Suricata@7.0.0 Security Vulnerabilities and Issues — Suricata@7.0.0 CVE List

Lucene search

OisfSuricata7.0.0

10 matches found

CVE•added 2024/02/26 4:27 p.m.•129 views

CVE-2024-23836

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to versions 6.0.16 and 7.0.3, an attacker can craft traffic to cause Suricata to use far more CPU and memory for processing the traffic than needed, which can lead to extreme ...

7.5CVSS7.2AI score0.00847EPSS

CVE•added 2024/02/26 4:27 p.m.•117 views

CVE-2024-23839

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.3, specially crafted traffic can cause a heap use after free if the ruleset uses the http.request_header or http.response_header keyword. The vulnerability has been pat...

8.1CVSS7AI score0.00213EPSS

CVE•added 2024/02/26 4:27 p.m.•117 views

CVE-2024-24568

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.3, the rules inspecting HTTP2 headers can get bypassed by crafted traffic. The vulnerability has been patched in 7.0.3.

5.3CVSS5.3AI score0.00057EPSS

CVE•added 2024/02/26 4:27 p.m.•116 views

CVE-2024-23835

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.3, excessive memory use during pgsql parsing could lead to OOM-related crashes. This vulnerability is patched in 7.0.3. As workaround, users can disable the pgs...

7.5CVSS7.2AI score0.00188EPSS

CVE•added 2024/04/03 10:15 p.m.•88 views

CVE-2024-28870

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine developed by the OISF and the Suricata community. When parsing an overly long SSH banner, Suricata can use excessive CPU resources, as well as cause excessive logging volume in alert...

7.5CVSS7.4AI score0.00462EPSS

CVE•added 2024/05/07 3:15 p.m.•66 views

CVE-2024-32664

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.5 and 6.0.19, specially crafted traffic or datasets can cause a limited buffer overflow. This vulnerability is fixed in 7.0.5 and 6.0.19. Workarounds include not use ru...

7.3CVSS6.6AI score0.00185EPSS

CVE•added 2024/07/11 3:15 p.m.•65 views

CVE-2024-38535

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Suricata can run out of memory when parsing crafted HTTP/2 traffic. Upgrade to 6.0.20 or 7.0.6.

7.5CVSS7.3AI score0.00826EPSS

CVE•added 2024/05/07 3:15 p.m.•63 views

CVE-2024-32867

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.5 and 6.0.19, various problems in handling of fragmentation anomalies can lead to mis-detection of rules and policy. This vulnerability is fixed in 7.0.5 or 6.0.19.

5.3CVSS6.5AI score0.00847EPSS

CVE•added 2024/05/07 3:15 p.m.•60 views

CVE-2024-32663

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.5 and 6.0.19, a small amount of HTTP/2 traffic can lead to Suricata using a large amount of memory. The issue has been addressed in Suricata 7.0.5 and 6.0.19. Workaroun...

7.5CVSS6.4AI score0.00325EPSS

CVE•added 2024/07/11 3:15 p.m.•60 views

CVE-2024-37151

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine.Mishandling of multiple fragmented packets using the same IP ID value can lead to packet reassembly failure, which can lead to policy bypass. Upgrade to 7.0.6 or 6.0.20. When using a...

7.5CVSS6.1AI score0.00383EPSS