CVE-2015-3183

Priority
Description
The chunked transfer coding implementation in the Apache HTTP Server before
2.4.14 does not properly parse chunk headers, which allows remote attackers
to conduct HTTP request smuggling attacks via a crafted request, related to
mishandling of large chunk-size values and invalid chunk-extension
characters in modules/http/http_filters.c.
Assigned-to
mdeslaur
Notes
More Information

Updated: 2020-09-10 04:42:01 UTC (commit 81a23a978c4436cd99e1d040e9e73e9146876281)