rpm package
suse/memcached&distro=SUSE Linux Enterprise Server 16.0
pkg:rpm/suse/memcached&distro=SUSE%20Linux%20Enterprise%20Server%2016.0
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-47784 | Hig | 8.1 | < 1.6.38-160000.3.1 | 1.6.38-160000.3.1 | May 20, 2026 | In memcached before 1.6.42, password data for SASL password database authentication has a timing side channel because memcmp is used by sasl_server_userdb_checkpass. | |
| CVE-2026-47783 | Hig | 8.1 | < 1.6.38-160000.3.1 | 1.6.38-160000.3.1 | May 20, 2026 | In memcached before 1.6.42, username data for SASL password database authentication has a timing side channel because a loop exits as soon as a valid username is found by sasl_server_userdb_checkpass. |
- affected < 1.6.38-160000.3.1fixed 1.6.38-160000.3.1
In memcached before 1.6.42, password data for SASL password database authentication has a timing side channel because memcmp is used by sasl_server_userdb_checkpass.
- affected < 1.6.38-160000.3.1fixed 1.6.38-160000.3.1
In memcached before 1.6.42, username data for SASL password database authentication has a timing side channel because a loop exits as soon as a valid username is found by sasl_server_userdb_checkpass.