CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2019-10054

An issue was discovered in Suricata 4.1.3. The function process_reply_record_v3 lacks a check for the length of reply.data. It causes an invalid memory access and the program crashes within the nfs/nfs3.rs file.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 59.5%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 5.0

References

https://redmine.openinfosecfoundation.org/issues/2943
https://suricata-ids.org/2019/04/30/suricata-4-1-4-released/
https://redmine.openinfosecfoundation.org/issues/2943
https://suricata-ids.org/2019/04/30/suricata-4-1-4-released/

Products affected by CVE-2019-10054

Suricata-Ids » Suricata » Version: 4.1.3

cpe:2.3:a:suricata-ids:suricata:4.1.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-10054

Products

Pricing

Contact Us