Oisf Libhtp
7 CVEs affecting Oisf Libhtp. Latest disclosed: 2025-07-23. Critical: 1, High: 5.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2018-10243 | Critical | 9.8 | 2019-04-04 | htp_parse_authorization_digest in htp_parsers.c in LibHTP 0.5.26 allows remote attackers to cause a heap-based buffer over-read via an authorization digest hea… |
CVE-2025-53537 | High | 7.5 | 2025-07-23 | LibHTP is a security-aware parser for the HTTP protocol and its related bits and pieces. In versions 0.5.50 and below, there is a traffic-induced memory leak t… |
CVE-2024-45797 | High | 7.5 | 2024-10-16 | LibHTP is a security-aware parser for the HTTP protocol and the related bits and pieces. Prior to version 0.5.49, unbounded processing of HTTP request and resp… |
CVE-2024-28871 | High | 7.5 | 2024-04-04 | LibHTP is a security-aware parser for the HTTP protocol and the related bits and pieces. Version 0.5.46 may parse malformed request traffic, leading to excessi… |
CVE-2024-23837 | High | 7.5 | 2024-02-26 | LibHTP is a security-aware parser for the HTTP protocol. Crafted traffic can cause excessive processing time of HTTP headers, leading to denial of service. Thi… |
CVE-2015-0928 | High | 7.5 | 2017-08-28 | libhtp 0.5.15 allows remote attackers to cause a denial of service (NULL pointer dereference). |
CVE-2019-17420 | Medium | 5.3 | 2019-10-10 | In OISF LibHTP before 0.5.31, as used in Suricata 4.1.4 and other products, an HTTP protocol parsing error causes the http_header signature to not alert on a r… |