CRITICAL🇵🇱 Wersja polska

CVE-2021-37592

CVSS 9.8v3.1pub. 2021-11-19upd. 2024-11-21

Suricata before 5.0.8 and 6.x before 6.0.4 allows TCP evasion via a client with a crafted TCP/IP stack that can send a certain sequence of segments.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Oisf Suricata

    APP
    Oisf
    < 5.0.86.0.0 – 6.0.4 (bez)
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2023-35853CRITICAL9.8ten sam produkt

In Suricata before 6.0.13, an adversary who controls an external source of Lua rules may be able to execute Lu...

CVE-2019-18792CRITICAL9.1ten sam produkt

An issue was discovered in Suricata 5.0.0. It is possible to bypass/evade any tcp based signature by overlappi...

CVE-2018-10244CRITICAL9.8ten sam produkt

Suricata version 4.0.4 incorrectly handles the parsing of an EtherNet/IP PDU. A malformed PDU can cause the pa...

CVE-2026-31931HIGH7.5ten sam produkt

Suricata is a network IDS, IPS and NSM engine. From version 8.0.0 to before version 8.0.4, use of the "tls.alp...

CVE-2026-31932HIGH7.5ten sam produkt

Suricata is a network IDS, IPS and NSM engine. Prior to versions 7.0.15 and 8.0.4, inefficiency in KRB5 buffer...