6 matches found
CVE-2026-22261 Suricata eve/alert: http1 xff handling can lead to denial of service
Suricata is a network IDS, IPS and NSM engine. Prior to versions 8.0.3 and 7.0.14, various inefficiencies in xff handling, especially for alerts not triggered in a tx, can lead to severe slowdowns. Versions 8.0.3 and 7.0.14 contain a patch. As a workaround, disable XFF support in the eve...
CVE-2025-64330
A flaw was found in Suricata. This vulnerability allows a denial of service DoS via a single byte read heap overflow when logging the verdict in eve.alert and eve.drop records, requiring the per packet alert queue to be filled with alerts followed by a pass rule...
CVE-2025-64330 Suricata is vulnerable to a heap buffer overflow on verdict
Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. Prior to versions 7.0.13 and 8.0.2, a single byte read heap overflow when logging the verdict in eve.alert and eve.drop records can lead to crashes. This requires t...
CVE-2025-64330
Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. Prior to versions 7.0.13 and 8.0.2, a single byte read heap overflow when logging the verdict in eve.alert and eve.drop records can lead to crashes. This requires t...
CVE-2025-64330
Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. Prior to versions 7.0.13 and 8.0.2, a single byte read heap overflow when logging the verdict in eve.alert and eve.drop records can lead to crashes. This requires t...
Suricata 安全漏洞
Suricata is a network IDS, IPS and NSM engine from the Open Information Security Foundation. A security vulnerability exists in Suricata versions prior to 7.0.13 and prior to 8.0.2 that stems from a heap overflow when logging eve.alert and eve.drop, which could lead to a crash...