Unrated severityNVD Advisory· Published Feb 26, 2024· Updated Nov 3, 2025
LibHTP unbounded folded header handling leads to denial service
CVE-2024-23837
Description
LibHTP is a security-aware parser for the HTTP protocol. Crafted traffic can cause excessive processing time of HTTP headers, leading to denial of service. This issue is addressed in 0.5.46.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
7- osv-coords5 versionspkg:rpm/opensuse/libhtp&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/libhtp&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/libhtp&distro=openSUSE%20Tumbleweedpkg:rpm/suse/libhtp&distro=SUSE%20Package%20Hub%2015%20SP5pkg:rpm/suse/libhtp&distro=SUSE%20Package%20Hub%2015%20SP6
< 0.5.42-bp156.3.3.1+ 4 more
- (no CPE)range: < 0.5.42-bp156.3.3.1
- (no CPE)range: < 0.5.42-bp156.3.3.1
- (no CPE)range: < 0.5.46-1.1
- (no CPE)range: < 0.5.42-bp156.3.3.1
- (no CPE)range: < 0.5.42-bp156.3.3.1
Patches
Vulnerability mechanics
References
5- github.com/OISF/libhtp/commit/20ac301d801cdf01b3f021cca08a22a87f477c4amitrex_refsource_MISC
- github.com/OISF/libhtp/security/advisories/GHSA-f9wf-rrjj-qx8mmitrex_refsource_CONFIRM
- redmine.openinfosecfoundation.org/issues/6444mitrex_refsource_MISC
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GOCOBFUTIFHOP2PZOH4ENRFXRBHIRKK4/mitre
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXJIT7R53ZXROO3I256RFUWTIW4ECK6P/mitre
News mentions
0No linked articles in our index yet.