Jasonish

**Name of the Vulnerable Software and Affected Versions** LibHTP versions 0.5.50 and below **Description** LibHTP is a security-aware parser for the HTTP protocol. Versions 0.5.50 and below contain a traffic-induced memory leak that can lead to process memory starvation and loss of visibility. **Recommendations** Set `suricata.yaml app-layer.protocols.http.libhtp.default-config.lzma-enabled` to false. Update to version 0.5.51.

**Name of the Vulnerable Software and Affected Versions** Suricata versions 7.0.10 and below Suricata versions 8.0.0-beta1 through 8.0.0-rc1 **Description** Suricata, a network IDS, IPS, and NSM engine, is affected by an issue where mishandling of data on HTTP2 stream 0 can lead to uncontrolled memory usage, potentially resulting in loss of visibility. **Recommendations** Suricata versions prior to 7.0.11: Disable the HTTP/2 parser. Suricata versions prior to 7.0.11: Utilize a signature like `drop http2 any any -> any any (frame:http2.hdr; byte test:1,=,0,3; byte test:4,=,0,5; sid: 1;)` to mitigate the issue. Suricata versions prior to 8.0.0: Disable the HTTP/2 parser. Suricata versions prior to 8.0.0: Utilize a signature like `drop http2 any any -> any any (frame:http2.hdr; byte test:1,=,0,3; byte test:4,=,0,5; sid: 1;)` to mitigate the issue.