Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/116111?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/116111?format=api", "purl": "pkg:deb/debian/memcached@1.6.38-1?distro=trixie", "type": "deb", "namespace": "debian", "name": "memcached", "version": "1.6.38-1", "qualifiers": { "distro": "trixie" }, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "1.6.42-1", "latest_non_vulnerable_version": "1.6.42-1", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59958?format=api", "vulnerability_id": "VCID-6qez-zqnx-zbgk", "summary": "memcached: memcached: Username enumeration via timing side channel", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-47783.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-47783.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-47783", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24804", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24815", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-47783" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-47783", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-47783" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1137214", "reference_id": "1137214", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1137214" }, { "reference_url": "https://github.com/memcached/memcached/compare/1.6.41...1.6.42", "reference_id": "1.6.41...1.6.42", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T12:49:50Z/" } ], "url": "https://github.com/memcached/memcached/compare/1.6.41...1.6.42" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480089", "reference_id": "2480089", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480089" }, { "reference_url": "https://github.com/memcached/memcached/commit/d13f282b4bce33a9c33b8a1bbf07f12114160fed", "reference_id": "d13f282b4bce33a9c33b8a1bbf07f12114160fed", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T12:49:50Z/" } ], "url": "https://github.com/memcached/memcached/commit/d13f282b4bce33a9c33b8a1bbf07f12114160fed" }, { "reference_url": "https://github.com/memcached/memcached/wiki/ReleaseNotes1642", "reference_id": "ReleaseNotes1642", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T12:49:50Z/" } ], "url": "https://github.com/memcached/memcached/wiki/ReleaseNotes1642" }, { "reference_url": "https://usn.ubuntu.com/8320-1/", "reference_id": "USN-8320-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8320-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/116110?format=api", "purl": "pkg:deb/debian/memcached@1.6.42-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.42-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-47783" ], "risk_score": 3.6, "exploitability": "0.5", "weighted_severity": "7.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6qez-zqnx-zbgk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59956?format=api", "vulnerability_id": "VCID-n18q-v773-hkhx", "summary": "memcached: Memcached: Information disclosure via timing side channel", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-47784.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-47784.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-47784", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24804", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24815", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-47784" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-47784", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-47784" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1137214", "reference_id": "1137214", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1137214" }, { "reference_url": "https://github.com/memcached/memcached/compare/1.6.41...1.6.42", "reference_id": "1.6.41...1.6.42", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T12:20:56Z/" } ], "url": "https://github.com/memcached/memcached/compare/1.6.41...1.6.42" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480088", "reference_id": "2480088", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480088" }, { "reference_url": "https://github.com/memcached/memcached/commit/d13f282b4bce33a9c33b8a1bbf07f12114160fed", "reference_id": "d13f282b4bce33a9c33b8a1bbf07f12114160fed", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T12:20:56Z/" } ], "url": "https://github.com/memcached/memcached/commit/d13f282b4bce33a9c33b8a1bbf07f12114160fed" }, { "reference_url": "https://github.com/memcached/memcached/wiki/ReleaseNotes1642", "reference_id": "ReleaseNotes1642", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T12:20:56Z/" } ], "url": "https://github.com/memcached/memcached/wiki/ReleaseNotes1642" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:23261", "reference_id": "RHSA-2026:23261", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:23261" }, { "reference_url": "https://usn.ubuntu.com/8320-1/", "reference_id": "USN-8320-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8320-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/116110?format=api", "purl": "pkg:deb/debian/memcached@1.6.42-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.42-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-47784" ], "risk_score": 3.6, "exploitability": "0.5", "weighted_severity": "7.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n18q-v773-hkhx" } ], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6098?format=api", "vulnerability_id": "VCID-43ss-8nbc-j7au", "summary": "insufficient validation", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000115.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000115.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1000115", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.86753", "scoring_system": "epss", "scoring_elements": "0.99442", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.86753", "scoring_system": "epss", "scoring_elements": "0.99443", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1000115" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9951", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9951" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000115", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000115" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000127", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000127" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1551182", "reference_id": "1551182", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1551182" }, { "reference_url": "https://security.archlinux.org/AVG-941", "reference_id": "AVG-941", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-941" }, { "reference_url": "https://github.com/649/Memcrashed-DDoS-Exploit/tree/3422efc009a43451281d165e8b9979189c405ff1", "reference_id": "CVE-2018-1000115", "reference_type": "exploit", "scores": [], "url": "https://github.com/649/Memcrashed-DDoS-Exploit/tree/3422efc009a43451281d165e8b9979189c405ff1" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/44264.c", "reference_id": "CVE-2018-1000115", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/44264.c" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/44265.py", "reference_id": "CVE-2018-1000115", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/44265.py" }, { "reference_url": "https://pastebin.com/raw/ZiUeinae", "reference_id": "CVE-2018-1000115", "reference_type": "exploit", "scores": [], "url": "https://pastebin.com/raw/ZiUeinae" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2331", "reference_id": "RHSA-2018:2331", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2331" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2857", "reference_id": "RHSA-2018:2857", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2857" }, { "reference_url": "https://usn.ubuntu.com/3588-1/", "reference_id": "USN-3588-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3588-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/116120?format=api", "purl": "pkg:deb/debian/memcached@1.5.6-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.5.6-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/116109?format=api", "purl": "pkg:deb/debian/memcached@1.6.9%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-n5nc-37hj-c3ca" }, { "vulnerability": "VCID-s9uj-hzs8-sqgx" }, { "vulnerability": "VCID-tvsg-fq3c-7ub6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.9%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/116107?format=api", "purl": "pkg:deb/debian/memcached@1.6.18-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6qez-zqnx-zbgk" }, { "vulnerability": "VCID-n18q-v773-hkhx" }, { "vulnerability": "VCID-n5nc-37hj-c3ca" }, { "vulnerability": "VCID-s9uj-hzs8-sqgx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.18-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/116111?format=api", "purl": "pkg:deb/debian/memcached@1.6.38-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6qez-zqnx-zbgk" }, { "vulnerability": "VCID-n18q-v773-hkhx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.38-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/116110?format=api", "purl": "pkg:deb/debian/memcached@1.6.42-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.42-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-1000115" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-43ss-8nbc-j7au" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4783?format=api", "vulnerability_id": "VCID-473t-pehe-4uam", "summary": "arbitrary code execution", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8704.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8704.