Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/90487?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/90487?format=api", "vulnerability_id": "VCID-tsyg-wngz-9fdt", "summary": "Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. Prior to versions 7.0.13 and 8.0.2, a stack overflow can occur on large HTTP file transfers if the user has increased the HTTP response body limit and enabled the logging of printable http bodies. This issue has been patched in versions 7.0.13 and 8.0.2. A workaround for this issue involves using default HTTP response body limits and/or disabling http-body-printable logging; body logging is disabled by default.", "aliases": [ { "alias": "CVE-2025-64331" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/173456?format=api", "purl": "pkg:apk/alpine/suricata@8.0.2-r0?arch=aarch64&distroversion=edge&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/suricata@8.0.2-r0%3Farch=aarch64&distroversion=edge&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/173457?format=api", "purl": "pkg:apk/alpine/suricata@8.0.2-r0?arch=armhf&distroversion=edge&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/suricata@8.0.2-r0%3Farch=armhf&distroversion=edge&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/173458?format=api", "purl": "pkg:apk/alpine/suricata@8.0.2-r0?arch=armv7&distroversion=edge&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/suricata@8.0.2-r0%3Farch=armv7&distroversion=edge&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/173459?format=api", "purl": "pkg:apk/alpine/suricata@8.0.2-r0?arch=loongarch64&distroversion=edge&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/suricata@8.0.2-r0%3Farch=loongarch64&distroversion=edge&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/173460?format=api", "purl": "pkg:apk/alpine/suricata@8.0.2-r0?arch=ppc64le&distroversion=edge&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/suricata@8.0.2-r0%3Farch=ppc64le&distroversion=edge&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/173461?format=api", "purl": "pkg:apk/alpine/suricata@8.0.2-r0?arch=riscv64&distroversion=edge&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/suricata@8.0.2-r0%3Farch=riscv64&distroversion=edge&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/173462?format=api", "purl": "pkg:apk/alpine/suricata@8.0.2-r0?arch=s390x&distroversion=edge&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/suricata@8.0.2-r0%3Farch=s390x&distroversion=edge&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/173463?format=api", "purl": "pkg:apk/alpine/suricata@8.0.2-r0?arch=x86&distroversion=edge&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/suricata@8.0.2-r0%3Farch=x86&distroversion=edge&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/173464?format=api", "purl": "pkg:apk/alpine/suricata@8.0.2-r0?arch=x86_64&distroversion=edge&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/suricata@8.0.2-r0%3Farch=x86_64&distroversion=edge&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/278148?format=api", "purl": "pkg:apk/alpine/suricata@8.0.2-r0?arch=aarch64&distroversion=v3.24&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/suricata@8.0.2-r0%3Farch=aarch64&distroversion=v3.24&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/278149?format=api", "purl": "pkg:apk/alpine/suricata@8.0.2-r0?arch=armhf&distroversion=v3.24&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/suricata@8.0.2-r0%3Farch=armhf&distroversion=v3.24&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/278150?format=api", "purl": "pkg:apk/alpine/suricata@8.0.2-r0?arch=armv7&distroversion=v3.24&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/suricata@8.0.2-r0%3Farch=armv7&distroversion=v3.24&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/278151?format=api", "purl": "pkg:apk/alpine/suricata@8.0