阿里巴巴集团
Company Details
Linkedin ID:
alibaba-group
Website:
Employees number:
82,388
Number of followers:
1,403,000
NAICS:
None
Industry Type:
Homepage:
alibabagroup.com
IP Addresses:
929
Company ID:
阿里巴_3354202
Scan Status:
Completed
阿里巴巴集团 Company CyberSecurity Posture
alibabagroup.com
阿里巴巴集团的使命是让天下没有难做的生意。集团创立于1999年,以商品交易额(GMV)计算,目前是全球最大的网上及移动商务公司。阿里巴巴集团为企业提供根本的互联网基础设施以及营销平台,让其可借助互联网的力量,建立网上业务并与数以亿计的消费者和其他企业进行商贸活动。 阿里巴巴集团的主要业务包括: 中国最大的网上购物平台淘宝网(www.taobao.com) 中国最大的为品牌及零售商而设的第三方平台天猫(www.tmall.com) 中国最受欢迎的团购网站聚划算(www.juhuasuan.com) 领先的网上旅游服务预订平台去啊(www.alitrip.com) 让全球消费者直接购买中国产品的网上零售市场全球速卖通(www.aliexpress.com) 中国最大的小企业全球网上批发平台阿里巴巴国际交易市场(www.alibaba.com) 中国领先的网上批发市场1688(www.1688.com) 以企业及创业者为对象的云计算服务供应商阿里云计算(www.aliyun.com)
阿里巴巴集团 A.I CyberSecurity Scoring
阿里巴巴集团 Risk Score (AI oriented)Between 750 and 799
阿里巴巴集团
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
阿里巴巴集团 Global Score (TPRM)XXXX
阿里巴巴集团
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
阿里巴巴集团 Company CyberSecurity News & History
Past Incidents
5
Attack Types
2
Alibaba.com
Breach
Rankiteo Explanation
Attack threatening the organization's existence
Description: Chinese police arrested 21 suspects for theft of customer information from Alibaba Group Holding’s logistics affiliate Cainiao Network. More than 10 million pieces of client data was compromised. Compromised information includes user names, phone numbers and parcel tracking numbers. Barcode scanners used in its distribution stations had been infected with malware. Police investigation determined that none of the illegally obtained data had been shared with any third parties.
Alibaba Group
Data Leak
Rankiteo Explanation
Attack with significant impact with internal employee data leaks
Description: An Alibaba-owned project called City Brain has advanced video and processing ability for facial detection, real-time information statistics and feeds, crime and traffic offenders, and much more. City Brain exposed its own data via elastic search engine instances that were left open without any authentication It left all the data from its processing open for anybody to view. It involved 56GB of data across 22 indices that appeared to be a mix of test and production naming. Within the indices were links to a cloud system for City Brain vendors. Links and indices revealed that the data belongs to which city. Luzhou and Hangzhou are both well-known cities involved with the City Brain program.
Alibaba Group
Data Leak
Rankiteo Explanation
Attack with significant impact with internal employee data leaks
Description: Alibaba, a Chinese tech giant, was found to have servers that were used for data theft, with at least 72 servers sending data to China. Media have been informed by reputable intelligence sources that Chinese data cloud servers are transmitting user data from India to China and that equipment from Chinese technology giant Alibaba located in India may be implicated. According to reports, companies engaged in such operations have close ties to the Chinese government or the Chinese Communist Party. Intelligence agents have estimated that 72 servers are involved in the transfer of Indian user data to China and have alerted the media that a thorough investigation may soon begin to uncover Chinese cyber espionage intentions in the nation.
Alibaba Group
Data Leak
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: Chinese police arrested 21 suspects in connection with the theft of customer information from Alibaba Group Holding’s logistics affiliate Cainiao Network. More than 10 million pieces of client data including user names, phone numbers and parcel tracking numbers were stolen from Cainiao. Barcode scanners used in its distribution stations had been infected with malware. The security breach had now been fixed. It had detected a suspicious malware infection in some of the parcel scanners used by its logistics partners. None of the illegally obtained data had been shared with any third parties.
RedMart
Data Leak
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: A customer database containing the private information of 1.1 million RedMart user accounts was breached, and this information was then sold on an internet forum. The data leak was confirmed by a representative for e-commerce behemoth Lazada, which also owns e-grocer Redmart. It was discovered that the stolen personal data included names, phone numbers, e-mail addresses, mailing addresses, passwords that were encrypted, and a portion of credit card numbers. Customers were also cautioned by Lazada to watch out for phishing emails, in which con artists pose as Lazada representatives and request critical information.
