{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/90487?format=json","vulnerability_id":"VCID-tsyg-wngz-9fdt","summary":"Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. Prior to versions 7.0.13 and 8.0.2, a stack overflow can occur on large HTTP file transfers if the user has increased the HTTP response body limit and enabled the logging of printable http bodies. This issue has been patched in versions 7.0.13 and 8.0.2. A workaround for this issue involves using default HTTP response body limits and/or disabling http-body-printable logging; body logging is disabled by default.","aliases":[{"alias":"CVE-2025-64331"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/173456?format=json","purl":"pkg:apk/alpine/suricata@8.0.2-r0?arch=aarch64&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/suricata@8.0.2-r0%3Farch=aarch64&distroversion=edge&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/173457?format=json","purl":"pkg:apk/alpine/suricata@8.0.2-r0?arch=armhf&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/suricata@8.0.2-r0%3Farch=armhf&distroversion=edge&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/173458?format=json","purl":"pkg:apk/alpine/suricata@8.0.2-r0?arch=armv7&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/suricata@8.0.2-r0%3Farch=armv7&distroversion=edge&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/173459?format=json","purl":"pkg:apk/alpine/suricata@8.0.2-r0?arch=loongarch64&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/suricata@8.0.2-r0%3Farch=loongarch64&distroversion=edge&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/173460?format=json","purl":"pkg:apk/alpine/suricata@8.0.2-r0?arch=ppc64le&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/suricata@8.0.2-r0%3Farch=ppc64le&distroversion=edge&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/173461?format=json","purl":"pkg:apk/alpine/suricata@8.0.2-r0?arch=riscv64&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/suricata@8.0.2-r0%3Farch=riscv64&distroversion=edge&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/173462?format=json","purl":"pkg:apk/alpine/suricata@8.0.2-r0?arch=s390x&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/suricata@8.0.2-r0%3Farch=s390x&distroversion=edge&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/173463?format=json","purl":"pkg:apk/alpine/suricata@8.0.2-r0?arch=x86&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/suricata@8.0.2-r0%3Farch=x86&distroversion=edge&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/173464?format=json","purl":"pkg:apk/alpine/suricata@8.0.2-r0?arch=x86_64&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/suricata@8.0.2-r0%3Farch=x86_64&distroversion=edge&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/278148?format=json","purl":"pkg:apk/alpine/suricata@8.0.2-r0?arch=aarch64&distroversion=v3.24&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/suricata@8.0.2-r0%3Farch=aarch64&distroversion=v3.24&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/278149?format=json","purl":"pkg:apk/alpine/suricata@8.0.2-r0?arch=armhf&distroversion=v3.24&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/suricata@8.0.2-r0%3Farch=armhf&distroversion=v3.24&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/278150?format=json","purl":"pkg:apk/alpine/suricata@8.0.2-r0?arch=armv7&distroversion=v3.24&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/suricata@8.0.2-r0%3Farch=armv7&distroversion=v3.24&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/278151?format=json","purl":"pkg:apk/alpine/suricata@8.0.2-r0?arch=loongarch64&distroversion=v3.24&