DEBIAN-CVE-2015-3183
Advisory lineage Upstream: 1 Downstream: 2
Upstream
Downstream
Published: 20 Jul 2015, 23:59
Last modified:28 Apr 2026, 20:14
Vulnerability Summary
Overall Risk (default)
minimal
0/100 CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
20 Jul 2015, 23:59
Published
Vulnerability first disclosed
28 Apr 2026, 20:14
Last Modified
Vulnerability information updated
Description
The chunked transfer coding implementation in the Apache HTTP Server before 2.4.14 does not properly parse chunk headers, which allows remote attackers to conduct HTTP request smuggling attacks via a crafted request, related to mishandling of large chunk-size values and invalid chunk-extension characters in modules/http/http_filters.c.
Affected Systems
- debian•apache2
< 2.4.16-1 | < 2.4.16-1 | < 2.4.16-1 | < 2.4.16-1