{"url":"http://public2.vulnerablecode.io/api/packages/114938?format=json","purl":"pkg:apk/alpine/suricata@7.0.6-r0?arch=aarch64&distroversion=v3.21&reponame=community","type":"apk","namespace":"alpine","name":"suricata","version":"7.0.6-r0","qualifiers":{"arch":"aarch64","distroversion":"v3.21","reponame":"community"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"7.0.7-r0","latest_non_vulnerable_version":"7.0.8-r0","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/45307?format=json","vulnerability_id":"VCID-22w1-cvnv-fbfy","summary":"Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. \nMishandling of multiple fragmented packets using the same IP ID value can lead to packet reassembly failure, which can lead to policy bypass. Upgrade to 7.0.6 or 6.0.20. When using af-packet, enable `defrag` to reduce the scope of the problem.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-37151","reference_id":"","reference_type":"","scores":[{"value":"0.005","scoring_system":"epss","scoring_elements":"0.66406","published_at":"2026-06-11T12:55:00Z"},{"value":"0.005","scoring_system":"epss","scoring_elements":"0.66512","published_at":"2026-06-14T12:55:00Z"},{"value":"0.005","scoring_system":"epss","scoring_elements":"0.66514","published_at":"2026-06-13T12:55:00Z"},{"value":"0.005","scoring_system":"epss","scoring_elements":"0.66499","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-37151"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37151","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37151"},{"reference_url":"https://redmine.openinfosecfoundation.org/issues/7041","reference_id":"7041","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-11T15:59:30Z/"}],"url":"https://redmine.openinfosecfoundation.org/issues/7041"},{"reference_url":"https://redmine.openinfosecfoundation.org/issues/7042","reference_id":"7042","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-11T15:59:30Z/"}],"url":"https://redmine.openinfosecfoundation.org/issues/7042"},{"reference_url":"https://github.com/OISF/suricata/commit/9d5c4273cb7e5ca65f195f7361f0d848c85180e0","reference_id":"9d5c4273cb7e5ca65f195f7361f0d848c85180e0","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-11T15:59:30Z/"}],"url":"https://github.com/OISF/suricata/commit/9d5c4273cb7e5ca65f195f7361f0d848c85180e0"},{"reference_url":"https://github.com/OISF/suricata/commit/aab7f35c76721df19403a7c0c0025feae12f3b6b","reference_id":"aab7f35c76721df19403a7c0c0025feae12f3b6b","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-11T15:59:30Z/"}],"url":"https://github.com/OISF/suricata/commit/aab7f35c76721df19403a7c0c0025feae12f3b6b"},{"reference_url":"https://github.com/OISF/suricata/security/advisories/GHSA-qrp7-g66m-px24","reference_id":"GHSA-qrp7-g66m-px24","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-11T15:59:30Z/"}],"url":"https://github.com/OISF/suricata/security/advisories/GHSA-qrp7-g66m-px24"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/114938?format=json","purl":"pkg:apk/alpine/suricata@7.0.6-r0?arch=aarch64&distroversion=v3.21&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/suricata@7.0.6-r0%3Farch=aarch64&distroversion=v3.21&reponame=community"}],"aliases":["CVE-2024-37151"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-22w1-cvnv-fbfy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/52814?format=json","vulnerability_id":"VCID-32h7-m9mm-5yaq","summary":"Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.5 and 6.0.19, various problems in handling of fragmentation anomalies can lead to mis-detection of rules and policy. This vulnerability is fixed in 7.0.5 or 6.0.19.