Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
LibHTP's unbounded header handling leads to denial service
Vulnerability Description
LibHTP is a security-aware parser for the HTTP protocol and the related bits and pieces. Prior to version 0.5.49, unbounded processing of HTTP request and response headers can lead to excessive CPU time and memory utilization, possibly leading to extreme slowdowns. This issue is addressed in 0.5.49.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Vulnerability Type
不加限制或调节的资源分配
Vulnerability Title
LibHTP 安全漏洞
Vulnerability Description
LibHTP是Open Information Security基金会的一款安全感知解析器。该产品主要用于HTTP协议等。 LibHTP 0.5.49之前版本存在安全漏洞,该漏洞源于对HTTP请求和响应标头的没有进行限制,从而导致过多的CPU时间和内存利用率。
CVSS Information
N/A
Vulnerability Type
N/A