Search for packages
| purl | pkg:maven/org.apache.tomcat/tomcat@5.5.11 |
| Tags | Ghost |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-18j8-kwdv-dyak
Aliases: CVE-2005-3510 GHSA-8f4w-jwqv-5cxc |
Apache Tomcat 5.5.0 to 5.5.11 allows remote attackers to cause a denial of service (CPU consumption) via a large number of simultaneous requests to list a web directory that has a large number of files. |
Affected by 2 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-7pd9-1r19-73fe
Aliases: CVE-2007-6286 GHSA-qrj4-rmqg-4hcp |
Apache Tomcat 5.5.11 through 5.5.25 and 6.0.0 through 6.0.15, when the native APR connector is used, does not properly handle an empty request to the SSL port, which allows remote attackers to trigger handling of "a duplicate copy of one of the recent requests," as demonstrated by using netcat to send the empty request. |
Affected by 4 other vulnerabilities. Affected by 6 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-01T16:00:32.380813+00:00 | GHSA Importer | Affected by | VCID-7pd9-1r19-73fe | https://github.com/advisories/GHSA-qrj4-rmqg-4hcp | 38.0.0 |
| 2026-04-01T16:00:27.095781+00:00 | GHSA Importer | Affected by | VCID-18j8-kwdv-dyak | https://github.com/advisories/GHSA-8f4w-jwqv-5cxc | 38.0.0 |
| 2026-04-01T12:49:57.436623+00:00 | GitLab Importer | Affected by | VCID-7pd9-1r19-73fe | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat/CVE-2007-6286.yml | 38.0.0 |
| 2026-04-01T12:38:18.867521+00:00 | Apache Tomcat Importer | Affected by | VCID-7pd9-1r19-73fe | https://tomcat.apache.org/security-5.html | 38.0.0 |