Lucene search
K

8 matches found

OSV
OSV
added 2022/05/14 1:10 a.m.1 views

GHSA-475F-74WP-PQV5 Integer Overflow or Wraparound in Apache Tomcat

Integer overflow in the parseChunkHeader function in java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4 allows remote attackers to cause a denial of service resource consumption via a malformed chunk size in chunke...

5CVSS6.9AI score0.2006EPSS
Exploits1References60
OpenVAS
OpenVAS
added 2015/10/06 12:0 a.m.31 views

Oracle: Security Advisory (ELSA-2015-1668)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS6.5AI score0.73327EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2015/08/25 12:0 a.m.40 views

Oracle Linux 7 : httpd (ELSA-2015-1667)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2015-1667 advisory. - core: fix chunk header parsing defect CVE-2015-3183 Tenable has extracted the preceding description block directly from the Oracle Linux security...

5CVSS6.5AI score0.73327EPSS
Exploits0References3
Oracle linux
Oracle linux
added 2015/08/24 12:0 a.m.50 views

httpd security update

2.4.6-31.0.1.el71.1 - replace index.html with Oracle's index page oracleindex.html 2.4.6-31.1 - core: fix chunk header parsing defect CVE-2015-3183 - core: replace of apsomeauthrequired with apsomeauthnrequired and apforceauthn hook CVE-2015-3185...

5CVSS0.9AI score0.73327EPSS
Exploits0
Oracle linux
Oracle linux
added 2015/08/24 12:0 a.m.57 views

httpd security update

2.2.15-47.0.1 - replace index.html with Oracle's index page oracleindex.html - update vstring in specfile 2.2.15-47 - fix regressions caused by fix for CVE-2015-3183 2.2.15-46 - core: fix chunk header parsing defect CVE-2015-3183...

5CVSS0.7AI score0.73327EPSS
Exploits0
OSV
OSV
added 2015/07/20 12:0 a.m.3 views

UBUNTU-CVE-2015-3183

The chunked transfer coding implementation in the Apache HTTP Server before 2.4.14 does not properly parse chunk headers, which allows remote attackers to conduct HTTP request smuggling attacks via a crafted request, related to mishandling of large chunk-size values and invalid chunk-extension...

5CVSS6.3AI score0.73327EPSS
Exploits0References5
FreeBSD
FreeBSD
added 2015/06/24 12:0 a.m.39 views

apache22 -- chunk header parsing defect

Apache Foundation reports: CVE-2015-3183 core: Fix chunk header parsing defect. Remove aprbrigadeflatten, buffering and duplicated code from the HTTPIN filter, parse chunks in a single pass with zero copy. Limit accepted chunk-size to 2^63-1 and be strict about chunk-ext authorized characters...

5CVSS6.7AI score0.73327EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2015/02/04 12:0 a.m.60 views

apache24 -- multiple vulnerabilities

Jim Jagielski reports: CVE-2015-3183 cve.mitre.org core: Fix chunk header parsing defect. Remove aprbrigadeflatten, buffering and duplicated code from the HTTPIN filter, parse chunks in a single pass with zero copy. Limit accepted chunk-size to 2^63-1 and be strict about chunk-ext authorized...

5CVSS7.3AI score0.73327EPSS
Exploits0References1
Rows per page
Query Builder