Fluid Attacks Database

Description

Suricata is a network IDS, IPS and NSM engine. Prior to versions 8.0.3 and 7.0.14, various inefficiencies in xff handling, especially for alerts not triggered in a tx, can lead to severe slowdowns. Versions 8.0.3 and 7.0.14 contain a patch. As a workaround, disable XFF support in the eve configuration. The setting is disabled by default.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
debian 14	suricata	=1:7.0.10-1 \|\| =1:7.0.11-1 \|\| =1:7.0.11-1~bpo13+1 \|\| =1:8.0.0-1~exp1 \|\| =1:8.0.0-1~exp2 \|\| =1:8.0.0-1~exp4 \|\| =1:8.0.0-1~exp5 \|\| =1:8.0.1-1 \|\| =1:8.0.1-2 \|\| =1:8.0.1-3 \|\| =1:8.0.1-3~bpo13+1 \|\| =1:8.0.2-1 \|\| =1:8.0.2-1~bpo13+1 \|\| =1:8.0.3-1~bpo13+1 \|\| >=0 <1:8.0.3-1	1:8.0.3-1
debian 11	suricata	=1:6.0.1-3 \|\| =1:6.0.1-3+deb11u1 \|\| =1:6.0.10-1 \|\| =1:6.0.10-1~bpo11+1 \|\| =1:6.0.13-1 \|\| =1:6.0.2-1~exp1 \|\| =1:6.0.3-1 \|\| =1:6.0.3-1~exp1 \|\| =1:6.0.3-1~exp2 \|\| =1:6.0.3-2 \|\| =1:6.0.3-2~bpo11+1 \|\| =1:6.0.4-1 \|\| =1:6.0.4-2 \|\| =1:6.0.4-2~bpo10+1 \|\| =1:6.0.4-2~bpo11+1 \|\| =1:6.0.4-3 \|\| =1:6.0.5-1 \|\| =1:6.0.5-2 \|\| =1:6.0.5-2~bpo10+1 \|\| =1:6.0.5-2~bpo11+1 \|\| =1:6.0.5-3 \|\| =1:6.0.6-1 \|\| =1:6.0.6-1~bpo10+1 \|\| =1:6.0.6-1~bpo11+1 \|\| =1:6.0.6-2 \|\| =1:6.0.8-1 \|\| =1:6.0.8-1~bpo11+1 \|\| =1:6.0.9-1 \|\| =1:6.0.9-1~bpo11+1 \|\| =1:7.0.0-1 \|\| =1:7.0.0-2 \|\| =1:7.0.0-2~bpo12+1 \|\| =1:7.0.1-1 \|\| =1:7.0.10-1 \|\| =1:7.0.10-1~bpo12+1 \|\| =1:7.0.11-1 \|\| =1:7.0.11-1~bpo13+1 \|\| =1:7.0.2-1 \|\| =1:7.0.2-1~bpo12+1 \|\| =1:7.0.2-2 \|\| =1:7.0.2-2~exp1 \|\| =1:7.0.2-2~exp2 \|\| =1:7.0.3-1 \|\| =1:7.0.3-1~bpo12+1 \|\| =1:7.0.4-1 \|\| =1:7.0.5-1 \|\| =1:7.0.5-2~bpo12+1 \|\| =1:7.0.6-1 \|\| =1:7.0.6-1~bpo12+1 \|\| =1:7.0.6-2~exp1 \|\| =1:7.0.7-1 \|\| =1:7.0.7-1~bpo12+1 \|\| =1:7.0.8-1 \|\| =1:7.0.8-1~bpo12+1 \|\| =1:7.0.8-2 \|\| =1:7.0.9-1 \|\| =1:8.0.0-1~exp1 \|\| =1:8.0.0-1~exp2 \|\| =1:8.0.0-1~exp4 \|\| =1:8.0.0-1~exp5 \|\| =1:8.0.1-1 \|\| =1:8.0.1-2 \|\| =1:8.0.1-3 \|\| =1:8.0.1-3~bpo13+1 \|\| =1:8.0.2-1 \|\| =1:8.0.2-1~bpo13+1 \|\| =1:8.0.3-1 \|\| =1:8.0.3-1~bpo13+1 \|\| =1:8.0.3-2~exp1 \|\| =1:8.0.4-1 \|\| =1:8.0.4-1~bpo13+1	-
debian 13	suricata	=1:7.0.10-1 \|\| =1:7.0.10-1+deb13u1 \|\| =1:7.0.10-1+deb13u2 \|\| >=0 <1:7.0.10-1+deb13u3	1:7.0.10-1+deb13u3

Aliases

1. CVE-2026-222612. NVD-2026-222613. OSV-DEBIAN-2026-222614. OSV-2026-222615. SECURITY-TRACKER-CVE-2026-22261

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.