Unrated severityNVD Advisory· Published Jan 13, 2014· Updated Jun 17, 2026
CVE-2013-7290
CVE-2013-7290
Description
The do_item_get function in items.c in memcached 1.4.4 and other versions before 1.4.17, when running in verbose mode, allows remote attackers to cause a denial of service (segmentation fault) via a request to delete a key, which does not account for the lack of a null terminator in the key and triggers a buffer over-read when printing to stderr, a different vulnerability than CVE-2013-0179.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
18cpe:2.3:a:memcached:memcached:1.4.10:*:*:*:*:*:*:*+ 13 more
- cpe:2.3:a:memcached:memcached:1.4.10:*:*:*:*:*:*:*
- cpe:2.3:a:memcached:memcached:1.4.11:*:*:*:*:*:*:*
- cpe:2.3:a:memcached:memcached:1.4.12:*:*:*:*:*:*:*
- cpe:2.3:a:memcached:memcached:1.4.13:*:*:*:*:*:*:*
- cpe:2.3:a:memcached:memcached:1.4.14:*:*:*:*:*:*:*
- cpe:2.3:a:memcached:memcached:1.4.15:*:*:*:*:*:*:*
- cpe:2.3:a:memcached:memcached:1.4.16:*:*:*:*:*:*:*
- cpe:2.3:a:memcached:memcached:1.4.4:*:*:*:*:*:*:*
- cpe:2.3:a:memcached:memcached:1.4.5:*:*:*:*:*:*:*
- cpe:2.3:a:memcached:memcached:1.4.6:*:*:*:*:*:*:*
- cpe:2.3:a:memcached:memcached:1.4.7:*:*:*:*:*:*:*
- cpe:2.3:a:memcached:memcached:1.4.8:*:*:*:*:*:*:*
- cpe:2.3:a:memcached:memcached:1.4.9:*:*:*:*:*:*:*
- (no CPE)range: <1.4.17
- osv-coords4 versionspkg:rpm/opensuse/memcached&distro=openSUSE%20Tumbleweedpkg:rpm/suse/memcached&distro=SUSE%20Enterprise%20Storage%204pkg:rpm/suse/memcached&distro=SUSE%20OpenStack%20Cloud%206pkg:rpm/suse/memcached&distro=SUSE%20OpenStack%20Cloud%207
< 1.4.33-1.1+ 3 more
- (no CPE)range: < 1.4.33-1.1
- (no CPE)range: < 1.4.39-3.3.2
- (no CPE)range: < 1.4.39-3.3.1
- (no CPE)range: < 1.4.39-3.3.2
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.