阿里巴巴集团 Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for 阿里巴巴集团
Incidents vs 软件开发 Industry Average (This Year)
No incidents recorded for 阿里巴巴集团 in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for 阿里巴巴集团 in 2025.
Incident Types 阿里巴巴集团 vs 软件开发 Industry Avg (This Year)
No incidents recorded for 阿里巴巴集团 in 2025.
Incident History — 阿里巴巴集团 (X = Date, Y = Severity)
阿里巴巴集团 cyber incidents detection timeline including parent company and subsidiaries
阿里巴巴集团 Company Subsidiaries
阿里巴巴集团的使命是让天下没有难做的生意。集团创立于1999年,以商品交易额(GMV)计算,目前是全球最大的网上及移动商务公司。阿里巴巴集团为企业提供根本的互联网基础设施以及营销平台,让其可借助互联网的力量,建立网上业务并与数以亿计的消费者和其他企业进行商贸活动。 阿里巴巴集团的主要业务包括: 中国最大的网上购物平台淘宝网(www.taobao.com) 中国最大的为品牌及零售商而设的第三方平台天猫(www.tmall.com) 中国最受欢迎的团购网站聚划算(www.juhuasuan.com) 领先的网上旅游服务预订平台去啊(www.alitrip.com) 让全球消费者直接购买中国产品的网上零售市场全球速卖通(www.aliexpress.com) 中国最大的小企业全球网上批发平台阿里巴巴国际交易市场(www.alibaba.com) 中国领先的网上批发市场1688(www.1688.com) 以企业及创业者为对象的云计算服务供应商阿里云计算(www.aliyun.com)
Loading...
阿里巴巴集团 Similar Companies
VMware by Broadcom delivers software that unifies and streamlines hybrid cloud environments for the world’s most complex organizations. By combining public-cloud scale and agility with private-cloud security and performance, we empower our customers to modernize, optimize and protect their apps an
Thomson Reuters
Thomson Reuters is the world’s leading provider of news and information-based tools to professionals. Our worldwide network of journalists and specialist editors keep customers up to speed on global developments, with a particular focus on legal, regulatory and tax changes. Our customers operat
Intuit
Intuit is a global technology platform that helps our customers and communities overcome their most important financial challenges. Serving millions of customers worldwide with TurboTax, QuickBooks, Credit Karma and Mailchimp, we believe that everyone should have the opportunity to prosper and we wo
Upwork is the world’s work marketplace that connects businesses with independent talent from across the globe. We serve everyone from one-person startups to large, Fortune 100 enterprises with a powerful, trust-driven platform that enables companies and talent to work together in new ways that unloc
NetSuite
Founded in 1998, Oracle NetSuite is the world’s first cloud company. For more than 25 years, NetSuite has helped businesses gain the insight, control, and agility to build and grow a successful business. First focused on financials and ERP, we now provide an AI-powered unified business system that
KPIT
About KPIT KPIT is reimagining the future of mobility, forging ahead with group companies and partners to shape a world that is cleaner, smarter, and safer. With over 25 years of specialized expertise in Mobility, KPIT is accelerating the transformation towards Software and AI-Defined Vehicles thr
.png)
阿里巴巴集团 CyberSecurity News
January 15, 2024 08:00 AM
Alibaba, TikTok woo US with AI and live-streaming e-commerce at CES trade show, setting the tone for 2024
Chinese internet giants Alibaba Group Holding and TikTok each put their technological prowess on display last week at CES 2024 in Las Vegas,...
September 06, 2023 07:00 AM
Sleight of hand: How China weaponizes software vulnerabilities
China's new vulnerability management system mandates reporting to MIIT within 48 hours, restricting pre-patch publication and POC code.
December 22, 2021 08:00 AM
Chinese regulators suspend partnership with Alibaba Cloud
Ministry of Industry and Information Technology says company did not promptly report a cybersecurity vulnerability.
June 20, 2018 07:00 AM
Chinese Interests Take a Big Seat at the AI Governance Table
This analysis by Jeffrey Ding, Paul Triolo, and Samm Sacks is accompanied by translated excerpts of the Chinese government's White Paper on...
February 28, 2018 08:00 AM
As China’s Government Mobilizes for AI Leadership, Some Challenges Will Be Tougher Than Others
The Chinese government has set high ambitions for national development in artificial intelligence technologies. Its July 2017 New Generation...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
阿里巴巴集团 CyberSecurity History Information
Official Website of 阿里巴巴集团
The official website of 阿里巴巴集团 is http://www.alibabagroup.com.
