{"url":"http://public2.vulnerablecode.io/api/packages/114946?format=json","purl":"pkg:apk/alpine/suricata@7.0.6-r0?arch=x86_64&distroversion=v3.21&reponame=community","type":"apk","namespace":"alpine","name":"suricata","version":"7.0.6-r0","qualifiers":{"arch":"x86_64","distroversion":"v3.21","reponame":"community"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"7.0.7-r0","latest_non_vulnerable_version":"7.0.8-r0","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/52814?format=json","vulnerability_id":"VCID-32h7-m9mm-5yaq","summary":"Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.5 and 6.0.19, various problems in handling of fragmentation anomalies can lead to mis-detection of rules and policy. This vulnerability is fixed in 7.0.5 or 6.0.19.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32867","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32867"},{"reference_url":"https://github.com/OISF/suricata/commit/1e110d0a71db46571040b937e17a4bc9f91d6de9","reference_id":"1e110d0a71db46571040b937e17a4bc9f91d6de9","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-07T18:45:46Z/"}],"url":"https://github.com/OISF/suricata/commit/1e110d0a71db46571040b937e17a4bc9f91d6de9"},{"reference_url":"https://github.com/OISF/suricata/commit/2f39ba75f153ba9bdf8eedc2a839cc973dbaea66","reference_id":"2f39ba75f153ba9bdf8eedc2a839cc973dbaea66","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-07T18:45:46Z/"}],"url":"https://github.com/OISF/suricata/commit/2f39ba75f153ba9bdf8eedc2a839cc973dbaea66"},{"reference_url":"https://github.com/OISF/suricata/commit/414f97c6695c5a2e1d378a36a6f50d7288767634","reference_id":"414f97c6695c5a2e1d378a36a6f50d7288767634","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-07T18:45:46Z/"}],"url":"https://github.com/OISF/suricata/commit/414f97c6695c5a2e1d378a36a6f50d7288767634"},{"reference_url":"https://redmine.openinfosecfoundation.org/issues/6672","reference_id":"6672","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-07T18:45:46Z/"}],"url":"https://redmine.openinfosecfoundation.org/issues/6672"},{"reference_url":"https://redmine.openinfosecfoundation.org/issues/6673","reference_id":"6673","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-07T18:45:46Z/"}],"url":"https://redmine.openinfosecfoundation.org/issues/6673"},{"reference_url":"https://redmine.openinfosecfoundation.org/issues/6677","reference_id":"6677","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-07T18:45:46Z/"}],"url":"https://redmine.openinfosecfoundation.org/issues/6677"},{"reference_url":"https://github.com/OISF/suricata/commit/bf3d420fb709ebe074019a99e3bd3a2364524a4b","reference_id":"bf3d420fb709ebe074019a99e3bd3a2364524a4b","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-07T18:45:46Z/"}],"url":"https://github.com/OISF/suricata/commit/bf3d420fb709ebe074019a99e3bd3a2364524a4b"},{"reference_url":"https://github.com/OISF/suricata/commit/d13bd2ae217a6d2ceb347f74d27cbfcd37b9bda9","reference_id":"d13bd2ae217a6d2ceb347f74d27cbfcd37b9bda9","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-07T18:45:46Z/"}],"url":"https://github.com/OISF/suricata/commit/d13bd2ae217a6d2ceb347f74d27cbfcd37b9bda9"},{"reference_url":"https://github.com/OISF/suricata/commit/e6267758ed5da27f804f0c1c07f9423bdf4d72b8","reference_id":"e6267758ed5da27f804f0c1c07f9423bdf4d72b8","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-07T18:45:46Z/"}],"url":"https://github.com/OISF/suricata/commit/e6267758ed5da27f804f0c1c07f9423bdf4d72b8"},{"reference_url":"https://github.com/OISF/suricata/security/advisories/GHSA-xvrx-88mv-xcq5","reference_id":"GHSA-xvrx-88mv-xcq5","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-07T18:45:46Z/"}],"url":"https://github.com/OISF/suricata/security/advisories/GHSA-xvrx-88mv-xcq5"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/114946?format=json","purl":"pkg:apk/alpine/suricata@7.0.6-r0?arch=x86_64&distroversion=v3.21&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/suricata@7.0.6-r0%3Farch=x86_64&distroversion=v3.21&reponame=community"}],"aliases":["CVE-2024-32867"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-32h7-m9mm-5yaq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37323?format=json","vulnerability_id":"VCID-76e2-93ej-5yeg","summary":"Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Suricata can run out of memory when parsing crafted HTTP/2 traffic. Upgrade to 6.0.20 or 7.0.6.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38535","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38535"},{"reference_url":"https://github.com/OISF/suricata/commit/62d5cac1b8483d5f9d2b79833a4e59f5d80129b7","reference_id":"62d5cac1b8483d5f9d2b79833a4e59f5d80129b7","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-11T15:02:37Z/"}],"url":"https://github.com/OISF/suricata/commit/62d5cac1b8483d5f9d2b79833a4e59f5d80129b7"},{"reference_url":"https://redmine.openinfosecfoundation.org/issues/7104","reference_id":"7104","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-11T15:02:37Z/"}],"url":"https://redmine.openinfosecfoundation.org/issues/7104"},{"reference_url":"https://redmine.openinfosecfoundation.org/issues/7105","reference_id":"7105","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-11T15:02:37Z/"}],"url":"https://redmine.openinfosecfoundation.org/issues/7105"},{"reference_url":"https://redmine.openinfosecfoundation.org/issues/7112","reference_id":"7112","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-11T15:02:37Z/"}],"url":"https://redmine.openinfosecfoundation.org/issues/7112"},{"reference_url":"https://github.com/OISF/suricata/commit/c82fa5ca0d1ce0bd8f936e0b860707a6571373b2","reference_id":"c82fa5ca0d1ce0bd8f936e0b860707a6571373b2","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-11T15:02:37Z/"}],"url":"https://github.com/OISF/suricata/commit/c82fa5ca0d1ce0bd8f936e0b860707a6571373b2"},{"reference_url":"https://github.com/OISF/suricata/security/advisories/GHSA-cg8j-7mwm-v563","reference_id":"GHSA-cg8j-7mwm-v563","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-11T15:02:37Z/"}],"url":"https://github.com/OISF/suricata/security/advisories/GHSA-cg8j-7mwm-v563"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/114946?format=json","purl":"pkg:apk/alpine/suricata@7.0.6-r0?arch=x86_64&distroversion=v3.21&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/suricata@7.0.6-r0%3Farch=x86_64&distroversion=v3.21&reponame=community"}],"aliases":["CVE-2024-38535"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-76e2-93ej-5yeg"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/suricata@7.0.6-r0%3Farch=x86_64&distroversion=v3.21&reponame=community"}