GHSA-jpqr-vh55-xqxf

Suggest an improvement
Source
https://github.com/advisories/GHSA-jpqr-vh55-xqxf
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-jpqr-vh55-xqxf/GHSA-jpqr-vh55-xqxf.json
JSON Data
https://api.osv.dev/v1/vulns/GHSA-jpqr-vh55-xqxf
Aliases
  • CVE-2006-7197
Published
2022-05-01T07:45:38Z
Modified
2025-04-09T15:16:43Z
Summary
Apache Tomcat Buffer Over-Read
Details

The AJP connector in Apache Tomcat 5.5.15 uses an incorrect length for chunks, which can cause a buffer over-read in the ajp_process_callback in mod_jk, which allows remote attackers to read portions of sensitive memory.

Database specific 
{
    "nvd_published_at": "2007-04-25T20:19:00Z",
    "severity": "HIGH",
    "github_reviewed_at": "2024-02-12T16:45:52Z",
    "github_reviewed": true,
    "cwe_ids": [
        "CWE-126"
    ]
}
References

Affected packages

Maven / org.apache.tomcat:tomcat

Package

Name
org.apache.tomcat:tomcat
View open source insights on deps.dev
Purl
pkg:maven/org.apache.tomcat/tomcat

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Last affected
5.5.15