Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2026-22263

Опубликовано: 27 янв. 2026
Источник: redhat
CVSS3: 5.3
EPSS Низкий

Описание

Suricata is a network IDS, IPS and NSM engine. Starting in version 8.0.0 and prior to version 8.0.3, inefficiency in http1 headers parsing can lead to slowdown over multiple packets. Version 8.0.3 patches the issue. No known workarounds are available.

A flaw was found in Suricata, a network Intrusion Detection System (IDS), Intrusion Prevention System (IPS), and Network Security Monitoring (NSM) engine. A remote attacker can exploit an inefficiency in HTTP/1 header parsing by sending multiple packets with specially crafted headers. This can lead to a significant slowdown in the system's performance, resulting in a Denial of Service (DoS).

Отчет

This vulnerability has a MODERATE impact. Inefficiency in HTTP/1 header parsing over multiple packets in Suricata versions 8.0.0 through 8.0.2 can lead to a denial of service (slowdown). Red Hat customers using Suricata as a network IDS/IPS/NSM engine that processes untrusted HTTP/1 traffic may be affected.

Меры по смягчению последствий

Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-1050
https://bugzilla.redhat.com/show_bug.cgi?id=2433481suricata: Suricata: Denial of Service via inefficient HTTP/1 header parsing

EPSS

Процентиль: 5%
0.0002
Низкий

5.3 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2026-22263

CVSS3: 5.3
ubuntu
2 месяца назад

Suricata is a network IDS, IPS and NSM engine. Starting in version 8.0.0 and prior to version 8.0.3, inefficiency in http1 headers parsing can lead to slowdown over multiple packets. Version 8.0.3 patches the issue. No known workarounds are available.

nvd логотип

CVE-2026-22263

CVSS3: 5.3
nvd
2 месяца назад

Suricata is a network IDS, IPS and NSM engine. Starting in version 8.0.0 and prior to version 8.0.3, inefficiency in http1 headers parsing can lead to slowdown over multiple packets. Version 8.0.3 patches the issue. No known workarounds are available.

debian логотип

CVE-2026-22263

CVSS3: 5.3
debian
2 месяца назад

Suricata is a network IDS, IPS and NSM engine. Starting in version 8.0 ...

fstec логотип

BDU:2026-00954

CVSS3: 7.5
fstec
3 месяца назад

Уязвимость системы обнаружения и предотвращения вторжений Suricata, связанная с чрезмерной загрузкой центрально процессора, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 5%
0.0002
Низкий

5.3 Medium

CVSS3