CVE-2026-22263 - Vulnerability Details - OpenCVE

Suricata is a network IDS, IPS and NSM engine. Starting in version 8.0.0 and prior to version 8.0.3, inefficiency in http1 headers parsing can lead to slowdown over multiple packets. Version 8.0.3 patches the issue. No known workarounds are available.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact Low

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Exploitation none

Automatable yes

Technical Impact partial

No data.

No data.

No data.

No data.

Advisories

No advisories yet.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://github.com/OISF/suricata/commit/018a377f74e3eb2b042c6f783ad9043060923428
https://github.com/OISF/suricata/security/advisories/GHSA-rwc5-hxj6-hwx7
https://redmine.openinfosecfoundation.org/issues/8201

History

Tue, 27 Jan 2026 20:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Tue, 27 Jan 2026 18:45:00 +0000

Type	Values Removed	Values Added
Description		Suricata is a network IDS, IPS and NSM engine. Starting in version 8.0.0 and prior to version 8.0.3, inefficiency in http1 headers parsing can lead to slowdown over multiple packets. Version 8.0.3 patches the issue. No known workarounds are available.
Title		Suricata http1: quadratic complexity in headers parsing over multiple packets
Weaknesses		CWE-1050
References		https://github.com/OISF/suricata/commit/018a377f74e3eb2b042c6f783ad9043060923428 https://github.com/OISF/suricata/security/advisories/GHSA-rwc5-hxj6-hwx7 https://redmine.openinfosecfoundation.org/issues/8201
Metrics		cvssV3_1 `{'score': 5.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L'}`

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2026-01-27T18:27:45.351Z

Updated: 2026-01-27T19:56:34.976Z

Reserved: 2026-01-07T05:19:12.923Z

Link: CVE-2026-22263

Vulnrichment

Updated: 2026-01-27T19:56:29.097Z

NVD

Status : Received

Published: 2026-01-27T19:16:14.490

Modified: 2026-01-27T19:16:14.490

Link: CVE-2026-22263

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

CWE-1050

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-22263", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-01-07T05:19:12.923Z", "datePublished": "2026-01-27T18:27:45.351Z", "dateUpdated": "2026-01-27T19:56:34.976Z"}, "containers": {"cna": {"title": "Suricata http1: quadratic complexity in headers parsing over multiple packets", "problemTypes": [{"descriptions": [{"cweId": "CWE-1050", "lang": "en", "description": "CWE-1050: Excessive Platform Resource Consumption within a Loop", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}}], "references": [{"name": "https://github.com/OISF/suricata/security/advisories/GHSA-rwc5-hxj6-hwx7", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/OISF/suricata/security/advisories/GHSA-rwc5-hxj6-hwx7"}, {"name": "https://github.com/OISF/suricata/commit/018a377f74e3eb2b042c6f783ad9043060923428", "tags": ["x_refsource_MISC"], "url": "https://github.com/OISF/suricata/commit/018a377f74e3eb2b042c6f783ad9043060923428"}, {"name": "https://redmine.openinfosecfoundation.org/issues/8201", "tags": ["x_refsource_MISC"], "url": "https://redmine.openinfosecfoundation.org/issues/8201"}], "affected": [{"vendor": "OISF", "product": "suricata", "versions": [{"version": ">= 8.0.0, < 8.0.3", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-01-27T18:27:45.351Z"}, "descriptions": [{"lang": "en", "value": "Suricata is a network IDS, IPS and NSM engine. Starting in version 8.0.0 and prior to version 8.0.3, inefficiency in http1 headers parsing can lead to slowdown over multiple packets. Version 8.0.3 patches the issue. No known workarounds are available."}], "source": {"advisory": "GHSA-rwc5-hxj6-hwx7", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-01-27T19:52:05.707993Z", "id": "CVE-2026-22263", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-27T19:56:34.976Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-22263", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-01-27T19:52:05.707993Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-27T19:56:29.097Z"}}], "cna": {"title": "Suricata http1: quadratic complexity in headers parsing over multiple packets", "source": {"advisory": "GHSA-rwc5-hxj6-hwx7", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "OISF", "product": "suricata", "versions": [{"status": "affected", "version": ">= 8.0.0, < 8.0.3"}]}], "references": [{"url": "https://github.com/OISF/suricata/security/advisories/GHSA-rwc5-hxj6-hwx7", "name": "https://github.com/OISF/suricata/security/advisories/GHSA-rwc5-hxj6-hwx7", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/OISF/suricata/commit/018a377f74e3eb2b042c6f783ad9043060923428", "name": "https://github.com/OISF/suricata/commit/018a377f74e3eb2b042c6f783ad9043060923428", "tags": ["x_refsource_MISC"]}, {"url": "https://redmine.openinfosecfoundation.org/issues/8201", "name": "https://redmine.openinfosecfoundation.org/issues/8201", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "Suricata is a network IDS, IPS and NSM engine. Starting in version 8.0.0 and prior to version 8.0.3, inefficiency in http1 headers parsing can lead to slowdown over multiple packets. Version 8.0.3 patches the issue. No known workarounds are available."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-1050", "description": "CWE-1050: Excessive Platform Resource Consumption within a Loop"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-01-27T18:27:45.351Z"}}}, "cveMetadata": {"cveId": "CVE-2026-22263", "state": "PUBLISHED", "dateUpdated": "2026-01-27T19:56:34.976Z", "dateReserved": "2026-01-07T05:19:12.923Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-01-27T18:27:45.351Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}