Suricata Security Vulnerabilities and Issues — Suricata CVE List

Lucene search

OisfSuricata

4 matches found

CVE•added 2024/07/11 3:15 p.m.•63 views

CVE-2024-38536

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. A memory allocation failure due to http.memcap being reached leads to a NULL-ptr reference leading to a crash. Upgrade to 7.0.6.

7.5CVSS7.3AI score0.00532EPSS

CVE•added 2024/07/11 3:15 p.m.•62 views

CVE-2024-38535

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Suricata can run out of memory when parsing crafted HTTP/2 traffic. Upgrade to 6.0.20 or 7.0.6.

7.5CVSS7.3AI score0.00907EPSS

CVE•added 2024/07/11 3:15 p.m.•59 views

CVE-2024-37151

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine.Mishandling of multiple fragmented packets using the same IP ID value can lead to packet reassembly failure, which can lead to policy bypass. Upgrade to 7.0.6 or 6.0.20. When using a...

7.5CVSS6.1AI score0.00352EPSS

CVE•added 2024/07/11 3:15 p.m.•50 views

CVE-2024-38534

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Crafted modbus traffic can lead to unlimited resource accumulation within a flow. Upgrade to 7.0.6. Set a limited stream.reassembly.depth to reduce the issue.

7.5CVSS7.3AI score0.00186EPSS