Unrated severityOSV Advisory· Published Jan 27, 2026· Updated Jan 27, 2026
Suricata http1: quadratic complexity in headers parsing over multiple packets
CVE-2026-22263
Description
Suricata is a network IDS, IPS and NSM engine. Starting in version 8.0.0 and prior to version 8.0.3, inefficiency in http1 headers parsing can lead to slowdown over multiple packets. Version 8.0.3 patches the issue. No known workarounds are available.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3Patches
Vulnerability mechanics
References
3- github.com/OISF/suricata/commit/018a377f74e3eb2b042c6f783ad9043060923428mitrex_refsource_MISC
- github.com/OISF/suricata/security/advisories/GHSA-rwc5-hxj6-hwx7mitrex_refsource_CONFIRM
- redmine.openinfosecfoundation.org/issues/8201mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.