Filtered by vendor Oisf
Subscriptions
Filtered by product Libhtp
Subscriptions
Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-17420 | 2 Oisf, Suricata-ids | 2 Libhtp, Suricata | 2024-11-21 | 5.3 Medium |
| In OISF LibHTP before 0.5.31, as used in Suricata 4.1.4 and other products, an HTTP protocol parsing error causes the http_header signature to not alert on a response with a single \r\n ending. | ||||
| CVE-2018-10243 | 1 Oisf | 1 Libhtp | 2024-11-21 | N/A |
| htp_parse_authorization_digest in htp_parsers.c in LibHTP 0.5.26 allows remote attackers to cause a heap-based buffer over-read via an authorization digest header. | ||||
| CVE-2015-0928 | 1 Oisf | 1 Libhtp | 2024-11-21 | 7.5 High |
| libhtp 0.5.15 allows remote attackers to cause a denial of service (NULL pointer dereference). | ||||
| CVE-2024-45797 | 1 Oisf | 1 Libhtp | 2024-10-18 | 7.5 High |
| LibHTP is a security-aware parser for the HTTP protocol and the related bits and pieces. Prior to version 0.5.49, unbounded processing of HTTP request and response headers can lead to excessive CPU time and memory utilization, possibly leading to extreme slowdowns. This issue is addressed in 0.5.49. | ||||
Page 1 of 1.