CVE-2025-64334

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Suricata versions 8.0.0 through 8.0.1

Description Suricata is a network IDS, IPS and NSM engine. Versions from 8.0.0 through 8.0.1 are susceptible to unbounded memory growth during decompression of compressed HTTP data. Disabling LZMA decompression or limiting the response-body-limit size can serve as a workaround.

Recommendations Update to version 8.0.2 or later. Disable LZMA decompression. Limit the response-body-limit size.

Exploit

Fix

Allocation of Resources Without Limits

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-770

Related Identifiers

ALT-PU-2025-14099

BDU:2025-15200

CVE-2025-64334

GHSA-R5JF-V2GX-GX8W

OPENSUSE-SU-2026:10082-1

Affected Products

Alt Linux

Debian

Suricata

CVE-2025-64334

Weakness Enumeration

Related Identifiers

Affected Products

References · 31