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8704", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.14336", "scoring_system": "epss", "scoring_elements": "0.94535", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.14336", "scoring_system": "epss", "scoring_elements": "0.94543", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.14336", "scoring_system": "epss", "scoring_elements": "0.94545", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8704" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8704", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8704" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8705", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8705" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8706", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8706" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1390510", "reference_id": "1390510", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1390510" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=842811", "reference_id": "842811", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=842811" }, { "reference_url": "https://security.archlinux.org/ASA-201611-1", "reference_id": "ASA-201611-1", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-1" }, { "reference_url": "https://security.archlinux.org/AVG-55", "reference_id": "AVG-55", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-55" }, { "reference_url": "https://security.gentoo.org/glsa/201701-12", "reference_id": "GLSA-201701-12", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-12" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2819", "reference_id": "RHSA-2016:2819", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2819" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2820", "reference_id": "RHSA-2016:2820", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2820" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0059", "reference_id": "RHSA-2017:0059", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0059" }, { "reference_url": "https://usn.ubuntu.com/3120-1/", "reference_id": "USN-3120-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3120-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/116118?format=api", "purl": "pkg:deb/debian/memcached@1.4.33-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.4.33-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/116109?format=api", "purl": "pkg:deb/debian/memcached@1.6.9%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-n5nc-37hj-c3ca" }, { "vulnerability": "VCID-s9uj-hzs8-sqgx" }, { "vulnerability": "VCID-tvsg-fq3c-7ub6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.9%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/116107?format=api", "purl": "pkg:deb/debian/memcached@1.6.18-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6qez-zqnx-zbgk" }, { "vulnerability": "VCID-n18q-v773-hkhx" }, { "vulnerability": "VCID-n5nc-37hj-c3ca" }, { "vulnerability": "VCID-s9uj-hzs8-sqgx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.18-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/116111?format=api", "purl": "pkg:deb/debian/memcached@1.6.38-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6qez-zqnx-zbgk" }, { "vulnerability": "VCID-n18q-v773-hkhx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.38-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/116110?format=api", "purl": "pkg:deb/debian/memcached@1.6.42-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.42-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-8704" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-473t-pehe-4uam" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/93116?format=api", "vulnerability_id": "VCID-4auv-4ek2-zqem", "summary": "memcached version prior to 1.4.37 contains an Integer Overflow vulnerability in items.c:item_free() that can result in data corruption and deadlocks due to items existing in hash table being reused from free list. This attack appear to be exploitable via network connectivity to the memcached service. This vulnerability appears to have been fixed in 1.4.37 and later.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000127.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000127.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1000127", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01002", "scoring_system": "epss", "scoring_elements": "0.77361", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01002", "scoring_system": "epss", "scoring_elements": "0.77389", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.01002", "scoring_system": "epss", "scoring_elements": "0.77399", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1000127" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9951", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9951" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000115", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000115" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000127", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000127" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1555064", "reference_id": "1555064", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1555064" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=894404", "reference_id": "894404", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=894404" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2290", "reference_id": "RHSA-2018:2290", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2290" }, { "reference_url": "https://usn.ubuntu.com/3601-1/", "reference_id": "USN-3601-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3601-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/116119?format=api", "purl": "pkg:deb/debian/memcached@1.5.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.5.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/116109?format=api", "purl": "pkg:deb/debian/memcached@1.6.9%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-n5nc-37hj-c3ca" }, { "vulnerability": "VCID-s9uj-hzs8-sqgx" }, { "vulnerability": "VCID-tvsg-fq3c-7ub6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.9%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/116107?format=api", "purl": "pkg:deb/debian/memcached@1.6.18-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6qez-zqnx-zbgk" }, { "vulnerability": "VCID-n18q-v773-hkhx" }, { "vulnerability": "VCID-n5nc-37hj-c3ca" }, { "vulnerability": "VCID-s9uj-hzs8-sqgx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.18-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/116111?format=api", "purl": "pkg:deb/debian/memcached@1.6.38-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6qez-zqnx-zbgk" }, { "vulnerability": "VCID-n18q-v773-hkhx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.38-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/116110?format=api", "purl": "pkg:deb/debian/memcached@1.6.42-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.42-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-1000127" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4auv-4ek2-zqem" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/93118?format=api", "vulnerability_id": "VCID-5qbx-k2hw-n7br", "summary": "memcached 1.5.16, when UNIX sockets are used, has a stack-based buffer over-read in conn_to_str in memcached.c.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-15026.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-15026.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-15026", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00927", "scoring_system": "epss", "scoring_elements": "0.76449", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00927", "scoring_system": "epss", "scoring_elements": "0.76478", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00927", "scoring_system": "epss", "scoring_elements": "0.76485", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-15026" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15026", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15026" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1753862", "reference_id": "1753862", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1753862" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=939337", "reference_id": "939337", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=939337" }, { "reference_url": "https://usn.ubuntu.com/4125-1/", "reference_id": "USN-4125-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4125-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/116122?format=api", "purl": "pkg:deb/debian/memcached@1.5.17-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.5.17-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/116109?format=api", "purl": "pkg:deb/debian/memcached@1.6.9%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-n5nc-37hj-c3ca" }, { "vulnerability": "VCID-s9uj-hzs8-sqgx" }, { "vulnerability": "VCID-tvsg-fq3c-7ub6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.9%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/116107?format=api", "purl": "pkg:deb/debian/memcached@1.6.18-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6qez-zqnx-zbgk" }, { "vulnerability": "VCID-n18q-v773-hkhx" }, { "vulnerability": "VCID-n5nc-37hj-c3ca" }, { "vulnerability": "VCID-s9uj-hzs8-sqgx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.18-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/116111?format=api", "purl": "pkg:deb/debian/memcached@1.6.38-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6qez-zqnx-zbgk" }, { "vulnerability": "VCID-n18q-v773-hkhx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.38-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/116110?format=api", "purl": "pkg:deb/debian/memcached@1.6.42-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.42-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-15026" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5qbx-k2hw-n7br" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/93120?format=api", "vulnerability_id": "VCID-698k-eynt-4uds", "summary": "Memcached 1.6.0 before 1.6.3 allows remote attackers to cause a denial of service (daemon crash) via a crafted meta command.