VYPR

Tarantool

by Tarantool

Source repositories

CVEs (3)

  • CVE-2016-9037HigDec 23, 2016
    risk 0.49cvss 7.5epss 0.04

    An exploitable out-of-bounds array access vulnerability exists in the xrow_header_decode function of Tarantool 1.7.2.0-g8e92715. A specially crafted packet can cause the function to access an element outside the bounds of a global array that is used to determine the type of the…

  • CVE-2016-9036HigDec 23, 2016
    risk 0.49cvss 7.5epss 0.03

    An exploitable incorrect return value vulnerability exists in the mp_check function of Tarantool's Msgpuck library 1.0.3. A specially crafted packet can cause the mp_check function to incorrectly return success when trying to check if decoding a map16 packet will read outside…

  • CVE-2025-6536LowJun 24, 2025
    risk 0.21cvss 3.3epss 0.00

    A vulnerability has been found in Tarantool up to 3.3.1 and classified as problematic. Affected by this vulnerability is the function tm_to_datetime in the library src/lib/core/datetime.c. The manipulation leads to reachable assertion. Attacking locally is a requirement. The…