| Bug | buster | bullseye | bookworm | trixie | sid | Description |
|---|
| CVE-2024-28870 | vulnerable | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable | fixed | Suricata is a network Intrusion Detection System, Intrusion Prevention ... |
| CVE-2024-23836 | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | Suricata is a network Intrusion Detection System, Intrusion Prevention ... |
| CVE-2023-35853 | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | In Suricata before 6.0.13, an adversary who controls an external sourc ... |
| CVE-2023-35852 | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | In Suricata before 6.0.13 (when there is an adversary who controls an ... |
| CVE-2021-45098 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | An issue was discovered in Suricata before 6.0.4. It is possible to by ... |
| CVE-2021-37592 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | Suricata before 5.0.8 and 6.x before 6.0.4 allows TCP evasion via a cl ... |
| CVE-2021-35063 | vulnerable (no DSA) | fixed | fixed | fixed | fixed | Suricata before 5.0.7 and 6.x before 6.0.3 has a "critical evasion." |
| CVE-2019-1010279 | vulnerable (no DSA) | fixed | fixed | fixed | fixed | Open Information Security Foundation Suricata prior to version 4.1.3 i ... |
| CVE-2019-18792 | vulnerable (no DSA) | fixed | fixed | fixed | fixed | An issue was discovered in Suricata 5.0.0. It is possible to bypass/ev ... |
| CVE-2019-18625 | vulnerable (no DSA) | fixed | fixed | fixed | fixed | An issue was discovered in Suricata 5.0.0. It was possible to bypass/e ... |
| CVE-2019-16411 | vulnerable (no DSA) | fixed | fixed | fixed | fixed | An issue was discovered in Suricata 4.1.4. By sending multiple IPv4 pa ... |
| CVE-2019-16410 | vulnerable (no DSA) | fixed | fixed | fixed | fixed | An issue was discovered in Suricata 4.1.4. By sending multiple fragmen ... |
| CVE-2019-15699 | vulnerable (no DSA) | fixed | fixed | fixed | fixed | An issue was discovered in app-layer-ssl.c in Suricata 4.1.4. Upon rec ... |
| CVE-2019-10056 | vulnerable (no DSA) | fixed | fixed | fixed | fixed | An issue was discovered in Suricata 4.1.3. The code mishandles the cas ... |
| CVE-2019-10055 | vulnerable (no DSA) | fixed | fixed | fixed | fixed | An issue was discovered in Suricata 4.1.3. The function ftp_pasv_respo ... |
| CVE-2019-10054 | vulnerable (no DSA) | fixed | fixed | fixed | fixed | An issue was discovered in Suricata 4.1.3. The function process_reply_ ... |
| CVE-2019-10053 | vulnerable (no DSA) | fixed | fixed | fixed | fixed | An issue was discovered in Suricata 4.1.x before 4.1.4. If the input o ... |
| CVE-2019-10052 | vulnerable (no DSA) | fixed | fixed | fixed | fixed | An issue was discovered in Suricata 4.1.3. If the network packet does ... |
| CVE-2019-10051 | vulnerable (no DSA) | fixed | fixed | fixed | fixed | An issue was discovered in Suricata 4.1.3. If the function filetracker ... |
| CVE-2019-10050 | vulnerable (no DSA) | fixed | fixed | fixed | fixed | A buffer over-read issue was discovered in Suricata 4.1.x before 4.1.4 ... |
| Bug | Description |
|---|
| TEMP-0856648-2BC2C9 | dns: out of bound memory read |
| TEMP-0783007-4C0B51 | http uri parsing issue |
| TEMP-0000000-C04FE8 | dcerpc: exit()'s on malloc failure |
| CVE-2024-24568 | Suricata is a network Intrusion Detection System, Intrusion Prevention ... |
| CVE-2024-23839 | Suricata is a network Intrusion Detection System, Intrusion Prevention ... |
| CVE-2024-23835 | Suricata is a network Intrusion Detection System, Intrusion Prevention ... |
| CVE-2019-1010251 | Open Information Security Foundation Suricata prior to version 4.1.2 i ... |
| CVE-2018-18956 | The ProcessMimeEntity function in util-decode-mime.c in Suricata 4.x b ... |
| CVE-2018-14568 | Suricata before 4.0.5 stops TCP stream inspection upon a TCP RST from ... |
| CVE-2018-10244 | Suricata version 4.0.4 incorrectly handles the parsing of an EtherNet/ ... |
| CVE-2018-10243 | htp_parse_authorization_digest in htp_parsers.c in LibHTP 0.5.26 allow ... |
| CVE-2018-10242 | Suricata version 4.0.4 incorrectly handles the parsing of the SSH bann ... |
| CVE-2018-6794 | Suricata before 4.0.4 is prone to an HTTP detection bypass vulnerabili ... |
| CVE-2017-15377 | In Suricata before 4.x, it was possible to trigger lots of redundant c ... |
| CVE-2017-7177 | Suricata before 3.2.1 has an IPv4 defragmentation evasion issue caused ... |
| CVE-2016-10728 | An issue was discovered in Suricata before 3.1.2. If an ICMPv4 error p ... |
| CVE-2015-8954 | The MemcmpLowercase function in Suricata before 2.0.6 improperly exclu ... |
| CVE-2015-0971 | The DER parser in Suricata before 2.0.8 allows remote attackers to cau ... |
| CVE-2015-0928 | libhtp 0.5.15 allows remote attackers to cause a denial of service (NU ... |
| CVE-2014-6603 | The SSHParseBanner function in SSH parser (app-layer-ssh.c) in Suricat ... |
| CVE-2013-5919 | Suricata before 1.4.6 allows remote attackers to cause a denial of ser ... |