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-22570.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-22570.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-22570", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02068", "scoring_system": "epss", "scoring_elements": "0.8425", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.02068", "scoring_system": "epss", "scoring_elements": "0.84273", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.02068", "scoring_system": "epss", "scoring_elements": "0.84276", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-22570" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-22570", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-22570" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2234997", "reference_id": "2234997", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2234997" }, { "reference_url": "https://github.com/memcached/memcached/issues/636", "reference_id": "636", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T18:05:22Z/" } ], "url": "https://github.com/memcached/memcached/issues/636" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/116124?format=api", "purl": "pkg:deb/debian/memcached@1.6.3-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.3-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/116109?format=api", "purl": "pkg:deb/debian/memcached@1.6.9%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-n5nc-37hj-c3ca" }, { "vulnerability": "VCID-s9uj-hzs8-sqgx" }, { "vulnerability": "VCID-tvsg-fq3c-7ub6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.9%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/116107?format=api", "purl": "pkg:deb/debian/memcached@1.6.18-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6qez-zqnx-zbgk" }, { "vulnerability": "VCID-n18q-v773-hkhx" }, { "vulnerability": "VCID-n5nc-37hj-c3ca" }, { "vulnerability": "VCID-s9uj-hzs8-sqgx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.18-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/116111?format=api", "purl": "pkg:deb/debian/memcached@1.6.38-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6qez-zqnx-zbgk" }, { "vulnerability": "VCID-n18q-v773-hkhx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.38-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/116110?format=api", "purl": "pkg:deb/debian/memcached@1.6.42-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.42-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-22570" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-698k-eynt-4uds" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/93119?format=api", "vulnerability_id": "VCID-7c4g-kzsn-dyap", "summary": "Memcached 1.6.x before 1.6.2 allows remote attackers to cause a denial of service (daemon crash) via a crafted binary protocol header to try_read_command_binary in memcached.c.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10931.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10931.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-10931", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.15431", "scoring_system": "epss", "scoring_elements": "0.9478", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.15431", "scoring_system": "epss", "scoring_elements": "0.94789", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.15431", "scoring_system": "epss", "scoring_elements": "0.9479", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-10931" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10931", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10931" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816630", "reference_id": "1816630", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816630" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954808", "reference_id": "954808", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954808" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/116123?format=api", "purl": "pkg:deb/debian/memcached@1.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/116109?format=api", "purl": "pkg:deb/debian/memcached@1.6.9%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-n5nc-37hj-c3ca" }, { "vulnerability": "VCID-s9uj-hzs8-sqgx" }, { "vulnerability": "VCID-tvsg-fq3c-7ub6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.9%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/116107?format=api", "purl": "pkg:deb/debian/memcached@1.6.18-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6qez-zqnx-zbgk" }, { "vulnerability": "VCID-n18q-v773-hkhx" }, { "vulnerability": "VCID-n5nc-37hj-c3ca" }, { "vulnerability": "VCID-s9uj-hzs8-sqgx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.18-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/116111?format=api", "purl": "pkg:deb/debian/memcached@1.6.38-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6qez-zqnx-zbgk" }, { "vulnerability": "VCID-n18q-v773-hkhx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.38-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/116110?format=api", "purl": "pkg:deb/debian/memcached@1.6.42-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.42-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-10931" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7c4g-kzsn-dyap" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/93106?format=api", "vulnerability_id": "VCID-7t5g-q92j-zycy", "summary": "The process_stat function in (1) Memcached before 1.2.8 and (2) MemcacheDB 1.2.0 discloses (a) the contents of /proc/self/maps in response to a stats maps command and (b) memory-allocation statistics in response to a stats malloc command, which allows remote attackers to obtain sensitive information such as the locations of memory regions, and defeat ASLR protection, by sending a command to the daemon's TCP port.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1255.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1255.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-1255", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02078", "scoring_system": "epss", "scoring_elements": "0.84287", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.02078", "scoring_system": "epss", "scoring_elements": "0.84311", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.02078", "scoring_system": "epss", "scoring_elements": "0.84313", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-1255" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1255", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1255" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=498271", "reference_id": "498271", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=498271" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/116108?format=api", "purl": "pkg:deb/debian/memcached@1.2.8-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.2.8-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/116109?format=api", "purl": "pkg:deb/debian/memcached@1.6.9%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-n5nc-37hj-c3ca" }, { "vulnerability": "VCID-s9uj-hzs8-sqgx" }, { "vulnerability": "VCID-tvsg-fq3c-7ub6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.9%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/116107?format=api", "purl": "pkg:deb/debian/memcached@1.6.18-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6qez-zqnx-zbgk" }, { "vulnerability": "VCID-n18q-v773-hkhx" }, { "vulnerability": "VCID-n5nc-37hj-c3ca" }, { "vulnerability": "VCID-s9uj-hzs8-sqgx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.18-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/116111?format=api", "purl": "pkg:deb/debian/memcached@1.6.38-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6qez-zqnx-zbgk" }, { "vulnerability": "VCID-n18q-v773-hkhx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.38-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/116110?format=api", "purl": "pkg:deb/debian/memcached@1.6.42-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.42-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2009-1255" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7t5g-q92j-zycy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/93113?format=api", "vulnerability_id": "VCID-cm45-8gft-jqhd", "summary": "The do_item_get function in items.c in memcached 1.4.4 and other versions before 1.4.17, when running in verbose mode, allows remote attackers to cause a denial of service (segmentation fault) via a request to delete a key, which does not account for the lack of a null terminator in the key and triggers a buffer over-read when printing to stderr, a different vulnerability than CVE-2013-0179.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-7290.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-7290.