CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-59150

Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. Version 8.0.0's usage of the tls.subjectaltname keyword can lead to a segmentation fault when the decoded subjectaltname contains a NULL byte. This issue is fixed in version 8.0.1. To workaround this issue, disable rules using the tls.subjectaltname keyword.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 14.8%

CVSS Severity

CVSS v3 Score 7.5

References

https://forum.suricata.io/t/suricata-8-0-1-and-7-0-12-released/6018
https://github.com/OISF/suricata/commit/d590fdfe42e995fd558315f0c24f9a352e21479d
https://github.com/OISF/suricata/security/advisories/GHSA-mhv7-qfmj-m3f3
https://redmine.openinfosecfoundation.org/issues/7881

Products affected by CVE-2025-59150

Oisf » Suricata » Version: 8.0.0

cpe:2.3:a:oisf:suricata:8.0.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-59150

Products

Pricing

Contact Us