阿里巴巴集团’s AI-Generated Cybersecurity Score
According to Rankiteo, 阿里巴巴集团’s AI-generated cybersecurity score is 785, reflecting their Fair security posture.
How many security badges does 阿里巴巴集团’ have ?
According to Rankiteo, 阿里巴巴集团 currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does 阿里巴巴集团 have SOC 2 Type 1 certification ?
According to Rankiteo, 阿里巴巴集团 is not certified under SOC 2 Type 1.
Does 阿里巴巴集团 have SOC 2 Type 2 certification ?
According to Rankiteo, 阿里巴巴集团 does not hold a SOC 2 Type 2 certification.
Does 阿里巴巴集团 comply with GDPR ?
According to Rankiteo, 阿里巴巴集团 is not listed as GDPR compliant.
Does 阿里巴巴集团 have PCI DSS certification ?
According to Rankiteo, 阿里巴巴集团 does not currently maintain PCI DSS compliance.
Does 阿里巴巴集团 comply with HIPAA ?
According to Rankiteo, 阿里巴巴集团 is not compliant with HIPAA regulations.
Does 阿里巴巴集团 have ISO 27001 certification ?
According to Rankiteo,阿里巴巴集团 is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of 阿里巴巴集团
阿里巴巴集团 operates primarily in the 软件开发 industry.
Number of Employees at 阿里巴巴集团
阿里巴巴集团 employs approximately 82,388 people worldwide.
Subsidiaries Owned by 阿里巴巴集团
阿里巴巴集团 presently has no subsidiaries across any sectors.
阿里巴巴集团’s LinkedIn Followers
阿里巴巴集团’s official LinkedIn profile has approximately 1,403,000 followers.
NAICS Classification of 阿里巴巴集团
阿里巴巴集团 is classified under the NAICS code None, which corresponds to Others.
阿里巴巴集团’s Presence on Crunchbase
No, 阿里巴巴集团 does not have a profile on Crunchbase.
阿里巴巴集团’s Presence on LinkedIn
Yes, 阿里巴巴集团 maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/alibaba-group.
Cybersecurity Incidents Involving 阿里巴巴集团
As of November 27, 2025, Rankiteo reports that 阿里巴巴集团 has experienced 5 cybersecurity incidents.
Number of Peer and Competitor Companies
阿里巴巴集团 has an estimated 3 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at 阿里巴巴集团 ?
Incident Types: The types of cybersecurity incidents that have occurred include Breach and Data Leak.
How does 阿里巴巴集团 detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an remediation measures with fixed the security breach, and communication strategy with customers were cautioned by lazada to watch out for phishing emails...
Incident Details
Can you provide details on each incident ?
Title: Data Breach at Alibaba's Cainiao Network
Description: Chinese police arrested 21 suspects for theft of customer information from Alibaba Group Holding’s logistics affiliate Cainiao Network. More than 10 million pieces of client data was compromised, including user names, phone numbers, and parcel tracking numbers. Barcode scanners used in its distribution stations had been infected with malware. Police investigation determined that none of the illegally obtained data had been shared with any third parties.
Type: Data Breach
Attack Vector: Malware
Vulnerability Exploited: Infected Barcode Scanners
Threat Actor: 21 suspects arrested by Chinese police
Motivation: Theft of Customer Information
Title: Data Breach at Cainiao Network
Description: Chinese police arrested 21 suspects in connection with the theft of customer information from Alibaba Group Holding’s logistics affiliate Cainiao Network. More than 10 million pieces of client data including user names, phone numbers, and parcel tracking numbers were stolen from Cainiao. Barcode scanners used in its distribution stations had been infected with malware. The security breach has now been fixed.
Type: Data Breach
Attack Vector: Malware
Motivation: Data Theft
Title: City Brain Data Exposure
Description: An Alibaba-owned project called City Brain exposed its data via elastic search engine instances that were left open without any authentication. It left all the data from its processing open for anybody to view. It involved 56GB of data across 22 indices that appeared to be a mix of test and production naming. Within the indices were links to a cloud system for City Brain vendors. Links and indices revealed that the data belongs to which city. Luzhou and Hangzhou are both well-known cities involved with the City Brain program.
Type: Data Exposure
Attack Vector: Unauthenticated Elastic Search Engine Instances
Vulnerability Exploited: Open Elastic Search Instances
Title: RedMart Data Breach
Description: A customer database containing the private information of 1.1 million RedMart user accounts was breached, and this information was then sold on an internet forum.
Type: Data Breach
Title: Alibaba Servers Used for Data Theft in India
Description: Alibaba, a Chinese tech giant, was found to have servers that were used for data theft, with at least 72 servers sending data to China.
