CVE-2024-55628
HIGHDescription
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.8, DNS resource name compression can lead to small DNS messages containing very large hostnames which can be costly to decode, and lead to very large DNS log records. While there are limits in place, they were too generous. The issue has been addressed in Suricata 7.0.8.
Is your site exposed to CVE-2024-55628?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| oisf | suricata |
References
Advisories & Patches
Other References
Frequently Asked Questions
What is CVE-2024-55628? +
How severe is CVE-2024-55628? +
What products are affected by CVE-2024-55628? +
How do I check if I'm vulnerable to CVE-2024-55628? +
Related Vulnerabilities
AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Prior to 0.6.32, there is …
Chall-Manager is a platform-agnostic system able to start Challenges on Demand of a player. When decoding a scenario (i.e. a …
Altair is a fork of Misskey v12. Affected versions lack of request validation and lack of authentication in the image …
SAP NetWeaver remote service for Xcelsius allows an attacker with network access and high privileges to execute arbitrary code on …
It is possible to construct a zone such that some queries to it will generate responses containing numerous records in …
Deskflow is a keyboard and mouse sharing app. Prior to 1.26.0.167, a remote, unauthenticated denial of service (DoS) vulnerability affects …