Lucene search
K
OisfLibhtp

7 matches found

CVE
CVE
added 2024/02/26 4:17 p.m.158 views

CVE-2024-23837

CVE-2024-23837 affects LibHTP, a security-aware HTTP parser. Crafted traffic can cause excessive HTTP header processing time, leading to a denial of service. Upstream fix is in LibHTP 0.5.46. Connected advisories note the issue across multiple distributions (Ubuntu USN-7814-1; Debian DLA-4295-1; ...

7.5CVSS7.1AI score0.01193EPSS
CVE
CVE
added 2019/10/09 11:29 p.m.132 views

CVE-2019-17420

CVE-2019-17420 affects LibHTP before 0.5.31, as used in Suricata 4.1.4 and other products. The vulnerability arises from an HTTP protocol parsing error that causes the http_header signature to fail to alert on a response ending with a single CRLF ("\r\n"). Impact is that such responses may bypass...

5.3CVSS5.2AI score0.01355EPSS
CVE
CVE
added 2024/10/16 6:45 p.m.81 views

CVE-2024-45797

CVE-2024-45797 affects LibHTP prior to 0.5.49, where unbounded processing of HTTP request/response headers can cause excessive CPU and memory usage, leading to DoS-like slowdowns. The issue is addressed in LibHTP 0.5.49. Public disclosures in Ubuntu USN-7814-1 and Debian DLA-4295-1, and related O...

7.5CVSS7.4AI score0.00705EPSS
CVE
CVE
added 2024/04/04 2:46 p.m.71 views

CVE-2024-28871

LibHTP vulnerability CVE-2024-28871 affects LibHTP 0.5.46, which may parse malformed HTTP traffic causing high CPU. A patch is in 0.5.47. Public details indicate a DoS impact; no workarounds are listed in the provided documents. Ubuntu/Red Hat advisories corroborate the patch and impact.

7.5CVSS7.5AI score0.00841EPSS
CVE
CVE
added 2019/04/04 3:10 p.m.67 views

CVE-2018-10243

CVE-2018-10243 affects LibHTP 0.5.26: the function htp_parse_authorization_digest in htp_parsers.c can cause a heap-based buffer over-read when processing an authorization digest header. This is a remote, network-exploitable condition reported across multiple sources (OSV, Debian/NASL references)...

9.8CVSS9.2AI score0.02302EPSS
CVE
CVE
added 2017/08/28 3:0 p.m.50 views

CVE-2015-0928

CVE-2015-0928 affects libhtp 0.5.15. The connected sources consistently describe a remote denial-of-service condition caused by a NULL pointer dereference in libhtp. The provided documents do not specify the exact trigger, affected products beyond libhtp, versions other than 0.5.15, or a concrete...

7.5CVSS7.2AI score0.02339EPSS
CVE
CVE
added 2025/07/23 8:35 p.m.49 views

CVE-2025-53537

CVE-2025-53537 affects LibHTP

7.5CVSS6.2AI score0.0042EPSS