4 matches found
Advisory ROSA-SA-2025-2578
software: suricata 6.0.20 WASP: ROSA-CHROME packageevrstring: suricata-6.0.20-1 CVE-ID: CVE-2024-38535 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: Vulnerability in Suricata parsing HTTP/2 traffic. CVE-STATUS: Vulnerability has been resolved. CVE-REV: To close the vulnerability, run the command: dnf...
Mageia: Security Advisory (MGASA-2024-0306)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2024-37151 Suricata defrag: IP ID reuse can lead to policy bypass
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Mishandling of multiple fragmented packets using the same IP ID value can lead to packet reassembly failure, which can lead to policy bypass. Upgrade to 7.0.6 or 6.0.20. When usin...
CVE-2024-37151
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Mishandling of multiple fragmented packets using the same IP ID value can lead to packet reassembly failure, which can lead to policy bypass. Upgrade to 7.0.6 or 6.0.20. When usin...