{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-22263", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-01-07T05:19:12.923Z", "datePublished": "2026-01-27T18:27:45.351Z", "dateUpdated": "2026-01-27T19:56:34.976Z"}, "containers": {"cna": {"title": "Suricata http1: quadratic complexity in headers parsing over multiple packets", "problemTypes": [{"descriptions": [{"cweId": "CWE-1050", "lang": "en", "description": "CWE-1050: Excessive Platform Resource Consumption within a Loop", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}}], "references": [{"name": "https://github.com/OISF/suricata/security/advisories/GHSA-rwc5-hxj6-hwx7", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/OISF/suricata/security/advisories/GHSA-rwc5-hxj6-hwx7"}, {"name": "https://github.com/OISF/suricata/commit/018a377f74e3eb2b042c6f783ad9043060923428", "tags": ["x_refsource_MISC"], "url": "https://github.com/OISF/suricata/commit/018a377f74e3eb2b042c6f783ad9043060923428"}, {"name": "https://redmine.openinfosecfoundation.org/issues/8201", "tags": ["x_refsource_MISC"], "url": "https://redmine.openinfosecfoundation.org/issues/8201"}], "affected": [{"vendor": "OISF", "product": "suricata", "versions": [{"version": ">= 8.0.0, < 8.0.3", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-01-27T18:27:45.351Z"}, "descriptions": [{"lang": "en", "value": "Suricata is a network IDS, IPS and NSM engine. Starting in version 8.0.0 and prior to version 8.0.3, inefficiency in http1 headers parsing can lead to slowdown over multiple packets. Version 8.0.3 patches the issue. No known workarounds are available."}], "source": {"advisory": "GHSA-rwc5-hxj6-hwx7", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-01-27T19:52:05.707993Z", "id": "CVE-2026-22263", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-27T19:56:34.976Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-22263", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-01-27T19:52:05.707993Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-27T19:56:29.097Z"}}], "cna": {"title": "Suricata http1: quadratic complexity in headers parsing over multiple packets", "source": {"advisory": "GHSA-rwc5-hxj6-hwx7", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "OISF", "product": "suricata", "versions": [{"status": "affected", "version": ">= 8.0.0, < 8.0.3"}]}], "references": [{"url": "https://github.com/OISF/suricata/security/advisories/GHSA-rwc5-hxj6-hwx7", "name": "https://github.com/OISF/suricata/security/advisories/GHSA-rwc5-hxj6-hwx7", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/OISF/suricata/commit/018a377f74e3eb2b042c6f783ad9043060923428", "name": "https://github.com/OISF/suricata/commit/018a377f74e3eb2b042c6f783ad9043060923428", "tags": ["x_refsource_MISC"]}, {"url": "https://redmine.openinfosecfoundation.org/issues/8201", "name": "https://redmine.openinfosecfoundation.org/issues/8201", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "Suricata is a network IDS, IPS and NSM engine. Starting in version 8.0.0 and prior to version 8.0.3, inefficiency in http1 headers parsing can lead to slowdown over multiple packets. Version 8.0.3 patches the issue. No known workarounds are available."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-1050", "description": "CWE-1050: Excessive Platform Resource Consumption within a Loop"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-01-27T18:27:45.351Z"}}}, "cveMetadata": {"cveId": "CVE-2026-22263", "state": "PUBLISHED", "dateUpdated": "2026-01-27T19:56:34.976Z", "dateReserved": "2026-01-07T05:19:12.923Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-01-27T18:27:45.351Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Suricata is a network IDS, IPS and NSM engine. Starting in version 8.0.0 and prior to version 8.0.3, inefficiency in http1 headers parsing can lead to slowdown over multiple packets. Version 8.0.3 patches the issue. No known workarounds are available."}], "id": "CVE-2026-22263", "lastModified": "2026-01-27T19:16:14.490", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2026-01-27T19:16:14.490", "references": [{"source": "security-advisories@github.com", "url": "https://github.com/OISF/suricata/commit/018a377f74e3eb2b042c6f783ad9043060923428"}, {"source": "security-advisories@github.com", "url": "https://github.com/OISF/suricata/security/advisories/GHSA-rwc5-hxj6-hwx7"}, {"source": "security-advisories@github.com", "url": "https://redmine.openinfosecfoundation.org/issues/8201"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-1050"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{"bugzilla": {"description": "suricata: Suricata: Denial of Service via inefficient HTTP/1 header parsing", "id": "2433481", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2433481"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.3", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "status": "draft"}, "cwe": "CWE-1050", "details": ["A flaw was found in Suricata, a network Intrusion Detection System (IDS), Intrusion Prevention System (IPS), and Network Security Monitoring (NSM) engine. A remote attacker can exploit an inefficiency in HTTP/1 header parsing by sending multiple packets with specially crafted headers. This can lead to a significant slowdown in the system's performance, resulting in a Denial of Service (DoS)."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability."}, "name": "CVE-2026-22263", "public_date": "2026-01-27T18:27:45Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-22263\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-22263\nhttps://github.com/OISF/suricata/commit/018a377f74e3eb2b042c6f783ad9043060923428\nhttps://github.com/OISF/suricata/security/advisories/GHSA-rwc5-hxj6-hwx7\nhttps://redmine.openinfosecfoundation.org/issues/8201"], "statement": "This vulnerability has a MODERATE impact. Inefficiency in HTTP/1 header parsing over multiple packets in Suricata versions 8.0.0 through 8.0.2 can lead to a denial of service (slowdown). Red Hat customers using Suricata as a network IDS/IPS/NSM engine that processes untrusted HTTP/1 traffic may be affected.", "threat_severity": "Moderate"}

{"created": "2026-01-28T12:22:20.923218+00:00", "updated": "2026-01-28T12:22:20.923246+00:00", "vendors": ["oisf", "oisf$PRODUCT$suricata"]}