VYPR

rpm package

suse/memcached&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP3

pkg:rpm/suse/memcached&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3

Vulnerabilities (2)

  • CVE-2018-1000115HigMar 5, 2018
    affected < 1.4.39-4.6.1fixed 1.4.39-4.6.1

    Memcached version 1.5.5 contains an Insufficient Control of Network Message Volume (Network Amplification, CWE-406) vulnerability in the UDP support of the memcached server that can result in denial of service via network flood (traffic amplification of 1:50,000 has been reported

  • CVE-2017-9951HigJul 17, 2017
    affected < 1.4.39-4.3.1fixed 1.4.39-4.3.1

    The try_read_command function in memcached.c in memcached before 1.4.39 allows remote attackers to cause a denial of service (segmentation fault) via a request to add/set a key, which makes a comparison between signed and unsigned int and triggers a heap-based buffer over-read. N