CVE-2019-17420

In OISF LibHTP before 0.5.31, as used in Suricata 4.1.4 and other products, an HTTP protocol parsing error causes the http_header signature to not alert on a response with a single \r\n ending.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:oisf:libhtp:*:*:*:*:*:*:*:*
cpe:2.3:a:suricata-ids:suricata:4.1.4:*:*:*:*:*:*:*

History

No history.

Information

Published : 2019-10-10 01:06

Updated : 2024-02-04 20:39


NVD link : CVE-2019-17420

Mitre link : CVE-2019-17420

CVE.ORG link : CVE-2019-17420


JSON object : View

Products Affected

suricata-ids

  • suricata

oisf

  • libhtp
CWE
CWE-459

Incomplete Cleanup