Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2024-24568

Опубликовано: 26 фев. 2024
Источник: debian
EPSS Низкий

Описание

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.3, the rules inspecting HTTP2 headers can get bypassed by crafted traffic. The vulnerability has been patched in 7.0.3.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
suricatafixed1:7.0.3-1package
suricatanot-affectedbookwormpackage
suricatanot-affectedbullseyepackage
suricatanot-affectedbusterpackage

Примечания

  • https://github.com/OISF/suricata/security/advisories/GHSA-gv29-5hqw-5h8c

  • https://github.com/OISF/suricata/commit/478a2a38f54e2ae235f8486bff87d7d66b6307f0 (suricata-7.0.3)

  • https://redmine.openinfosecfoundation.org/issues/6717

EPSS

Процентиль: 22%
0.00074
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2024-24568

CVSS3: 5.3
ubuntu
почти 2 года назад

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.3, the rules inspecting HTTP2 headers can get bypassed by crafted traffic. The vulnerability has been patched in 7.0.3.

nvd логотип

CVE-2024-24568

CVSS3: 5.3
nvd
почти 2 года назад

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.3, the rules inspecting HTTP2 headers can get bypassed by crafted traffic. The vulnerability has been patched in 7.0.3.

fstec логотип

BDU:2024-01184

CVSS3: 5.3
fstec
почти 2 года назад

Уязвимость системы обнаружения и предотвращения вторжений Suricata, связанная с недостатками разграничения доступа, позволяющая нарушителю оказать влияние на целостность защищаемой информации

EPSS

Процентиль: 22%
0.00074
Низкий