:tomcat:8.5.43","cpe:2.3:a:apache:tomcat:8.5.44","cpe:2.3:a:apache:tomcat:8.5.45","cpe:2.3:a:apache:tomcat:8.5.46","cpe:2.3:a:apache:tomcat:8.5.47","cpe:2.3:a:apache:tomcat:8.5.48","cpe:2.3:a:apache:tomcat:8.5.49","cpe:2.3:a:apache:tomcat:8.5.5","cpe:2.3:a:apache:tomcat:8.5.50","cpe:2.3:a:apache:tomcat:8.5.51","cpe:2.3:a:apache:tomcat:8.5.52","cpe:2.3:a:apache:tomcat:8.5.53","cpe:2.3:a:apache:tomcat:8.5.54","cpe:2.3:a:apache:tomcat:8.5.55","cpe:2.3:a:apache:tomcat:8.5.56","cpe:2.3:a:apache:tomcat:8.5.57","cpe:2.3:a:apache:tomcat:8.5.58","cpe:2.3:a:apache:tomcat:8.5.59","cpe:2.3:a:apache:tomcat:8.5.6","cpe:2.3:a:apache:tomcat:8.5.60","cpe:2.3:a:apache:tomcat:8.5.61","cpe:2.3:a:apache:tomcat:8.5.62","cpe:2.3:a:apache:tomcat:8.5.63","cpe:2.3:a:apache:tomcat:8.5.64","cpe:2.3:a:apache:tomcat:8.5.65","cpe:2.3:a:apache:tomcat:8.5.66","cpe:2.3:a:apache:tomcat:8.5.67","cpe:2.3:a:apache:tomcat:8.5.68","cpe:2.3:a:apache:tomcat:8.5.69","cpe:2.3:a:apache:tomcat:8.5.7","cpe:2.3:a:apache:tomcat:8.5.70","cpe:2.3:a:apache:tomcat:8.5.71","cpe:2.3:a:apache:tomcat:8.5.72","cpe:2.3:a:apache:tomcat:8.5.73","cpe:2.3:a:apache:tomcat:8.5.74","cpe:2.3:a:apache:tomcat:8.5.75","cpe:2.3:a:apache:tomcat:8.5.76","cpe:2.3:a:apache:tomcat:8.5.77","cpe:2.3:a:apache:tomcat:8.5.78","cpe:2.3:a:apache:tomcat:8.5.79","cpe:2.3:a:apache:tomcat:8.5.8","cpe:2.3:a:apache:tomcat:8.5.80","cpe:2.3:a:apache:tomcat:8.5.81","cpe:2.3:a:apache:tomcat:8.5.82","cpe:2.3:a:apache:tomcat:8.5.83","cpe:2.3:a:apache:tomcat:8.5.84","cpe:2.3:a:apache:tomcat:8.5.85","cpe:2.3:a:apache:tomcat:8.5.86","cpe:2.3:a:apache:tomcat:8.5.87","cpe:2.3:a:apache:tomcat:8.5.88","cpe:2.3:a:apache:tomcat:8.5.89","cpe:2.3:a:apache:tomcat:8.5.9","cpe:2.3:a:apache:tomcat:8.5.90","cpe:2.3:a:apache:tomcat:8.5.91","cpe:2.3:a:apache:tomcat:8.5.92","cpe:2.3:a:apache:tomcat:8.5.93","cpe:2.3:a:apache:tomcat:8.5.94","cpe:2.3:a:apache:tomcat:8.5.95","cpe:2.3:a:apache:tomcat:8.5.96","cpe:2.3:a:apache:tomcat:8.5.97","cpe:2.3:a:apache:tomcat:8.5.98","cpe:2.3:a:apache:tomcat:8.5.99","cpe:2.3:a:apache:tomcat:9.0.0","cpe:2.3:a:apache:tomcat:9.0.1","cpe:2.3:a:apache:tomcat:9.0.10","cpe:2.3:a:apache:tomcat:9.0.11","cpe:2.3:a:apache:tomcat:9.0.12","cpe:2.3:a:apache:tomcat:9.0.13","cpe:2.3:a:apache:tomcat:9.0.14","cpe:2.3:a:apache:tomcat:9.0.15","cpe:2.3:a:apache:tomcat:9.0.16","cpe:2.3:a:apache:tomcat:9.0.17","cpe:2.3:a:apache:tomcat:9.0.18","cpe:2.3:a:apache:tomcat:9.0.19","cpe:2.3:a:apache:tomcat:9.0.2","cpe:2.3:a:apache:tomcat:9.0.20","cpe:2.3:a:apache:tomcat:9.0.21","cpe:2.3:a:apache:tomcat:9.0.22","cpe:2.3:a:apache:tomcat:9.0.23","cpe:2.3:a:apache:tomcat:9.0.24","cpe:2.3:a:apache:tomcat:9.0.25","cpe:2.3:a:apache:tomcat:9.0.26","cpe:2.3:a:apache:tomcat:9.0.27","cpe:2.3:a:apache