{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-04T17:24:37.898","vulnerabilities":[{"cve":{"id":"CVE-2009-2902","sourceIdentifier":"secalert@redhat.com","published":"2010-01-28T20:30:01.323","lastModified":"2026-04-29T01:13:23.040","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to delete work-directory files via directory traversal sequences in a WAR filename, as demonstrated by the ...war filename."},{"lang":"es","value":"Vulnerabilidad de salto de directorio en Apache Tomcat desde v5.5.0 hasta v5.5.28 y desde v6.0.0 hasta v6.0.20 permite a atacantes remotos borrar ficheros del directorio de trabajo a través de secuencias de salto de directorio en un nombre de fichero WAR, como se demuestra en ..war nombre de fichero."}],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:apache:tomcat:5.5.0:*:*:*:*:*:*:*","matchCriteriaId":"EB203AEC-2A94-48CA-A0E0-B5A8EBF028B5"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:tomcat:5.5.1:*:*:*:*:*:*:*","matchCriteriaId":"6E98B82A-22E5-4E6C-90AE-56F5780EA147"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:tomcat:5.5.2:*:*:*:*:*:*:*","matchCriteriaId":"34672E90-C220-436B-9143-480941227933"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:tomcat:5.5.3:*:*:*:*:*:*:*","matchCriteriaId":"92883AFA-A02F-41A5-9977-ABEAC8AD2970"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:tomcat:5.5.4:*:*:*:*:*:*:*","matchCriteriaId":"989A78F8-EE92-465F-8A8D-ECF0B58AFE7A"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:tomcat:5.5.5:*:*:*:*:*:*:*","matchCriteriaId":"1F5B6627-B4A4-4E2D-B96C-CA37CCC8C804"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:tomcat:5.5.6:*:*:*:*:*:*:*","matchCriteriaId":"ACFB09F3-32D1-479C-8C39-D7329D9A6623"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:tomcat:5.5.7:*:*:*:*:*:*:*","matchCriteriaId":"D56581E2-9ECD-426A-96D8-A9D958900AD2"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:tomcat:5.5.8:*:*:*:*:*:*:*","matchCriteriaId":"717F6995-5AF0-484C-90C0-A82F25FD2E32"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:tomcat:5.5.9:*:*:*:*:*:*:*","matchCriteriaId":"5B0C01D5-773F-469C-9E69-170C2844AAA4"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:tomcat:5.5.10:*:*:*:*:*:*:*","matchCriteriaId":"EB03FDFB-4DBF-4B70-BFA3-570D1DE67695"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:tomcat:5.5.11:*:*:*:*:*:*:*","matchCriteriaId":"9F5CF79C-759B-4FF9-90EE-847264059E93"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:tomcat:5.5.12:*:*:*:*:*:*:*","matchCriteriaId":"357651FD-392E-4775-BF20-37A23B3ABAE4"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:tomcat:5.5.13:*:*:*:*:*:*:*","matchCriteriaId":"585B9476-6B86-4809-9B9E-26112114CB59"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:tomcat:5.5.14:*:*:*:*:*:*:*","matchCriteriaId":"6145036D-4FCE-4EBE-A137-BDFA69BA54F8"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:tomcat:5.5.15:*:*:*:*:*:*:*","matchCriteriaId":"E437055A-0A81-413F-AB08-0E9D0DC9EA30"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:tomcat:5.5.16:*:*:*:*:*:*:*","matchCriteriaId":"9276A093-9C98-4617-9941-2276995F5848"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:tomcat:5.5.17:*:*:*:*:*:*:*","matchCriteriaId":"97C9C36C-EF7E-4D42-9749-E2FF6CE35A2E"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:tomcat:5.5.18:*:*:*:*:*:*:*","matchCriteriaId":"C98575E2-E39A-4A8F-B5B5-BD280B8367BC"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:tomcat:5.5.19:*:*:*:*:*:*:*","matchCriteriaId":"5BDA08E7-A417-44E8-9C89-EB22BEEC3B9E"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:tomcat:5.5.20:*:*:*:*:*:*:*","matchCriteriaId":"DCD1B6BE-CF07-4DA8-A703-4A48506C8AD6"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:tomcat:5.5.21:*:*:*:*:*:*:*","matchCriteriaId":"5878E08E-2741-4798-94E9-BA8E07386B12"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:tomcat:5.5.22:*:*:*:*:*:*:*","matchCriteriaId":"69F6BAB7-C099-4345-A632-7287AEA555B2"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:tomcat:5.5.23:*:*:*:*:*:*:*","matchCriteriaId":"F3AAF031-D16B-4D51-9581-2D1376A5157B"