Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/71880?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/71880?format=api", "vulnerability_id": "VCID-6v82-zzv8-ekgs", "summary": "Suricata: Suricata: Stack overflow in Lua scripts due to large buffers", "aliases": [ { "alias": "CVE-2025-64344" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/422085?format=api", "purl": "pkg:apk/alpine/suricata@8.0.2-r0?arch=aarch64&distroversion=edge&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/suricata@8.0.2-r0%3Farch=aarch64&distroversion=edge&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/422086?format=api", "purl": "pkg:apk/alpine/suricata@8.0.2-r0?arch=armhf&distroversion=edge&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/suricata@8.0.2-r0%3Farch=armhf&distroversion=edge&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/422087?format=api", "purl": "pkg:apk/alpine/suricata@8.0.2-r0?arch=armv7&distroversion=edge&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/suricata@8.0.2-r0%3Farch=armv7&distroversion=edge&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/422088?format=api", "purl": "pkg:apk/alpine/suricata@8.0.2-r0?arch=loongarch64&distroversion=edge&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/suricata@8.0.2-r0%3Farch=loongarch64&distroversion=edge&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/422089?format=api", "purl": "pkg:apk/alpine/suricata@8.0.2-r0?arch=ppc64le&distroversion=edge&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/suricata@8.0.2-r0%3Farch=ppc64le&distroversion=edge&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/422090?format=api", "purl": "pkg:apk/alpine/suricata@8.0.2-r0?arch=riscv64&distroversion=edge&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/suricata@8.0.2-r0%3Farch=riscv64&distroversion=edge&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/422091?format=api", "purl": "pkg:apk/alpine/suricata@8.0.2-r0?arch=s390x&distroversion=edge&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/suricata@8.0.2-r0%3Farch=s390x&distroversion=edge&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/422092?format=api", "purl": "pkg:apk/alpine/suricata@8.0.2-r0?arch=x86&distroversion=edge&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/suricata@8.0.2-r0%3Farch=x86&distroversion=edge&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/422093?format=api", "purl": "pkg:apk/alpine/suricata@8.0.2-r0?arch=x86_64&distroversion=edge&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/suricata@8.0.2-r0%3Farch=x86_64&distroversion=edge&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/195455?format=api", "purl": "pkg:deb/debian/suricata@1:7.0.10-1~bpo12%2B1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/suricata@1:7.0.10-1~bpo12%252B1" }, { "url": "http://public2.vulnerablecode.io/api/packages/130060?format=api", "purl": "pkg:deb/debian/suricata@1:7.0.10-1%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/suricata@1:7.0.10-1%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/130024?format=api", "purl": "pkg:deb/debian/suricata@1:7.0.10-1%2Bdeb13u4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/suricata@1:7.0.10-1%252Bdeb13u4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/130059?format=api", "purl": "pkg:deb/debian/suricata@1:8.0.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/suricata@1:8.0.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/130023?format=api", "purl": "pkg:deb/debian/suricata@1:8.0.5-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/suricata@1:8.0.5-1%3Fdistro=trixie" } ], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/130021?format=api", "purl": "pkg:deb/debian/suricata@1:6.0.1-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1atb-t5rw-2bbh" }, { "vulnerability": "VCID-1uxf-5pwc-k7ga" }, { "vulnerability": "VCID-21rt-3hn8-pfb3" }, { "vulnerability": "VCID-5539-qgqs-4kbq" }, { "vulnerability": "VCID-5w8a-bza1-wbgj" }, { "vulnerability": "VCID-6df3-3qw8-y7em" }, { "vulnerability": "VCID-6v82-zzv8-ekgs" }, { "vulnerability": "VCID-6yuj-6mm8-tfa1" }, { "vulnerability": "VCID-92bb-nsrk-fqcq" }, { "vulnerability": "VCID-a2tx-7fad-cqhj" }, { "vulnerability": "VCID-cnu5-y92s-jkhc" }, { "vulnerability": "VCID-czvs-qygy-yug8" }, { "vulnerability": "VCID-dtqf-dgu7-zyeu" }, { "vulnerability": "VCID-dxrt-yh46-8fcs" }, { "vulnerability": "VCID-fr4e-mzjq-37gx" }, { "vulnerability": "VCID-jmux-n4ch-akhb" }, { "vulnerability": "VCID-jqfj-fhe8-5yhe" }, { "vulnerability": "VCID-m5vf-63wz-k3hg" }, { "vulnerability": "VCID-macq-4r7z-93c9" }, { "vulnerability": "VCID-njme-t96n-tbgx" }, { "vulnerability": "VCID-q2m1-bkr7-8qep" }, { "vulnerability": "VCID-qbew-mdcj-7ydd" }, { "vulnerability": "VCID-qee1-kttr-wkcv" }, { "vulnerability": "VCID-qwpp-uu2m-3yf6" }, { "vulnerability": "VCID-r954-4w98-3uh1" }, { "vulnerability": "VCID-rpc4-22es-a7cn" }, { "vulnerability": "VCID-su6k-z5q9-63hb" }, { "vulnerability": "VCID-u12d-1jnd-vkcw" }, { "vulnerability": "VCID-unn5-8jp7-tqa6" }, { "vulnerability": "VCID-vn2j-46nc-1qf3" }, { "vulnerability": "VCID-wq6a-dhch-xbc7" }, { "vulnerability": "VCID-wykc-ehr3-s3b7" }, { "vulnerability": "VCID-x9t5-4suk-e3bk" }, { "vulnerability": "VCID-xsn9-rbtm-uqh1" }, { "vulnerability": "VCID-yqcu-qzpx-63a8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/suricata@1:6.0.1-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/195454?format=api", "purl": "pkg:deb/debian/suricata@1:6.0.1-3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1atb-t5rw-2bbh" }, { "vulnerability": "VCID-1pjf-8yhu-pkh9" }, { "vulnerability": "VCID-1uxf-5pwc-k7ga" }, { "vulnerability": "VCID-21rt-3hn8-pfb3" }, { "vulnerability": "VCID-5539-qgqs-4kbq" }, { "vulnerability": "VCID-5w8a-bza1-wbgj" }, { "vulnerability": "VCID-6df3-3qw8-y7em" }, { "vulnerability": "VCID-6qtc-ps1x-syc8" }, { "vulnerability": "VCID-6qyu-ra8b-r3ez" }, { "vulnerability": "VCID-6v82-zzv8-ekgs" }, { "vulnerability": "VCID-6yuj-6mm8-tfa1" }, { "vulnerability": "VCID-92bb-nsrk-fqcq" }, { "vulnerability": "VCID-9c7x-dfsd-v3cr" }, { "vulnerability": "VCID-a2tx-7fad-cqhj" }, { "vulnerability": "VCID-b4n6-r2tx-ybcr" }, { "vulnerability": "VCID-c91r-nd8x-qfcb" }, { "vulnerability": "VCID-cnu5-y92s-jkhc" }, { "vulnerability": "VCID-czvs-qygy-yug8" }, { "vulnerability": "VCID-dtqf-dgu7-zyeu" }, { "vulnerability": "VCID-dxrt-yh46-8fcs" }, { "vulnerability": "VCID-fr4e-mzjq-37gx" }, { "vulnerability": "VCID-jmux-n4ch-akhb" }, { "vulnerability": "VCID-jqfj-fhe8-5yhe" }, { "vulnerability": "VCID-m5vf-63wz-k3hg" }, { "vulnerability": "VCID-macq-4r7z-93c9" }, { "vulnerability": "VCID-mg5k-72cx-j3h4" }, { "vulnerability": "VCID-njme-t96n-tbgx" }, { "vulnerability": "VCID-q2m1-bkr7-8qep" }, { "vulnerability": "VCID-qbew-mdcj-7ydd" }, { "vulnerability": "VCID-qee1-kttr-wkcv" }, { "vulnerability": "VCID-qwpp-uu2m-3yf6" }, { "vulnerability": "VCID-r954-4w98-3uh1" }, { "vulnerability": "VCID-rpc4-22es-a7cn" }, { "vulnerability": "VCID-su6k-z5q9-63hb" }, { "vulnerability": "VCID-u12d-1jnd-vkcw" }, { "vulnerability": "VCID-unn5-8jp7-tqa6" }, { "vulnerability": "VCID-vn2j-46nc-1qf3" }, { "vulnerability": "VCID-wq6a-dhch-xbc7" }, { "vulnerability": "VCID-wykc-ehr3-s3b7" }, { "vulnerability": "VCID-x9t5-4suk-e3bk" }, { "vulnerability": "VCID-xsn9-rbtm-uqh1" }, { "vulnerability": "VCID-yqcu-qzpx-63a8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/suricata@1:6.0.1-3" } ], "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-64344.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-64344.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-64344", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21927", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21915", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21868", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24681", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.2469", "published_at": "2026-06-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-64344" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64344", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64344" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2417421", "reference_id": "2417421", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2417421" }, { "reference_url": "https://github.com/OISF/suricata/commit/e13fe6a90dba210a478148c4084f6f5db17c5b5a", "reference_id": "e13fe6a90dba210a478148c4084f6f5db17c5b5a", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-11-28T15:29:12Z/" } ], "url": "https://github.com/OISF/suricata/commit/e13fe6a90dba210a478148c4084f6f5db17c5b5a" }, { "reference_url": "https://github.com/OISF/suricata/security/advisories/GHSA-93fh-cgmc-w3rx", "reference_id": "GHSA-93fh-cgmc-w3rx", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-11-28T15:29:12Z/" } ], "url": "https://github.com/OISF/suricata/security/advisories/GHSA-93fh-cgmc-w3rx" } ], "weaknesses": [ { "cwe_id": 121, "name": "Stack-based Buffer Overflow", "description": "A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function)." } ], "exploits": [], "severity_range_score": "7.5 - 7.5", "exploitability": "0.5", "weighted_severity": "6.8", "risk_score": 3.4, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6v82-zzv8-ekgs" }