FKIE_CVE-2024-28871

Vulnerability from fkie_nvd - Published: 2024-04-04 15:15 - Updated: 2025-06-30 14:54
Severity
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
LibHTP is a security-aware parser for the HTTP protocol and the related bits and pieces. Version 0.5.46 may parse malformed request traffic, leading to excessive CPU usage. Version 0.5.47 contains a patch for the issue. No known workarounds are available.
References
security-advisories@github.comhttps://github.com/OISF/libhtp/commit/79e713f3e527593a45f545e854cd9e6fbb3cd3edPatch
security-advisories@github.comhttps://github.com/OISF/libhtp/commit/bf618ec7f243cebfb0f7e84c3cb158955cb32b4dPatch
security-advisories@github.comhttps://github.com/OISF/libhtp/security/advisories/GHSA-ffr2-45w9-7wmgVendor Advisory
security-advisories@github.comhttps://redmine.openinfosecfoundation.org/issues/6757Issue Tracking
af854a3a-2127-422b-91ae-364da2661108https://github.com/OISF/libhtp/commit/79e713f3e527593a45f545e854cd9e6fbb3cd3edPatch
af854a3a-2127-422b-91ae-364da2661108https://github.com/OISF/libhtp/commit/bf618ec7f243cebfb0f7e84c3cb158955cb32b4dPatch
af854a3a-2127-422b-91ae-364da2661108https://github.com/OISF/libhtp/security/advisories/GHSA-ffr2-45w9-7wmgVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://redmine.openinfosecfoundation.org/issues/6757Issue Tracking
Impacted products
Vendor Product Version
oisf libhtp 0.5.46
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:oisf:libhtp:0.5.46:*:*:*:*:*:*:*",
              "matchCriteriaId": "23444241-F9FB-411D-965A-76586A07A815",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "LibHTP is a security-aware parser for the HTTP protocol and the related bits and pieces. Version 0.5.46 may parse malformed request traffic, leading to excessive CPU usage. Version 0.5.47 contains a patch for the issue. No known workarounds are available."
    },
    {
      "lang": "es",
      "value": "LibHTP es un analizador consciente de la seguridad para el protocolo HTTP y los bits y piezas relacionados. La versi\u00f3n 0.5.46 puede analizar el tr\u00e1fico de solicitudes con formato incorrecto, lo que provoca un uso excesivo de la CPU. La versi\u00f3n 0.5.47 contiene un parche para el problema. No hay workarounds disponibles."
    }
  ],
  "id": "CVE-2024-28871",
  "lastModified": "2025-06-30T14:54:40.080",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "security-advisories@github.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-04-04T15:15:38.647",
  "references": [
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Patch"
      ],
      "url": "https://github.com/OISF/libhtp/commit/79e713f3e527593a45f545e854cd9e6fbb3cd3ed"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Patch"
      ],
      "url": "https://github.com/OISF/libhtp/commit/bf618ec7f243cebfb0f7e84c3cb158955cb32b4d"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://github.com/OISF/libhtp/security/advisories/GHSA-ffr2-45w9-7wmg"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://redmine.openinfosecfoundation.org/issues/6757"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://github.com/OISF/libhtp/commit/79e713f3e527593a45f545e854cd9e6fbb3cd3ed"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://github.com/OISF/libhtp/commit/bf618ec7f243cebfb0f7e84c3cb158955cb32b4d"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://github.com/OISF/libhtp/security/advisories/GHSA-ffr2-45w9-7wmg"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://redmine.openinfosecfoundation.org/issues/6757"
    }
  ],
  "sourceIdentifier": "security-advisories@github.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-770"
        }
      ],
      "source": "security-advisories@github.com",
      "type": "Secondary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.





Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.


Detection rules are retrieved from Rulezet.