.2-r0?arch=loongarch64&distroversion=v3.24&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/suricata@8.0.2-r0%3Farch=loongarch64&distroversion=v3.24&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/278152?format=api", "purl": "pkg:apk/alpine/suricata@8.0.2-r0?arch=ppc64le&distroversion=v3.24&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/suricata@8.0.2-r0%3Farch=ppc64le&distroversion=v3.24&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/278153?format=api", "purl": "pkg:apk/alpine/suricata@8.0.2-r0?arch=riscv64&distroversion=v3.24&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/suricata@8.0.2-r0%3Farch=riscv64&distroversion=v3.24&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/278154?format=api", "purl": "pkg:apk/alpine/suricata@8.0.2-r0?arch=s390x&distroversion=v3.24&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/suricata@8.0.2-r0%3Farch=s390x&distroversion=v3.24&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/278155?format=api", "purl": "pkg:apk/alpine/suricata@8.0.2-r0?arch=x86&distroversion=v3.24&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/suricata@8.0.2-r0%3Farch=x86&distroversion=v3.24&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/278156?format=api", "purl": "pkg:apk/alpine/suricata@8.0.2-r0?arch=x86_64&distroversion=v3.24&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/suricata@8.0.2-r0%3Farch=x86_64&distroversion=v3.24&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/1074802?format=api", "purl": "pkg:deb/debian/suricata@1:7.0.10-1~bpo12%2B1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/suricata@1:7.0.10-1~bpo12%252B1" }, { "url": "http://public2.vulnerablecode.io/api/packages/104781?format=api", "purl": "pkg:deb/debian/suricata@1:7.0.10-1%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/suricata@1:7.0.10-1%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/104750?format=api", "purl": "pkg:deb/debian/suricata@1:7.0.10-1%2Bdeb13u4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/suricata@1:7.0.10-1%252Bdeb13u4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/104780?format=api", "purl": "pkg:deb/debian/suricata@1:8.0.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/suricata@1:8.0.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/104749?format=api", "purl": "pkg:deb/debian/suricata@1:8.0.5-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/suricata@1:8.0.5-1%3Fdistro=trixie" } ], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1074801?format=api", "purl": "pkg:deb/debian/suricata@1:6.0.1-3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-22w1-cvnv-fbfy" }, { "vulnerability": "VCID-32h7-m9mm-5yaq" }, { "vulnerability": "VCID-3sax-gc7w-tkg4" }, { "vulnerability": "VCID-5wp7-mrrm-bfav" }, { "vulnerability": "VCID-6pk7-a1e5-tue1" }, { "vulnerability": "VCID-76e2-93ej-5yeg" }, { "vulnerability": "VCID-8e9w-87a5-23gt" }, { "vulnerability": "VCID-9g2y-e2w5-4bdx" }, { "vulnerability": "VCID-abr4-epyy-dqfp" }, { "vulnerability": "VCID-amys-da3n-r7f4" }, { "vulnerability": "VCID-b42w-r5w4-xkdu" }, { "vulnerability": "VCID-b61j-jzmv-x3bj" }, { "vulnerability": "VCID-chjk-tchh-kfck" }, { "vulnerability": "VCID-ee7d-3mw6-9uca" }, { "vulnerability": "VCID-ez39-tqb5-43gn" }, { "vulnerability": "VCID-jvzd-4yuy-xbg2" }, { "vulnerability": "VCID-k73c-4k81-hfb7" }, { "vulnerability": "VCID-kfjv-uh1c-ckf2" }, { "vulnerability": "VCID-mqaz-fh6g-kuhm" }, { "vulnerability": "VCID-mu98-697y-jkde" }, { "vulnerability": "VCID-np2s-r1ww-aubw" }, { "vulnerability": "VCID-pfwk-5yzr-bbda" }, { "vulnerability": "VCID-qbq6-7kz5-4ke6" }, { "vulnerability": "VCID-qfhy-b4mk-abdv" }, { "vulnerability": "VCID-r1a7-5st1-xbd1" }, { "vulnerability": "VCID-rzy9-8yd5-w3cn" }, { "vulnerability": "VCID-saj6-vrkq-e7h9" }, { "vulnerability": "VCID-stvh-2q2x-4ffd" }, { "vulnerability": "VCID-tf2g