Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2024-28871

Опубликовано: 04 апр. 2024
Источник: debian
EPSS Низкий

Описание

LibHTP is a security-aware parser for the HTTP protocol and the related bits and pieces. Version 0.5.46 may parse malformed request traffic, leading to excessive CPU usage. Version 0.5.47 contains a patch for the issue. No known workarounds are available.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
libhtpfixed1:0.5.47-1package
libhtpnot-affectedbookwormpackage
libhtpnot-affectedbullseyepackage
libhtpnot-affectedbusterpackage

Примечания

  • https://github.com/OISF/libhtp/security/advisories/GHSA-ffr2-45w9-7wmg

  • Introduced by: https://github.com/OISF/libhtp/commit/bf618ec7f243cebfb0f7e84c3cb158955cb32b4d (0.5.46)

  • Fixed by: https://github.com/OISF/libhtp/commit/79e713f3e527593a45f545e854cd9e6fbb3cd3ed (0.5.47)

  • https://redmine.openinfosecfoundation.org/issues/6757

EPSS

Процентиль: 41%
0.00188
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2024-28871

CVSS3: 7.5
ubuntu
почти 2 года назад

LibHTP is a security-aware parser for the HTTP protocol and the related bits and pieces. Version 0.5.46 may parse malformed request traffic, leading to excessive CPU usage. Version 0.5.47 contains a patch for the issue. No known workarounds are available.

nvd логотип

CVE-2024-28871

CVSS3: 7.5
nvd
почти 2 года назад

LibHTP is a security-aware parser for the HTTP protocol and the related bits and pieces. Version 0.5.46 may parse malformed request traffic, leading to excessive CPU usage. Version 0.5.47 contains a patch for the issue. No known workarounds are available.

fstec логотип

BDU:2024-03122

CVSS3: 7.5
fstec
почти 2 года назад

Уязвимость библиотеки LibHTP, связанная с неограниченным распределением ресурсов, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 41%
0.00188
Низкий