Type: Data Theft
Attack Vector: Server-based data exfiltration
Threat Actor: Chinese government or Chinese Communist Party-linked entities
Motivation: Cyber espionage
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Data Leak.
How does the company identify the attack vectors used in incidents ?
Identification of Attack Vectors: The company identifies the attack vectors used in incidents through Barcode scanners.
Impact of the Incidents
What was the impact of each incident ?
Incident : Data Breach ALI212330922
Data Compromised: User names, Phone numbers, Parcel tracking numbers
Systems Affected: Barcode scanners
Incident : Data Breach ALI138311022
Data Compromised: User names, phone numbers, parcel tracking numbers
Systems Affected: Barcode scanners
Incident : Data Exposure ALI150121222
Data Compromised: 56GB of data across 22 indices
Incident : Data Breach RED4498523
Data Compromised: Names, Phone numbers, E-mail addresses, Mailing addresses, Encrypted passwords, A portion of credit card numbers
Incident : Data Theft ALI11519623
Data Compromised: User data from India
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are User Names, Phone Numbers, Parcel Tracking Numbers, , User Names, Phone Numbers, Parcel Tracking Numbers, , Personal Information, Payment Information, and User data.
Which entities were affected by each incident ?
Incident : Data Breach ALI212330922
Entity Name: Cainiao Network
Entity Type: Logistics Company
Industry: Logistics
Location: China
Customers Affected: More than 10 million
Incident : Data Breach ALI138311022
Entity Name: Cainiao Network
Entity Type: Corporate
Industry: Logistics
Location: China
Customers Affected: More than 10 million
Incident : Data Breach RED4498523
Entity Name: RedMart
Entity Type: E-commerce
Industry: E-grocer
Customers Affected: 1100000
Incident : Data Theft ALI11519623
Entity Name: Alibaba
Entity Type: Tech Company
Industry: Technology
Location: IndiaChina
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Data Breach ALI212330922
Incident : Data Breach ALI138311022
Remediation Measures: Fixed the security breach
Incident : Data Breach RED4498523
Communication Strategy: Customers were cautioned by Lazada to watch out for phishing emails.
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach ALI212330922
Type of Data Compromised: User names, Phone numbers, Parcel tracking numbers
Number of Records Exposed: More than 10 million
Incident : Data Breach ALI138311022
Type of Data Compromised: User names, Phone numbers, Parcel tracking numbers
Number of Records Exposed: More than 10 million
Incident : Data Breach RED4498523
Type of Data Compromised: Personal information, Payment information
Number of Records Exposed: 1100000
Sensitivity of Data: High
Data Exfiltration: Yes
Data Encryption: Passwords were encrypted
Personally Identifiable Information: Yes
What measures does the company take to prevent data exfiltration ?
Prevention of Data Exfiltration: The company takes the following measures to prevent data exfiltration: Fixed the security breach.
References
Where can I find more information about each incident ?
Incident : Data Theft ALI11519623
Source: Media reports and intelligence sources
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: Media reports and intelligence sources.
Investigation Status
What is the current status of the investigation for each incident ?
Incident : Data Breach ALI138311022
Investigation Status: Resolved
Incident : Data Theft ALI11519623
Investigation Status: Ongoing
How does the company communicate the status of incident investigations to stakeholders ?
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through Customers were cautioned by Lazada to watch out for phishing emails..
Stakeholder and Customer Advisories
Were there any advisories issued to stakeholders or customers for each incident ?
Incident : Data Breach RED4498523
Customer Advisories: Customers were cautioned by Lazada to watch out for phishing emails.
What advisories does the company provide to stakeholders and customers following an incident ?
Advisories Provided: The company provides the following advisories to stakeholders and customers following an incident: was Customers were cautioned by Lazada to watch out for phishing emails..
Initial Access Broker
How did the initial access broker gain entry for each incident ?
Incident : Data Breach ALI138311022
Entry Point: Barcode scanners
Post-Incident Analysis
What were the root causes and corrective actions taken for each incident ?
Incident : Data Breach ALI212330922
Root Causes: Infected Barcode Scanners
Incident : Data Breach ALI138311022
Root Causes: Malware infection in barcode scanners
Corrective Actions: Fixed the security breach
What corrective actions has the company taken based on post-incident analysis ?
Corrective Actions Taken: The company has taken the following corrective actions based on post-incident analysis: Fixed the security breach.
