LibHTP is a security-aware parser for the HTTP protocol. Crafted traffic can cause excessive processing time of HTTP headers, leading to denial of service. This issue is addressed in 0.5.46.
{ "vanir_signatures": [ { "deprecated": false, "signature_type": "Function", "source": "https://github.com/oisf/libhtp/commit/20ac301d801cdf01b3f021cca08a22a87f477c4a", "target": { "file": "htp/htp_request.c", "function": "htp_connp_REQ_HEADERS" }, "signature_version": "v1", "digest": { "function_hash": "326996536456681381520762959134557183532", "length": 2341.0 }, "id": "CVE-2024-23837-37d33ccb" }, { "deprecated": false, "signature_type": "Line", "source": "https://github.com/oisf/libhtp/commit/20ac301d801cdf01b3f021cca08a22a87f477c4a", "target": { "file": "htp/htp_request.c" }, "signature_version": "v1", "digest": { "threshold": 0.9, "line_hashes": [ "94699668142441883860001977988921385600", "9343111614226818352166505047567412274", "276571502925875683918506425351582911103", "285604449002618065100796546582523376870", "113555999883347393169974635474450608176", "75331160813435535477058174706823975828" ] }, "id": "CVE-2024-23837-d97369dc" }, { "deprecated": false, "signature_type": "Function", "source": "https://github.com/oisf/libhtp/commit/20ac301d801cdf01b3f021cca08a22a87f477c4a", "target": { "file": "htp/htp_response.c", "function": "htp_connp_RES_HEADERS" }, "signature_version": "v1", "digest": { "function_hash": "66881056776851135965698242475482980791", "length": 4288.0 }, "id": "CVE-2024-23837-e24f81a5" }, { "deprecated": false, "signature_type": "Line", "source": "https://github.com/oisf/libhtp/commit/20ac301d801cdf01b3f021cca08a22a87f477c4a", "target": { "file": "htp/htp_response.c" }, "signature_version": "v1", "digest": { "threshold": 0.9, "line_hashes": [ "133036225453901820451721652519224656156", "237260322100367246947276263599575851236", "330700646841047790208413632344855916298", "272617567149177778162421525676039124692", "290096557333062269927278722753161954741", "171000010392544289656399769411418539464", "287923114168897523831744720864968961869" ] }, "id": "CVE-2024-23837-e9a0086c" } ] }