-8nbr-z3d8" }, { "vulnerability": "VCID-tsyg-wngz-9fdt" }, { "vulnerability": "VCID-vr4z-3xqz-v7ek" }, { "vulnerability": "VCID-vr8u-frs8-4qcn" }, { "vulnerability": "VCID-w2vg-8ef4-2ugq" }, { "vulnerability": "VCID-wwwc-e7w5-q3aa" }, { "vulnerability": "VCID-y67k-2ueg-zbhh" }, { "vulnerability": "VCID-yaf8-9qwm-5ug3" }, { "vulnerability": "VCID-z15c-9mdw-w7g8" }, { "vulnerability": "VCID-z48f-d4p1-7qbe" }, { "vulnerability": "VCID-z5qv-zqtk-63f1" }, { "vulnerability": "VCID-zhyx-btu6-kket" }, { "vulnerability": "VCID-zkjp-t5xv-kfht" }, { "vulnerability": "VCID-zr1u-99gx-47ed" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/suricata@1:6.0.1-3" }, { "url": "http://public2.vulnerablecode.io/api/packages/104747?format=api", "purl": "pkg:deb/debian/suricata@1:6.0.1-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-32h7-m9mm-5yaq" }, { "vulnerability": "VCID-5wp7-mrrm-bfav" }, { "vulnerability": "VCID-6pk7-a1e5-tue1" }, { "vulnerability": "VCID-76e2-93ej-5yeg" }, { "vulnerability": "VCID-abr4-epyy-dqfp" }, { "vulnerability": "VCID-amys-da3n-r7f4" }, { "vulnerability": "VCID-b61j-jzmv-x3bj" }, { "vulnerability": "VCID-chjk-tchh-kfck" }, { "vulnerability": "VCID-ee7d-3mw6-9uca" }, { "vulnerability": "VCID-ez39-tqb5-43gn" }, { "vulnerability": "VCID-jvzd-4yuy-xbg2" }, { "vulnerability": "VCID-k73c-4k81-hfb7" }, { "vulnerability": "VCID-kfjv-uh1c-ckf2" }, { "vulnerability": "VCID-mqaz-fh6g-kuhm" }, { "vulnerability": "VCID-mu98-697y-jkde" }, { "vulnerability": "VCID-np2s-r1ww-aubw" }, { "vulnerability": "VCID-pfwk-5yzr-bbda" }, { "vulnerability": "VCID-qbq6-7kz5-4ke6" }, { "vulnerability": "VCID-r1a7-5st1-xbd1" }, { "vulnerability": "VCID-rzy9-8yd5-w3cn" }, { "vulnerability": "VCID-saj6-vrkq-e7h9" }, { "vulnerability": "VCID-stvh-2q2x-4ffd" }, { "vulnerability": "VCID-tf2g-8nbr-z3d8" }, { "vulnerability": "VCID-tsyg-wngz-9fdt" }, { "vulnerability": "VCID-vr4z-3xqz-v7ek" }, { "vulnerability": "VCID-vr8u-frs8-4qcn" }, { "vulnerability": "VCID-w2vg-8ef4-2ugq" }, { "vulnerability": "VCID-wwwc-e7w5-q3aa" }, { "vulnerability": "VCID-yaf8-9qwm-5ug3" }, { "vulnerability": "VCID-z15c-9mdw-w7g8" }, { "vulnerability": "VCID-z48f-d4p1-7qbe" }, { "vulnerability": "VCID-z5qv-zqtk-63f1" }, { "vulnerability": "VCID-zhyx-btu6-kket" }, { "vulnerability": "VCID-zkjp-t5xv-kfht" }, { "vulnerability": "VCID-zr1u-99gx-47ed" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/suricata@1:6.0.1-3%3Fdistro=trixie" } ], "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-64331.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-64331.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-64331", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24715", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24913", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24924", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24908", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-64331" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64331", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64331" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2417415", "reference_id": "2417415", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2417415" }, { "reference_url": "https://github.com/OISF/suricata/security/advisories/GHSA-v32w-j79x-pfj2", "reference_id": "GHSA-v32w-j79x-pfj2", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-11-28T15:37:52Z/" } ], "url": "https://github.com/OISF/suricata/security/advisories/GHSA-v32w-j79x-pfj2" } ], "weaknesses": [ { "cwe_id": 121, "name": "Stack-based Buffer Overflow", "description": "A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function)." } ], "exploits": [], "severity_range_score": "7.5 - 7.5", "exploitability": "0.5", "weighted_severity": "6.8", "risk_score": 3.4, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tsyg-wngz-9fdt" }