Suricata Security Vulnerabilities and Issues — Suricata CVE List

Lucene search

OisfSuricata

4 matches found

CVE•added 2021/11/19 3:15 p.m.•53 views

CVE-2021-37592

Suricata before 5.0.8 and 6.x before 6.0.4 allows TCP evasion via a client with a crafted TCP/IP stack that can send a certain sequence of segments.

9.8CVSS9.1AI score0.00185EPSS

CVE•added 2023/06/19 4:15 a.m.•53 views

CVE-2023-35853

In Suricata before 6.0.13, an adversary who controls an external source of Lua rules may be able to execute Lua code. This is addressed in 6.0.13 by disabling Lua unless allow-rules is true in the security lua configuration section.

9.8CVSS9.3AI score0.00551EPSS

CVE•added 2020/01/06 6:15 p.m.•51 views

CVE-2019-18792

An issue was discovered in Suricata 5.0.0. It is possible to bypass/evade any tcp based signature by overlapping a TCP segment with a fake FIN packet. The fake FIN packet is injected just before the PUSH ACK packet we want to bypass. The PUSH ACK packet (containing the data) will be ignored by Suri...

9.1CVSS9AI score0.00249EPSS

CVE•added 2019/04/04 4:29 p.m.•44 views

CVE-2018-10244

Suricata version 4.0.4 incorrectly handles the parsing of an EtherNet/IP PDU. A malformed PDU can cause the parsing code to read beyond the allocated data because DecodeENIPPDU in app-layer-enip-commmon.c has an integer overflow during a length check.

9.8CVSS9.2AI score0.00668EPSS