Vulnerabilities > Oisf > Libhtp > Medium

DATE CVE VULNERABILITY TITLE RISK
2019-10-10 CVE-2019-17420 Improper Input Validation vulnerability in multiple products
In OISF LibHTP before 0.5.31, as used in Suricata 4.1.4 and other products, an HTTP protocol parsing error causes the http_header signature to not alert on a response with a single \r\n ending.
network
low complexity
oisf suricata-ids CWE-20
5.0
5.0
2017-08-28 CVE-2015-0928 NULL Pointer Dereference vulnerability in Oisf Libhtp 0.5.15
libhtp 0.5.15 allows remote attackers to cause a denial of service (NULL pointer dereference).
network
low complexity
oisf CWE-476
5.0
5.0