PT-2024-31778 · Libhtp+4 · Libhtp+4

Philippe Antoine

Published

2024-10-16

Updated

2025-11-07

CVE-2024-45797

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions: LibHTP versions prior to 0.5.49

Description: The issue concerns unbounded processing of HTTP request and response headers, which can lead to excessive CPU time and memory utilization, resulting in extreme slowdowns. This is a problem with the LibHTP parser, which focuses on security for the HTTP protocol.

Recommendations: For versions prior to 0.5.49, update to version 0.5.49 to address the issue of excessive CPU usage due to unbounded processing of HTTP headers.

Exploit

Fix

Allocation of Resources Without Limits

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-770

Related Identifiers

ALT-PU-2025-14099

CVE-2024-45797

DLA-4295-1

GHSA-RQQP-24CH-248F

OPENSUSE-SU-2025:15394-1

USN-7814-1

Affected Products

Alt Linux

Debian

Libhtp

Linuxmint

Ubuntu

PT-2024-31778 · Libhtp+4 · Libhtp+4

CVE-2024-45797

Weakness Enumeration

Related Identifiers

Affected Products

References · 51