Primary

Context

Suricata HTTP Header Parsing Inefficiency Leading to Performance Degradation

Vulnerability

Patched

A performance degradation vulnerability has been identified in Suricata, a network IDS, IPS, and NSM engine, in versions 8.0.0 prior to 8.0.3. The issue arises from an inefficiency in HTTP/1 headers parsing, which can cause a slowdown when processing multiple packets. This vulnerability has been patched in version 8.0.3.

Impact

Exploitation of this vulnerability can cause a moderate slowdown in performance when processing HTTP/1 headers over multiple packets, due to the introduction of quadratic complexity in the parsing process.

Remediation

Users are advised to upgrade to Suricata version 8.0.3, where this vulnerability has been patched.

Added: Jan 27, 2026, 7:25 PM

Updated: Jan 27, 2026, 7:25 PM

Vulnerability Rating

Custom Algorithm

spread

2.4

impact

0.6

exploitability

5.3

remediation

7.7

relevance

2.3

threat

3.2

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.4

impact

0.6

exploitability

5.3

remediation

7.7

relevance

2.3

threat

3.2

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Suricata HTTP Header Parsing Inefficiency Leading to Performance Degradation

Vulnerability

Impact

Remediation

Affected Products

OISF Suricata

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating