Unrated severityNVD Advisory· Published Jul 20, 2015· Updated May 6, 2026
CVE-2015-3183
CVE-2015-3183
Description
The chunked transfer coding implementation in the Apache HTTP Server before 2.4.14 does not properly parse chunk headers, which allows remote attackers to conduct HTTP request smuggling attacks via a crafted request, related to mishandling of large chunk-size values and invalid chunk-extension characters in modules/http/http_filters.c.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
53- www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.htmlnvdPatch
- www.oracle.com/technetwork/topics/security/cpujan2016-2367955.htmlnvdPatchThird Party Advisory
- httpd.apache.org/security/vulnerabilities_24.htmlnvdVendor Advisory
- kb.juniper.net/InfoCenter/indexnvdThird Party Advisory
- lists.opensuse.org/opensuse-updates/2015-10/msg00011.htmlnvdThird Party Advisory
- marc.infonvdMailing ListThird Party AdvisoryVDB Entry
- rhn.redhat.com/errata/RHSA-2015-1666.htmlnvdThird Party Advisory
- rhn.redhat.com/errata/RHSA-2015-1667.htmlnvdThird Party Advisory
- rhn.redhat.com/errata/RHSA-2015-1668.htmlnvdThird Party Advisory
- rhn.redhat.com/errata/RHSA-2015-2661.htmlnvdThird Party Advisory
- rhn.redhat.com/errata/RHSA-2016-0061.htmlnvdThird Party Advisory
- rhn.redhat.com/errata/RHSA-2016-0062.htmlnvdThird Party Advisory
- rhn.redhat.com/errata/RHSA-2016-2054.htmlnvdThird Party Advisory
- rhn.redhat.com/errata/RHSA-2016-2055.htmlnvdThird Party Advisory
- rhn.redhat.com/errata/RHSA-2016-2056.htmlnvdThird Party Advisory
- www.apache.org/dist/httpd/CHANGES_2.4nvdVendor Advisory
- www.debian.org/security/2015/dsa-3325nvdThird Party Advisory
- www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.htmlnvdMailing ListThird Party Advisory
- www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.htmlnvdThird Party AdvisoryVDB Entry
- www.securityfocus.com/bid/75963nvdThird Party AdvisoryVDB Entry
- www.securityfocus.com/bid/91787nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/id/1032967nvdThird Party AdvisoryVDB Entry
- www.ubuntu.com/usn/USN-2686-1nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2015:2659nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2015:2660nvdThird Party Advisory
- github.com/apache/httpd/commit/a6027e56924bb6227c1fdbf6f91e7e2438338be6nvdThird Party Advisory
- github.com/apache/httpd/commit/e427c41257957b57036d5a549b260b6185d1dd73nvdThird Party Advisory
- h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplaynvdThird Party Advisory
- h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplaynvdThird Party AdvisoryVDB Entry
- lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3EnvdThird Party Advisory
- lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3EnvdThird Party Advisory
- lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3EnvdThird Party Advisory
- lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3EnvdThird Party Advisory
- lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3EnvdThird Party Advisory
- lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3EnvdThird Party Advisory
- lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3EnvdThird Party Advisory
- lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3EnvdThird Party Advisory
- lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3EnvdThird Party Advisory
- lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3EnvdThird Party Advisory
- lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b%40%3Ccvs.httpd.apache.org%3EnvdThird Party Advisory
- lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3EnvdThird Party Advisory
- lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3EnvdThird Party Advisory
- lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3EnvdThird Party Advisory
- lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3EnvdThird Party Advisory
- lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3EnvdThird Party Advisory
- lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3EnvdThird Party Advisory
- lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3EnvdThird Party Advisory
- puppet.com/security/cve/CVE-2015-3183nvdThird Party Advisory
- security.gentoo.org/glsa/201610-02nvdThird Party Advisory
- support.apple.com/HT205219nvdThird Party AdvisoryVDB Entry
- support.apple.com/kb/HT205031nvdThird Party AdvisoryVDB Entry
- lists.apple.com/archives/security-announce/2015/Aug/msg00001.htmlnvdMailing List
- lists.apple.com/archives/security-announce/2015/Sep/msg00004.htmlnvdMailing List
News mentions
0No linked articles in our index yet.