{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2024-32663","assignerOrgId":"a0819718-46f1-4df5-94e2-005712e83aaa","state":"PUBLISHED","assignerShortName":"GitHub_M","dateReserved":"2024-04-16T14:15:26.878Z","datePublished":"2024-05-07T14:48:20.366Z","dateUpdated":"2025-11-03T19:29:48.378Z"},"containers":{"cna":{"title":"Suricata 's http2 parser contains an improper compressed header handling can lead to resource starvation","problemTypes":[{"descriptions":[{"cweId":"CWE-400","lang":"en","description":"CWE-400: Uncontrolled Resource Consumption","type":"CWE"}]},{"descriptions":[{"cweId":"CWE-770","lang":"en","description":"CWE-770: Allocation of Resources Without Limits or Throttling","type":"CWE"}]}],"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":7.5,"baseSeverity":"HIGH","confidentialityImpact":"NONE","integrityImpact":"NONE","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","version":"3.1"}}],"references":[{"name":"https://github.com/OISF/suricata/security/advisories/GHSA-9jxm-qw9v-266r","tags":["x_refsource_CONFIRM"],"url":"https://github.com/OISF/suricata/security/advisories/GHSA-9jxm-qw9v-266r"},{"name":"https://github.com/OISF/suricata/commit/08d93f7c3762781b743f88f9fdc4389eb9c3eb64","tags":["x_refsource_MISC"],"url":"https://github.com/OISF/suricata/commit/08d93f7c3762781b743f88f9fdc4389eb9c3eb64"},{"name":"https://github.com/OISF/suricata/commit/c0af92295e833d1db29b184d63cd3b829451d7fd","tags":["x_refsource_MISC"],"url":"https://github.com/OISF/suricata/commit/c0af92295e833d1db29b184d63cd3b829451d7fd"},{"name":"https://github.com/OISF/suricata/commit/d24b37a103c04bb2667e449e080ba4c8e56bb019","tags":["x_refsource_MISC"],"url":"https://github.com/OISF/suricata/commit/d24b37a103c04bb2667e449e080ba4c8e56bb019"},{"name":"https://github.com/OISF/suricata/commit/e68ec4b227d19498f364a41eb25d3182f0383ca5","tags":["x_refsource_MISC"],"url":"https://github.com/OISF/suricata/commit/e68ec4b227d19498f364a41eb25d3182f0383ca5"},{"name":"https://redmine.openinfosecfoundation.org/issues/6892","tags":["x_refsource_MISC"],"url":"https://redmine.openinfosecfoundation.org/issues/6892"},{"name":"https://redmine.openinfosecfoundation.org/issues/6900","tags":["x_refsource_MISC"],"url":"https://redmine.openinfosecfoundation.org/issues/6900"}],"affected":[{"vendor":"OISF","product":"suricata","versions":[{"version":">= 7.0.0, <= 7.0.4","status":"affected"},{"version":">= 6.0.0, <= 6.0.18","status":"affected"}]}],"providerMetadata":{"orgId":"a0819718-46f1-4df5-94e2-005712e83aaa","shortName":"GitHub_M","dateUpdated":"2024-05-07T14:48:20.366Z"},"descriptions":[{"lang":"en","value":"Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.5 and 6.0.19, a small amount of HTTP/2 traffic can lead to Suricata using a large amount of memory. The issue has been addressed in Suricata 7.0.5 and 6.0.19. Workarounds include disabling the HTTP/2 parser and reducing `app-layer.protocols.http2.max-table-size` value (default is 65536)."}],"source":{"advisory":"GHSA-9jxm-qw9v-266r","discovery":"UNKNOWN"}},"adp":[{"title":"CISA ADP Vulnrichment","metrics":[{"other":{"type":"ssvc","content":{"id":"CVE-2024-32663","role":"CISA Coordinator","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"version":"2.0.3","timestamp":"2024-05-07T17:39:47.421590Z"}}}],"providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-06-04T17:51:29.291Z"}},{"title":"CVE Program Container","references":[{"name":"https://github.com/OISF/suricata/security/advisories/GHSA-9jxm-qw9v-266r","tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://github.com/OISF/suricata/security/advisories/GHSA-9jxm-qw9v-266r"},{"name":"https://github.com/OISF/suricata/commit/08d93f7c3762781b743f88f9fdc4389eb9c3eb64","tags":["x_refsource_MISC","x_transferred"],"url":"https://github.com/OISF/suricata/commit/08d93f7c3762781b743f88f9fdc4389eb9c3eb64"},{"name":"https://github.com/OISF/suricata/commit/c0af92295e833d1db29b184d63cd3b829451d7fd","tags":["x_refsource_MISC","x_transferred"],"url":"https://github.com/OISF/suricata/commit/c0af92295e833d1db29b184d63cd3b829451d7fd"},{"name":"https://github.com/OISF/suricata/commit/d24b37a103c04bb2667e449e080ba4c8e56bb019","tags":["x_refsource_MISC","x_transferred"],"url":"https://github.com/OISF/suricata/commit/d24b37a103c04bb2667e449e080ba4c8e56bb019"},{"name":"https://github.com/OISF/suricata/commit/e68ec4b227d19498f364a41eb25d3182f0383ca5","tags":["x_refsource_MISC","x_transferred"],"url":"https://github.com/OISF/suricata/commit/e68ec4b227d19498f364a41eb25d3182f0383ca5"},{"name":"https://redmine.openinfosecfoundation.org/issues/6892","tags":["x_refsource_MISC","x_transferred"],"url":"https://redmine.openinfosecfoundation.org/issues/6892"},{"name":"https://redmine.openinfosecfoundation.org/issues/6900","tags":["x_refsource_MISC","x_transferred"],"url":"https://redmine.openinfosecfoundation.org/issues/6900"},{"url":"https://lists.debian.org/debian-lts-announce/2025/03/msg00029.html"}],"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2025-11-03T19:29:48.378Z"}}]}}