Suricata Security Vulnerabilities and Issues — Suricata CVE List

Lucene search

OisfSuricata

5 matches found

CVE•added 2024/02/26 4:27 p.m.•108 views

CVE-2024-24568

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.3, the rules inspecting HTTP2 headers can get bypassed by crafted traffic. The vulnerability has been patched in 7.0.3.

5.3CVSS5.3AI score0.00057EPSS

CVE•added 2024/05/07 3:15 p.m.•60 views

CVE-2024-32867

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.5 and 6.0.19, various problems in handling of fragmentation anomalies can lead to mis-detection of rules and policy. This vulnerability is fixed in 7.0.5 or 6.0.19.

5.3CVSS6.5AI score0.00847EPSS

CVE•added 2025/01/06 6:15 p.m.•55 views

CVE-2024-55626

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.8, a large BPF filter file provided to Suricata at startup can lead to a buffer overflow at Suricata startup. The issue has been addressed in Suricata 7.0.8.

5.5CVSS4.5AI score0.00034EPSS

CVE•added 2024/10/16 7:15 p.m.•46 views

CVE-2024-45796

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.7, a logic error during fragment reassembly can lead to failed reassembly for valid traffic. An attacker could craft packets to trigger this behavior.This issue...

5.3CVSS5.1AI score0.00135EPSS

CVE•added 2014/05/30 2:55 p.m.•37 views

CVE-2013-5919

Suricata before 1.4.6 allows remote attackers to cause a denial of service (crash) via a malformed SSL record.

5CVSS6.8AI score0.00535EPSS