{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-21T07:05:23.016","vulnerabilities":[{"cve":{"id":"CVE-2024-23836","sourceIdentifier":"security-advisories@github.com","published":"2024-02-26T16:27:57.693","lastModified":"2024-12-19T19:26:20.673","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to versions 6.0.16 and 7.0.3, an attacker can craft traffic to cause Suricata to use far more CPU and memory for processing the traffic than needed, which can lead to extreme slow downs and denial of service.  This vulnerability is patched in 6.0.16 or 7.0.3.  Workarounds include disabling the affected protocol app-layer parser in the yaml and reducing the `stream.reassembly.depth` value helps reduce the severity of the issue."},{"lang":"es","value":"Suricata es un sistema de detección de intrusiones en la red, un sistema de prevención de intrusiones y un motor de monitoreo de seguridad de la red. Antes de las versiones 6.0.16 y 7.0.3, un atacante podía manipular el tráfico para hacer que Suricata utilizara mucha más CPU y memoria de la necesaria para procesar el tráfico, lo que puede provocar ralentizaciones extremas y denegación de servicio. Esta vulnerabilidad está parcheada en 6.0.16 o 7.0.3. Los workarounds incluyen deshabilitar el analizador de la capa de aplicación del protocolo afectado en el yaml y reducir el valor `stream.reassembly. Depth` ayuda a reducir la gravedad del problema."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-770"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-770"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oisf:suricata:*:*:*:*:*:*:*:*","versionEndExcluding":"6.0.16","matchCriteriaId":"E9AB3B22-820A-45AE-A0F1-B07C53FEB22E"},{"vulnerable":true,"criteria":"cpe:2.3:a:oisf:suricata:*:*:*:*:*:*:*:*","versionStartIncluding":"7.0.0","versionEndExcluding":"7.0.3","matchCriteriaId":"8AD3DB8D-5FEF-43FD-8E47-5EF72479EF29"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*","matchCriteriaId":"CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"},{"vulnerable":true,"criteria":"cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*","matchCriteriaId":"B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646"}]}]}],"references":[{"url":"https://github.com/OISF/suricata/commit/18841a58da71e735ddf4e52cbfa6989755ecbeb7","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/OISF/suricata/commit/2a2120ecf10c5b5713ec2bf59469fe57f7b5b747","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/OISF/suricata/commit/83c5567ea7b0b28376f57dcfee9c6301448c7bc7","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/OISF/suricata/commit/8efaebe293e2a74c8e323fa85a6f5fadf82801bc","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/OISF/suricata/commit/97953998d2d60673ed6c30ddfb6a2d59b4230f97","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/OISF/suricata/commit/b1549e930f6426eeff43f12b672337cbcda566b8","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/OISF/suricata/commit/cd035d59e3df157b606f4fe67324ea8e437be786","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/OISF/suricata/commit/ce9b90326949c94a46611d6394e28600ee5e8bd5","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/OISF/suricata/commit/e7e28822f473320658d6125f16ac3f0524baff01","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/OISF/suricata/commit/f9de1cca6182e571f1c02387dca6e695e55608af","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/OISF/suricata/security/advisories/GHSA-q33q-45cr-3cpc","source":"security-advisories@github.com","tags":["Vendor Advisory"]},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GOCOBFUTIFHOP2PZOH4ENRFXRBHIRKK4/","source":"security-advisories@github.com","tags":["Mailing List"]},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXJIT7R53ZXROO3I256RFUWTIW4ECK6P/","source":"security-advisories@github.com","tags":["Mailing List"]},{"url":"https://redmine.openinfosecfoundation.org/issues/6531","source":"security-advisories@github.com","tags":["Issue Tracking"]},{"url":"https://redmine.openinfosecfoundation.org/issues/6532","source":"security-advisories@github.com","tags":["Issue Tracking"]},{"url":"https://redmine.openinfosecfoundation.org/issues/6540","source":"security-advisories@github.com","tags":["Issue Tracking"]},{"url":"https://redmine.openinfosecfoundation.org/issues/6658","source":"security-advisories@github.com","tags":["Issue Tracking"]},{"url":"https://redmine.openinfosecfoundation.org/issues/6659","source":"security-advisories@github.com","tags":["Issue Tracking"]},{"url":"https://redmine.openinfosecfoundation.org/issues/6660","source":"security-advisories@github.com","tags":["Issue Tracking"]},{"url":"https://github.com/OISF/suricata/commit/18841a58da71e735ddf4e52cbfa6989755ecbeb7","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://github.com/OISF/suricata/commit/2a2120ecf10c5b5713ec2bf59469fe57f7b5b747","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://github.com/OISF/suricata/commit/83c5567ea7b0b28376f57dcfee9c6301448c7bc7","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://github.com/OISF/suricata/commit/8efaebe293e2a74c8e323fa85a6f5fadf82801bc","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://github.com/OISF/suricata/commit/97953998d2d60673ed6c30ddfb6a2d59b4230f97","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://github.com/OISF/suricata/commit/b1549e930f6426eeff43f12b672337cbcda566b8","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://github.com/OISF/suricata/commit/cd035d59e3df157b606f4fe67324ea8e437be786","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://github.com/OISF/suricata/commit/ce9b90326949c94a46611d6394e28600ee5e8bd5","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://github.com/OISF/suricata/commit/e7e28822f473320658d6125f16ac3f0524baff01","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://github.com/OISF/suricata/commit/f9de1cca6182e571f1c02387dca6e695e55608af","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://github.com/OISF/suricata/security/advisories/GHSA-q33q-45cr-3cpc","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GOCOBFUTIFHOP2PZOH4ENRFXRBHIRKK4/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List"]},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXJIT7R53ZXROO3I256RFUWTIW4ECK6P/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List"]},{"url":"https://redmine.openinfosecfoundation.org/issues/6531","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking"]},{"url":"https://redmine.openinfosecfoundation.org/issues/6532","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking"]},{"url":"https://redmine.openinfosecfoundation.org/issues/6540","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking"]},{"url":"https://redmine.openinfosecfoundation.org/issues/6658","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking"]},{"url":"https://redmine.openinfosecfoundation.org/issues/6659","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking"]},{"url":"https://redmine.openinfosecfoundation.org/issues/6660","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking"]}]}}]}