Vulnerabilities (CVE)

Filtered by vendor Oisf Subscribe
Filtered by product Libhtp
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2015-0928 1 Oisf 1 Libhtp 2020-03-05 5.0 MEDIUM 7.5 HIGH
libhtp 0.5.15 allows remote attackers to cause a denial of service (NULL pointer dereference).
CVE-2019-17420 2 Oisf, Suricata-ids 2 Libhtp, Suricata 2019-10-16 5.0 MEDIUM 5.3 MEDIUM
In OISF LibHTP before 0.5.31, as used in Suricata 4.1.4 and other products, an HTTP protocol parsing error causes the http_header signature to not alert on a response with a single \r\n ending.
CVE-2018-10243 1 Oisf 1 Libhtp 2019-04-08 7.5 HIGH 9.8 CRITICAL
htp_parse_authorization_digest in htp_parsers.c in LibHTP 0.5.26 allows remote attackers to cause a heap-based buffer over-read via an authorization digest header.