Lucene search

Libhtp Security Vulnerabilities

cve

CVE-2015-0928

libhtp 0.5.15 allows remote attackers to cause a denial of service (NULL pointer dereference).

7.5CVSS

7.2AI Score

0.001EPSS

2017-08-28 03:29 PM

cve

CVE-2018-10243

htp_parse_authorization_digest in htp_parsers.c in LibHTP 0.5.26 allows remote attackers to cause a heap-based buffer over-read via an authorization digest header.

9.8CVSS

9.2AI Score

0.005EPSS

2019-04-04 04:29 PM

cve

CVE-2019-17420

In OISF LibHTP before 0.5.31, as used in Suricata 4.1.4 and other products, an HTTP protocol parsing error causes the http_header signature to not alert on a response with a single \r\n ending.

5.3CVSS

5.2AI Score

0.001EPSS

2019-10-10 01:06 AM

cve

CVE-2024-23837

LibHTP is a security-aware parser for the HTTP protocol. Crafted traffic can cause excessive processing time of HTTP headers, leading to denial of service. This issue is addressed in 0.5.46.

7.5CVSS

7.1AI Score

0.0004EPSS

2024-02-26 04:27 PM

102

cve

CVE-2024-28871

LibHTP is a security-aware parser for the HTTP protocol and the related bits and pieces. Version 0.5.46 may parse malformed request traffic, leading to excessive CPU usage. Version 0.5.47 contains a patch for the issue. No known workarounds are available.

7.5CVSS

7.5AI Score

0.0004EPSS

2024-04-04 03:15 PM