CNNVD-202511-2827 Information

CNNVD ID

CNNVD-202511-2827

Related CVE

CVE-2025-64334

• CNNVD Published: 2025-11-26

Description (Chinese)

Suricata是Open Information Security基金会的一个网络IDS、IPS和NSM引擎。 Suricata 8.0.0版本至8.0.2之前版本存在安全漏洞，该漏洞源于压缩HTTP数据解压缩时可能导致内存无限增长。

Description (English)

Suricata is a web-based IDS, IPS and NSM engine of the Open Information Security Foundation. There was a security loophole in Suricata, versions 8.0.0 to 8.2, which stemmed from the possibility that the memory could grow indefinitely when HTTP data were compressed.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

Open Information Security

Published

2025-11-26

Last Modified

2026-02-24

References

https://github.com/OISF/suricata/commit/00f04daa3a44928dfdd0003cb9735469272c94a1 https://github.com/OISF/suricata/security/advisories/GHSA-r5jf-v2gx-gx8w

Patch

https://github.com/OISF/suricata/releases