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-7290", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00207", "scoring_system": "epss", "scoring_elements": "0.43056", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00207", "scoring_system": "epss", "scoring_elements": "0.43129", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00207", "scoring_system": "epss", "scoring_elements": "0.43138", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-7290" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7290", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7290" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1052863", "reference_id": "1052863", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1052863" }, { "reference_url": "https://security.gentoo.org/glsa/201406-13", "reference_id": "GLSA-201406-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201406-13" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/116116?format=api", "purl": "pkg:deb/debian/memcached@1.4.13-0.2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.4.13-0.2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/116109?format=api", "purl": "pkg:deb/debian/memcached@1.6.9%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-n5nc-37hj-c3ca" }, { "vulnerability": "VCID-s9uj-hzs8-sqgx" }, { "vulnerability": "VCID-tvsg-fq3c-7ub6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.9%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/116107?format=api", "purl": "pkg:deb/debian/memcached@1.6.18-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6qez-zqnx-zbgk" }, { "vulnerability": "VCID-n18q-v773-hkhx" }, { "vulnerability": "VCID-n5nc-37hj-c3ca" }, { "vulnerability": "VCID-s9uj-hzs8-sqgx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.18-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/116111?format=api", "purl": "pkg:deb/debian/memcached@1.6.38-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6qez-zqnx-zbgk" }, { "vulnerability": "VCID-n18q-v773-hkhx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.38-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/116110?format=api", "purl": "pkg:deb/debian/memcached@1.6.42-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.42-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2013-7290" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cm45-8gft-jqhd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/93122?format=api", "vulnerability_id": "VCID-cpe7-qj2p-jfbk", "summary": "memcached 1.6.7 allows a Denial of Service via multi-packet uploads in UDP.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48571.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48571.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-48571", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0006", "scoring_system": "epss", "scoring_elements": "0.18909", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.0006", "scoring_system": "epss", "scoring_elements": "0.18984", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-48571" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48571", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48571" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2235661", "reference_id": "2235661", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2235661" }, { "reference_url": "https://usn.ubuntu.com/6382-1/", "reference_id": "USN-6382-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6382-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/116126?format=api", "purl": "pkg:deb/debian/memcached@1.6.8%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.8%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/116109?format=api", "purl": "pkg:deb/debian/memcached@1.6.9%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-n5nc-37hj-c3ca" }, { "vulnerability": "VCID-s9uj-hzs8-sqgx" }, { "vulnerability": "VCID-tvsg-fq3c-7ub6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.9%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/116107?format=api", "purl": "pkg:deb/debian/memcached@1.6.18-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6qez-zqnx-zbgk" }, { "vulnerability": "VCID-n18q-v773-hkhx" }, { "vulnerability": "VCID-n5nc-37hj-c3ca" }, { "vulnerability": "VCID-s9uj-hzs8-sqgx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.18-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/116111?format=api", "purl": "pkg:deb/debian/memcached@1.6.38-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6qez-zqnx-zbgk" }, { "vulnerability": "VCID-n18q-v773-hkhx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.38-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/116110?format=api", "purl": "pkg:deb/debian/memcached@1.6.42-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.42-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-48571" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cpe7-qj2p-jfbk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/93108?format=api", "vulnerability_id": "VCID-d17x-z4pz-8bgq", "summary": "Multiple integer overflows in memcached 1.1.12 and 1.2.2 allow remote attackers to execute arbitrary code via vectors involving length attributes that trigger heap-based buffer overflows.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2415.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2415.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-2415", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.12077", "scoring_system": "epss", "scoring_elements": "0.93923", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.12077", "scoring_system": "epss", "scoring_elements": "0.93932", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.12077", "scoring_system": "epss", "scoring_elements": "0.93931", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-2415" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2415", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2415" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=516489", "reference_id": "516489", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=516489" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=540379", "reference_id": "540379", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=540379" }, { "reference_url": "https://security.gentoo.org/glsa/201406-13", "reference_id": "GLSA-201406-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201406-13" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/116112?format=api", "purl": "pkg:deb/debian/memcached@1.4.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.4.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/116109?format=api", "purl": "pkg:deb/debian/memcached@1.6.9%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-n5nc-37hj-c3ca" }, { "vulnerability": "VCID-s9uj-hzs8-sqgx" }, { "vulnerability": "VCID-tvsg-fq3c-7ub6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.9%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/116107?format=api", "purl": "pkg:deb/debian/memcached@1.6.18-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6qez-zqnx-zbgk" }, { "vulnerability": "VCID-n18q-v773-hkhx" }, { "vulnerability": "VCID-n5nc-37hj-c3ca" }, { "vulnerability": "VCID-s9uj-hzs8-sqgx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.18-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/116111?format=api", "purl": "pkg:deb/debian/memcached@1.6.38-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6qez-zqnx-zbgk" }, { "vulnerability": "VCID-n18q-v773-hkhx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.38-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/116110?format=api", "purl": "pkg:deb/debian/memcached@1.6.42-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.42-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2009-2415" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d17x-z4pz-8bgq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4782?format=api", "vulnerability_id": "VCID-dzaf-56cq-uka2", "summary": "arbitrary code execution", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8705.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8705.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8705", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.12618", "scoring_system": "epss", "scoring_elements": "0.94101", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.12618", "scoring_system": "epss", "scoring_elements": "0.94093", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.12618", "scoring_system": "epss", "scoring_elements": "0.941", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8705" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8704", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8704" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8705", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8705" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8706", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8706" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "9.