CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-64334

Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. In versions from 8.0.0 to before 8.0.2, compressed HTTP data can lead to unbounded memory growth during decompression. This issue has been patched in version 8.0.2. A workaround involves disabling LZMA decompression or limiting response-body-limit size.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 16.3%

CVSS Severity

CVSS v3 Score 7.5

References

https://github.com/OISF/suricata/commit/00f04daa3a44928dfdd0003cb9735469272c94a1
https://github.com/OISF/suricata/security/advisories/GHSA-r5jf-v2gx-gx8w

Products affected by CVE-2025-64334

Oisf » Suricata » Version: 8.0.0

cpe:2.3:a:oisf:suricata:8.0.0
Oisf » Suricata » Version: 8.0.1

cpe:2.3:a:oisf:suricata:8.0.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-64334

Products

Pricing

Contact Us