Search for packages
| purl | pkg:apache/tomcat@5.5.11 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-7pd9-1r19-73fe
Aliases: CVE-2007-6286 GHSA-qrj4-rmqg-4hcp |
Apache Tomcat 5.5.11 through 5.5.25 and 6.0.0 through 6.0.15, when the native APR connector is used, does not properly handle an empty request to the SSL port, which allows remote attackers to trigger handling of "a duplicate copy of one of the recent requests," as demonstrated by using netcat to send the empty request. |
Affected by 3 other vulnerabilities. Affected by 4 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-01T12:38:18.856730+00:00 | Apache Tomcat Importer | Affected by | VCID-7pd9-1r19-73fe | https://tomcat.apache.org/security-5.html | 38.0.0 |