CVE-2026-22263

EPSS 0.02%
Veröffentlicht 27.01.2026 18:27:45
Zuletzt bearbeitet 29.01.2026 21:00:55
Quelle security-advisories@github.com
CVE-Watchlists
Login
Unerledigt
Login

Suricata is a network IDS, IPS and NSM engine. Starting in version 8.0.0 and prior to version 8.0.3, inefficiency in http1 headers parsing can lead to slowdown over multiple packets. Version 8.0.3 patches the issue. No known workarounds are available.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 6

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Oisf ≫ Suricata Version >= 8.0.0 < 8.0.3

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.02%	0.041

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
security-advisories@github.com	5.3	3.9	1.4	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

CWE-1050 Excessive Platform Resource Consumption within a Loop

The product has a loop body or loop condition that contains a control element that directly or indirectly consumes platform resources, e.g. messaging, sessions, locks, or file descriptors.

https://github.com/OISF/suricata/security/advisories/GHSA-rwc5-hxj6-hwx7

Vendor Advisory

https://github.com/OISF/suricata/commit/018a377f74e3eb2b042c6f783ad9043060923428

Patch

https://redmine.openinfosecfoundation.org/issues/8201

Permissions Required

https://nvd.nist.gov/vuln/detail/CVE-2026-22263

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2026-22263

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2026-22263

EUVD