Every CVE whose affected-product data names Oisf Libhtp, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2018-10243 — CVSS 9.8 (critical): htp_parse_authorization_digest in htp_parsers.c in LibHTP 0.5.26 allows remote attackers to cause a heap-based buffer over-read via an…
CVE-2024-23837 — CVSS 7.5 (high): LibHTP is a security-aware parser for the HTTP protocol. Crafted traffic can cause excessive processing time of HTTP headers, leading to…
CVE-2025-53537 — CVSS 7.5 (high): LibHTP is a security-aware parser for the HTTP protocol and its related bits and pieces. In versions 0.5.50 and below, there is a…
CVE-2015-0928 — CVSS 7.5 (high): libhtp 0.5.15 allows remote attackers to cause a denial of service (NULL pointer dereference).
CVE-2024-28871 — CVSS 7.5 (high): LibHTP is a security-aware parser for the HTTP protocol and the related bits and pieces. Version 0.5.46 may parse malformed request…
CVE-2024-45797 — CVSS 7.5 (high): LibHTP is a security-aware parser for the HTTP protocol and the related bits and pieces. Prior to version 0.5.49, unbounded processing of…
CVE-2019-17420 — CVSS 5.3 (medium): In OISF LibHTP before 0.5.31, as used in Suricata 4.1.4 and other products, an HTTP protocol parsing error causes the http_header signature…