{"vulnerable_configuration": [{"id": "cpe:2.3:a:oisf:suricata:-:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:-:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:0.8.2:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:0.8.2:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:1.0.0:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:1.0.0:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:1.0.1:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:1.0.1:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:1.0.2:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:1.0.2:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:1.0.3:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:1.0.3:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:1.0.4:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:1.0.4:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:1.0.5:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:1.0.5:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:1.1:-:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:1.1:-:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:1.1.1:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:1.1.1:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:1.1:rc1:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:1.1:rc1:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:1.1:beta1:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:1.1:beta1:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:1.1:beta2:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:1.1:beta2:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:1.1:beta3:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:1.1:beta3:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:1.2:-:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:1.2:-:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:1.2.1:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:1.2.1:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:1.2:rc1:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:1.2:rc1:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:1.2:beta1:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:1.2:beta1:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:1.3:-:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:1.3:-:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:1.3.1:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:1.3.1:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:1.3.2:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:1.3.2:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:1.3.3:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:1.3.3:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:1.3.4:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:1.3.4:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:1.3.5:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:1.3.5:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:1.3.6:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:1.3.6:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:1.3:rc1:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:1.3:rc1:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:1.3:beta1:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:1.3:beta1:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:1.3:beta2:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:1.3:beta2:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:1.3:beta3:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:1.3:beta3:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:1.4:-:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:1.4:-:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:1.4.1:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:1.4.1:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:1.4.2:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:1.4.2:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:1.4.3:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:1.4.3:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:1.4.4:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:1.4.4:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:1.4.5:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:1.4.5:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:1.4.6:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:1.4.6:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:1.4.7:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:1.4.7:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:1.4:rc1:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:1.4:rc1:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:1.4:beta1:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:1.4:beta1:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:1.4:beta2:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:1.4:beta2:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:1.4:beta3:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:1.4:beta3:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:2.0:-:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:2.0:-:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:2.0.1:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:2.0.1:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:2.0.1:-:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:2.0.1:-:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:2.0.1:rc1:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:2.0.1:rc1:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:2.0.2:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:2.0.2:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:2.0.3:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:2.0.3:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:2.0.4:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:2.0.4:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:2.0.5:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:2.0.5:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:2.0.6:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:2.0.6:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:2.0.7:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:2.0.7:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:2.0.8:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:2.0.8:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:2.0.9:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:2.0.9:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:2.0.10:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:2.0.10:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:2.0.11:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:2.0.11:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:2.0:rc1:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:2.0:rc1:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:2.0:rc2:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:2.0:rc2:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:2.0:rc3:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:2.0:rc3:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:2.0:beta1:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:2.0:beta1:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:2.0:beta2:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:2.0:beta2:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:2.1:beta1:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:2.1:beta1:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:2.1:beta2:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:2.1:beta2:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:2.1:beta3:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:2.1:beta3:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:2.1:beta4:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:2.1:beta4:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:3.0:-:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:3.0:-:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:3.0.1:-:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:3.0.1:-:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:3.0.1:rc1:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:3.0.1:rc1:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:3.0.2:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:3.0.2:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:3.0:rc1:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:3.0:rc1:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:3.0:rc2:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:3.0:rc2:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:3.0:rc3:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:3.0:rc3:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:3.1:-:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:3.1:-:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:3.1.1:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:3.1.1:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:3.1.2:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:3.1.2:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:3.1.3:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:3.1.3:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:3.1.4:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:3.1.4:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:3.1:rc1:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:3.1:rc1:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:3.2:-:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:3.2:-:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:3.2.1:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:3.2.1:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:3.2.2:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:3.2.2:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:3.2.3:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:3.2.3:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:3.2.4:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:3.2.4:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:3.2.5:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:3.2.5:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:3.2:rc1:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:3.2:rc1:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:3.2:beta1:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:3.2:beta1:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:4.0.0:-:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:4.0.0:-:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:4.0.0:rc1:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:4.0.0:rc1:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:4.0.0:rc2:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:4.0.0:rc2:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