VulnerableCode Package Details - pkg:apache/tomcat@5.5.1

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:apache/tomcat@5.5.1

Essentials
History (1)

purl	pkg:apache/tomcat@5.5.1

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (1)

Vulnerability	Summary	Aliases
VCID-fvvt-kufu-k3a6	Apache Tomcat 5.5.0 and 4.1.0 through 4.1.31 allows remote attackers to bypass an IP address restriction and obtain sensitive information via a request that is processed concurrently with another request but in a different thread, leading to an instance-variable overwrite associated with a "synchronization problem" and lack of thread safety, and related to RemoteFilterValve, RemoteAddrValve, and RemoteHostValve.	CVE-2008-3271

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-01T12:38:19.504159+00:00	Apache Tomcat Importer	Fixing	VCID-fvvt-kufu-k3a6	https://tomcat.apache.org/security-5.html	38.0.0