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1390511", "reference_id": "1390511", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1390511" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=842812", "reference_id": "842812", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=842812" }, { "reference_url": "https://security.archlinux.org/ASA-201611-1", "reference_id": "ASA-201611-1", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-1" }, { "reference_url": "https://security.archlinux.org/AVG-55", "reference_id": "AVG-55", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-55" }, { "reference_url": "https://security.gentoo.org/glsa/201701-12", "reference_id": "GLSA-201701-12", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-12" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2819", "reference_id": "RHSA-2016:2819", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2819" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2820", "reference_id": "RHSA-2016:2820", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2820" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0059", "reference_id": "RHSA-2017:0059", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0059" }, { "reference_url": "https://usn.ubuntu.com/3120-1/", "reference_id": "USN-3120-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3120-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/116118?format=api", "purl": "pkg:deb/debian/memcached@1.4.33-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.4.33-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/116109?format=api", "purl": "pkg:deb/debian/memcached@1.6.9%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-n5nc-37hj-c3ca" }, { "vulnerability": "VCID-s9uj-hzs8-sqgx" }, { "vulnerability": "VCID-tvsg-fq3c-7ub6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.9%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/116107?format=api", "purl": "pkg:deb/debian/memcached@1.6.18-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6qez-zqnx-zbgk" }, { "vulnerability": "VCID-n18q-v773-hkhx" }, { "vulnerability": "VCID-n5nc-37hj-c3ca" }, { "vulnerability": "VCID-s9uj-hzs8-sqgx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.18-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/116111?format=api", "purl": "pkg:deb/debian/memcached@1.6.38-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6qez-zqnx-zbgk" }, { "vulnerability": "VCID-n18q-v773-hkhx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.38-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/116110?format=api", "purl": "pkg:deb/debian/memcached@1.6.42-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.42-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-8705" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dzaf-56cq-uka2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/93112?format=api", "vulnerability_id": "VCID-hsuj-2gvt-9bc1", "summary": "memcached before 1.4.17 allows remote attackers to bypass authentication by sending an invalid request with SASL credentials, then sending another request with incorrect SASL credentials.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-7239.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-7239.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-7239", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00299", "scoring_system": "epss", "scoring_elements": "0.5351", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00299", "scoring_system": "epss", "scoring_elements": "0.5357", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00299", "scoring_system": "epss", "scoring_elements": "0.53578", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-7239" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4971", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4971" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7239", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7239" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1047299", "reference_id": "1047299", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1047299" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=733643", "reference_id": "733643", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=733643" }, { "reference_url": "https://security.gentoo.org/glsa/201406-13", "reference_id": "GLSA-201406-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201406-13" }, { "reference_url": "https://usn.ubuntu.com/2080-1/", "reference_id": "USN-2080-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2080-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/116115?format=api", "purl": "pkg:deb/debian/memcached@1.4.13-0.3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.4.13-0.3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/116109?format=api", "purl": "pkg:deb/debian/memcached@1.6.9%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-n5nc-37hj-c3ca" }, { "vulnerability": "VCID-s9uj-hzs8-sqgx" }, { "vulnerability": "VCID-tvsg-fq3c-7ub6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.9%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/116107?format=api", "purl": "pkg:deb/debian/memcached@1.6.18-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6qez-zqnx-zbgk" }, { "vulnerability": "VCID-n18q-v773-hkhx" }, { "vulnerability": "VCID-n5nc-37hj-c3ca" }, { "vulnerability": "VCID-s9uj-hzs8-sqgx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.18-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/116111?format=api", "purl": "pkg:deb/debian/memcached@1.6.38-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6qez-zqnx-zbgk" }, { "vulnerability": "VCID-n18q-v773-hkhx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.38-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/116110?format=api", "purl": "pkg:deb/debian/memcached@1.6.42-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.42-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2013-7239" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hsuj-2gvt-9bc1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/93117?format=api", "vulnerability_id": "VCID-khju-ysa6-qugz", "summary": "In memcached before 1.5.14, a NULL pointer dereference was found in the \"lru mode\" and \"lru temp_ttl\" commands. This causes a denial of service when parsing crafted lru command messages in process_lru_command in memcached.c.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11596.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11596.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11596", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01552", "scoring_system": "epss", "scoring_elements": "0.81757", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01552", "scoring_system": "epss", "scoring_elements": "0.81792", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11596" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11596", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11596" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1706001", "reference_id": "1706001", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1706001" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=928205", "reference_id": "928205", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=928205" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1576", "reference_id": "RHSA-2020:1576", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1576" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:5583", "reference_id": "RHSA-2020:5583", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:5583" }, { "reference_url": "https://usn.ubuntu.com/3963-1/", "reference_id": "USN-3963-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3963-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/116121?format=api", "purl": "pkg:deb/debian/memcached@1.5.6-1.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.5.6-1.1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/116109?format=api", "purl": "pkg:deb/debian/memcached@1.6.9%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-n5nc-37hj-c3ca" }, { "vulnerability": "VCID-s9uj-hzs8-sqgx" }, { "vulnerability": "VCID-tvsg-fq3c-7ub6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.9%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/116107?format=api", "purl": "pkg:deb/debian/memcached@1.6.18-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6qez-zqnx-zbgk" }, { "vulnerability": "VCID-n18q-v773-hkhx" }, { "vulnerability": "VCID-n5nc-37hj-c3ca" }, { "vulnerability": "VCID-s9uj-hzs8-sqgx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.18-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/116111?format=api", "purl": "pkg:deb/debian/memcached@1.6.38-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6qez-zqnx-zbgk" }, { "vulnerability": "VCID-n18q-v773-hkhx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.38-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/116110?format=api", "purl": "pkg:deb/debian/memcached@1.6.42-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.42-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-11596" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-khju-ysa6-qugz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/93115?format=api", "vulnerability_id": "VCID-m5cq-v7pd-cudx", "summary": "The try_read_command function in memcached.c in memcached before 1.4.39 allows remote attackers to cause a denial of service (segmentation fault) via a request to add/set a key, which makes a comparison between signed and unsigned int and triggers a heap-based buffer over-read. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8705.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9951.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9951.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9951", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01674", "scoring_system": "epss", "scoring_elements": "0.82481", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01674", "scoring_system": "epss", "scoring_elements": "0.8251", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.01674", "scoring_system": "epss", "scoring_elements": "0.82509", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9951" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9951", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9951" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000115", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000115" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000127", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000127" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "9.