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:tomcat:5.5.24:*:*:*:*:*:*:*","matchCriteriaId":"51120689-F5C0-4DF1-91AA-314C40A46C58"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:tomcat:5.5.25:*:*:*:*:*:*:*","matchCriteriaId":"F67477AB-85F6-421C-9C0B-C8EFB1B200CF"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:tomcat:5.5.26:*:*:*:*:*:*:*","matchCriteriaId":"16D0C265-2ED9-42CF-A7D6-C7FAE4246A1B"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:tomcat:5.5.27:*:*:*:*:*:*:*","matchCriteriaId":"5D70CFD9-B55D-4A29-B94C-D33F3E881A8F"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:tomcat:5.5.28:*:*:*:*:*:*:*","matchCriteriaId":"C1195878-CCC9-49BC-9AC7-1F88F0DFAB82"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:tomcat:6.0:*:*:*:*:*:*:*","matchCriteriaId":"D11D6FB7-CBDB-48C1-98CB-1B3CAA36C5D7"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:tomcat:6.0.0:*:*:*:*:*:*:*","matchCriteriaId":"49E3C039-A949-4F1B-892A-57147EECB249"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:tomcat:6.0.1:*:*:*:*:*:*:*","matchCriteriaId":"F28C7801-41B9-4552-BA1E-577967BCBBEE"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:tomcat:6.0.2:*:*:*:*:*:*:*","matchCriteriaId":"25B21085-7259-4685-9D1F-FF98E6489E10"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:tomcat:6.0.3:*:*:*:*:*:*:*","matchCriteriaId":"635EE321-2A1F-4FF8-95BE-0C26591969D9"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:tomcat:6.0.4:*:*:*:*:*:*:*","matchCriteriaId":"9A81B035-8598-4D2C-B45F-C6C9D4B10C2F"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:tomcat:6.0.5:*:*:*:*:*:*:*","matchCriteriaId":"E1096947-82A6-4EA8-A4F2-00D91E3F7DAF"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:tomcat:6.0.6:*:*:*:*:*:*:*","matchCriteriaId":"0EBFA1D3-16A6-4041-BB30-51D2EE0F2AF4"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:tomcat:6.0.7:*:*:*:*:*:*:*","matchCriteriaId":"B70B372F-EFFD-4AF7-99B5-7D1B23A0C54C"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:tomcat:6.0.8:*:*:*:*:*:*:*","matchCriteriaId":"9C95ADA4-66F5-45C4-A677-ACE22367A75A"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:tomcat:6.0.9:*:*:*:*:*:*:*","matchCriteriaId":"11951A10-39A2-4FF5-8C43-DF94730FB794"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:tomcat:6.0.10:*:*:*:*:*:*:*","matchCriteriaId":"351E5BCF-A56B-4D91-BA3C-21A4B77D529A"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:tomcat:6.0.11:*:*:*:*:*:*:*","matchCriteriaId":"2DC2BBB4-171E-4EFF-A575-A5B7FF031755"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:tomcat:6.0.12:*:*:*:*:*:*:*","matchCriteriaId":"6B6B0504-27C1-4824-A928-A878CBBAB32D"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:tomcat:6.0.13:*:*:*:*:*:*:*","matchCriteriaId":"CE81AD36-ACD1-4C6C-8E7C-5326D1DA3045"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:tomcat:6.0.14:*:*:*:*:*:*:*","matchCriteriaId":"D903956B-14F5-4177-AF12-0A5F1846D3C4"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:tomcat:6.0.15:*:*:*:*:*:*:*","matchCriteriaId":"81F847DC-A2F5-456C-9038-16A0E85F4C3B"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:tomcat:6.0.16:*:*:*:*:*:*:*","matchCriteriaId":"AF3EBD00-1E1E-452D-AFFB-08A6BD111DDD"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:tomcat:6.0.17:*:*:*:*:*:*:*","matchCriteriaId":"C6B93A3A-D487-4CA1-8257-26F8FE287B8B"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:tomcat:6.0.18:*:*:*:*:*:*:*","matchCriteriaId":"BD8802B2-57E0-4AA6-BC8E-00DE60468569"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:tomcat:6.0.19:*:*:*:*:*:*:*","matchCriteriaId":"8461DF95-18DC-4BF5-A703-7F19DA88DC30"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:tomcat:6.0.20:*:*:*:*:*:*:*","matchCriteriaId":"1F4C9BCF-9C73-4991-B02F-E08C5DA06EBA"}]}]}],"references":[{"url":"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02241113","source":"secalert@redhat.com"},{"url":"http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html","source":"secalert@redhat.com"},{"url":"http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html","source":"secalert@redhat.com"},{"url":"http://lists.opensuse.org/opensuse-updates/2012-12/msg00089.html","source":"secalert@redhat.com"},{"url":"http://lists.opensuse.org/opensuse-updates/2012-12/msg00090.html","source":"secalert@redhat.com"},{"url":"http://lists.opensuse.org/opensuse-updates/2013-01/msg00037.html","source":"secalert@redhat.com"},{"url":"http://marc.info/?l=bugtraq&m=127420533226623&w=2","source":"secalert@redhat.com"},{"url":"http://marc.info/?l=bugtraq&m=133469267822771&w=2","source":"secalert@redhat.com"},{"url":"http://marc.info/?l=bugtraq&m=136485229118404&w=2","source":"secalert@redhat.com"},{"url":"http://marc.info/?l=bugtraq&m=139344343412337&w=2","source":"secalert@redhat.com"},{"url":"http://secunia.com/advisories/38316","source":"secalert@redhat.com","tags":["Vendor Advisory"]},{"url":"http://secunia.com/advisories/38346","source":"secalert@redhat.com"},{"url":"http://secunia.com/advisories/38541","source":"secalert@redhat.com"},{"url":"http://secunia.com/advisories/38687","source":"secalert@redhat.com"},{"url":"http://secunia.com/advisories/39317","source":"secalert@redhat.com"},{"url":"http://secunia.com/advisories/40330","source":"secalert@redhat.com"},{"url":"http://secunia.com/advisories/40813","source":"secalert@redhat.com"},{"url":"http://secunia.com/advisories/43310","source":"secalert@redhat.com"},{"url":"http://secunia.com/advisories/57126","source":"secalert@redhat.com"},{"url":"http://securitytracker.com/id?1023504","source":"secalert@redhat.com"},{"url":"http://support.apple.com/kb/HT4077","source":"secalert@redhat.com"},{"url":"http://svn.apache.org/viewvc?rev=892815&view=rev","source":"secalert@redhat.com"},{"url":"http://svn.apache.org/viewvc?rev=902650&view=rev","source":"secalert@redhat.com"},{"url":"http://tomcat.apache.org/security-5.html","source":"secalert@redhat.com"},{"url":"http://tomcat.apache.org/security-6.html","source":"secalert@redhat.com"},{"url":"http://ubuntu.com/usn/usn-899-1","source":"secalert@redhat.com"},{"url":"http://www.debian.org/security/2011/dsa-2207","source":"secalert@redhat.com"},{"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2010:176","source":"secalert@redhat.com"},{"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2010:177","source":"secalert@redhat.com"},{"url":"http://www.redhat.com/support/errata/RHSA-2010-0119.html","source":"secalert@redhat.com"},{"url":"http://www.redhat.com/support/errata/RHSA-2010-0580.html","source":"secalert@redhat.com"},{"url":"http://www.redhat.com/support/errata/RHSA-2010-0582.html","source":"secalert@redhat.com"},{"url":"http://www.securityfocus.com/archive/1/509150/100/0/threaded","source":"secalert@redhat.com"},{"url":"http://www.securityfocus.com/archive/1/516397/100/0/threaded","source":"secalert@redhat.com"},{"url":"http://www.securityfocus.com/bid/37945","source":"secalert@redhat.com"},{"url":"http://www.vmware.com/security/advisories/VMSA-2011-0003.html","source":"secalert@redhat.com"},{"url":"http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html","source":"secalert@redhat.com"},{"url":"http://www.vupen.com/english/advisories/2010/0213","source":"secalert@redhat.com"},{"url":"http://www.vupen.com/english/advisories/2010/1559","source":"secalert@redhat.com"},{"url":"http://www.vupen.com/english/advisories/2010/1986","source":"secalert@redhat.com"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/55857","source":"secalert@redhat.com"},{"url":"https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E","source":"secalert@redhat.com"},{"url":"https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E","source":"secalert@redhat.com"},{"url":"https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E","source":"secalert@redhat.com"},{"url":"https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E","source":"secalert@redhat.com"},{"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19431","source":"secalert@redhat.com"},{"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7092","source":"secalert@redhat.com"},{"url":"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02241113","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://lists.opensuse.org/opensuse-updates/2012-12/msg00089.