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/suricata@8.0.2-r0%3Farch=loongarch64&distroversion=v3.24&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/278152?format=json","purl":"pkg:apk/alpine/suricata@8.0.2-r0?arch=ppc64le&distroversion=v3.24&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/suricata@8.0.2-r0%3Farch=ppc64le&distroversion=v3.24&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/278153?format=json","purl":"pkg:apk/alpine/suricata@8.0.2-r0?arch=riscv64&distroversion=v3.24&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/suricata@8.0.2-r0%3Farch=riscv64&distroversion=v3.24&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/278154?format=json","purl":"pkg:apk/alpine/suricata@8.0.2-r0?arch=s390x&distroversion=v3.24&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/suricata@8.0.2-r0%3Farch=s390x&distroversion=v3.24&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/278155?format=json","purl":"pkg:apk/alpine/suricata@8.0.2-r0?arch=x86&distroversion=v3.24&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/suricata@8.0.2-r0%3Farch=x86&distroversion=v3.24&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/278156?format=json","purl":"pkg:apk/alpine/suricata@8.0.2-r0?arch=x86_64&distroversion=v3.24&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/suricata@8.0.2-r0%3Farch=x86_64&distroversion=v3.24&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/1074802?format=json","purl":"pkg:deb/debian/suricata@1:7.0.10-1~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/suricata@1:7.0.10-1~bpo12%252B1"},{"url":"http://public2.vulnerablecode.io/api/packages/104781?format=json","purl":"pkg:deb/debian/suricata@1:7.0.10-1%2Bdeb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/suricata@1:7.0.10-1%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/104750?format=json","purl":"pkg:deb/debian/suricata@1:7.0.10-1%2Bdeb13u4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/suricata@1:7.0.10-1%252Bdeb13u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/104780?format=json","purl":"pkg:deb/debian/suricata@1:8.0.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/suricata@1:8.0.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/104749?format=json","purl":"pkg:deb/debian/suricata@1:8.0.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/suricata@1:8.0.5-1%3Fdistro=trixie"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1074801?format=json","purl":"pkg:deb/debian/suricata@1:6.0.1-3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-22w1-cvnv-fbfy"},{"vulnerability":"VCID-32h7-m9mm-5yaq"},{"vulnerability":"VCID-3sax-gc7w-tkg4"},{"vulnerability":"VCID-5wp7-mrrm-bfav"},{"vulnerability":"VCID-6pk7-a1e5-tue1"},{"vulnerability":"VCID-76e2-93ej-5yeg"},{"vulnerability":"VCID-8e9w-87a5-23gt"},{"vulnerability":"VCID-9g2y-e2w5-4bdx"},{"vulnerability":"VCID-abr4-epyy-dqfp"},{"vulnerability":"VCID-amys-da3n-r7f4"},{"vulnerability":"VCID-b42w-r5w4-xkdu"},{"vulnerability":"VCID-b61j-jzmv-x3bj"},{"vulnerability":"VCID-chjk-tchh-kfck"},{"vulnerability":"VCID-ee7d-3mw6-9uca"},{"vulnerability":"VCID-ez39-tqb5-43gn"},{"vulnerability":"VCID-jvzd-4yuy-xbg2"},{"vulnerability":"VCID-k73c-4k81-hfb7"},{"vulnerability":"VCID-kfjv-uh1c-ckf2"},{"vulnerability":"VCID-mqaz-fh6g-kuhm"},{"vulnerability":"VCID-mu98-697y-jkde"},{"vulnerability":"VCID-np2s-r1ww-aubw"},{"vulnerability":"VCID-pfwk-5yzr-bbda"},{"vulnerability":"VCID-qbq6-7kz5-4ke6"},{"vulnerability":"VCID-qfhy-b4mk-abdv"},{"vulnerability":"VCID-r1a7-5st1-xbd1"},{"vulnerability":"VCID-rzy9-8yd5-w3cn"},{"vulnerability":"VCID-saj6-vrkq-e7h9"},{"vulnerability":"VCID-stvh-2q2x-4ffd"},{"vulnerability":"VCID-tf2g-8nbr-z3d8"},{"vulnerability":"VCID-tsyg-wngz-9fdt"},{"vulnerability":"VCID-vr4z-3xqz-v7ek"},{"vulnerability":"VCID-vr8u-frs8-4qcn"},{"vulnerability":"VCID-w2vg-8ef4-2ugq"},{"vulnerability":"VCID-wwwc-e7w5-q3aa"},{"vulnerability":"VCID-y67k-2ueg-zbhh"},{"vulnerability":"VCID-yaf8-9qwm-5ug3"},{"vulnerability":"VCID-z15c-9mdw-w7g8"},{"vulnerability":"VCID-z48f-d4p1-7qbe"},{"vulnerability":"VCID-z5qv-zqtk-63f1"},{"vulnerability":"VCID-zhyx-btu6-kket"},{"vulnerability":"VCID-zkjp-t5xv-kfht"},{"vulnerability":"VCID-zr1u-99gx-47ed"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/suricata@1:6.0.1-3"},{"url":"http://public2.vulnerablecode.io/api/packages/104747?format=json","purl":"pkg:deb/debian/suricata@1:6.0.1-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-32h7-m9mm-5yaq"},{"vulnerability":"VCID-5wp7-mrrm-bfav"},{"vulnerability":"VCID-6pk7-a1e5-tue1"},{"vulnerability":"VCID-76e2-93ej-5yeg"},{"vulnerability":"VCID-abr4-epyy-dqfp"},{"vulnerability":"VCID-amys-da3n-r7f4"},{"vulnerability":"VCID-b61j-jzmv-x3bj"},{"vulnerability":"VCID-chjk-tchh-kfck"},{"vulnerability":"VCID-ee7d-3mw6-9uca"},{"vulnerability":"VCID-ez39-tqb5-43gn"},{"vulnerability":"VCID-jvzd-4yuy-xbg2"},{"vulnerability":"VCID-k73c-4k81-hfb7"},{"vulnerability":"VCID-kfjv-uh1c-ckf2"},{"vulnerability":"VCID-mqaz-fh6g-kuhm"},{"vulnerability":"VCID-mu98-697y-jkde"},{"vulnerability":"VCID-np2s-r1ww-aubw"},{"vulnerability":"VCID-pfwk-5yzr-bbda"},{"vulnerability":"VCID-qbq6-7kz5-4ke6"},{"vulnerability":"VCID-r1a7-5st1-xbd1"},{"vulnerability":"VCID-rzy9-8yd5-w3cn"},{"vulnerability":"VCID-saj6-vrkq-e7h9"},{"vulnerability":"VCID-stvh-2q2x-4ffd"},{"vulnerability":"VCID-tf2g-8nbr-z3d8"},{"vulnerability":"VCID-tsyg-wngz-9fdt"},{"vulnerability":"VCID-vr4z-3xqz-v7ek"},{"vulnerability":"VCID-vr8u-frs8-4qcn"},{"vulnerability":"VCID-w2vg-8ef4-2ugq"},{"vulnerability":"VCID-wwwc-e7w5-q3aa"},{"vulnerability":"VCID-yaf8-9qwm-5ug3"},{"vulnerability":"VCID-z15c-9mdw-w7g8"},{"vulnerability":"VCID-z48f-d4p1-7qbe"},{"vulnerability":"VCID-z5qv-zqtk-63f1"},{"vulnerability":"VCID-zhyx-btu6-kket"},{"vulnerability":"VCID-zkjp-t5xv-kfht"},{"vulnerability":"VCID-zr1u-99gx-47ed"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/suricata@1:6.0.1-3%3Fdistro=trixie"}],"references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-64331.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-64331.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-64331","reference_id":"","reference_type":"","scores":[{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24715","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24913","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24924","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24908","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-64331"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64331","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64331"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2417415","reference_id":"2417415","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2417415"},{"reference_url":"https://github.com/OISF/suricata/security/advisories/GHSA-v32w-j79x-pfj2","reference_id":"GHSA-v32w-j79x-pfj2","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-11-28T15:37:52Z/"}],"url":"https://github.com/OISF/suricata/security/advisories/GHSA-v32w-j79x-pfj2"}],"weaknesses":[{"cwe_id":121,"name":"Stack-based Buffer Overflow","description":"A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function)."}],"exploits":[],"severity_range_score":"7.5 - 7.5","exploitability":"0.5","weighted_severity":"6.8","risk_score":3.4,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tsyg-wngz-9fdt"}