Search CVE reports
1 – 10 of 26 results
CVE-2023-46853
Medium priorityIn Memcached before 1.6.22, an off-by-one error exists when processing proxy requests in proxy mode, if \n is used instead of \r\n.
1 affected packages
memcached
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| memcached | Not affected | Fixed | Not affected | Not affected | Not affected |
CVE-2023-46852
Medium priorityIn Memcached before 1.6.22, a buffer overflow exists when processing multiget requests in proxy mode, if there are many spaces after the "get" substring.
1 affected packages
memcached
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| memcached | Not affected | Fixed | Not affected | Not affected | Not affected |
CVE-2022-48571
Medium prioritymemcached 1.6.7 allows a Denial of Service via multi-packet uploads in UDP.
1 affected packages
memcached
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| memcached | — | Not affected | Fixed | Fixed | Fixed |
CVE-2020-22570
Medium priorityMemcached 1.6.0 before 1.6.3 allows remote attackers to cause a denial of service (daemon crash) via a crafted meta command.
1 affected packages
memcached
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| memcached | — | Not affected | Not affected | Not affected | Not affected |
CVE-2021-45985
Medium priorityIn Lua 5.4.3, an erroneous finalizer called during a tail call leads to a heap-based buffer over-read.
9 affected packages
darktable, lua5.1, lua5.2, lua5.3, lua5.4...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| darktable | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| lua5.1 | Not affected | Not affected | Not affected | Not affected | Not affected |
| lua5.2 | Not affected | Not affected | Not affected | Not affected | Not affected |
| lua5.3 | Not affected | Not affected | Not affected | Not affected | Not affected |
| lua5.4 | Not affected | Not affected | Not in release | Not in release | Not in release |
| lua50 | Not in release | Not in release | Not affected | Not affected | Not affected |
| memcached | Not affected | Not affected | Not affected | Not affected | Not affected |
| tup | Needs evaluation | Needs evaluation | Needs evaluation | Not in release | Ignored |
| vifm | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2023-27478
Medium prioritylibmemcached-awesome is an open source C/C++ client library and tools for the memcached server. `libmemcached` could return data for a previously requested key, if that previous request timed out due to a low `POLL_TIMEOUT`. This...
1 affected packages
libmemcached
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libmemcached | — | Not affected | Not affected | Not affected | Not affected |
CVE-2021-37519
Low priorityBuffer Overflow vulnerability in authfile.c memcached 1.6.9 allows attackers to cause a denial of service via crafted authenticattion file.
1 affected packages
memcached
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| memcached | Not affected | Not affected | Vulnerable | Not affected | Not affected |
CVE-2022-26635
Medium priority** DISPUTED ** PHP-Memcached v2.2.0 and below contains an improper NULL termination which allows attackers to execute CLRF injection. Note: Third parties have disputed this as not affecting PHP-Memcached directly.
1 affected packages
php-memcached
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| php-memcached | — | Not affected | Not affected | Not affected | Not affected |
CVE-2020-10931
Medium priorityMemcached 1.6.x before 1.6.2 allows remote attackers to cause a denial of service (daemon crash) via a crafted binary protocol header to try_read_command_binary in memcached.c.
1 affected packages
memcached
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| memcached | — | — | — | Not affected | Not affected |
CVE-2019-15026
Medium prioritymemcached 1.5.16, when UNIX sockets are used, has a stack-based buffer over-read in conn_to_str in memcached.c.
1 affected packages
memcached
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| memcached | — | — | — | Fixed | Fixed |