CVE-2024-23837

CVSS V2 None CVSS V3 None

Description

LibHTP is a security-aware parser for the HTTP protocol. Crafted traffic can cause excessive processing time of HTTP headers, leading to denial of service. This issue is addressed in 0.5.46.

Overview

CVE ID
CVE-2024-23837

Assigner
GitHub_M

Vulnerability Status
PUBLISHED

Published Version
2024-02-26T16:17:24.372Z

Last Modified Date
2024-02-26T16:17:24.372Z

Weakness Enumerations

CWE	URL
CWE-770	http://cwe.mitre.org/data/definitions/770.html

References

Reference URL	Reference Tags
https://github.com/OISF/libhtp/security/advisories/GHSA-f9wf-rrjj-qx8m	x_refsource_CONFIRM
https://github.com/OISF/libhtp/commit/20ac301d801cdf01b3f021cca08a22a87f477c4a	x_refsource_MISC
https://redmine.openinfosecfoundation.org/issues/6444	x_refsource_MISC
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GOCOBFUTIFHOP2PZOH4ENRFXRBHIRKK4/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXJIT7R53ZXROO3I256RFUWTIW4ECK6P/

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2024-23837
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-23837

History

Created	Old Value	New Value	Data Type	Notes
2024-06-26 07:21:50				Added to TrackCVE