Search CVE reports


Toggle filters

1 – 5 of 5 results


CVE-2024-45797

Medium priority
Needs evaluation

LibHTP is a security-aware parser for the HTTP protocol and the related bits and pieces. Prior to version 0.5.49, unbounded processing of HTTP request and response headers can lead to excessive CPU time and memory utilization,...

1 affected package

libhtp

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libhtp Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2024-28871

Medium priority
Needs evaluation

LibHTP is a security-aware parser for the HTTP protocol and the related bits and pieces. Version 0.5.46 may parse malformed request traffic, leading to excessive CPU usage. Version 0.5.47 contains a patch for the issue. No known...

1 affected package

libhtp

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libhtp Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2024-23837

Medium priority
Needs evaluation

LibHTP is a security-aware parser for the HTTP protocol. Crafted traffic can cause excessive processing time of HTTP headers, leading to denial of service. This issue is addressed in 0.5.46.

1 affected package

libhtp

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libhtp Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2019-17420

Medium priority
Needs evaluation

In OISF LibHTP before 0.5.31, as used in Suricata 4.1.4 and other products, an HTTP protocol parsing error causes the http_header signature to not alert on a response with a single \r\n ending.

1 affected package

libhtp

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libhtp Not affected Not affected Not affected Needs evaluation Needs evaluation
Show less packages

CVE-2018-10243

Medium priority
Vulnerable

htp_parse_authorization_digest in htp_parsers.c in LibHTP 0.5.26 allows remote attackers to cause a heap-based buffer over-read via an authorization digest header.

3 affected packages

htp, libhtp, suricata

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
htp Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
libhtp Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
suricata Not affected Not affected Not in release Vulnerable Vulnerable
Show less packages