Description
Apache Tomcat 5.5.11 through 5.5.25 and 6.0.0 through 6.0.15, when the native APR connector is used, does not properly handle an empty request to the SSL port, which allows remote attackers to trigger handling of "a duplicate copy of one of the recent requests," as demonstrated by using netcat to send the empty request.
Remediation
References
Related Vulnerabilities
WordPress Plugin Elementor Website Builder Cross-Site Scripting (3.5.5)
WordPress Plugin SAML SP Single Sign On-SSO login Unspecified Vulnerability (4.8.75)
Oracle Database Server CVE-2024-21251 Vulnerability (CVE-2024-21251)
WordPress Plugin MiwoFTP-File & Folder Manager Arbitrary File Download (1.0.5)