Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:maven/org.apache.tomcat/tomcat@5.5.16
purl pkg:maven/org.apache.tomcat/tomcat@5.5.16
Tags Ghost
Next non-vulnerable version 9.0.117
Latest non-vulnerable version 11.0.21
Risk 4.0
Vulnerabilities affecting this package (1)
Vulnerability Summary Fixed by
VCID-86ur-vudp-4yc2
Aliases:
CVE-2007-1858
The default SSL cipher configuration in Apache Tomcat 4.1.28 through 4.1.31, 5.0.0 through 5.0.30, and 5.5.0 through 5.5.17 uses certain insecure ciphers, including the anonymous cipher, which allows remote attackers to obtain sensitive information or have other, unspecified impacts.
5.5.17,
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-01T16:00:28.706307+00:00 GHSA Importer Fixing VCID-bhq7-d545-27bj https://github.com/advisories/GHSA-pm78-wxxf-fw98 38.0.0
2026-04-01T13:08:50.370941+00:00 GithubOSV Importer Fixing VCID-bhq7-d545-27bj https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-pm78-wxxf-fw98/GHSA-pm78-wxxf-fw98.json 38.0.0
2026-04-01T12:49:57.325250+00:00 GitLab Importer Fixing VCID-bhq7-d545-27bj https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat/CVE-2006-7196.yml 38.0.0
2026-04-01T12:38:19.323971+00:00 Apache Tomcat Importer Affected by VCID-86ur-vudp-4yc2 https://tomcat.apache.org/security-5.html 38.0.0