CNNVD-202511-2824 Information

CNNVD ID

CNNVD-202511-2824

Related CVE

CVE-2025-64335

• CNNVD Published: 2025-11-26

Description (Chinese)

Suricata是Open Information Security基金会的一个网络IDS、IPS和NSM引擎。 Suricata 8.0.0版本至8.0.2之前版本存在代码问题漏洞，该漏洞源于entropy关键字与base64_data一起使用时可能导致空指针取消引用。

Description (English)

Suricata is a web-based IDS, IPS and NSM engine of the Open Information Security Foundation. Suricata 8.0.0 to 8.2 had a code problem loophole, which stemmed from the possibility that an entropy keyword, when used with base64 data, could lead to an empty pointer being deleted.

Hazard Level

Medium

Vulnerability Type

代码问题

Affected Vendor

Open Information Security

Published

2025-11-26

Last Modified

2026-02-24

References

https://github.com/OISF/suricata/commit/c935f08cd988600fd0a4f828a585b181dd5de012 https://github.com/OISF/suricata/security/advisories/GHSA-v299-h7p3-q4f2

Patch

https://github.com/OISF/suricata/releases