Suricata Security Vulnerabilities and Issues — Suricata CVE List

Lucene search

OisfSuricata

4 matches found

CVE•added 2025/04/10 9:15 p.m.•68 views

CVE-2025-29918

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. A PCRE rule can be written that leads to an infinite loop when negated PCRE is used. Packet processing thread becomes stuck in infinite loop limiting visibility and availability in ...

6.2CVSS6.4AI score0.00022EPSS

CVE•added 2025/04/10 8:15 p.m.•65 views

CVE-2025-29915

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. The AF_PACKET defrag option is enabled by default and allows AF_PACKET to re-assemble fragmented packets before reaching Suricata. However the default packet size in Suricata is bas...

7.5CVSS7.3AI score0.00016EPSS

CVE•added 2025/04/10 8:15 p.m.•61 views

CVE-2025-29916

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Datasets declared in rules have an option to specify the hashsize to use. This size setting isn't properly limited, so the hash table allocation can be large. Untrusted rules can le...

6.2CVSS6AI score0.00017EPSS

CVE•added 2025/04/10 9:15 p.m.•58 views

CVE-2025-29917

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. The bytes setting in the decode_base64 keyword is not properly limited. Due to this, signatures using the keyword and setting can cause large memory allocations of up to 4 GiB per t...

6.2CVSS6.4AI score0.00017EPSS