:tomcat:9.0.28","cpe:2.3:a:apache:tomcat:9.0.29","cpe:2.3:a:apache:tomcat:9.0.3","cpe:2.3:a:apache:tomcat:9.0.30","cpe:2.3:a:apache:tomcat:9.0.31","cpe:2.3:a:apache:tomcat:9.0.32","cpe:2.3:a:apache:tomcat:9.0.33","cpe:2.3:a:apache:tomcat:9.0.34","cpe:2.3:a:apache:tomcat:9.0.35","cpe:2.3:a:apache:tomcat:9.0.35-3.39.1","cpe:2.3:a:apache:tomcat:9.0.35-3.57.3","cpe:2.3:a:apache:tomcat:9.0.36","cpe:2.3:a:apache:tomcat:9.0.37","cpe:2.3:a:apache:tomcat:9.0.38","cpe:2.3:a:apache:tomcat:9.0.39","cpe:2.3:a:apache:tomcat:9.0.4","cpe:2.3:a:apache:tomcat:9.0.40","cpe:2.3:a:apache:tomcat:9.0.41","cpe:2.3:a:apache:tomcat:9.0.42","cpe:2.3:a:apache:tomcat:9.0.43","cpe:2.3:a:apache:tomcat:9.0.44","cpe:2.3:a:apache:tomcat:9.0.45","cpe:2.3:a:apache:tomcat:9.0.46","cpe:2.3:a:apache:tomcat:9.0.47","cpe:2.3:a:apache:tomcat:9.0.48","cpe:2.3:a:apache:tomcat:9.0.49","cpe:2.3:a:apache:tomcat:9.0.5","cpe:2.3:a:apache:tomcat:9.0.50","cpe:2.3:a:apache:tomcat:9.0.51","cpe:2.3:a:apache:tomcat:9.0.52","cpe:2.3:a:apache:tomcat:9.0.53","cpe:2.3:a:apache:tomcat:9.0.54","cpe:2.3:a:apache:tomcat:9.0.55","cpe:2.3:a:apache:tomcat:9.0.56","cpe:2.3:a:apache:tomcat:9.0.57","cpe:2.3:a:apache:tomcat:9.0.58","cpe:2.3:a:apache:tomcat:9.0.59","cpe:2.3:a:apache:tomcat:9.0.6","cpe:2.3:a:apache:tomcat:9.0.60","cpe:2.3:a:apache:tomcat:9.0.61","cpe:2.3:a:apache:tomcat:9.0.62","cpe:2.3:a:apache:tomcat:9.0.63","cpe:2.3:a:apache:tomcat:9.0.64","cpe:2.3:a:apache:tomcat:9.0.65","cpe:2.3:a:apache:tomcat:9.0.67","cpe:2.3:a:apache:tomcat:9.0.68","cpe:2.3:a:apache:tomcat:9.0.69","cpe:2.3:a:apache:tomcat:9.0.7","cpe:2.3:a:apache:tomcat:9.0.70","cpe:2.3:a:apache:tomcat:9.0.71","cpe:2.3:a:apache:tomcat:9.0.72","cpe:2.3:a:apache:tomcat:9.0.73","cpe:2.3:a:apache:tomcat:9.0.74","cpe:2.3:a:apache:tomcat:9.0.75","cpe:2.3:a:apache:tomcat:9.0.76","cpe:2.3:a:apache:tomcat:9.0.77","cpe:2.3:a:apache:tomcat:9.0.78","cpe:2.3:a:apache:tomcat:9.0.79","cpe:2.3:a:apache:tomcat:9.0.8","cpe:2.3:a:apache:tomcat:9.0.80","cpe:2.3:a:apache:tomcat:9.0.81","cpe:2.3:a:apache:tomcat:9.0.82","cpe:2.3:a:apache:tomcat:9.0.83","cpe:2.3:a:apache:tomcat:9.0.84","cpe:2.3:a:apache:tomcat:9.0.85","cpe:2.3:a:apache:tomcat:9.0.86","cpe:2.3:a:apache:tomcat:9.0.87","cpe:2.3:a:apache:tomcat:9.0.88","cpe:2.3:a:apache:tomcat:9.0.89","cpe:2.3:a:apache:tomcat:9.0.9","cpe:2.3:a:apache:tomcat:9.0.90","cpe:2.3:a:apache:tomcat:9.0.91","cpe:2.3:a:apache:tomcat:9.0.92","cpe:2.3:a:apache:tomcat:9.0.93","cpe:2.3:a:apache:tomcat:9.0.94","cpe:2.3:a:apache:tomcat:9.0.95","cpe:2.3:a:apache:tomcat:9.0.96","cpe:2.3:a:apache:tomcat:9.0.97","cpe:2.3:a:apache:tomcat:9.0.98","cpe:2.3:h:netapp:hci_compute_node:-","cpe:2.3:o:debian:debian_linux:11.0","cpe:2.3:o:netapp:bootstrap_os:-"],"data_source":"CVEDB"}