CVE-2019-17420

Опубликовано: 10 окт. 2019

Источник: debian

Описание

In OISF LibHTP before 0.5.31, as used in Suricata 4.1.4 and other products, an HTTP protocol parsing error causes the http_header signature to not alert on a response with a single \r\n ending.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
libhtp	fixed	1:0.5.31-1		package
libhtp	no-dsa		buster	package

Примечания

https://github.com/OISF/libhtp/pull/213

Связанные уязвимости

CVE-2019-17420

CVSS3: 5.3

ubuntu

больше 6 лет назад

In OISF LibHTP before 0.5.31, as used in Suricata 4.1.4 and other products, an HTTP protocol parsing error causes the http_header signature to not alert on a response with a single \r\n ending.

CVE-2019-17420

CVSS3: 5.3

nvd

больше 6 лет назад

In OISF LibHTP before 0.5.31, as used in Suricata 4.1.4 and other products, an HTTP protocol parsing error causes the http_header signature to not alert on a response with a single \r\n ending.

GHSA-9gx8-hhv8-hw56

github

больше 3 лет назад

In OISF LibHTP before 0.5.31, as used in Suricata 4.1.4 and other products, an HTTP protocol parsing error causes the http_header signature to not alert on a response with a single \r\n ending.