MEDIUM🇬🇧 English

CVE-2026-22263

CVSS 5.3v3.1pub. 2026-01-27upd. 2026-01-29

Suricata is a network IDS, IPS and NSM engine. Starting in version 8.0.0 and prior to version 8.0.3, inefficiency in http1 headers parsing can lead to slowdown over multiple packets. Version 8.0.3 patches the issue. No known workarounds are available.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
  • Oisf Suricata

    APP
    Oisf
    8.0.0 – 8.0.3 (bez)
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2023-35853CRITICAL9.8ten sam produkt

In Suricata before 6.0.13, an adversary who controls an external source of Lua rules may be able to execute Lu...

CVE-2021-37592CRITICAL9.8ten sam produkt

Suricata before 5.0.8 and 6.x before 6.0.4 allows TCP evasion via a client with a crafted TCP/IP stack that ca...

CVE-2019-18792CRITICAL9.1ten sam produkt

An issue was discovered in Suricata 5.0.0. It is possible to bypass/evade any tcp based signature by overlappi...

CVE-2018-10244CRITICAL9.8ten sam produkt

Suricata version 4.0.4 incorrectly handles the parsing of an EtherNet/IP PDU. A malformed PDU can cause the pa...

CVE-2026-31931HIGH7.5ten sam produkt

Suricata is a network IDS, IPS and NSM engine. From version 8.0.0 to before version 8.0.4, use of the "tls.alp...