Suricata Security Vulnerabilities and Issues — Suricata CVE List

Lucene search

Suricata-idsSuricata

4 matches found

CVE•added 2019/09/24 8:15 p.m.•69 views

CVE-2019-16411

An issue was discovered in Suricata 4.1.4. By sending multiple IPv4 packets that have invalid IPv4Options, the function IPV4OptValidateTimestamp in decode-ipv4.c tries to access a memory region that is not allocated. There is a check for o->len data + 3)" places one beyond the 3 bytes, because t...

9.8CVSS9.4AI score0.00619EPSS

CVE•added 2019/09/24 8:15 p.m.•67 views

CVE-2019-16410

An issue was discovered in Suricata 4.1.4. By sending multiple fragmented IPv4 packets, the function Defrag4Reassemble in defrag.c tries to access a memory region that is not allocated, because of a lack of header_len checking.

9.1CVSS9.1AI score0.00725EPSS

CVE•added 2019/09/24 8:15 p.m.•66 views

CVE-2019-15699

An issue was discovered in app-layer-ssl.c in Suricata 4.1.4. Upon receiving a corrupted SSLv3 (TLS 1.2) packet, the parser function TLSDecodeHSHelloExtensions tries to access a memory region that is not allocated, because the expected length of HSHelloExtensions does not match the real length of t...

9.1CVSS9AI score0.00607EPSS

CVE•added 2019/05/13 9:29 p.m.•45 views

CVE-2019-10053

An issue was discovered in Suricata 4.1.x before 4.1.4. If the input of the function SSHParseBanner is composed only of a \n character, then the program runs into a heap-based buffer over-read. This occurs because the erroneous search for \r results in an integer underflow.

9.8CVSS9.4AI score0.00607EPSS