CNNVD-202510-018 Information
CNNVD ID
CNNVD-202510-018
Related CVE
- CNNVD Published: 2025-10-01
Description (Chinese)
Suricata是Open Information Security基金会的一个网络IDS、IPS和NSM引擎。 Suricata 8.0.0版本存在安全漏洞,该漏洞源于使用ldap.responses.attribute_type关键字和转换可能导致堆栈缓冲区溢出。
Description (English)
Suricata is a web-based IDS, IPS and NSM engine of the Open Information Security Foundation. There is a security loophole in the Suricata 8.0.0 version, which stems from the use of the ldap.responses.attribute type keywords and conversions that could lead to the spilling out of the stacked buffer zone.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Open Information Security
Published
2025-10-01
Last Modified
2026-02-24
References
https://forum.suricata.io/t/suricata-8-0-1-and-7-0-12-released/6018 https://github.com/OISF/suricata/commit/38a2cba5c397002047d84645f5ab770ff88020e1 https://github.com/OISF/suricata/security/advisories/GHSA-vxcg-38x4-gj7j https://redmine.openinfosecfoundation.org/issues/7861