VDB
CVE-2023-35853
CVE-2023-35853
PUBLISHED
In Suricata before 6.0.13, an adversary who controls an external source of Lua rules may be able to execute Lua code. This is addressed in 6.0.13 by disabling Lua unless allow-rules is true in the security lua configuration section.
EPSS 0.69% · 72.2th percentile
Risk Scores
EPSS Score
0.69%
72.2th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | * |
| oisf | suricata | 0 |
Timeline
- Jun 19, 2023 CVE Published
- Jun 19, 2023 EPSS Score
- Jul 24, 2023 EPSS Score
- Aug 29, 2023 EPSS Score
- Nov 7, 2023 EPSS Score
- Dec 13, 2023 EPSS Score
- Jan 17, 2024 EPSS Score
- Feb 21, 2024 EPSS Score
- Mar 27, 2024 EPSS Score
- May 2, 2024 EPSS Score
- Jul 11, 2024 EPSS Score
- Aug 16, 2024 EPSS Score