CVE-2015-3183 - HTTP Request Smuggling Vulnerability in Apache HTTP Server
Posted August 6, 2015
Assessed Risk Level: Low
A flaw in Apache HTTP Server's parsing of chunked requests could allow HTTP request smuggling attacks.
Puppet Enterprise versions prior to 3.8.2 contained vulnerable versions of Apache HTTP Server. Puppet Enterprise 3.8.2 contains an updated version of Apache HTTP Server that has fixed the vulnerability.
For more information about the vulnerability, please refer to CVE-2015-3183 .
Affected Software Versions:
- Puppet Enterprise 3.x
- Puppet Enterprise 3.8.2