Overview

CVE-2015-3183 - HTTP Request Smuggling Vulnerability in Apache HTTP Server

Posted August 6, 2015
Assessed Risk Level: Low

A flaw in Apache HTTP Server's parsing of chunked requests could allow HTTP request smuggling attacks.

Puppet Enterprise versions prior to 3.8.2 contained vulnerable versions of Apache HTTP Server. Puppet Enterprise 3.8.2 contains an updated version of Apache HTTP Server that has fixed the vulnerability.

For more information about the vulnerability, please refer to CVE-2015-3183 .

Status:

Affected Software Versions:

Puppet Enterprise 3.x

Resolved in:

Puppet Enterprise 3.8.2

Overview

CVE-2015-3183 - HTTP Request Smuggling Vulnerability in Apache HTTP Server

Posted August 6, 2015

Assessed Risk Level: Low

Status: