Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-tsyg-wngz-9fdt

Summary Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. Prior to versions 7.0.13 and 8.0.2, a stack overflow can occur on large HTTP file transfers if the user has increased the HTTP response body limit and enabled the logging of printable http bodies. This issue has been patched in versions 7.0.13 and 8.0.2. A workaround for this issue involves using default HTTP response body limits and/or disabling http-body-printable logging; body logging is disabled by default.

Aliases

alias	CVE-2025-64331

Fixed_packages

url	pkg:apk/alpine/suricata@8.0.2-r0?arch=aarch64&distroversion=edge&reponame=community
purl	pkg:apk/alpine/suricata@8.0.2-r0?arch=aarch64&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/suricata@8.0.2-r0%3Farch=aarch64&distroversion=edge&reponame=community

url	pkg:apk/alpine/suricata@8.0.2-r0?arch=armhf&distroversion=edge&reponame=community
purl	pkg:apk/alpine/suricata@8.0.2-r0?arch=armhf&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/suricata@8.0.2-r0%3Farch=armhf&distroversion=edge&reponame=community

url	pkg:apk/alpine/suricata@8.0.2-r0?arch=armv7&distroversion=edge&reponame=community
purl	pkg:apk/alpine/suricata@8.0.2-r0?arch=armv7&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/suricata@8.0.2-r0%3Farch=armv7&distroversion=edge&reponame=community

url	pkg:apk/alpine/suricata@8.0.2-r0?arch=loongarch64&distroversion=edge&reponame=community
purl	pkg:apk/alpine/suricata@8.0.2-r0?arch=loongarch64&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/suricata@8.0.2-r0%3Farch=loongarch64&distroversion=edge&reponame=community

url	pkg:apk/alpine/suricata@8.0.2-r0?arch=ppc64le&distroversion=edge&reponame=community
purl	pkg:apk/alpine/suricata@8.0.2-r0?arch=ppc64le&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/suricata@8.0.2-r0%3Farch=ppc64le&distroversion=edge&reponame=community

url	pkg:apk/alpine/suricata@8.0.2-r0?arch=riscv64&distroversion=edge&reponame=community
purl	pkg:apk/alpine/suricata@8.0.2-r0?arch=riscv64&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/suricata@8.0.2-r0%3Farch=riscv64&distroversion=edge&reponame=community

url	pkg:apk/alpine/suricata@8.0.2-r0?arch=s390x&distroversion=edge&reponame=community
purl	pkg:apk/alpine/suricata@8.0.2-r0?arch=s390x&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/suricata@8.0.2-r0%3Farch=s390x&distroversion=edge&reponame=community

url	pkg:apk/alpine/suricata@8.0.2-r0?arch=x86&distroversion=edge&reponame=community
purl	pkg:apk/alpine/suricata@8.0.2-r0?arch=x86&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/suricata@8.0.2-r0%3Farch=x86&distroversion=edge&reponame=community

url	pkg:apk/alpine/suricata@8.0.2-r0?arch=x86_64&distroversion=edge&reponame=community
purl	pkg:apk/alpine/suricata@8.0.2-r0?arch=x86_64&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/suricata@8.0.2-r0%3Farch=x86_64&distroversion=edge&reponame=community

url	pkg:apk/alpine/suricata@8.0.2-r0?arch=aarch64&distroversion=v3.24&reponame=community
purl	pkg:apk/alpine/suricata@8.0.2-r0?arch=aarch64&distroversion=v3.24&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/suricata@8.0.2-r0%3Farch=aarch64&distroversion=v3.24&reponame=community

url	pkg:apk/alpine/suricata@8.0.2-r0?arch=armhf&distroversion=v3.24&reponame=community
purl	pkg:apk/alpine/suricata@8.0.2-r0?arch=armhf&distroversion=v3.24&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/suricata@8.0.2-r0%3Farch=armhf&distroversion=v3.24&reponame=community

url	pkg:apk/alpine/suricata@8.0.2-r0?arch=armv7&distroversion=v3.24&reponame=community
purl	pkg:apk/alpine/suricata@8.0.2-r0?arch=armv7&distroversion=v3.24&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/suricata@8.0.2-r0%3Farch=armv7&distroversion=v3.24&reponame=community

url	pkg:apk/alpine/suricata@8.0.2-r0?arch=loongarch64&distroversion=v3.24&reponame=community
purl	pkg:apk/alpine/suricata@8.0.2-r0?arch=loongarch64&distroversion=v3.24&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/suricata@8.0.2-r0%3Farch=loongarch64&distroversion=v3.24&reponame=community

