Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Libhtp
(Oisf)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 4 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2024-02-26 | CVE-2024-23837 | LibHTP is a security-aware parser for the HTTP protocol. Crafted traffic can cause excessive processing time of HTTP headers, leading to denial of service. This issue is addressed in 0.5.46. | Fedora, Libhtp | 7.5 | ||
| 2019-10-10 | CVE-2019-17420 | In OISF LibHTP before 0.5.31, as used in Suricata 4.1.4 and other products, an HTTP protocol parsing error causes the http_header signature to not alert on a response with a single \r\n ending. | Libhtp, Suricata | 5.3 | ||
| 2017-08-28 | CVE-2015-0928 | libhtp 0.5.15 allows remote attackers to cause a denial of service (NULL pointer dereference). | Libhtp | N/A | ||
| 2019-04-04 | CVE-2018-10243 | htp_parse_authorization_digest in htp_parsers.c in LibHTP 0.5.26 allows remote attackers to cause a heap-based buffer over-read via an authorization digest header. | Libhtp | 9.8 |