{"id":"CVE-2019-1010251","details":"Open Information Security Foundation Suricata prior to version 4.1.2 is affected by: Denial of Service - DNS detection bypass. The impact is: An attacker can evade a signature detection with a specialy formed network packet. The component is: app-layer-detect-proto.c, decode.c, decode-teredo.c and decode-ipv6.c (https://github.com/OISF/suricata/pull/3590/commits/11f3659f64a4e42e90cb3c09fcef66894205aefe, https://github.com/OISF/suricata/pull/3590/commits/8357ef3f8ffc7d99ef6571350724160de356158b). The attack vector is: An attacker can trigger the vulnerability by sending a specifically crafted network request. The fixed version is: 4.1.2.","modified":"2026-04-10T04:13:41.678274Z","published":"2019-07-18T18:15:12.293Z","references":[{"type":"REPORT","url":"https://redmine.openinfosecfoundation.org/issues/2736"},{"type":"FIX","url":"https://github.com/OISF/suricata/pull/3590/commits/11f3659f64a4e42e90cb3c09fcef66894205aefe"},{"type":"FIX","url":"https://github.com/OISF/suricata/pull/3590/commits/8357ef3f8ffc7d99ef6571350724160de356158b"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/oisf/suricata","events":[{"introduced":"0"},{"last_affected":"4b0f74214bf7d74e1d763113aec6976b88344fd5"},{"introduced":"0"},{"last_affected":"a5899fb85529b89ffd184d7c55dff57bc55cc5e9"},{"introduced":"0"},{"last_affected":"279d32843926dbb7688d9a34128d3162e9ef30a0"},{"introduced":"0"},{"last_affected":"97c224d193dfb7f4811425a4dda64519b7776560"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"4.0.2"},{"introduced":"0"},{"last_affected":"4.0.3"},{"introduced":"0"},{"last_affected":"4.0.5"},{"introduced":"0"},{"last_affected":"4.1.0-beta1"}]}}],"versions":["suricata-0.8.2","suricata-1.0.0","suricata-1.0.1","suricata-1.0.2","suricata-1.1","suricata-1.1beta1","suricata-1.1beta2","suricata-1.1beta3","suricata-1.1rc1","suricata-1.2","suricata-1.2.1","suricata-1.2beta1","suricata-1.2rc1","suricata-1.3","suricata-1.3.1","suricata-1.3beta1","suricata-1.3beta2","suricata-1.3rc1","suricata-1.4","suricata-1.4beta1","suricata-1.4beta2","suricata-1.4beta3","suricata-1.4rc1","suricata-2.0","suricata-2.0.1","suricata-2.0.1rc1","suricata-2.0.2","suricata-2.0beta1","suricata-2.0beta2","suricata-2.0rc1","suricata-2.0rc2","suricata-2.0rc3","suricata-2.1beta1","suricata-2.1beta2","suricata-2.1beta3","suricata-2.1beta4","suricata-3.0","suricata-3.0.1","suricata-3.0.1RC1","suricata-3.0RC1","suricata-3.0RC2","suricata-3.0RC3","suricata-3.1","suricata-3.1.1","suricata-3.1.2","suricata-3.1RC1","suricata-3.2","suricata-3.2.1","suricata-3.2RC1","suricata-3.2beta1","suricata-4.0.0","suricata-4.0.0-beta1","suricata-4.0.0-rc1","suricata-4.0.0-rc2","suricata-4.0.1","suricata-4.0.2","suricata-4.0.3","suricata-4.0.4","suricata-4.0.5","suricata-4.1.0-beta1"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-1010251.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}