Search CVE reports


Toggle filters

1 – 6 of 6 results


CVE-2025-53537

Medium priority

Some fixes available 6 of 7

LibHTP is a security-aware parser for the HTTP protocol and its related bits and pieces. In versions 0.5.50 and below, there is a traffic-induced memory leak that can starve the process of memory, leading to loss of visibility. To...

1 affected package

libhtp

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libhtp Fixed Fixed Fixed Fixed
Show less packages

CVE-2024-45797

Medium priority

Some fixes available 5 of 6

LibHTP is a security-aware parser for the HTTP protocol and the related bits and pieces. Prior to version 0.5.49, unbounded processing of HTTP request and response headers can lead to excessive CPU time and memory utilization,...

1 affected package

libhtp

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libhtp Fixed Fixed Fixed Fixed
Show less packages

CVE-2024-28871

Medium priority

Some fixes available 3 of 5

LibHTP is a security-aware parser for the HTTP protocol and the related bits and pieces. Version 0.5.46 may parse malformed request traffic, leading to excessive CPU usage. Version 0.5.47 contains a patch for the issue. No known...

1 affected package

libhtp

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libhtp Fixed Fixed Fixed Not affected
Show less packages

CVE-2024-23837

Medium priority

Some fixes available 4 of 6

LibHTP is a security-aware parser for the HTTP protocol. Crafted traffic can cause excessive processing time of HTTP headers, leading to denial of service. This issue is addressed in 0.5.46.

1 affected package

libhtp

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libhtp Not affected Fixed Fixed Fixed
Show less packages

CVE-2019-17420

Medium priority
Needs evaluation

In OISF LibHTP before 0.5.31, as used in Suricata 4.1.4 and other products, an HTTP protocol parsing error causes the http_header signature to not alert on a response with a single \r\n ending.

1 affected package

libhtp

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libhtp Not affected Not affected Not affected Needs evaluation
Show less packages

CVE-2018-10243

Medium priority
Vulnerable

htp_parse_authorization_digest in htp_parsers.c in LibHTP 0.5.26 allows remote attackers to cause a heap-based buffer over-read via an authorization digest header.

3 affected packages

htp, libhtp, suricata

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
htp Needs evaluation Needs evaluation Needs evaluation Needs evaluation
libhtp Not affected Not affected Not affected Not affected
suricata Not affected Not affected Not in release Vulnerable
Show less packages