Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:apache/tomcat@5.5.11
Typeapache
Namespace
Nametomcat
Version5.5.11
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version5.5.13
Latest_non_vulnerable_version11.0.21
Affected_by_vulnerabilities
0
url VCID-7pd9-1r19-73fe
vulnerability_id VCID-7pd9-1r19-73fe
summary Apache Tomcat 5.5.11 through 5.5.25 and 6.0.0 through 6.0.15, when the native APR connector is used, does not properly handle an empty request to the SSL port, which allows remote attackers to trigger handling of "a duplicate copy of one of the recent requests," as demonstrated by using netcat to send the empty request.
references
0
reference_url http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html
2
reference_url http://marc.info/?l=bugtraq&m=139344343412337&w=2
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://marc.info/?l=bugtraq&m=139344343412337&w=2
3
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6286.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6286.json
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2007-6286
reference_id
reference_type
scores
0
value 0.09459
scoring_system epss
scoring_elements 0.92822
published_at 2026-04-16T12:55:00Z
1
value 0.09459
scoring_system epss
scoring_elements 0.92811
published_at 2026-04-13T12:55:00Z
2
value 0.09459
scoring_system epss
scoring_elements 0.92812
published_at 2026-04-11T12:55:00Z
3
value 0.09459
scoring_system epss
scoring_elements 0.92807
published_at 2026-04-09T12:55:00Z
4
value 0.09459
scoring_system epss
scoring_elements 0.92803
published_at 2026-04-08T12:55:00Z
5
value 0.09459
scoring_system epss
scoring_elements 0.92794
published_at 2026-04-07T12:55:00Z
6
value 0.09459
scoring_system epss
scoring_elements 0.92796
published_at 2026-04-04T12:55:00Z
7
value 0.09459
scoring_system epss
scoring_elements 0.92785
published_at 2026-04-01T12:55:00Z
8
value 0.09459
scoring_system epss
scoring_elements 0.92791
published_at 2026-04-02T12:55:00Z
9
value 0.09459
scoring_system epss
scoring_elements 0.92827
published_at 2026-04-21T12:55:00Z
10
value 0.09459
scoring_system epss
scoring_elements 0.92823
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2007-6286
5
reference_url https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E
6
reference_url https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E
7
reference_url https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3Cdev.tomcat.apache.org%3E
8
reference_url http://support.apple.com/kb/HT3216
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://support.apple.com/kb/HT3216
9
reference_url https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00315.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00315.html
10
reference_url https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00460.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00460.html
11
reference_url http://tomcat.apache.org/security-5.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-5.html
12
reference_url http://tomcat.apache.org/security-6.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-6.html
13
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=432332
reference_id 432332
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=432332
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6286
reference_id CVE-2007-6286
reference_type
scores
0
value Important
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6286
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2007-6286
reference_id CVE-2007-6286
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2007-6286
16
reference_url https://github.com/advisories/GHSA-qrj4-rmqg-4hcp
reference_id GHSA-qrj4-rmqg-4hcp
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-qrj4-rmqg-4hcp
17
reference_url https://security.gentoo.org/glsa/200804-10
reference_id GLSA-200804-10
reference_type
scores
url https://security.gentoo.org/glsa/200804-10
fixed_packages
0
url pkg:apache/tomcat@5.5.26
purl pkg:apache/tomcat@5.5.26
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-a9cu-fxqw-xkdg
1
vulnerability VCID-acmu-9eqb-fya5
2
vulnerability VCID-egup-27ub-6uaf
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@5.5.26
1
url pkg:apache/tomcat@6.0.16
purl pkg:apache/tomcat@6.0.16
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-a9cu-fxqw-xkdg
1
vulnerability VCID-acmu-9eqb-fya5
2
vulnerability VCID-egup-27ub-6uaf
3
vulnerability VCID-hves-r5bg-yfes
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@6.0.16
aliases CVE-2007-6286, GHSA-qrj4-rmqg-4hcp
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7pd9-1r19-73fe
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:apache/tomcat@5.5.11