Suricata Buffer Overflow Vulnerability (CNVD-2019-34383)

Suricata is a set of network intrusion detection system IDS, intrusion prevention system IPS and network security monitoring engine developed by the Open Information Security Foundation OISF and its supported vendors, which supports multi-threading, built-in IPv6, and the ability to load...

CVE-2019-15699

CVE-2019-15699 affects Suricata 4.1.4, where the SSL/TLS parser in app-layer-ssl.c (TLSDecodeHSHelloExtensions) accesses an unallocated memory region when processing a corrupted SSLv3/TLS 1.2 HSHelloExtensions length mismatch. This can lead to memory corruption/heap issues as described in multipl...