Lucene search
K

Suricata < 7.0.16 / 8.x < 8.0.5 Multiple Vulnerabilities

🗓️ 05 Jun 2026 00:00:00Reported by TenableType 
nessus
 nessus
🔗 www.tenable.com👁 81 Views

Suricata before 7.0.16 or 8.0.5 has HTTP/2 and header parsing vulnerabilities that may cause DoS.

Related
Refs
Code
ReporterTitlePublishedViews
Family
BDU FSTEC
The vulnerability of the NFS intrusion detection and prevention system Suricata allows a intruder to trigger a service failure.
1 Jul 202600:00
bdu_fstec
Circl
CVE-2026-45751
20 May 202614:15
circl
Circl
CVE-2026-45759
20 May 202614:15
circl
Circl
CVE-2026-45761
20 May 202614:15
circl
Circl
CVE-2026-45762
20 May 202614:15
circl
Circl
CVE-2026-45764
20 May 202614:15
circl
Circl
CVE-2026-45765
20 May 202614:15
circl
Circl
CVE-2026-45766
20 May 202614:15
circl
Circl
CVE-2026-45767
20 May 202614:15
circl
Circl
CVE-2026-45769
20 May 202614:15
circl
Rows per page
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(318838);
  script_version("1.2");
  script_set_attribute(attribute:"plugin_modification_date", value:"2026/06/08");

  script_cve_id(
    "CVE-2026-45751",
    "CVE-2026-45759",
    "CVE-2026-45761",
    "CVE-2026-45762",
    "CVE-2026-45764",
    "CVE-2026-45765",
    "CVE-2026-45766",
    "CVE-2026-45767",
    "CVE-2026-45769",
    "CVE-2026-46387"
  );
  script_xref(name:"IAVB", value:"2026-B-0147");

  script_name(english:"Suricata < 7.0.16 / 8.x < 8.0.5 Multiple Vulnerabilities");

  script_set_attribute(attribute:"synopsis", value:
"An IDS/IPS solution running on the remote host is affected by multiple vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"The version of OISF Suricata installed on the remote host is prior to 7.0.16 or 8.x prior to 8.0.5. It is,
therefore, affected by multiple vulnerabilities, including:

  - A protocol change while processing HTTP/2 traffic could lead to type confusion in Suricata. Crafted traffic
    may cause Suricata to crash, resulting in denial of service. (CVE-2026-45764)

  - Suricata's HTTP/2 decompression path could grow the decompressed response-body buffer without an effective
    upper bound. A crafted HTTP/2 DATA payload using a high compression ratio, such as gzip, deflate, or brotli
    compressed data, could cause Suricata to allocate excessive memory while decompressing the payload.
    (CVE-2026-46387)

  - Suricata could repeatedly perform expensive parsing of large HTTP Content-Disposition headers during HTTP
    response body processing. Crafted HTTP traffic could cause excessive CPU usage and denial of service.
    (CVE-2026-45759)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported
version number.");
  # https://github.com/OISF/suricata/security/advisories/GHSA-45p7-j5wm-8wrx
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?e79fd06f");
  # https://github.com/OISF/suricata/security/advisories/GHSA-59q6-j4w8-8pjx
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?e9bf7ca7");
  # https://github.com/OISF/suricata/security/advisories/GHSA-5rvq-72r5-rqhr
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?4959072d");
  # https://github.com/OISF/suricata/security/advisories/GHSA-cfq5-g2v5-6652
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?4f12587c");
  # https://github.com/OISF/suricata/security/advisories/GHSA-gfxq-gffp-w9rv
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?1e82469b");
  # https://github.com/OISF/suricata/security/advisories/GHSA-gv2j-f6jv-3878
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?289da1bf");
  # https://github.com/OISF/suricata/security/advisories/GHSA-hg2g-r464-5593
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?b433135c");
  # https://github.com/OISF/suricata/security/advisories/GHSA-jqr4-ch38-wvm6
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?a01cdfc9");
  # https://github.com/OISF/suricata/security/advisories/GHSA-m8x4-c78g-r4vj
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?45c42c55");
  # https://github.com/OISF/suricata/security/advisories/GHSA-r74x-74x5-r9vm
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?bb72647f");
  script_set_attribute(attribute:"solution", value:
"Upgrade Suricata to version 7.0.16 or 8.0.5 or higher.");
  script_set_attribute(attribute:"agent", value:"all");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2026-45764");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2026/05/19");
  script_set_attribute(attribute:"patch_publication_date", value:"2026/05/19");
  script_set_attribute(attribute:"plugin_publication_date", value:"2026/06/05");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:oisf:suricata");
  script_set_attribute(attribute:"stig_severity", value:"I");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Misc.");

  script_copyright(english:"This script is Copyright (C) 2026 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("oisf_suricata_win_installed.nbin", "oisf_suricata_nix_installed.nbin");
  script_require_keys("installed_sw/Open Information Security Foundation Suricata");

  exit(0);
}

include('vdf.inc');

# @tvdl-content
var vuln_data = {
  'metadata': {'spec_version': '1.0'},
  'requires': [ {'scope': 'target', 'match_one': {'os': ['linux', 'windows'] } } ],
  'checks': [
    {
      'product': {'name': 'Open Information Security Foundation Suricata', 'type': 'app'},
      'check_algorithm': 'default',
      'constraints': [
        {'fixed_version':'7.0.16'},
        {'min_version':'8.0.0', 'fixed_version':'8.0.5'}
      ]
    }
  ]
};

var result = vdf::check_and_report(vuln_data:vuln_data, severity:SECURITY_HOLE);
vdf::handle_check_and_report_errors(vdf_result:result);

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

08 Jun 2026 00:00Current
5.8Medium risk
Vulners AI Score5.8
EPSS0.02219
81