CVE-2025-64334

high

Description

Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. In versions from 8.0.0 to before 8.0.2, compressed HTTP data can lead to unbounded memory growth during decompression. This issue has been patched in version 8.0.2. A workaround involves disabling LZMA decompression or limiting response-body-limit size.

References

https://github.com/OISF/suricata/security/advisories/GHSA-r5jf-v2gx-gx8w

https://github.com/OISF/suricata/commit/00f04daa3a44928dfdd0003cb9735469272c94a1

Details

Source: Mitre, NVD

Published: 2025-11-26

Updated: 2025-11-28

Risk Information

CVSS v2

Base Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

Severity: High

CVSS v3

Base Score: 7.5

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Severity: High

EPSS

EPSS: 0.0004