Vulnerability Database

309,587

Total vulnerabilities in the database

CVE-2025-64334

Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. In versions from 8.0.0 to before 8.0.2, compressed HTTP data can lead to unbounded memory growth during decompression. This issue has been patched in version 8.0.2. A workaround involves disabling LZMA decompression or limiting response-body-limit size.

Published: Nov 26, 2025
Updated: Nov 28, 2025
CVE: CVE-2025-64334
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.5
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWEs:

CWE-770

Affected Software
References

No affected software listed.

https://github.com/OISF/suricata/commit/00f04daa3a44928dfdd0003cb9735469272c94a1
https://github.com/OISF/suricata/security/advisories/GHSA-r5jf-v2gx-gx8w

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo