CVE-2025-53537 — HIGH (7.5)

Q: How severe is CVE-2025-53537?

CVE-2025-53537 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2025-53537?

Check the references section above for vendor advisories and patch information. Affected products include: Oisf Libhtp.

Vulnerability Description

LibHTP is a security-aware parser for the HTTP protocol and its related bits and pieces. In versions 0.5.50 and below, there is a traffic-induced memory leak that can starve the process of memory, leading to loss of visibility. To workaround this issue, set `suricata.yaml app-layer.protocols.http.libhtp.default-config.lzma-enabled` to false. This issue is fixed in version 0.5.51.

CVSS Score

7.5

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

NONE

Availability

HIGH

Affected Products

Vendor	Product	Versions
Oisf	Libhtp	< 0.5.51

Related Weaknesses (CWE)

CWE-401

References

https://github.com/OISF/libhtp/commit/9037ea35110a0d97be5cedf8d31fb4cd9a38c7a7Patch
https://github.com/OISF/libhtp/security/advisories/GHSA-v3qq-h8mh-vph7MitigationVendor Advisory

FAQ

What is CVE-2025-53537?

CVE-2025-53537 is a vulnerability with a CVSS score of 7.5 (HIGH). LibHTP is a security-aware parser for the HTTP protocol and its related bits and pieces. In versions 0.5.50 and below, there is a traffic-induced memory leak that can starve the process of memory, lea...

How severe is CVE-2025-53537?

CVE-2025-53537 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2025-53537?

Check the references section above for vendor advisories and patch information. Affected products include: Oisf Libhtp.