4 matches found
CVE-2024-23837
CVE-2024-23837 affects LibHTP, a security-aware HTTP parser. Crafted traffic can cause excessive HTTP header processing time, leading to a denial of service. Upstream fix is in LibHTP 0.5.46. Connected advisories note the issue across multiple distributions (Ubuntu USN-7814-1; Debian DLA-4295-1; ...
CVE-2019-17420
CVE-2019-17420 affects LibHTP before 0.5.31, as used in Suricata 4.1.4 and other products. The vulnerability arises from an HTTP protocol parsing error that causes the http_header signature to fail to alert on a response ending with a single CRLF ("\r\n"). Impact is that such responses may bypass...
CVE-2024-45797
CVE-2024-45797 affects LibHTP prior to 0.5.49, where unbounded processing of HTTP request/response headers can cause excessive CPU and memory usage, leading to DoS-like slowdowns. The issue is addressed in LibHTP 0.5.49. Public disclosures in Ubuntu USN-7814-1 and Debian DLA-4295-1, and related O...
CVE-2025-53537
CVE-2025-53537 affects LibHTP