CVE-2015-3183 - HTTP Request Smuggling Vulnerability in Apache HTTP Server

  • Posted August 6, 2015

  • Assessed Risk Level: Low

A flaw in Apache HTTP Server's parsing of chunked requests could allow HTTP request smuggling attacks.

Puppet Enterprise versions prior to 3.8.2 contained vulnerable versions of Apache HTTP Server. Puppet Enterprise 3.8.2 contains an updated version of Apache HTTP Server that has fixed the vulnerability.

For more information about the vulnerability, please refer to CVE-2015-3183 .


Affected Software Versions:

  • Puppet Enterprise 3.x

Resolved in:

  • Puppet Enterprise 3.8.2