VYPR
Low severityNVD Advisory· Published Oct 6, 2005· Updated Jun 16, 2026

CVE-2005-3164

CVE-2005-3164

Description

The AJP connector in Apache Tomcat 4.0.1 through 4.0.6 and 4.1.0 through 4.1.36, as used in Hitachi Cosminexus Application Server and standalone, does not properly handle when a connection is broken before request body data is sent in a POST request, which can lead to an information leak when "unsuitable request body data" is used for a different request, possibly related to Java Servlet pages.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
org.apache.tomcat:tomcatMaven
>= 4.0.1, <= 4.0.6
org.apache.tomcat:tomcatMaven
>= 4.1.0, <= 4.1.36

Affected products

6
  • cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*
    Range: >=4.0.1,<=4.0.6
  • cpe:2.3:a:hitachi:cosminexus_application_server:05_00_05_05_e:*:*:*:*:*:*:*+ 3 more
    • cpe:2.3:a:hitachi:cosminexus_application_server:05_00_05_05_e:*:*:*:*:*:*:*
    • cpe:2.3:a:hitachi:cosminexus_application_server:05_00_05_05_f:*:*:*:*:*:*:*
    • cpe:2.3:a:hitachi:cosminexus_application_server:05_00_05_05_h:*:*:*:*:*:*:*
    • cpe:2.3:a:hitachi:cosminexus_application_server:05_00_05_05_k:*:*:*:*:*:*:*
  • ghsa-coords
    Range: >= 4.0.1, <= 4.0.6

Patches

Vulnerability mechanics

References

23

News mentions

0

No linked articles in our index yet.