CVE-2025-20359

Name of the Vulnerable Software and Affected Versions Cisco Snort 3 (affected versions not specified)

Description A flaw exists in the Snort 3 HTTP Decoder that may allow a remote attacker to disclose sensitive data or cause the Snort 3 Detection Engine to crash. This issue stems from an error in buffer handling during the parsing of HTTP header MIME fields, leading to a buffer under-read. An attacker could exploit this by sending specially crafted HTTP packets through an established connection. A successful exploit could result in a denial of service (DoS) condition due to the unexpected restarting of the Snort 3 Detection Engine, or the disclosure of sensitive information within the Snort 3 data stream.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.