ГлавнаяУязвимости → CVE-2024-23837
7.5высокая

CVE-2024-23837

Описание

LibHTP is a security-aware parser for the HTTP protocol. Crafted traffic can cause excessive processing time of HTTP headers, leading to denial of service. This issue is addressed in 0.5.46.

Затрагиваемое ПО
Oisf LibhtpFedoraproject Fedora
CVSS
Балл7.5 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Источники
https://github.com/OISF/libhtp/commit/20ac301d801cdf01b3f021cca08a22a87f477c4ahttps://github.com/OISF/libhtp/security/advisories/GHSA-f9wf-rrjj-qx8mhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GOCOBFUTIFHOP2PZOH4ENRFXRBHIRKK4/https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXJIT7R53ZXROO3I256RFUWTIW4ECK6P/https://redmine.openinfosecfoundation.org/issues/6444https://github.com/OISF/libhtp/commit/20ac301d801cdf01b3f021cca08a22a87f477c4ahttps://github.com/OISF/libhtp/security/advisories/GHSA-f9wf-rrjj-qx8mhttps://lists.debian.org/debian-lts-announce/2025/09/msg00009.html