:4.0.0:beta1:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:4.0.0:beta1:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:4.0.1:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:4.0.1:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:4.0.2:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:4.0.2:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:4.0.3:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:4.0.3:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:4.0.4:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:4.0.4:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:4.0.5:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:4.0.5:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:4.0.6:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:4.0.6:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:4.0.7:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:4.0.7:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:4.1.0:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:4.1.0:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:4.1.0:-:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:4.1.0:-:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:4.1.0:rc1:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:4.1.0:rc1:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:4.1.0:rc2:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:4.1.0:rc2:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:4.1.0:beta1:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:4.1.0:beta1:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:4.1.1:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:4.1.1:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:4.1.2:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:4.1.2:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:4.1.3:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:4.1.3:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:4.1.4:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:4.1.4:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:4.1.5:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:4.1.5:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:4.1.6:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:4.1.6:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:4.1.7:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:4.1.7:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:4.1.8:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:4.1.8:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:4.1.9:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:4.1.9:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:4.1.10:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:4.1.10:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:5.0.0:-:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:5.0.0:-:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:5.0.0:rc1:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:5.0.0:rc1:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:5.0.0:beta1:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:5.0.0:beta1:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:5.0.1:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:5.0.1:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:5.0.2:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:5.0.2:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:5.0.3:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:5.0.3:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:5.0.4:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:5.0.4:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:5.0.5:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:5.0.5:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:5.0.6:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:5.0.6:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:5.0.7:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:5.0.7:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:5.0.8:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:5.0.8:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:5.0.9:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:5.0.9:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:5.0.10:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:5.0.10:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:6.0.0:-:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:6.0.0:-:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:6.0.0:rc1:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:6.0.0:rc1:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:6.0.0:beta1:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:6.0.0:beta1:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:6.0.1:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:6.0.1:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:6.0.2:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:6.0.2:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:6.0.3:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:6.0.3:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:6.0.4:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:6.0.4:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:6.0.5:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:6.0.5:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:6.0.6:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:6.0.6:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:6.0.7:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:6.0.7:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:6.0.8:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:6.0.8:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:6.0.9:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:6.0.9:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:6.0.10:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:6.0.10:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:6.0.11:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:6.0.11:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:6.0.12:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:6.0.12:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:6.0.13:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:6.0.13:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:6.0.14:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:6.0.14:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:6.0.15:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:6.0.15:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:6.0.16:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:6.0.16:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:6.0.17:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:6.0.17:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:6.0.18:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:6.0.18:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:6.0.19:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:6.0.19:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:6.0.20:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:6.0.20:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:7.0.0:-:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:7.0.0:-:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:7.0.0:rc1:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:7.0.0:rc1:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:7.0.0:rc2:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:7.0.0:rc2:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:7.0.0:beta1:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:7.0.0:beta1:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:7.0.1:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:7.0.1:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:7.0.2:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:7.0.2:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:7.0.3:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:7.0.3:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:7.0.4:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:7.0.4:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:7.0.5:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:7.0.5:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:7.0.6:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:7.0.6:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:7.0.7:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:7.0.7:*:*:*:*:*:*:*"}, {"id": "cpe:2.3:a:oisf:suricata:7.0.8:*:*:*:*:*:*:*", "title": "cpe:2.3:a:oisf:suricata:7.0.8:*:*:*:*:*:*:*"}], "vulnerable_configuration_cpe_2_2": [], "vulnerable_product": ["cpe:2.3:a:oisf:suricata:-:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:0.8.2:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:1.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:1.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:1.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:1.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:1.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:1.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:1.1:-:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:1.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:1.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:1.1:beta1:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:1.1:beta2:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:1.1:beta3:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:1.2:-:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:1.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:1.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:1.2:beta1:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:1.3:-:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:1.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:1.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:1.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:1.3.4:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:1.3.5:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:1.3.6:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:1.3:rc1:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:1.3:beta1:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:1.3:beta2:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:1.3:beta3:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:1.4:-:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:1.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:1.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:1.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:1.