Количество 31
Количество 31
CVE-2015-3183
The chunked transfer coding implementation in the Apache HTTP Server before 2.4.14 does not properly parse chunk headers, which allows remote attackers to conduct HTTP request smuggling attacks via a crafted request, related to mishandling of large chunk-size values and invalid chunk-extension characters in modules/http/http_filters.c.
CVE-2015-3183
The chunked transfer coding implementation in the Apache HTTP Server before 2.4.14 does not properly parse chunk headers, which allows remote attackers to conduct HTTP request smuggling attacks via a crafted request, related to mishandling of large chunk-size values and invalid chunk-extension characters in modules/http/http_filters.c.
CVE-2015-3183
The chunked transfer coding implementation in the Apache HTTP Server before 2.4.14 does not properly parse chunk headers, which allows remote attackers to conduct HTTP request smuggling attacks via a crafted request, related to mishandling of large chunk-size values and invalid chunk-extension characters in modules/http/http_filters.c.
CVE-2015-3183
The chunked transfer coding implementation in the Apache HTTP Server b ...
GHSA-4g3x-jprw-h46m
The read_request_line function in server/protocol.c in the Apache HTTP Server 2.4.12 does not initialize the protocol structure member, which allows remote attackers to cause a denial of service (NULL pointer dereference and process crash) by sending a request that lacks a method to an installation that enables the INCLUDES filter and has an ErrorDocument 400 directive specifying a local URI.
BDU:2015-10927
Уязвимость веб-сервера Apache HTTP Server, позволяющая нарушителю вызвать отказ в обслуживании
SUSE-SU-2015:1885-2
Security update for apache2
SUSE-SU-2015:1885-1
Security update for apache2
GHSA-892q-vvcr-v6j5
The chunked transfer coding implementation in the Apache HTTP Server before 2.4.14 does not properly parse chunk headers, which allows remote attackers to conduct HTTP request smuggling attacks via a crafted request, related to mishandling of large chunk-size values and invalid chunk-extension characters in modules/http/http_filters.c.
ELSA-2015-1668
ELSA-2015-1668: httpd security update (MODERATE)
BDU:2015-10928
Уязвимость веб-сервера Apache HTTP Server, позволяющая нарушителю передавать скрытые http-запросы
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2015-3183 The chunked transfer coding implementation in the Apache HTTP Server before 2.4.14 does not properly parse chunk headers, which allows remote attackers to conduct HTTP request smuggling attacks via a crafted request, related to mishandling of large chunk-size values and invalid chunk-extension characters in modules/http/http_filters.c. | CVSS2: 5 | 39% Средний | около 10 лет назад |
 | CVE-2015-3183 The chunked transfer coding implementation in the Apache HTTP Server before 2.4.14 does not properly parse chunk headers, which allows remote attackers to conduct HTTP request smuggling attacks via a crafted request, related to mishandling of large chunk-size values and invalid chunk-extension characters in modules/http/http_filters.c. | CVSS3: 3.7 | 39% Средний | около 10 лет назад |
 | CVE-2015-3183 The chunked transfer coding implementation in the Apache HTTP Server before 2.4.14 does not properly parse chunk headers, which allows remote attackers to conduct HTTP request smuggling attacks via a crafted request, related to mishandling of large chunk-size values and invalid chunk-extension characters in modules/http/http_filters.c. | CVSS2: 5 | 39% Средний | около 10 лет назад |
| CVE-2015-3183 The chunked transfer coding implementation in the Apache HTTP Server b ... | CVSS2: 5 | 39% Средний | около 10 лет назад |
| GHSA-4g3x-jprw-h46m The read_request_line function in server/protocol.c in the Apache HTTP Server 2.4.12 does not initialize the protocol structure member, which allows remote attackers to cause a denial of service (NULL pointer dereference and process crash) by sending a request that lacks a method to an installation that enables the INCLUDES filter and has an ErrorDocument 400 directive specifying a local URI. | 7% Низкий | больше 3 лет назад | |
 | BDU:2015-10927 Уязвимость веб-сервера Apache HTTP Server, позволяющая нарушителю вызвать отказ в обслуживании | CVSS2: 5 | 7% Низкий | около 10 лет назад |
 | SUSE-SU-2015:1885-2 Security update for apache2 | 39% Средний | почти 10 лет назад | |
| SUSE-SU-2015:1885-1 Security update for apache2 | 39% Средний | почти 10 лет назад | |
| GHSA-892q-vvcr-v6j5 The chunked transfer coding implementation in the Apache HTTP Server before 2.4.14 does not properly parse chunk headers, which allows remote attackers to conduct HTTP request smuggling attacks via a crafted request, related to mishandling of large chunk-size values and invalid chunk-extension characters in modules/http/http_filters.c. | 39% Средний | больше 3 лет назад | |
| ELSA-2015-1668 ELSA-2015-1668: httpd security update (MODERATE) | около 10 лет назад | ||
| BDU:2015-10928 Уязвимость веб-сервера Apache HTTP Server, позволяющая нарушителю передавать скрытые http-запросы | CVSS2: 5 | 39% Средний | около 10 лет назад |
Уязвимостей на страницу