Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-7pd9-1r19-73fe
SummaryApache Tomcat 5.5.11 through 5.5.25 and 6.0.0 through 6.0.15, when the native APR connector is used, does not properly handle an empty request to the SSL port, which allows remote attackers to trigger handling of "a duplicate copy of one of the recent requests," as demonstrated by using netcat to send the empty request.
Aliases
0
alias CVE-2007-6286
1
alias GHSA-qrj4-rmqg-4hcp
Fixed_packages
0
url pkg:apache/tomcat@5.5.26
purl pkg:apache/tomcat@5.5.26
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-a9cu-fxqw-xkdg
1
vulnerability VCID-acmu-9eqb-fya5
2
vulnerability VCID-egup-27ub-6uaf
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@5.5.26
1
url pkg:apache/tomcat@6.0.16
purl pkg:apache/tomcat@6.0.16
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-a9cu-fxqw-xkdg
1
vulnerability VCID-acmu-9eqb-fya5
2
vulnerability VCID-egup-27ub-6uaf
3
vulnerability VCID-hves-r5bg-yfes
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@6.0.16
2
url pkg:ebuild/www-servers/tomcat@6.0.16
purl pkg:ebuild/www-servers/tomcat@6.0.16
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/www-servers/tomcat@6.0.16
Affected_packages
0
url pkg:apache/tomcat@5.5.11
purl pkg:apache/tomcat@5.5.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7pd9-1r19-73fe
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@5.5.11
1
url pkg:apache/tomcat@5.5.25
purl pkg:apache/tomcat@5.5.25
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7pd9-1r19-73fe
1
vulnerability VCID-88v7-kc2y-bfd7
2
vulnerability VCID-hhkg-mfp5-2kax
3
vulnerability VCID-v94p-bxm3-akfd
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@5.5.25
2
url pkg:apache/tomcat@6.0.0
purl pkg:apache/tomcat@6.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-18q4-zark-s7a7
1
vulnerability VCID-1k8f-vsg1-k3d6
2
vulnerability VCID-1qt3-ctae-sfgw
3
vulnerability VCID-241m-q6vd-kudk
4
vulnerability VCID-27q8-96un-9fbk
5
vulnerability VCID-3cr9-g81m-4ugy
6
vulnerability VCID-3n4t-bvb1-5qer
7
vulnerability VCID-3r3s-q21j-c3au
8
vulnerability VCID-4mkw-7haq-pkgn
9
vulnerability VCID-4rcx-xfn5-7kdb
10
vulnerability VCID-68fk-4g86-ekbp
11
vulnerability VCID-6epr-2hbd-skcz
12
vulnerability VCID-6p3e-4u8s-17ep
13
vulnerability VCID-7969-7a8h-zyhh
14
vulnerability VCID-7cpu-h5fr-8ffd
15
vulnerability VCID-7ej8-5f77-cybb
16
vulnerability VCID-7kjm-p97s-zuh8
17
vulnerability VCID-7pd9-1r19-73fe
18
vulnerability VCID-87p8-zvvf-y7dm
19
vulnerability VCID-88v7-kc2y-bfd7
20
vulnerability VCID-95d1-arxd-hkd1
21
vulnerability VCID-a1by-zvtm-akdc
22
vulnerability VCID-a9cu-fxqw-xkdg
23
vulnerability VCID-acmu-9eqb-fya5
24
vulnerability VCID-bung-pa58-ayfv
25
vulnerability VCID-d9ys-kxh6-nkgr
26
vulnerability VCID-dcrp-rae1-zfcm
27
vulnerability VCID-dhun-hj5q-dfch
28
vulnerability VCID-egup-27ub-6uaf
29
vulnerability VCID-f2zy-gq57-ufat
30
vulnerability VCID-fpuc-fe6m-47c6
31
vulnerability VCID-g998-xymt-fudu
32
vulnerability VCID-h9ds-trhx-m7aj
33
vulnerability VCID-hhk9-cr54-8fgc
34
vulnerability VCID-hhkg-mfp5-2kax
35
vulnerability VCID-jf7u-dvpd-b7f4
36
vulnerability VCID-kagr-74d9-kyhx
37
vulnerability VCID-kgd1-bzst-muh7
38
vulnerability VCID-kzzv-rhya-j7dd
39
vulnerability VCID-m1zd-uytj-3bej
40
vulnerability VCID-mctd-9zgv-5qgp
41
vulnerability VCID-mnf8-t3ew-4fgb
42
vulnerability VCID-mwk8-b5c9-kbb9
43
vulnerability VCID-n76n-ywja-rbhh
44
vulnerability VCID-p4dn-y54m-8fd1
45
vulnerability VCID-p6ch-pc73-b3ck
46
vulnerability VCID-peya-mr7j-vugf
47
vulnerability VCID-qdck-q54n-rkcv
48
vulnerability VCID-quwu-ep21-cyew
49
vulnerability VCID-qxkf-4ddv-j3b7
50
vulnerability VCID-r84b-7ay9-ekcm
51
vulnerability VCID-su1y-2bxh-9qe2
52
vulnerability VCID-tcbc-3kgt-muam
53
vulnerability VCID-tcju-3rvu-wkht
54
vulnerability VCID-tfn5-6ckq-wyce
55
vulnerability VCID-tfrs-d458-tfaq
56
vulnerability VCID-twh8-87va-juf9
57
vulnerability VCID-v94p-bxm3-akfd
58
vulnerability VCID-vd1s-m27a-8ucc
59
vulnerability VCID-vm4b-26sq-tfev
60
vulnerability VCID-w82a-7kk2-p3f1
61
vulnerability VCID-wsn2-pd9b-b3g8
62
vulnerability VCID-xf8r-kqxb-7qdy
63
vulnerability VCID-ygvw-69am-s7ae
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@6.0.0
3
url pkg:apache/tomcat@6.0.15
purl pkg:apache/tomcat@6.0.15
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7pd9-1r19-73fe
1
vulnerability VCID-hhkg-mfp5-2kax
2
vulnerability VCID-t9y6-suc2-2kcg
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/tomcat@6.0.15
4
url pkg:maven/org.apache.tomcat/tomcat@5.5.11
purl pkg:maven/org.apache.tomcat/tomcat@5.5.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-18j8-kwdv-dyak
1
vulnerability VCID-7pd9-1r19-73fe
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@5.5.11
5
url pkg:maven/org.apache.tomcat/tomcat@5.5.25
purl pkg:maven/org.apache.tomcat/tomcat@5.5.25
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7pd9-1r19-73fe
1
vulnerability VCID-88v7-kc2y-bfd7
2
vulnerability VCID-hhkg-mfp5-2kax
3
vulnerability VCID-v94p-bxm3-akfd
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@5.5.25
6
url pkg:maven/org.apache.tomcat/tomcat@6.0.0
purl pkg:maven/org.apache.tomcat/tomcat@6.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-12du-1vyt-bkgx
1
vulnerability VCID-18q4-zark-s7a7
2
vulnerability VCID-1k8f-vsg1-k3d6
3
vulnerability VCID-1qt3-ctae-sfgw
4
vulnerability VCID-1v6c-f56v-hqh1
5
vulnerability VCID-241m-q6vd-kudk
6
vulnerability VCID-27q8-96un-9fbk
7
vulnerability VCID-3cr9-g81m-4ugy
8
vulnerability VCID-3n4t-bvb1-5qer
9
vulnerability VCID-3r3s-q21j-c3au
10
vulnerability VCID-4mkw-7haq-pkgn
11
vulnerability VCID-4rcx-xfn5-7kdb
12
vulnerability VCID-68fk-4g86-ekbp
13
vulnerability VCID-6epr-2hbd-skcz
14
vulnerability VCID-6p3e-4u8s-17ep
15
vulnerability VCID-7969-7a8h-zyhh
16
vulnerability VCID-7cpu-h5fr-8ffd
17
vulnerability VCID-7ej8-5f77-cybb
18
vulnerability VCID-7kjm-p97s-zuh8
19
vulnerability VCID-7pd9-1r19-73fe
20
vulnerability VCID-87p8-zvvf-y7dm
21
vulnerability VCID-88v7-kc2y-bfd7
22
vulnerability VCID-8ebv-6941-jqdy
23
vulnerability VCID-95d1-arxd-hkd1
24
vulnerability VCID-a1by-zvtm-akdc
25
vulnerability VCID-a9cu-fxqw-xkdg
26
vulnerability VCID-acmu-9eqb-fya5
27
vulnerability VCID-bung-pa58-ayfv
28
vulnerability VCID-d9ys-kxh6-nkgr
29
vulnerability VCID-dcrp-rae1-zfcm
30
vulnerability VCID-dhun-hj5q-dfch
31
vulnerability VCID-egup-27ub-6uaf
32
vulnerability VCID-egye-da2v-4ybh
33
vulnerability VCID-f2zy-gq57-ufat
34
vulnerability VCID-fpuc-fe6m-47c6
35
vulnerability VCID-g7eg-s99s-xqe7
36
vulnerability VCID-g998-xymt-fudu
37
vulnerability VCID-h9ds-trhx-m7aj
38
vulnerability VCID-hhk9-cr54-8fgc
39
vulnerability VCID-hhkg-mfp5-2kax
40
vulnerability VCID-jau7-gfz8-dkfa
41
vulnerability VCID-jf7u-dvpd-b7f4
42
vulnerability VCID-jtg7-217a-qqhk
43
vulnerability VCID-kagr-74d9-kyhx
44
vulnerability VCID-kgd1-bzst-muh7
45
vulnerability VCID-kzzv-rhya-j7dd
46
vulnerability VCID-m1zd-uytj-3bej
47
vulnerability VCID-mctd-9zgv-5qgp
48
vulnerability VCID-mnf8-t3ew-4fgb
49
vulnerability VCID-mwk8-b5c9-kbb9
50
vulnerability VCID-n76n-ywja-rbhh
51
vulnerability VCID-p4dn-y54m-8fd1
52
vulnerability VCID-p6ch-pc73-b3ck
53
vulnerability VCID-peya-mr7j-vugf
54
vulnerability VCID-qdck-q54n-rkcv
55
vulnerability VCID-quwu-ep21-cyew
56
vulnerability VCID-qxkf-4ddv-j3b7
57
vulnerability VCID-r5rc-rdd9-bfbk
58
vulnerability VCID-r84b-7ay9-ekcm
59
vulnerability VCID-rrdj-ssn7-zfdj
60
vulnerability VCID-rwvj-tq6x-2ubs
61
vulnerability VCID-su1y-2bxh-9qe2
62
vulnerability VCID-t9y6-suc2-2kcg
63
vulnerability VCID-ta1m-dh8x-nubc
64
vulnerability VCID-tcbc-3kgt-muam
65
vulnerability VCID-tcju-3rvu-wkht
66
vulnerability VCID-tfn5-6ckq-wyce
67
vulnerability VCID-tfrs-d458-tfaq
68
vulnerability VCID-twh8-87va-juf9
69
vulnerability VCID-v94p-bxm3-akfd
70
vulnerability VCID-vd1s-m27a-8ucc
71
vulnerability VCID-vm4b-26sq-tfev
72
vulnerability VCID-w82a-7kk2-p3f1
73
vulnerability VCID-wsn2-pd9b-b3g8
74
vulnerability VCID-xf8r-kqxb-7qdy
75
