DEBIAN-CVE-2024-23837

DEBIAN-CVE-2024-23837 PUBLISHED CVSS 7.5 HIGH

LibHTP is a security-aware parser for the HTTP protocol. Crafted traffic can cause excessive processing time of HTTP headers, leading to denial of service. This issue is addressed in 0.5.46.

Risk Scores

CVSS v3.1

7.5

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products

Vendor	Product	Versions
Debian:11	libhtp	0, 0.5.36-1, 0
Debian:12	libhtp	1:0.5.42-1, 0.5.42-1, 0
Debian:13	libhtp	0, 0
Debian:14	libhtp	0, 0

Timeline

Feb 26, 2024 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2024-23837 advisory

Open in Interactive Console →