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1471970", "reference_id": "1471970", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1471970" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868701", "reference_id": "868701", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868701" }, { "reference_url": "https://usn.ubuntu.com/3588-1/", "reference_id": "USN-3588-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3588-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/116119?format=api", "purl": "pkg:deb/debian/memcached@1.5.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.5.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/116109?format=api", "purl": "pkg:deb/debian/memcached@1.6.9%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-n5nc-37hj-c3ca" }, { "vulnerability": "VCID-s9uj-hzs8-sqgx" }, { "vulnerability": "VCID-tvsg-fq3c-7ub6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.9%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/116107?format=api", "purl": "pkg:deb/debian/memcached@1.6.18-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6qez-zqnx-zbgk" }, { "vulnerability": "VCID-n18q-v773-hkhx" }, { "vulnerability": "VCID-n5nc-37hj-c3ca" }, { "vulnerability": "VCID-s9uj-hzs8-sqgx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.18-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/116111?format=api", "purl": "pkg:deb/debian/memcached@1.6.38-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6qez-zqnx-zbgk" }, { "vulnerability": "VCID-n18q-v773-hkhx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.38-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/116110?format=api", "purl": "pkg:deb/debian/memcached@1.6.42-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.42-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-9951" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m5cq-v7pd-cudx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/92098?format=api", "vulnerability_id": "VCID-n5nc-37hj-c3ca", "summary": "memcached: off-by-one error when processing proxy requests in proxy mode", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-46853.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-46853.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-46853", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35661", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35673", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-46853" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46853", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46853" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/memcached/memcached/compare/1.6.21...1.6.22", "reference_id": "1.6.21...1.6.22", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-09-09T15:29:52Z/" } ], "url": "https://github.com/memcached/memcached/compare/1.6.21...1.6.22" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2246951", "reference_id": "2246951", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2246951" }, { "reference_url": "https://github.com/memcached/memcached/commit/6987918e9a3094ec4fc8976f01f769f624d790fa", "reference_id": "6987918e9a3094ec4fc8976f01f769f624d790fa", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-09-09T15:29:52Z/" } ], "url": "https://github.com/memcached/memcached/commit/6987918e9a3094ec4fc8976f01f769f624d790fa" }, { "reference_url": "https://usn.ubuntu.com/6476-1/", "reference_id": "USN-6476-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6476-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/116127?format=api", "purl": "pkg:deb/debian/memcached@1.6.22-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.22-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/116111?format=api", "purl": "pkg:deb/debian/memcached@1.6.38-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6qez-zqnx-zbgk" }, { "vulnerability": "VCID-n18q-v773-hkhx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.38-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/116110?format=api", "purl": "pkg:deb/debian/memcached@1.6.42-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.42-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-46853" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n5nc-37hj-c3ca" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/93107?format=api", "vulnerability_id": "VCID-pxmk-h7me-mbdy", "summary": "The process_stat function in Memcached 1.2.8 discloses memory-allocation statistics in response to a stats malloc command, which allows remote attackers to obtain potentially sensitive information by sending this command to the daemon's TCP port.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1494.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1494.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-1494", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00517", "scoring_system": "epss", "scoring_elements": "0.67072", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00517", "scoring_system": "epss", "scoring_elements": "0.67113", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00517", "scoring_system": "epss", "scoring_elements": "0.67121", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-1494" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1494", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1494" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=498271", "reference_id": "498271", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=498271" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=526554", "reference_id": "526554", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=526554" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/116108?format=api", "purl": "pkg:deb/debian/memcached@1.2.8-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.2.8-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/116109?format=api", "purl": "pkg:deb/debian/memcached@1.6.9%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-n5nc-37hj-c3ca" }, { "vulnerability": "VCID-s9uj-hzs8-sqgx" }, { "vulnerability": "VCID-tvsg-fq3c-7ub6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.9%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/116107?format=api", "purl": "pkg:deb/debian/memcached@1.6.18-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6qez-zqnx-zbgk" }, { "vulnerability": "VCID-n18q-v773-hkhx" }, { "vulnerability": "VCID-n5nc-37hj-c3ca" }, { "vulnerability": "VCID-s9uj-hzs8-sqgx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.18-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/116111?format=api", "purl": "pkg:deb/debian/memcached@1.6.38-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6qez-zqnx-zbgk" }, { "vulnerability": "VCID-n18q-v773-hkhx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.38-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/116110?format=api", "purl": "pkg:deb/debian/memcached@1.6.42-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.42-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2009-1494" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pxmk-h7me-mbdy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/92097?format=api", "vulnerability_id": "VCID-s9uj-hzs8-sqgx", "summary": "memcached: buffer overflow when processing multiget requests in proxy mode", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-46852.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-46852.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-46852", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00099", "scoring_system": "epss", "scoring_elements": "0.27202", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00099", "scoring_system": "epss", "scoring_elements": "0.27148", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-46852" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46852", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46852" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/memcached/memcached/compare/1.6.21...1.6.22", "reference_id": "1.6.21...1.6.22", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-09T15:34:10Z/" } ], "url": "https://github.com/memcached/memcached/compare/1.6.21...1.6.22" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2246948", "reference_id": "2246948", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2246948" }, { "reference_url": "https://github.com/memcached/memcached/commit/76a6c363c18cfe7b6a1524ae64202ac9db330767", "reference_id": "76a6c363c18cfe7b6a1524ae64202ac9db330767", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-09T15:34:10Z/" } ], "url": "https://github.com/memcached/memcached/commit/76a6c363c18cfe7b6a1524ae64202ac9db330767" }, { "reference_url": "https://usn.ubuntu.com/6476-1/", "reference_id": "USN-6476-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6476-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/116127?format=api", "purl": "pkg:deb/debian/memcached@1.6.22-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.22-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/116111?format=api", "purl": "pkg:deb/debian/memcached@1.6.38-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6qez-zqnx-zbgk" }, { "vulnerability": "VCID-n18q-v773-hkhx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.38-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/116110?format=api", "purl": "pkg:deb/debian/memcached@1.6.42-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.42-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-46852" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-s9uj-hzs8-sqgx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/93121?format=api", "vulnerability_id": "VCID-tvsg-fq3c-7ub6", "summary": "Buffer Overflow vulnerability in authfile.c memcached 1.6.9 allows attackers to cause a denial of service via crafted authenticattion file.