Security #8209: eve/alert: http xff handling can lead to denial of service (7.0.x backport) - Suricata - Open Information Security Foundation

Actions

Copy link

Security #8209

closed

eve/alert: http xff handling can lead to denial of service (7.0.x backport)

Added by OISF Ticketbot about 2 months ago. Updated about 1 month ago.

Status:

Closed

Priority:

Normal

Assignee:

Philippe Antoine

Target version:

7.0.14

Affected Versions:

Label:

CVE:

2026-22261

Git IDs:

Severity:

LOW

Disclosure Date:

History
Notes
Property changes

Actions

Copy link

Updated by Juliana Fajardini Reichow about 2 months ago

CVE set to 2026-22261

https://github.com/OISF/suricata/security/advisories/GHSA-5jvg-5j3p-34cf

Actions

Copy link

Updated by Victor Julien about 2 months ago

Severity set to LOW

LOW as libhtp C handles part of this more efficiently.

Actions

Copy link

Updated by Victor Julien about 2 months ago

Status changed from Assigned to Resolved

Actions

Copy link

Updated by Victor Julien about 2 months ago

Status changed from Resolved to Closed

Actions

Copy link

Updated by Victor Julien about 1 month ago

Private changed from Yes to No

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Suricata

Custom queries

Security #8209

eve/alert: http xff handling can lead to denial of service (7.0.x backport)

Updated by Juliana Fajardini Reichow about 2 months ago

Updated by Victor Julien about 2 months ago

Updated by Victor Julien about 2 months ago

Updated by Victor Julien about 2 months ago

Updated by Victor Julien about 1 month ago