url	pkg:apk/alpine/suricata@8.0.2-r0?arch=ppc64le&distroversion=v3.24&reponame=community
purl	pkg:apk/alpine/suricata@8.0.2-r0?arch=ppc64le&distroversion=v3.24&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/suricata@8.0.2-r0%3Farch=ppc64le&distroversion=v3.24&reponame=community

url	pkg:apk/alpine/suricata@8.0.2-r0?arch=riscv64&distroversion=v3.24&reponame=community
purl	pkg:apk/alpine/suricata@8.0.2-r0?arch=riscv64&distroversion=v3.24&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/suricata@8.0.2-r0%3Farch=riscv64&distroversion=v3.24&reponame=community

url	pkg:apk/alpine/suricata@8.0.2-r0?arch=s390x&distroversion=v3.24&reponame=community
purl	pkg:apk/alpine/suricata@8.0.2-r0?arch=s390x&distroversion=v3.24&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/suricata@8.0.2-r0%3Farch=s390x&distroversion=v3.24&reponame=community

url	pkg:apk/alpine/suricata@8.0.2-r0?arch=x86&distroversion=v3.24&reponame=community
purl	pkg:apk/alpine/suricata@8.0.2-r0?arch=x86&distroversion=v3.24&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/suricata@8.0.2-r0%3Farch=x86&distroversion=v3.24&reponame=community

url	pkg:apk/alpine/suricata@8.0.2-r0?arch=x86_64&distroversion=v3.24&reponame=community
purl	pkg:apk/alpine/suricata@8.0.2-r0?arch=x86_64&distroversion=v3.24&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/suricata@8.0.2-r0%3Farch=x86_64&distroversion=v3.24&reponame=community

url	pkg:deb/debian/suricata@1:7.0.10-1~bpo12%2B1
purl	pkg:deb/debian/suricata@1:7.0.10-1~bpo12%2B1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/suricata@1:7.0.10-1~bpo12%252B1

url	pkg:deb/debian/suricata@1:7.0.10-1%2Bdeb13u2?distro=trixie
purl	pkg:deb/debian/suricata@1:7.0.10-1%2Bdeb13u2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/suricata@1:7.0.10-1%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/suricata@1:7.0.10-1%2Bdeb13u4?distro=trixie
purl	pkg:deb/debian/suricata@1:7.0.10-1%2Bdeb13u4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/suricata@1:7.0.10-1%252Bdeb13u4%3Fdistro=trixie

url	pkg:deb/debian/suricata@1:8.0.2-1?distro=trixie
purl	pkg:deb/debian/suricata@1:8.0.2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/suricata@1:8.0.2-1%3Fdistro=trixie

url	pkg:deb/debian/suricata@1:8.0.5-1?distro=trixie
purl	pkg:deb/debian/suricata@1:8.0.5-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/suricata@1:8.0.5-1%3Fdistro=trixie

Affected_packages

url pkg:deb/debian/suricata@1:6.0.1-3

purl pkg:deb/debian/suricata@1:6.0.1-3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-22w1-cvnv-fbfy