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-32867","reference_id":"","reference_type":"","scores":[{"value":"0.00847","scoring_system":"epss","scoring_elements":"0.75288","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00847","scoring_system":"epss","scoring_elements":"0.75368","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00847","scoring_system":"epss","scoring_elements":"0.75373","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00847","scoring_system":"epss","scoring_elements":"0.75359","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-32867"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32867","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32867"},{"reference_url":"https://github.com/OISF/suricata/commit/1e110d0a71db46571040b937e17a4bc9f91d6de9","reference_id":"1e110d0a71db46571040b937e17a4bc9f91d6de9","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-07T18:45:46Z/"}],"url":"https://github.com/OISF/suricata/commit/1e110d0a71db46571040b937e17a4bc9f91d6de9"},{"reference_url":"https://github.com/OISF/suricata/commit/2f39ba75f153ba9bdf8eedc2a839cc973dbaea66","reference_id":"2f39ba75f153ba9bdf8eedc2a839cc973dbaea66","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-07T18:45:46Z/"}],"url":"https://github.com/OISF/suricata/commit/2f39ba75f153ba9bdf8eedc2a839cc973dbaea66"},{"reference_url":"https://github.com/OISF/suricata/commit/414f97c6695c5a2e1d378a36a6f50d7288767634","reference_id":"414f97c6695c5a2e1d378a36a6f50d7288767634","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-07T18:45:46Z/"}],"url":"https://github.com/OISF/suricata/commit/414f97c6695c5a2e1d378a36a6f50d7288767634"},{"reference_url":"https://redmine.openinfosecfoundation.org/issues/6672","reference_id":"6672","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-07T18:45:46Z/"}],"url":"https://redmine.openinfosecfoundation.org/issues/6672"},{"reference_url":"https://redmine.openinfosecfoundation.org/issues/6673","reference_id":"6673","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-07T18:45:46Z/"}],"url":"https://redmine.openinfosecfoundation.org/issues/6673"},{"reference_url":"https://redmine.openinfosecfoundation.org/issues/6677","reference_id":"6677","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-07T18:45:46Z/"}],"url":"https://redmine.openinfosecfoundation.org/issues/6677"},{"reference_url":"https://github.com/OISF/suricata/commit/bf3d420fb709ebe074019a99e3bd3a2364524a4b","reference_id":"bf3d420fb709ebe074019a99e3bd3a2364524a4b","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-07T18:45:46Z/"}],"url":"https://github.com/OISF/suricata/commit/bf3d420fb709ebe074019a99e3bd3a2364524a4b"},{"reference_url":"https://github.com/OISF/suricata/commit/d13bd2ae217a6d2ceb347f74d27cbfcd37b9bda9","reference_id":"d13bd2ae217a6d2ceb347f74d27cbfcd37b9bda9","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-07T18:45:46Z/"}],"url":"https://github.com/OISF/suricata/commit/d13bd2ae217a6d2ceb347f74d27cbfcd37b9bda9"},{"reference_url":"https://github.com/OISF/suricata/commit/e6267758ed5da27f804f0c1c07f9423bdf4d72b8","reference_id":"e6267758ed5da27f804f0c1c07f9423bdf4d72b8","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-07T18:45:46Z/"}],"url":"https://github.com/OISF/suricata/commit/e6267758ed5da27f804f0c1c07f9423bdf4d72b8"},{"reference_url":"https://github.com/OISF/suricata/security/advisories/GHSA-xvrx-88mv-xcq5","reference_id":"GHSA-xvrx-88mv-xcq5","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-07T18:45:46Z/"}],"url":"https://github.com/OISF/suricata/security/advisories/GHSA-xvrx-88mv-xcq5"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/114938?format=json","purl":"pkg:apk/alpine/suricata@7.0.6-r0?arch=aarch64&distroversion=v3.21&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/suricata@7.0.6-r0%3Farch=aarch64&distroversion=v3.21&reponame=community"}],"aliases":["CVE-2024-32867"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-32h7-m9mm-5yaq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/53154?format=json","vulnerability_id":"VCID-3sax-gc7w-tkg4","summary":"Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.5 and 6.0.19, a small amount of HTTP/2 traffic can lead to Suricata using a large amount of memory. The issue has been addressed in Suricata 7.0.5 and 6.0.19. Workarounds include disabling the HTTP/2 parser and reducing `app-layer.protocols.http2.max-table-size` value (default is 