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://lists.opensuse.org/opensuse-updates/2012-12/msg00090.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://lists.opensuse.org/opensuse-updates/2013-01/msg00037.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://marc.info/?l=bugtraq&m=127420533226623&w=2","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://marc.info/?l=bugtraq&m=133469267822771&w=2","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://marc.info/?l=bugtraq&m=136485229118404&w=2","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://marc.info/?l=bugtraq&m=139344343412337&w=2","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://secunia.com/advisories/38316","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"http://secunia.com/advisories/38346","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://secunia.com/advisories/38541","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://secunia.com/advisories/38687","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://secunia.com/advisories/39317","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://secunia.com/advisories/40330","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://secunia.com/advisories/40813","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://secunia.com/advisories/43310","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://secunia.com/advisories/57126","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://securitytracker.com/id?1023504","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://support.apple.com/kb/HT4077","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://svn.apache.org/viewvc?rev=892815&view=rev","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://svn.apache.org/viewvc?rev=902650&view=rev","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://tomcat.apache.org/security-5.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://tomcat.apache.org/security-6.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://ubuntu.com/usn/usn-899-1","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.debian.org/security/2011/dsa-2207","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2010:176","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2010:177","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.redhat.com/support/errata/RHSA-2010-0119.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.redhat.com/support/errata/RHSA-2010-0580.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.redhat.com/support/errata/RHSA-2010-0582.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.securityfocus.com/archive/1/509150/100/0/threaded","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.securityfocus.com/archive/1/516397/100/0/threaded","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.securityfocus.com/bid/37945","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.vmware.com/security/advisories/VMSA-2011-0003.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.vupen.com/english/advisories/2010/0213","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.vupen.com/english/advisories/2010/1559","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.vupen.com/english/advisories/2010/1986","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/55857","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19431","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7092","source":"af854a3a-2127-422b-91ae-364da2661108"}],"vendorComments":[{"organization":"Red Hat","comment":"Red Hat is aware of this issue and is tracking it via the following bug: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2009-2902\n\nThe Red Hat Security Response Team has rated this issue as having low security impact, a future update may address this flaw. More information regarding issue severity can be found here: http://www.redhat.com/security/updates/classification/\n\nThis issue has been addressed in JBoss Enterprise Web Server 1.0.1: https://rhn.redhat.com/errata/RHSA-2010-0119.html","lastModified":"2010-03-02T00:00:00"}]}}]}