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-37519.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-37519.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37519", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.25638", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.2573", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.25739", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37519" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37519", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37519" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2167008", "reference_id": "2167008", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2167008" }, { "reference_url": "https://github.com/memcached/memcached/pull/806/commits/264722ae4e248b453be00e97197dadc685b60fd0", "reference_id": "264722ae4e248b453be00e97197dadc685b60fd0", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-26T18:16:10Z/" } ], "url": "https://github.com/memcached/memcached/pull/806/commits/264722ae4e248b453be00e97197dadc685b60fd0" }, { "reference_url": "https://github.com/memcached/memcached/issues/805", "reference_id": "805", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-26T18:16:10Z/" } ], "url": "https://github.com/memcached/memcached/issues/805" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/116125?format=api", "purl": "pkg:deb/debian/memcached@1.6.10%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.10%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/116107?format=api", "purl": "pkg:deb/debian/memcached@1.6.18-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6qez-zqnx-zbgk" }, { "vulnerability": "VCID-n18q-v773-hkhx" }, { "vulnerability": "VCID-n5nc-37hj-c3ca" }, { "vulnerability": "VCID-s9uj-hzs8-sqgx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.18-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/116111?format=api", "purl": "pkg:deb/debian/memcached@1.6.38-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6qez-zqnx-zbgk" }, { "vulnerability": "VCID-n18q-v773-hkhx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.38-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/116110?format=api", "purl": "pkg:deb/debian/memcached@1.6.42-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.42-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2021-37519" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tvsg-fq3c-7ub6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/93114?format=api", "vulnerability_id": "VCID-v9vn-ckw2-bucw", "summary": "memcached before 1.4.17, when running in verbose mode, allows remote attackers to cause a denial of service (crash) via a request that triggers an \"unbounded key print\" during logging, related to an issue that was \"quickly grepped out of the source tree,\" a different vulnerability than CVE-2013-0179 and CVE-2013-7290.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-7291.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-7291.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-7291", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00207", "scoring_system": "epss", "scoring_elements": "0.43056", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00207", "scoring_system": "epss", "scoring_elements": "0.43129", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00207", "scoring_system": "epss", "scoring_elements": "0.43138", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-7291" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7291", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7291" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1052864", "reference_id": "1052864", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1052864" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=735314", "reference_id": "735314", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=735314" }, { "reference_url": "https://security.gentoo.org/glsa/201406-13", "reference_id": "GLSA-201406-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201406-13" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/116117?format=api", "purl": "pkg:deb/debian/memcached@1.4.20-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.4.20-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/116109?format=api", "purl": "pkg:deb/debian/memcached@1.6.9%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-n5nc-37hj-c3ca" }, { "vulnerability": "VCID-s9uj-hzs8-sqgx" }, { "vulnerability": "VCID-tvsg-fq3c-7ub6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.9%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/116107?format=api", "purl": "pkg:deb/debian/memcached@1.6.18-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6qez-zqnx-zbgk" }, { "vulnerability": "VCID-n18q-v773-hkhx" }, { "vulnerability": "VCID-n5nc-37hj-c3ca" }, { "vulnerability": "VCID-s9uj-hzs8-sqgx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.18-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/116111?format=api", "purl": "pkg:deb/debian/memcached@1.6.38-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6qez-zqnx-zbgk" }, { "vulnerability": "VCID-n18q-v773-hkhx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.38-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/116110?format=api", "purl": "pkg:deb/debian/memcached@1.6.42-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.42-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2013-7291" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v9vn-ckw2-bucw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/93111?format=api", "vulnerability_id": "VCID-xsfx-vjd9-puae", "summary": "The process_bin_delete function in memcached.c in memcached 1.4.4 and other versions before 1.4.17, when running in verbose mode, allows remote attackers to cause a denial of service (segmentation fault) via a request to delete a key, which does not account for the lack of a null terminator in the key and triggers a buffer over-read when printing to stderr.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0179.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0179.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-0179", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01337", "scoring_system": "epss", "scoring_elements": "0.80328", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01337", "scoring_system": "epss", "scoring_elements": "0.80353", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.01337", "scoring_system": "epss", "scoring_elements": "0.80356", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-0179" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0179", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0179" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=698231", "reference_id": "698231", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=698231" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=895054", "reference_id": "895054", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=895054" }, { "reference_url": "https://security.gentoo.org/glsa/201406-13", "reference_id": "GLSA-201406-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201406-13" }, { "reference_url": "https://usn.ubuntu.com/2080-1/", "reference_id": "USN-2080-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2080-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/116116?format=api", "purl": "pkg:deb/debian/memcached@1.4.13-0.2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.4.13-0.2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/116109?format=api", "purl": "pkg:deb/debian/memcached@1.6.9%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-n5nc-37hj-c3ca" }, { "vulnerability": "VCID-s9uj-hzs8-sqgx" }, { "vulnerability": "VCID-tvsg-fq3c-7ub6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.9%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/116107?format=api", "purl": "pkg:deb/debian/memcached@1.6.18-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6qez-zqnx-zbgk" }, { "vulnerability": "VCID-n18q-v773-hkhx" }, { "vulnerability": "VCID-n5nc-37hj-c3ca" }, { "vulnerability": "VCID-s9uj-hzs8-sqgx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.18-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/116111?format=api", "purl": "pkg:deb/debian/memcached@1.6.38-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6qez-zqnx-zbgk" }, { "vulnerability": "VCID-n18q-v773-hkhx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.38-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/116110?format=api", "purl": "pkg:deb/debian/memcached@1.6.42-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.42-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2013-0179" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xsfx-vjd9-puae" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/93109?format=api", "vulnerability_id": "VCID-xzzd-ewr8-t3dr", "summary": "memcached.c in memcached before 1.4.3 allows remote attackers to cause a denial of service (daemon hang or crash) via a long line that triggers excessive memory allocation. NOTE: some of these details are obtained from third party information.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1152.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1152.