Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-46852

In Memcached before 1.6.22, a buffer overflow exists when processing multiget requests in proxy mode, if there are many spaces after the "get" substring.

Published

2023-10-27T20:15:09.133

Last Modified

2024-11-21T08:29:25.717

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.5 (HIGH)

Weaknesses

Type: Primary
CWE-120

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	memcached	memcached	< 1.6.22	Yes

References

https://github.com/memcached/memcached/commit/76a6c363c18cfe7b6a1524ae64202ac9db330767 Patch ([email protected])
https://github.com/memcached/memcached/compare/1.6.21...1.6.22 Release Notes ([email protected])
https://github.com/memcached/memcached/commit/76a6c363c18cfe7b6a1524ae64202ac9db330767 Patch (af854a3a-2127-422b-91ae-364da2661108)
https://github.com/memcached/memcached/compare/1.6.21...1.6.22 Release Notes (af854a3a-2127-422b-91ae-364da2661108)