Additional Questions
General Information
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident were an 21 suspects arrested by Chinese police and Chinese government or Chinese Communist Party-linked entities.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were User names, Phone numbers, Parcel tracking numbers, , User names, phone numbers, parcel tracking numbers, 56GB of data across 22 indices, names, phone numbers, e-mail addresses, mailing addresses, encrypted passwords, a portion of credit card numbers, and User data from India.
What was the most significant system affected in an incident ?
Most Significant System Affected: The most significant system affected in an incident was Barcode scanners and .
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were User names, phone numbers, parcel tracking numbers, encrypted passwords, a portion of credit card numbers, e-mail addresses, mailing addresses, Parcel tracking numbers, 56GB of data across 22 indices, names, phone numbers, User names, User data from India and Phone numbers.
What was the number of records exposed in the most significant breach ?
Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 20.0M.
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident is Media reports and intelligence sources.
Investigation Status
What is the current status of the most recent investigation ?
Current Status of Most Recent Investigation: The current status of the most recent investigation is Resolved.
Stakeholder and Customer Advisories
What was the most recent customer advisory issued ?
Most Recent Customer Advisory: The most recent customer advisory issued was an Customers were cautioned by Lazada to watch out for phishing emails.
Initial Access Broker
What was the most recent entry point used by an initial access broker ?
Most Recent Entry Point: The most recent entry point used by an initial access broker was an Barcode scanners.
Post-Incident Analysis
What was the most significant root cause identified in post-incident analysis ?
Most Significant Root Cause: The most significant root cause identified in post-incident analysis was Infected Barcode Scanners, Malware infection in barcode scanners.
What was the most significant corrective action taken based on post-incident analysis ?
Most Significant Corrective Action: The most significant corrective action taken based on post-incident analysis was Fixed the security breach.
.png)
Latest Global CVEs (Not Company-Specific)
Description
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to versions 19.2.16, 20.3.14, and 21.0.1, there is a XSRF token leakage via protocol-relative URLs in angular HTTP clients. The vulnerability is a Credential Leak by App Logic that leads to the unauthorized disclosure of the Cross-Site Request Forgery (XSRF) token to an attacker-controlled domain. Angular's HttpClient has a built-in XSRF protection mechanism that works by checking if a request URL starts with a protocol (http:// or https://) to determine if it is cross-origin. If the URL starts with protocol-relative URL (//), it is incorrectly treated as a same-origin request, and the XSRF token is automatically added to the X-XSRF-TOKEN header. This issue has been patched in versions 19.2.16, 20.3.14, and 21.0.1. A workaround for this issue involves avoiding using protocol-relative URLs (URLs starting with //) in HttpClient requests. All backend communication URLs should be hardcoded as relative paths (starting with a single /) or fully qualified, trusted absolute URLs.
Risk Information
cvss4
Base: 7.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
- https://github.com/angular/angular/commit/0276479e7d0e280e0f8d26fa567d3b7aa97a516f
- https://github.com/angular/angular/commit/05fe6686a97fa0bcd3cf157805b3612033f975bc
- https://github.com/angular/angular/commit/3240d856d942727372a705252f7c8c115394a41e
- https://github.com/angular/angular/releases/tag/19.2.16
- https://github.com/angular/angular/releases/tag/20.3.14
- https://github.com/angular/angular/releases/tag/21.0.1
- https://github.com/angular/angular/security/advisories/GHSA-58c5-g7wp-6w37
Description
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Uncontrolled Recursion vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft deep ASN.1 structures that trigger unbounded recursive parsing. This leads to a Denial-of-Service (DoS) via stack exhaustion when parsing untrusted DER inputs. This issue has been patched in version 1.3.2.
Risk Information
cvss4
Base: 8.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Integer Overflow vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft ASN.1 structures containing OIDs with oversized arcs. These arcs may be decoded as smaller, trusted OIDs due to 32-bit bitwise truncation, enabling the bypass of downstream OID-based security decisions. This issue has been patched in version 1.3.2.
Risk Information
cvss4
Base: 6.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. Prior to versions 7.0.13 and 8.0.2, working with large buffers in Lua scripts can lead to a stack overflow. Users of Lua rules and output scripts may be affected when working with large buffers. This includes a rule passing a large buffer to a Lua script. This issue has been patched in versions 7.0.13 and 8.0.2. A workaround for this issue involves disabling Lua rules and output scripts, or making sure limits, such as stream.depth.reassembly and HTTP response body limits (response-body-limit), are set to less than half the stack size.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Description
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. In versions from 8.0.0 to before 8.0.2, a NULL dereference can occur when the entropy keyword is used in conjunction with base64_data. This issue has been patched in version 8.0.2. A workaround involves disabling rules that use entropy in conjunction with base64_data.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=alibaba-group' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
