Information on source package memcached

Available versions

ReleaseVersion
buster1.5.6-1.1
buster (security)1.5.6-1.1+deb10u1
bullseye1.6.9+dfsg-1
bookworm1.6.18-1
trixie1.6.23-1
sid1.6.24-1

Open issues

BugbusterbullseyebookwormtrixiesidDescription
CVE-2023-46853fixedvulnerable (no DSA)vulnerable (no DSA)fixedfixedIn Memcached before 1.6.22, an off-by-one error exists when processing ...
CVE-2023-46852fixedvulnerable (no DSA)vulnerable (no DSA)fixedfixedIn Memcached before 1.6.22, a buffer overflow exists when processing m ...
CVE-2021-37519fixedvulnerable (no DSA)fixedfixedfixedBuffer Overflow vulnerability in authfile.c memcached 1.6.9 allows att ...
CVE-2019-15026vulnerable (no DSA)fixedfixedfixedfixedmemcached 1.5.16, when UNIX sockets are used, has a stack-based buffer ...

Resolved issues

BugDescription
CVE-2022-48571memcached 1.6.7 allows a Denial of Service via multi-packet uploads in ...
CVE-2020-22570Memcached 1.6.0 before 1.6.3 allows remote attackers to cause a denial ...
CVE-2020-10931Memcached 1.6.x before 1.6.2 allows remote attackers to cause a denial ...
CVE-2019-11596In memcached before 1.5.14, a NULL pointer dereference was found in th ...
CVE-2018-1000127memcached version prior to 1.4.37 contains an Integer Overflow vulnera ...
CVE-2018-1000115Memcached version 1.5.5 contains an Insufficient Control of Network Me ...
CVE-2017-9951The try_read_command function in memcached.c in memcached before 1.4.3 ...
CVE-2016-8706An integer overflow in process_bin_sasl_auth function in Memcached, wh ...
CVE-2016-8705Multiple integer overflows in process_bin_update function in Memcached ...
CVE-2016-8704An integer overflow in the process_bin_append_prepend function in Memc ...
CVE-2013-7291memcached before 1.4.17, when running in verbose mode, allows remote a ...
CVE-2013-7290The do_item_get function in items.c in memcached 1.4.4 and other versi ...
CVE-2013-7239memcached before 1.4.17 allows remote attackers to bypass authenticati ...
CVE-2013-0179The process_bin_delete function in memcached.c in memcached 1.4.4 and ...
CVE-2011-4971Multiple integer signedness errors in the (1) process_bin_sasl_auth, ( ...
CVE-2010-1152memcached.c in memcached before 1.4.3 allows remote attackers to cause ...
CVE-2009-2415Multiple integer overflows in memcached 1.1.12 and 1.2.2 allow remote ...
CVE-2009-1494The process_stat function in Memcached 1.2.8 discloses memory-allocati ...
CVE-2009-1255The process_stat function in (1) Memcached before 1.2.8 and (2) Memcac ...

Security announcements

DSA / DLADescription
DLA-3557-1memcached - security update
DLA-1913-1memcached - security update
DSA-4218-1memcached - security update
DLA-1329-1memcached - security update
DLA-1033-1memcached - security update
DLA-701-1memcached - security update
DSA-3704-1memcached - security update
DSA-2832-1memcached - several
DSA-1853-1memcached - arbitrary code execution

Search for package or bug name: Reporting problems