CVE-2026-22263
- Source
- https://cve.org/CVERecord?id=CVE-2026-22263
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-22263.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2026-22263
- Aliases
-
- GHSA-rwc5-hxj6-hwx7
- Downstream
- Published
- 2026-01-27T18:27:45.351Z
- Modified
- 2026-03-01T02:56:06.130139Z
- Severity
-
- 5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVSS Calculator
- Summary
- Suricata http1: quadratic complexity in headers parsing over multiple packets
- Details
-
Suricata is a network IDS, IPS and NSM engine. Starting in version 8.0.0 and prior to version 8.0.3, inefficiency in http1 headers parsing can lead to slowdown over multiple packets. Version 8.0.3 patches the issue. No known workarounds are available.
- Database specific
{ "cna_assigner": "GitHub_M", "cwe_ids": [ "CWE-1050" ], "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/22xxx/CVE-2026-22263.json" }- References
-
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/22xxx/CVE-2026-22263.json
- https://github.com/OISF/suricata/commit/018a377f74e3eb2b042c6f783ad9043060923428
- https://github.com/OISF/suricata/security/advisories/GHSA-rwc5-hxj6-hwx7
- https://nvd.nist.gov/vuln/detail/CVE-2026-22263
- https://redmine.openinfosecfoundation.org/issues/8201