vulnerability	VCID-32h7-m9mm-5yaq

vulnerability	VCID-3sax-gc7w-tkg4

vulnerability	VCID-5wp7-mrrm-bfav

vulnerability	VCID-6pk7-a1e5-tue1

vulnerability	VCID-76e2-93ej-5yeg

vulnerability	VCID-8e9w-87a5-23gt

vulnerability	VCID-9g2y-e2w5-4bdx

vulnerability	VCID-abr4-epyy-dqfp

vulnerability	VCID-amys-da3n-r7f4

vulnerability	VCID-b42w-r5w4-xkdu

vulnerability	VCID-b61j-jzmv-x3bj

vulnerability	VCID-chjk-tchh-kfck

vulnerability	VCID-ee7d-3mw6-9uca

vulnerability	VCID-ez39-tqb5-43gn

vulnerability	VCID-jvzd-4yuy-xbg2

vulnerability	VCID-k73c-4k81-hfb7

vulnerability	VCID-kfjv-uh1c-ckf2

vulnerability	VCID-mqaz-fh6g-kuhm

vulnerability	VCID-mu98-697y-jkde

vulnerability	VCID-np2s-r1ww-aubw

vulnerability	VCID-pfwk-5yzr-bbda

vulnerability	VCID-qbq6-7kz5-4ke6

vulnerability	VCID-qfhy-b4mk-abdv

vulnerability	VCID-r1a7-5st1-xbd1

vulnerability	VCID-rzy9-8yd5-w3cn

vulnerability	VCID-saj6-vrkq-e7h9

vulnerability	VCID-stvh-2q2x-4ffd

vulnerability	VCID-tf2g-8nbr-z3d8

vulnerability	VCID-tsyg-wngz-9fdt

vulnerability	VCID-vr4z-3xqz-v7ek

vulnerability	VCID-vr8u-frs8-4qcn

vulnerability	VCID-w2vg-8ef4-2ugq

vulnerability	VCID-wwwc-e7w5-q3aa

vulnerability	VCID-y67k-2ueg-zbhh

vulnerability	VCID-yaf8-9qwm-5ug3

vulnerability	VCID-z15c-9mdw-w7g8

vulnerability	VCID-z48f-d4p1-7qbe

vulnerability	VCID-z5qv-zqtk-63f1

vulnerability	VCID-zhyx-btu6-kket

vulnerability	VCID-zkjp-t5xv-kfht

vulnerability	VCID-zr1u-99gx-47ed

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/suricata@1:6.0.1-3

url pkg:deb/debian/suricata@1:6.0.1-3?distro=trixie

purl pkg:deb/debian/suricata@1:6.0.1-3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-32h7-m9mm-5yaq

vulnerability	VCID-5wp7-mrrm-bfav

vulnerability	VCID-6pk7-a1e5-tue1

vulnerability	VCID-76e2-93ej-5yeg

vulnerability	VCID-abr4-epyy-dqfp

vulnerability	VCID-amys-da3n-r7f4

vulnerability	VCID-b61j-jzmv-x3bj

vulnerability	VCID-chjk-tchh-kfck

vulnerability	VCID-ee7d-3mw6-9uca

vulnerability	VCID-ez39-tqb5-43gn

vulnerability	VCID-jvzd-4yuy-xbg2

vulnerability	VCID-k73c-4k81-hfb7

vulnerability	VCID-kfjv-uh1c-ckf2

vulnerability	VCID-mqaz-fh6g-kuhm

vulnerability	VCID-mu98-697y-jkde

vulnerability	VCID-np2s-r1ww-aubw

vulnerability	VCID-pfwk-5yzr-bbda

vulnerability	VCID-qbq6-7kz5-4ke6

vulnerability	VCID-r1a7-5st1-xbd1

vulnerability	VCID-rzy9-8yd5-w3cn

vulnerability	VCID-saj6-vrkq-e7h9

vulnerability	VCID-stvh-2q2x-4ffd

vulnerability	VCID-tf2g-8nbr-z3d8

vulnerability	VCID-tsyg-wngz-9fdt

vulnerability	VCID-vr4z-3xqz-v7ek

vulnerability	VCID-vr8u-frs8-4qcn

vulnerability	VCID-w2vg-8ef4-2ugq

vulnerability	VCID-wwwc-e7w5-q3aa

vulnerability	VCID-yaf8-9qwm-5ug3

vulnerability	VCID-z15c-9mdw-w7g8

vulnerability	VCID-z48f-d4p1-7qbe

vulnerability	VCID-z5qv-zqtk-63f1

vulnerability	VCID-zhyx-btu6-kket

vulnerability	VCID-zkjp-t5xv-kfht

vulnerability	VCID-zr1u-99gx-47ed

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/suricata@1:6.0.1-3%3Fdistro=trixie

References

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-64331.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-64331.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-64331

reference_id

reference_type

scores

value	0.00085
scoring_system	epss
scoring_elements	0.24715
published_at	2026-06-11T12:55:00Z

value	0.00085
scoring_system	epss
scoring_elements	0.24913
published_at	2026-06-12T12:55:00Z

value	0.00085
scoring_system	epss
scoring_elements	0.24924
published_at	2026-06-13T12:55:00Z

value	0.00085
scoring_system	epss
scoring_elements	0.24908
published_at	2026-06-14T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-64331

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64331
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64331

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2417415
reference_id	2417415
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2417415

reference_url

https://github.com/OISF/suricata/security/advisories/GHSA-v32w-j79x-pfj2

reference_id

GHSA-v32w-j79x-pfj2

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-11-28T15:37:52Z/

url

https://github.com/OISF/suricata/security/advisories/GHSA-v32w-j79x-pfj2

Weaknesses

cwe_id	121
name	Stack-based Buffer Overflow
description	A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).

Exploits

Severity_range_score 7.5 - 7.5

Exploitability 0.5

Weighted_severity 6.8

Risk_score 3.4

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tsyg-wngz-9fdt

Vulnerability Instance