Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-45797

LibHTP is a security-aware parser for the HTTP protocol and the related bits and pieces. Prior to version 0.5.49, unbounded processing of HTTP request and response headers can lead to excessive CPU time and memory utilization, possibly leading to extreme slowdowns. This issue is addressed in 0.5.49.

Published

2024-10-16T19:15:27.177

Last Modified

2025-07-09T17:02:19.447

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 7.5 (HIGH)

Weaknesses

Type: Secondary
CWE-770

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	oisf	libhtp	< 0.5.49	Yes

References

https://github.com/OISF/libhtp/security/advisories/GHSA-rqqp-24ch-248f Vendor Advisory, Exploit, Issue Tracking, Patch ([email protected])
https://redmine.openinfosecfoundation.org/issues/7191 Issue Tracking, Exploit, Patch, Vendor Advisory ([email protected])