Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:apk/alpine/suricata@7.0.8-r0?arch=riscv64&distroversion=v3.24&reponame=community

Type apk

Namespace alpine

Name suricata

Version 7.0.8-r0

Qualifiers

arch	riscv64
distroversion	v3.24
reponame	community

Subpath

Is_vulnerable false

Next_non_vulnerable_version 8.0.1-r0

Latest_non_vulnerable_version 8.0.2-r0

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-9g2y-e2w5-4bdx

vulnerability_id VCID-9g2y-e2w5-4bdx

summary Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.8, a large BPF filter file provided to Suricata at startup can lead to a buffer overflow at Suricata startup. The issue has been addressed in Suricata 7.0.8.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-55626

reference_id

reference_type

scores

value	0.00092
scoring_system	epss
scoring_elements	0.25928
published_at	2026-06-11T12:55:00Z

value	0.00092
scoring_system	epss
scoring_elements	0.26128
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-55626

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-55626
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-55626

reference_url

https://redmine.openinfosecfoundation.org/issues/7366

reference_id

7366

reference_type

scores

value	3.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-06T19:15:39Z/

url

https://redmine.openinfosecfoundation.org/issues/7366

reference_url

https://github.com/OISF/suricata/commit/dd71ef0af222a566e54dfc479dd1951dd17d7ceb

reference_id

dd71ef0af222a566e54dfc479dd1951dd17d7ceb

reference_type

scores

value	3.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-06T19:15:39Z/

url

https://github.com/OISF/suricata/commit/dd71ef0af222a566e54dfc479dd1951dd17d7ceb

reference_url

https://github.com/OISF/suricata/security/advisories/GHSA-wmg4-jqx5-4h9v

reference_id

GHSA-wmg4-jqx5-4h9v

reference_type

scores

value	3.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-06T19:15:39Z/

url

https://github.com/OISF/suricata/security/advisories/GHSA-wmg4-jqx5-4h9v

fixed_packages

url	pkg:apk/alpine/suricata@7.0.8-r0?arch=riscv64&distroversion=v3.24&reponame=community
purl	pkg:apk/alpine/suricata@7.0.8-r0?arch=riscv64&distroversion=v3.24&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/suricata@7.0.8-r0%3Farch=riscv64&distroversion=v3.24&reponame=community

aliases CVE-2024-55626

risk_score 1.5

exploitability 0.5

weighted_severity 3.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9g2y-e2w5-4bdx

url VCID-amys-da3n-r7f4

vulnerability_id VCID-amys-da3n-r7f4

summary Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.8, TCP streams with TCP urgent data (out of band data) can lead to Suricata analyzing data differently than the applications at the TCP endpoints, leading to possible evasions. Suricata 7.0.8 includes options to allow users to configure how to handle TCP urgent data. In IPS mode, you can use a rule such as drop tcp any any -> any any (sid:1; tcp.flags:U*;) to drop all the packets with urgent flag set.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-55629

reference_id

reference_type

scores

value	0.00525
scoring_system	epss
scoring_elements	0.67424
published_at	2026-06-11T12:55:00Z

value	0.00525
scoring_system	epss
scoring_elements	0.67515
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-55629

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-55629
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-55629

reference_url

https://github.com/OISF/suricata/commit/6882bcb3e51bd3cf509fb6569cc30f48d7bb53d7

reference_id

6882bcb3e51bd3cf509fb6569cc30f48d7bb53d7

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-06T18:51:44Z/

url

https://github.com/OISF/suricata/commit/6882bcb3e51bd3cf509fb6569cc30f48d7bb53d7

reference_url

https://redmine.openinfosecfoundation.org/issues/7411

reference_id

7411

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-06T18:51:44Z/

url

https://redmine.openinfosecfoundation.org/issues/7411

reference_url

https://github.com/OISF/suricata/commit/779f9d8ba35c3f9b5abfa327d3a4209861bd2eb8

reference_id

779f9d8ba35c3f9b5abfa327d3a4209861bd2eb8

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-06T18:51:44Z/

url

https://github.com/OISF/suricata/commit/779f9d8ba35c3f9b5abfa327d3a4209861bd2eb8

reference_url

https://github.com/OISF/suricata/security/advisories/GHSA-69wr-vhwg-84h2

reference_id

GHSA-69wr-vhwg-84h2

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-06T18:51:44Z/

url

https://github.com/OISF/suricata/security/advisories/GHSA-69wr-vhwg-84h2

fixed_packages

url	pkg:apk/alpine/suricata@7.0.8-r0?arch=riscv64&distroversion=v3.24&reponame=community
purl	pkg:apk/alpine/suricata@7.0.8-r0?arch=riscv64&distroversion=v3.24&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/suricata@7.0.8-r0%3Farch=riscv64&distroversion=v3.24&reponame=community

aliases CVE-2024-55629

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-amys-da3n-r7f4

url VCID-ee7d-3mw6-9uca

vulnerability_id VCID-ee7d-3mw6-9uca

summary Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.8, DNS resource name compression can lead to small DNS messages containing very large hostnames which can be costly to decode, and lead to very large DNS log records. While there are limits in place, they were too generous. The issue has been addressed in Suricata 7.0.8.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-55628

reference_id

reference_type

scores

value	0.00603
scoring_system	epss
scoring_elements	0.7004
published_at	2026-06-11T12:55:00Z

value	0.00603
scoring_system	epss
scoring_elements	0.7013
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-55628

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-55628
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-55628

reference_url

https://github.com/OISF/suricata/commit/19cf0f81335d9f787d587450f7105ad95a648951

reference_id

19cf0f81335d9f787d587450f7105ad95a648951

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-06T19:14:22Z/

url

https://github.com/OISF/suricata/commit/19cf0f81335d9f787d587450f7105ad95a648951

reference_url

https://github.com/OISF/suricata/commit/37f4c52b22fcdde4adf9b479cb5700f89d00768d

reference_id

37f4c52b22fcdde4adf9b479cb5700f89d00768d

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-06T19:14:22Z/

url

https://github.com/OISF/suricata/commit/37f4c52b22fcdde4adf9b479cb5700f89d00768d

reference_url

https://github.com/OISF/suricata/commit/3a5671739f5b25e5dd973a74ca5fd8ea40e1ae2d

reference_id

3a5671739f5b25e5dd973a74ca5fd8ea40e1ae2d

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-06T19:14:22Z/

url

https://github.com/OISF/suricata/commit/3a5671739f5b25e5dd973a74ca5fd8ea40e1ae2d

reference_url

https://redmine.openinfosecfoundation.org/issues/7280

reference_id

7280

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-06T19:14:22Z/

url

https://redmine.openinfosecfoundation.org/issues/7280

reference_url

https://github.com/OISF/suricata/security/advisories/GHSA-96w4-jqwf-qx2j

reference_id

GHSA-96w4-jqwf-qx2j

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-06T19:14:22Z/

url

https://github.com/OISF/suricata/security/advisories/GHSA-96w4-jqwf-qx2j

fixed_packages

url	pkg:apk/alpine/suricata@7.0.8-r0?arch=riscv64&distroversion=v3.24&reponame=community
purl	pkg:apk/alpine/suricata@7.0.8-r0?arch=riscv64&distroversion=v3.24&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/suricata@7.0.8-r0%3Farch=riscv64&distroversion=v3.24&reponame=community

aliases CVE-2024-55628

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ee7d-3mw6-9uca

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/suricata@7.0.8-r0%3Farch=riscv64&distroversion=v3.24&reponame=community

Package Instance