VulnerableCode Package Details - pkg:maven/org.apache.tomcat/tomcat@6.0.27

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:maven/org.apache.tomcat/tomcat@6.0.27

Essentials
History (1)

purl	pkg:maven/org.apache.tomcat/tomcat@6.0.27
Tags	Ghost

Next non-vulnerable version	9.0.117
Latest non-vulnerable version	11.0.21
Risk	10.0

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-f2zy-gq57-ufat Aliases: CVE-2010-2227 GHSA-cxg2-49rq-8gcr	Apache Tomcat 5.5.0 through 5.5.29, 6.0.0 through 6.0.27, and 7.0.0 beta does not properly handle an invalid Transfer-Encoding header, which allows remote attackers to cause a denial of service (application outage) or obtain sensitive information via a crafted header that interferes with "recycling of a buffer."	6.0.28 Affected by 0 other vulnerabilities. 7.0.2 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-f2zy-gq57-ufat
Aliases:
CVE-2010-2227
GHSA-cxg2-49rq-8gcr

Apache Tomcat 5.5.0 through 5.5.29, 6.0.0 through 6.0.27, and 7.0.0 beta does not properly handle an invalid Transfer-Encoding header, which allows remote attackers to cause a denial of service (application outage) or obtain sensitive information via a crafted header that interferes with "recycling of a buffer."

6.0.28
Affected by 0 other vulnerabilities.

7.0.2
Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-01T12:38:17.261625+00:00	Apache Tomcat Importer	Affected by	VCID-f2zy-gq57-ufat	https://tomcat.apache.org/security-6.html	38.0.0