CVE-2025-20360

Name of the Vulnerable Software and Affected Versions Cisco Snort 3 (affected versions not specified)

Description A flaw exists in the Snort 3 HTTP Decoder that may allow a remote, unauthenticated attacker to disrupt service. The issue stems from insufficient error checking during the parsing of HTTP header MIME fields. By sending specially crafted HTTP packets, an attacker could cause the Snort 3 Detection Engine to restart, leading to a denial-of-service condition.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.