65536).","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-32663","reference_id":"","reference_type":"","scores":[{"value":"0.00357","scoring_system":"epss","scoring_elements":"0.58314","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00357","scoring_system":"epss","scoring_elements":"0.58431","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00357","scoring_system":"epss","scoring_elements":"0.58442","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00357","scoring_system":"epss","scoring_elements":"0.58426","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-32663"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32663","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32663"},{"reference_url":"https://github.com/OISF/suricata/commit/08d93f7c3762781b743f88f9fdc4389eb9c3eb64","reference_id":"08d93f7c3762781b743f88f9fdc4389eb9c3eb64","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-07T17:39:47Z/"}],"url":"https://github.com/OISF/suricata/commit/08d93f7c3762781b743f88f9fdc4389eb9c3eb64"},{"reference_url":"https://redmine.openinfosecfoundation.org/issues/6892","reference_id":"6892","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-07T17:39:47Z/"}],"url":"https://redmine.openinfosecfoundation.org/issues/6892"},{"reference_url":"https://redmine.openinfosecfoundation.org/issues/6900","reference_id":"6900","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-07T17:39:47Z/"}],"url":"https://redmine.openinfosecfoundation.org/issues/6900"},{"reference_url":"https://github.com/OISF/suricata/commit/c0af92295e833d1db29b184d63cd3b829451d7fd","reference_id":"c0af92295e833d1db29b184d63cd3b829451d7fd","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-07T17:39:47Z/"}],"url":"https://github.com/OISF/suricata/commit/c0af92295e833d1db29b184d63cd3b829451d7fd"},{"reference_url":"https://github.com/OISF/suricata/commit/d24b37a103c04bb2667e449e080ba4c8e56bb019","reference_id":"d24b37a103c04bb2667e449e080ba4c8e56bb019","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-07T17:39:47Z/"}],"url":"https://github.com/OISF/suricata/commit/d24b37a103c04bb2667e449e080ba4c8e56bb019"},{"reference_url":"https://github.com/OISF/suricata/commit/e68ec4b227d19498f364a41eb25d3182f0383ca5","reference_id":"e68ec4b227d19498f364a41eb25d3182f0383ca5","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-07T17:39:47Z/"}],"url":"https://github.com/OISF/suricata/commit/e68ec4b227d19498f364a41eb25d3182f0383ca5"},{"reference_url":"https://github.com/OISF/suricata/security/advisories/GHSA-9jxm-qw9v-266r","reference_id":"GHSA-9jxm-qw9v-266r","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-07T17:39:47Z/"}],"url":"https://github.com/OISF/suricata/security/advisories/GHSA-9jxm-qw9v-266r"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/114938?format=json","purl":"pkg:apk/alpine/suricata@7.0.6-r0?arch=aarch64&distroversion=v3.21&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/suricata@7.0.6-r0%3Farch=aarch64&distroversion=v3.21&reponame=community"}],"aliases":["CVE-2024-32663"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3sax-gc7w-tkg4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37323?format=json","vulnerability_id":"VCID-76e2-93ej-5yeg","summary":"Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Suricata can run out of memory when parsing crafted HTTP/2 traffic. Upgrade to 6.0.20 or 7.0.6.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-38535","reference_id":"","reference_type":"","scores":[{"value":"0.01059","scoring_system":"epss","scoring_elements":"0.78037","published_at":"2026-06-11T12:55:00Z"},{"value":"0.01059","scoring_system":"epss","scoring_elements":"0.78113","published_at":"2026-06-14T12:55:00Z"},{"value":"0.01059","scoring_system":"epss","scoring_elements":"0.78118","published_at":"2026-06-13T12:55:00Z"},{"value":"0.01059","scoring_system":"epss","scoring_elements":"0.78105","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-38535"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38535","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38535"},{"reference_url":"https://github.com/OISF/suricata/commit/62d5cac1b8483d5f9d2b79833a4e59f5d80129b7","reference_id":"62d5cac1b8483d5f9d2b79833a4e59f5d80129b7","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-11T15:02:37Z/"}],"url":"https://github.com/OISF/suricata/commit/62d5cac1b8483d5f9d2b79833a4e59f5d80129b7"},{"reference_url":"https://