Описание
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.3, specially crafted traffic can cause a heap use after free if the ruleset uses the http.request_header or http.response_header keyword. The vulnerability has been patched in 7.0.3. To work around the vulnerability, avoid the http.request_header and http.response_header keywords.
Ссылки
- Patch
- MitigationVendor Advisory
- Mailing List
- Mailing List
- Issue Tracking
- Patch
- MitigationVendor Advisory
- Mailing List
- Mailing List
- Issue Tracking
Уязвимые конфигурации
Одно из
EPSS
7.1 High
CVSS3
8.1 High
CVSS3
Дефекты
Связанные уязвимости
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.3, specially crafted traffic can cause a heap use after free if the ruleset uses the http.request_header or http.response_header keyword. The vulnerability has been patched in 7.0.3. To work around the vulnerability, avoid the http.request_header and http.response_header keywords.
Suricata is a network Intrusion Detection System, Intrusion Prevention ...
Уязвимость системы обнаружения и предотвращения вторжений Suricata, связанная с использованием памяти после её освобождения, позволяющая нарушителю оказать влияние на целостность и доступность защищаемой информации
EPSS
7.1 High
CVSS3
8.1 High
CVSS3