Search for vulnerabilities
Vulnerability details: VCID-vefs-83s5-8fcv
Vulnerability ID VCID-vefs-83s5-8fcv
Aliases CVE-2015-3183
Summary An HTTP request smuggling attack was possible due to a bug in parsing of chunked requests. A malicious client could force the server to misinterpret the request length, allowing cache poisoning or credential hijacking if an intermediary proxy is in use.
Status Published
Exploitability 0.5
Weighted Severity 3.3
Risk 1.6
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-172 Encoding Error
System Score Found at
cvssv3 3.7 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3183.json
epss 0.27541 https://api.first.org/data/v1/epss?cve=CVE-2015-3183
epss 0.27541 https://api.first.org/data/v1/epss?cve=CVE-2015-3183
epss 0.36337 https://api.first.org/data/v1/epss?cve=CVE-2015-3183
epss 0.36337 https://api.first.org/data/v1/epss?cve=CVE-2015-3183
epss 0.36337 https://api.first.org/data/v1/epss?cve=CVE-2015-3183
epss 0.36337 https://api.first.org/data/v1/epss?cve=CVE-2015-3183
epss 0.36337 https://api.first.org/data/v1/epss?cve=CVE-2015-3183
epss 0.36337 https://api.first.org/data/v1/epss?cve=CVE-2015-3183
epss 0.38976 https://api.first.org/data/v1/epss?cve=CVE-2015-3183
epss 0.38976 https://api.first.org/data/v1/epss?cve=CVE-2015-3183
epss 0.38976 https://api.first.org/data/v1/epss?cve=CVE-2015-3183
epss 0.38976 https://api.first.org/data/v1/epss?cve=CVE-2015-3183
epss 0.38976 https://api.first.org/data/v1/epss?cve=CVE-2015-3183
epss 0.38976 https://api.first.org/data/v1/epss?cve=CVE-2015-3183
epss 0.38976 https://api.first.org/data/v1/epss?cve=CVE-2015-3183
epss 0.38976 https://api.first.org/data/v1/epss?cve=CVE-2015-3183
epss 0.38976 https://api.first.org/data/v1/epss?cve=CVE-2015-3183
epss 0.38976 https://api.first.org/data/v1/epss?cve=CVE-2015-3183
epss 0.38976 https://api.first.org/data/v1/epss?cve=CVE-2015-3183
apache_httpd low https://httpd.apache.org/security/json/CVE-2015-3183.json
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3183.json
https://api.first.org/data/v1/epss?cve=CVE-2015-3183
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3183
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3185
1243887 https://bugzilla.redhat.com/show_bug.cgi?id=1243887
CVE-2015-3183 https://httpd.apache.org/security/json/CVE-2015-3183.json
RHSA-2015:1666 https://access.redhat.com/errata/RHSA-2015:1666
RHSA-2015:1667 https://access.redhat.com/errata/RHSA-2015:1667
RHSA-2015:1668 https://access.redhat.com/errata/RHSA-2015:1668
RHSA-2015:2661 https://access.redhat.com/errata/RHSA-2015:2661
RHSA-2016:0061 https://access.redhat.com/errata/RHSA-2016:0061
RHSA-2016:0062 https://access.redhat.com/errata/RHSA-2016:0062
RHSA-2016:2054 https://access.redhat.com/errata/RHSA-2016:2054
RHSA-2016:2055 https://access.redhat.com/errata/RHSA-2016:2055
RHSA-2016:2056 https://access.redhat.com/errata/RHSA-2016:2056
USN-2686-1 https://usn.ubuntu.com/2686-1/
No exploits are available.
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3183.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.9627
EPSS Score 0.27541
Published At Aug. 1, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2025-07-31T08:29:00.567591+00:00 Apache HTTPD Importer Import https://httpd.apache.org/security/json/CVE-2015-3183.json 37.0.0