redmine.openinfosecfoundation.org/issues/7104","reference_id":"7104","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-11T15:02:37Z/"}],"url":"https://redmine.openinfosecfoundation.org/issues/7104"},{"reference_url":"https://redmine.openinfosecfoundation.org/issues/7105","reference_id":"7105","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-11T15:02:37Z/"}],"url":"https://redmine.openinfosecfoundation.org/issues/7105"},{"reference_url":"https://redmine.openinfosecfoundation.org/issues/7112","reference_id":"7112","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-11T15:02:37Z/"}],"url":"https://redmine.openinfosecfoundation.org/issues/7112"},{"reference_url":"https://github.com/OISF/suricata/commit/c82fa5ca0d1ce0bd8f936e0b860707a6571373b2","reference_id":"c82fa5ca0d1ce0bd8f936e0b860707a6571373b2","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-11T15:02:37Z/"}],"url":"https://github.com/OISF/suricata/commit/c82fa5ca0d1ce0bd8f936e0b860707a6571373b2"},{"reference_url":"https://github.com/OISF/suricata/security/advisories/GHSA-cg8j-7mwm-v563","reference_id":"GHSA-cg8j-7mwm-v563","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-11T15:02:37Z/"}],"url":"https://github.com/OISF/suricata/security/advisories/GHSA-cg8j-7mwm-v563"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/114938?format=json","purl":"pkg:apk/alpine/suricata@7.0.6-r0?arch=aarch64&distroversion=v3.21&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/suricata@7.0.6-r0%3Farch=aarch64&distroversion=v3.21&reponame=community"}],"aliases":["CVE-2024-38535"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-76e2-93ej-5yeg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37100?format=json","vulnerability_id":"VCID-r1a7-5st1-xbd1","summary":"Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Crafted modbus traffic can lead to unlimited resource accumulation within a flow. Upgrade to 7.0.6. Set a limited stream.reassembly.depth to reduce the issue.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-38534","reference_id":"","reference_type":"","scores":[{"value":"0.0064","scoring_system":"epss","scoring_elements":"0.71031","published_at":"2026-06-11T12:55:00Z"},{"value":"0.0064","scoring_system":"epss","scoring_elements":"0.71132","published_at":"2026-06-14T12:55:00Z"},{"value":"0.0064","scoring_system":"epss","scoring_elements":"0.71134","published_at":"2026-06-13T12:55:00Z"},{"value":"0.0064","scoring_system":"epss","scoring_elements":"0.71121","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-38534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38534"},{"reference_url":"https://redmine.openinfosecfoundation.org/issues/6987","reference_id":"6987","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-11T15:10:00Z/"}],"url":"https://redmine.openinfosecfoundation.org/issues/6987"},{"reference_url":"https://redmine.openinfosecfoundation.org/issues/6988","reference_id":"6988","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-11T15:10:00Z/"}],"url":"https://redmine.openinfosecfoundation.org/issues/6988"},{"reference_url":"https://github.com/OISF/suricata/commit/a753cdbe84caee3b66d0bf49b2712d29a50d67ae","reference_id":"a753cdbe84caee3b66d0bf49b2712d29a50d67ae","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-11T15:10:00Z/"}],"url":"https://github.com/OISF/suricata/commit/a753cdbe84caee3b66d0bf49b2712d29a50d67ae"},{"reference_url":"https://github.com/OISF/suricata/security/advisories/GHSA-59qg-h357-69fq","reference_id":"GHSA-59qg-h357-69fq","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-11T15:10:00Z/"}],"url":"https://github.com/OISF/suricata/security/advisories/GHSA-59qg-h357-69fq"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/114938?format=json","purl":"pkg:apk/alpine/suricata@7.0.6-r0?arch=aarch64&distroversion=v3.21&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/suricata@7.0.6-r0%3Farch=aarch64&distroversion=v3.21&reponame=community"}],"aliases":["CVE-2024-38534"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r1a7-5st1-xbd1"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/suricata@7.0.6-r0%3Farch=aarch64&distroversion=v3.21&reponame=community"}