pkg:Debian/memcached
34 total CVEsCRITICAL4HIGH17MEDIUM1
✅ Check your installed version
All known vulnerabilities
- CRITICAL9.8CVE-2023-46853In Memcached before 1.6.22, an off-by-one error exists when processing proxy requests in proxy mode, if \n is used instead of \r\n.from 0
- CRITICAL9.8CVE-2016-8705Multiple integer overflows in process_bin_update function in Memcached, which is responsible for processing multiple commands of Memcached…from 0, < 1.4.33-1
- from 0, < 1.4.33-1
- from 0, < 1.4.21-1.1+deb8u1
- HIGH8.1CVE-2026-47784In memcached before 1.6.42, password data for SASL password database authentication has a timing side channel because memcmp is used by sas…from 0, < 1.6.9+dfsg-1+deb11u1
- HIGH8.1CVE-2026-47783In memcached before 1.6.42, username data for SASL password database authentication has a timing side channel because a loop exits as soon…from 0, < 1.6.9+dfsg-1+deb11u1
- HIGH8.1CVE-2016-8706An integer overflow in process_bin_sasl_auth function in Memcached, which is responsible for authentication commands of Memcached binary pr…from 0, < 1.4.33-1
- HIGH7.5CVE-2023-46852In Memcached before 1.6.22, a buffer overflow exists when processing multiget requests in proxy mode, if there are many spaces after the "g…from 0
- from 0, < 1.5.6-1.1+deb10u1
- from 0, < 1.6.8+dfsg-1
- HIGH7.5CVE-2020-22570Memcached 1.6.0 before 1.6.3 allows remote attackers to cause a denial of service (daemon crash) via a crafted meta command.from 0, < 1.6.3-1
- HIGH7.5CVE-2020-10931Memcached 1.6.x before 1.6.2 allows remote attackers to cause a denial of service (daemon crash) via a crafted binary protocol header to tr…from 0, < 1.6.2-1
- from 0, < 1.5.17-1
- from 0, < 1.4.21-1.1+deb8u3
- HIGH7.5CVE-2019-11596In memcached before 1.5.14, a NULL pointer dereference was found in the "lru mode" and "lru temp_ttl" commands.from 0, < 1.5.6-1.1
- from 0, < 1.5.0-1
- from 0, < 1.4.13-0.2+deb7u4
- HIGH7.5CVE-2018-1000115Memcached version 1.5.5 contains an Insufficient Control of Network Message Volume (Network Amplification, CWE-406) vulnerability in the UD…from 0, < 1.5.6-1
- from 0, < 1.4.21-1.1+deb8u2
- from 0, < 1.5.0-1
- from 0, < 1.4.13-0.2+deb7u3
- MEDIUM5.5CVE-2021-37519Buffer Overflow vulnerability in authfile.c memcached 1.6.9 allows attackers to cause a denial of service via crafted authenticattion file.from 0
- from 0, < 1.4.20-1
- from 0, < 1.4.13-0.2+deb7u2
- —CVE-2013-7290The do_item_get function in items.c in memcached 1.4.4 and other versions before 1.4.17, when running in verbose mode, allows remote attack…from 0, < 1.4.13-0.2
- —CVE-2013-7239memcached before 1.4.17 allows remote attackers to bypass authentication by sending an invalid request with SASL credentials, then sending…from 0, < 1.4.13-0.3
- —CVE-2013-0179The process_bin_delete function in memcached.c in memcached 1.4.4 and other versions before 1.4.17, when running in verbose mode, allows re…from 0, < 1.4.13-0.2
- from 0, < 1.4.13-0.3
- from 0, < 1.4.5-1+deb6u1
- —CVE-2010-1152memcached.c in memcached before 1.4.3 allows remote attackers to cause a denial of service (daemon hang or crash) via a long line that trig…from 0, < 1.4.5-1
- from 0, < 1.1.12-1+etch1
- from 0, < 1.4.1-1
- —CVE-2009-1494The process_stat function in Memcached 1.2.8 discloses memory-allocation statistics in response to a stats malloc command, which allows rem…from 0, < 1.2.8-1
- —CVE-2009-1255The process_stat function in (1) Memcached before 1.2.8 and (2) MemcacheDB 1.2.0 discloses (a) the contents of /proc/self/maps in response…from 0, < 1.2.8-1