CVE-2024-23837

Summary

LibHTP is a security-aware parser for the HTTP protocol. Crafted traffic can cause excessive processing time of HTTP headers, leading to denial of service. This issue is addressed in 0.5.46.

Affected Software

VendorProductVersion RangeStatus
OISFlibhtp< 0.5.46affected

Weaknesses

  • CWE-770: CWE-770: Allocation of Resources Without Limits or Throttling

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References