Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
LibHTP's memory leak with lzma can lead to resource starvation
Vulnerability Description
LibHTP is a security-aware parser for the HTTP protocol and its related bits and pieces. In versions 0.5.50 and below, there is a traffic-induced memory leak that can starve the process of memory, leading to loss of visibility. To workaround this issue, set `suricata.yaml app-layer.protocols.http.libhtp.default-config.lzma-enabled` to false. This issue is fixed in version 0.5.51.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Vulnerability Type
在移除最后引用时对内存的释放不恰当(内存泄露)
Vulnerability Title
LibHTP 安全漏洞
Vulnerability Description
LibHTP是Open Information Security基金会的一款安全感知解析器。该产品主要用于HTTP协议等。 LibHTP 0.5.50及之前版本存在安全漏洞,该漏洞源于内存泄漏问题,可能导致进程内存耗尽。
CVSS Information
N/A
Vulnerability Type
N/A