CVE-2016-8704
CRITICAL9.8EPSS 14.3%memcached - security update
Published: 1/6/2017Modified: 11/19/2025
Also known as:ALPINE-CVE-2016-8704DEBIAN-CVE-2016-8704
Description
An integer overflow in the process_bin_append_prepend function in Memcached, which is responsible for processing multiple commands of Memcached binary protocol, can be abused to cause heap overflow and lead to remote code execution.
Affected packages (3)
- Alpine/memcachedfrom 0, < 1.4.33-r0
- Debian/memcachedfrom 0, < 1.4.33-1
- Debian/memcachedfrom 0, < 1.4.21-1.1+deb8u1
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | CRITICAL9.8 | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |