Libhtp@* Security Vulnerabilities and Issues — Libhtp@* CVE List

Lucene search

OisfLibhtp*

5 matches found

CVE•added 2024/02/26 4:27 p.m.•135 views

CVE-2024-23837

LibHTP is a security-aware parser for the HTTP protocol. Crafted traffic can cause excessive processing time of HTTP headers, leading to denial of service. This issue is addressed in 0.5.46.

7.5CVSS7.1AI score0.00192EPSS

CVE•added 2019/10/10 1:6 a.m.•107 views

CVE-2019-17420

In OISF LibHTP before 0.5.31, as used in Suricata 4.1.4 and other products, an HTTP protocol parsing error causes the http_header signature to not alert on a response with a single \r\n ending.

5.3CVSS5.2AI score0.00242EPSS

CVE•added 2024/10/16 7:15 p.m.•54 views

CVE-2024-45797

LibHTP is a security-aware parser for the HTTP protocol and the related bits and pieces. Prior to version 0.5.49, unbounded processing of HTTP request and response headers can lead to excessive CPU time and memory utilization, possibly leading to extreme slowdowns. This issue is addressed in 0.5.49...

7.5CVSS7.4AI score0.00243EPSS

CVE•added 2024/04/04 3:15 p.m.•51 views

CVE-2024-28871

LibHTP is a security-aware parser for the HTTP protocol and the related bits and pieces. Version 0.5.46 may parse malformed request traffic, leading to excessive CPU usage. Version 0.5.47 contains a patch for the issue. No known workarounds are available.

7.5CVSS7.5AI score0.00488EPSS

CVE•added 3 days ago•3 views

CVE-2025-53537

LibHTP is a security-aware parser for the HTTP protocol and its related bits and pieces. In versions 0.5.50 and below, there is a traffic-induced memory leak that can starve the process of memory, leading to loss of visibility. To workaround this issue, set suricata.yaml app-layer.protocols.http.li...

7.5CVSS6.2AI score0.0004EPSS