Security #8209: eve/alert: http xff handling can lead to denial of service (7.0.x backport) - Suricata - Open Information Security Foundation

Actions

Copy link

Security #8209

closed

eve/alert: http xff handling can lead to denial of service (7.0.x backport)

Added by OISF Ticketbot 29 days ago. Updated 9 days ago.

Status:

Closed

Priority:

Normal

Assignee:

Philippe Antoine

Target version:

7.0.14

Affected Versions:

Label:

CVE:

2026-22261

Git IDs:

Severity:

LOW

Disclosure Date:

History
Notes
Property changes

Actions

Copy link

Updated by Juliana Fajardini Reichow 28 days ago

CVE set to 2026-22261

https://github.com/OISF/suricata/security/advisories/GHSA-5jvg-5j3p-34cf

Actions

Copy link

Updated by Victor Julien 27 days ago

Severity set to LOW

LOW as libhtp C handles part of this more efficiently.

Actions

Copy link

Updated by Victor Julien 27 days ago

Status changed from Assigned to Resolved

Actions

Copy link

Updated by Victor Julien 23 days ago

Status changed from Resolved to Closed

Actions

Copy link

Updated by Victor Julien 9 days ago

Private changed from Yes to No

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Suricata

Custom queries

Security #8209

eve/alert: http xff handling can lead to denial of service (7.0.x backport)

Updated by Juliana Fajardini Reichow 28 days ago

Updated by Victor Julien 27 days ago

Updated by Victor Julien 27 days ago

Updated by Victor Julien 23 days ago

Updated by Victor Julien 9 days ago