CVE-2015-3183 (retired)

Priority
Description
The chunked transfer coding implementation in the Apache HTTP Server before
2.4.14 does not properly parse chunk headers, which allows remote attackers
to conduct HTTP request smuggling attacks via a crafted request, related to
mishandling of large chunk-size values and invalid chunk-extension
characters in modules/http/http_filters.c.
Assigned-to
mdeslaur
Notes
More Information

Updated: 2019-10-09 07:52:47 UTC (commit 33aea848a182c0afcd0a3f927a01a7ecd9a061ee)