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:1.4.5:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:1.4.6:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:1.4.7:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:1.4:rc1:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:1.4:beta1:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:1.4:beta2:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:1.4:beta3:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:2.0:-:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:2.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:2.0.1:-:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:2.0.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:2.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:2.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:2.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:2.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:2.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:2.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:2.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:2.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:2.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:2.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:2.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:2.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:2.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:2.0:beta1:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:2.0:beta2:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:2.1:beta1:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:2.1:beta2:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:2.1:beta3:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:2.1:beta4:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:3.0:-:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:3.0.1:-:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:3.0.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:3.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:3.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:3.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:3.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:3.1:-:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:3.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:3.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:3.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:3.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:3.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:3.2:-:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:3.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:3.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:3.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:3.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:3.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:3.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:3.2:beta1:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:4.0.0:-:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:4.0.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:4.0.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:4.0.0:beta1:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:4.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:4.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:4.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:4.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:4.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:4.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:4.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:4.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:4.1.0:-:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:4.1.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:4.1.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:4.1.0:beta1:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:4.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:4.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:4.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:4.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:4.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:4.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:4.1.7:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:4.1.8:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:4.1.9:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:4.1.10:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:5.0.0:-:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:5.0.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:5.0.0:beta1:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:5.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:5.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:5.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:5.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:5.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:5.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:5.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:5.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:5.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:5.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:6.0.0:-:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:6.0.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:6.0.0:beta1:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:6.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:6.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:6.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:6.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:6.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:6.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:6.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:6.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:6.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:6.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:6.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:6.0.12:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:6.0.13:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:6.0.14:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:6.0.15:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:6.0.16:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:6.0.17:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:6.0.18:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:6.0.19:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:6.0.20:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:7.0.0:-:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:7.0.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:7.0.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:7.0.0:beta1:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:7.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:7.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:7.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:7.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:7.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:7.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:oisf:suricata:7.0.8:*:*:*:*:*:*:*"], "modified": "2025-05-29T15:47:22.367000", "published": "2025-04-10T20:15:23.330000", "assigner": "security-advisories@github.com", "capec": [{"id": "463", "name": "Padding Oracle Crypto Attack", "prerequisites": "The decryption routine does not properly authenticate the message / does not verify its integrity prior to performing the decryption operation The target system leaks data (in some way) on whether a padding error has occurred when attempting to decrypt the ciphertext. The padding oracle remains available for enough time / for as many requests as needed for the adversary to decrypt the ciphertext.", "related_weakness": ["209", "347", "354", "514", "649", "696"], "related_capecs": ["97"], "solutions": "Design: Use a message authentication code (MAC) or another mechanism to perform verification of message authenticity / integrity prior to decryption Implementation: Do not leak information back to the user as to any cryptography (e.g., padding) encountered during decryption.", "summary": "An adversary is able to efficiently decrypt data without knowing the decryption key if a target system leaks data on whether or not a padding error happened while decrypting the ciphertext. A target system that leaks this type of information becomes the padding oracle and an adversary is able to make use of that oracle to efficiently decrypt data without knowing the decryption key by issuing on average 128*b calls to the padding oracle (where b is the number of bytes in the ciphertext block). In addition to performing decryption, an adversary is also able to produce valid ciphertexts (i.e., perform encryption) by using the padding oracle, all without knowing the encryption key.", "loa": "High", "typical_severity": "High", "taxonomy": {}, "execution_flow": {}}, {"id": "475", "name": "Signature Spoofing by Improper Validation", "prerequisites": "Recipient is using a weak cryptographic signature verification algorithm or a weak implementation of a cryptographic signature verification algorithm, or the configuration of the recipient's application accepts the use of keys generated using cryptographically weak signature verification algorithms.", "related_weakness": ["295", "327", "347"], "related_capecs": ["473", "542"], "solutions": "Use programs and products that contain cryptographic elements that have been thoroughly tested for flaws in the signature verification routines.", "summary": "An adversary exploits a cryptographic weakness in the signature verification algorithm implementation to generate a valid signature without knowing the key.", "loa": "Low", "typical_severity": "High", "taxonomy": {}, "execution_flow": {}}], "cwe": "CWE-347", "id": "CVE-2025-29915", "impact3": {"availability": "NONE", "confidentiality": "NONE", "integrity": "HIGH"}, "exploitability3": {"attackvector": "NETWORK", "attackcomplexity": "LOW", "privilegesrequired": "NONE", "userinteraction": "NONE", "scope": "UNCHANGED"}, "cvss3": 7.5, "impactScore3": 3.6, "exploitabilityScore3": 3.9, "lastModified": "2025-05-29T15:47:22.367000", "references": ["https://github.com/OISF/suricata/commit/d78f2c9a4e2b59f44daeddff098915084493d08d", "https://github.com/OISF/suricata/security/advisories/GHSA-7m5c-cqx4-x8mp", "https://redmine.openinfosecfoundation.org/issues/5373"], "summary": "Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. The AF_PACKET defrag option is enabled by default and allows AF_PACKET to re-assemble fragmented packets before reaching Suricata. However the default packet size in Suricata is based on the network interface MTU which leads to Suricata seeing truncated packets. Upgrade to Suricata 7.0.9, which uses better defaults and adds warnings for user configurations that may lead to issues."}