vulnerability VCID-ygvw-69am-s7ae
76
vulnerability VCID-zbbr-wded-9ffj
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@6.0.0
7
url pkg:maven/org.apache.tomcat/tomcat@6.0.15
purl pkg:maven/org.apache.tomcat/tomcat@6.0.15
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7pd9-1r19-73fe
1
vulnerability VCID-hhkg-mfp5-2kax
2
vulnerability VCID-t9y6-suc2-2kcg
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@6.0.15
References
0
reference_url http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html
2
reference_url http://marc.info/?l=bugtraq&m=139344343412337&w=2
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://marc.info/?l=bugtraq&m=139344343412337&w=2
3
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6286.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6286.json
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2007-6286
reference_id
reference_type
scores
0
value 0.09459
scoring_system epss
scoring_elements 0.92812
published_at 2026-04-11T12:55:00Z
1
value 0.09459
scoring_system epss
scoring_elements 0.92807
published_at 2026-04-09T12:55:00Z
2
value 0.09459
scoring_system epss
scoring_elements 0.92803
published_at 2026-04-08T12:55:00Z
3
value 0.09459
scoring_system epss
scoring_elements 0.92794
published_at 2026-04-07T12:55:00Z
4
value 0.09459
scoring_system epss
scoring_elements 0.92796
published_at 2026-04-04T12:55:00Z
5
value 0.09459
scoring_system epss
scoring_elements 0.92785
published_at 2026-04-01T12:55:00Z
6
value 0.09459
scoring_system epss
scoring_elements 0.92791
published_at 2026-04-02T12:55:00Z
7
value 0.09459
scoring_system epss
scoring_elements 0.92822
published_at 2026-04-16T12:55:00Z
8
value 0.09459
scoring_system epss
scoring_elements 0.92811
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2007-6286
5
reference_url https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E
6
reference_url https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E
7
reference_url https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3Cdev.tomcat.apache.org%3E
8
reference_url http://support.apple.com/kb/HT3216
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://support.apple.com/kb/HT3216
9
reference_url https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00315.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00315.html
10
reference_url https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00460.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00460.html
11
reference_url http://tomcat.apache.org/security-5.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-5.html
12
reference_url http://tomcat.apache.org/security-6.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://tomcat.apache.org/security-6.html
13
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=432332
reference_id 432332
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=432332
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6286
reference_id CVE-2007-6286
reference_type
scores
0
value Important
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6286
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2007-6286
reference_id CVE-2007-6286
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2007-6286
16
reference_url https://github.com/advisories/GHSA-qrj4-rmqg-4hcp
reference_id GHSA-qrj4-rmqg-4hcp
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-qrj4-rmqg-4hcp
17
reference_url https://security.gentoo.org/glsa/200804-10
reference_id GLSA-200804-10
reference_type
scores
url https://security.gentoo.org/glsa/200804-10
Weaknesses
0
cwe_id 1035
name OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.
1
cwe_id 937
name OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.
2
cwe_id 200
name Exposure of Sensitive Information to an Unauthorized Actor
description The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
Exploits
Severity_range_score4.0 - 8.9
Exploitability0.5
Weighted_severity8.0
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-7pd9-1r19-73fe