Lucene search
HistoryApr 04, 2024 - 3:15 p.m.
CVE-2024-28871
cve-2024-28871
libhtp
http protocol
malformed request traffic
excessive cpu usage
patch
workarounds
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
0
Percentile
15.5%
LibHTP is a security-aware parser for the HTTP protocol and the related bits and pieces. Version 0.5.46 may parse malformed request traffic, leading to excessive CPU usage. Version 0.5.47 contains a patch for the issue. No known workarounds are available.
Related
ubuntucve
ubuntucve
CVE-2024-28871
2024-04-04 00:00:00
osv
osv
CVE-2024-28871
2024-04-04 15:15:38
cvelist
cvelist
CVE-2024-28871 Excessive CPU used on malformed traffic
2024-04-04 14:46:02
debiancve
debiancve
CVE-2024-28871
2024-04-04 15:15:38
veracode
veracode
Denial Of Service (DoS)
2024-04-19 07:12:48
vulnrichment
vulnrichment
CVE-2024-28871 Excessive CPU used on malformed traffic
2024-04-04 14:46:02
cve
cve
CVE-2024-28871
2024-04-04 15:15:38
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
0
Percentile
15.5%
Related for NVD:CVE-2024-28871