CVE-2015-3183 (retired)

Priority
Description
The chunked transfer coding implementation in the Apache HTTP Server before
2.4.14 does not properly parse chunk headers, which allows remote attackers
to conduct HTTP request smuggling attacks via a crafted request, related to
mishandling of large chunk-size values and invalid chunk-extension
characters in modules/http/http_filters.c.
Assigned-to
mdeslaur
More Information

Updated: 2019-03-26 12:15:01 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)