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-1152", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.22721", "scoring_system": "epss", "scoring_elements": "0.95971", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.22721", "scoring_system": "epss", "scoring_elements": "0.95975", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.22721", "scoring_system": "epss", "scoring_elements": "0.95978", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-1152" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1152", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1152" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=579913", "reference_id": "579913", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=579913" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=581113", "reference_id": "581113", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=581113" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/33850.txt", "reference_id": "CVE-2010-1152;OSVDB-63600", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/33850.txt" }, { "reference_url": "https://www.securityfocus.com/bid/39577/info", "reference_id": "CVE-2010-1152;OSVDB-63600", "reference_type": "exploit", "scores": [], "url": "https://www.securityfocus.com/bid/39577/info" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/116113?format=api", "purl": "pkg:deb/debian/memcached@1.4.5-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.4.5-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/116109?format=api", "purl": "pkg:deb/debian/memcached@1.6.9%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-n5nc-37hj-c3ca" }, { "vulnerability": "VCID-s9uj-hzs8-sqgx" }, { "vulnerability": "VCID-tvsg-fq3c-7ub6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.9%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/116107?format=api", "purl": "pkg:deb/debian/memcached@1.6.18-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6qez-zqnx-zbgk" }, { "vulnerability": "VCID-n18q-v773-hkhx" }, { "vulnerability": "VCID-n5nc-37hj-c3ca" }, { "vulnerability": "VCID-s9uj-hzs8-sqgx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.18-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/116111?format=api", "purl": "pkg:deb/debian/memcached@1.6.38-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6qez-zqnx-zbgk" }, { "vulnerability": "VCID-n18q-v773-hkhx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.38-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/116110?format=api", "purl": "pkg:deb/debian/memcached@1.6.42-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.42-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2010-1152" ], "risk_score": 0.4, "exploitability": "2.0", "weighted_severity": "0.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xzzd-ewr8-t3dr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/93110?format=api", "vulnerability_id": "VCID-yqd7-9a4n-pbgb", "summary": "Multiple integer signedness errors in the (1) process_bin_sasl_auth, (2) process_bin_complete_sasl_auth, (3) process_bin_update, and (4) process_bin_append_prepend functions in Memcached 1.4.5 and earlier allow remote attackers to cause a denial of service (crash) via a large body length value in a packet.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4971.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4971.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-4971", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.46068", "scoring_system": "epss", "scoring_elements": "0.977", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.46068", "scoring_system": "epss", "scoring_elements": "0.97704", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.46068", "scoring_system": "epss", "scoring_elements": "0.97705", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-4971" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4971", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4971" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7239", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7239" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "1.8", "scoring_system": "cvssv2", "scoring_elements": "AV:A/AC:H/Au:N/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=706426", "reference_id": "706426", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=706426" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=957964", "reference_id": "957964", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=957964" }, { "reference_url": "https://security.gentoo.org/glsa/201406-13", "reference_id": "GLSA-201406-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201406-13" }, { "reference_url": "https://usn.ubuntu.com/2080-1/", "reference_id": "USN-2080-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2080-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/116115?format=api", "purl": "pkg:deb/debian/memcached@1.4.13-0.3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.4.13-0.3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/116109?format=api", "purl": "pkg:deb/debian/memcached@1.6.9%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-n5nc-37hj-c3ca" }, { "vulnerability": "VCID-s9uj-hzs8-sqgx" }, { "vulnerability": "VCID-tvsg-fq3c-7ub6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.9%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/116107?format=api", "purl": "pkg:deb/debian/memcached@1.6.18-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6qez-zqnx-zbgk" }, { "vulnerability": "VCID-n18q-v773-hkhx" }, { "vulnerability": "VCID-n5nc-37hj-c3ca" }, { "vulnerability": "VCID-s9uj-hzs8-sqgx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.18-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/116111?format=api", "purl": "pkg:deb/debian/memcached@1.6.38-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6qez-zqnx-zbgk" }, { "vulnerability": "VCID-n18q-v773-hkhx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.38-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/116110?format=api", "purl": "pkg:deb/debian/memcached@1.6.42-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.42-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2011-4971" ], "risk_score": 1.8, "exploitability": "2.0", "weighted_severity": "0.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yqd7-9a4n-pbgb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4781?format=api", "vulnerability_id": "VCID-zdtr-q584-d3h4", "summary": "arbitrary code execution", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8706.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8706.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8706", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.60255", "scoring_system": "epss", "scoring_elements": "0.98307", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.60255", "scoring_system": "epss", "scoring_elements": "0.98309", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.60255", "scoring_system": "epss", "scoring_elements": "0.9831", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8706" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8704", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8704" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8705", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8705" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8706", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8706" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1390512", "reference_id": "1390512", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1390512" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=842814", "reference_id": "842814", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=842814" }, { "reference_url": "https://security.archlinux.org/ASA-201611-1", "reference_id": "ASA-201611-1", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-1" }, { "reference_url": "https://security.archlinux.org/AVG-55", "reference_id": "AVG-55", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-55" }, { "reference_url": "https://security.gentoo.org/glsa/201701-12", "reference_id": "GLSA-201701-12", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-12" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2819", "reference_id": "RHSA-2016:2819", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2819" }, { "reference_url": "https://usn.ubuntu.com/3120-1/", "reference_id": "USN-3120-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3120-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/116118?format=api", "purl": "pkg:deb/debian/memcached@1.4.33-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.4.33-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/116109?format=api", "purl": "pkg:deb/debian/memcached@1.6.9%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-n5nc-37hj-c3ca" }, { "vulnerability": "VCID-s9uj-hzs8-sqgx" }, { "vulnerability": "VCID-tvsg-fq3c-7ub6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.9%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/116107?format=api", "purl": "pkg:deb/debian/memcached@1.6.18-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6qez-zqnx-zbgk" }, { "vulnerability": "VCID-n18q-v773-hkhx" }, { "vulnerability": "VCID-n5nc-37hj-c3ca" }, { "vulnerability": "VCID-s9uj-hzs8-sqgx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.18-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/116111?format=api", "purl": "pkg:deb/debian/memcached@1.6.38-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6qez-zqnx-zbgk" }, { "vulnerability": "VCID-n18q-v773-hkhx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.38-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/116110?format=api", "purl": "pkg:deb/debian/memcached@1.6.42-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.42-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-8706" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zdtr-q584-d3h4" } ], "risk_score": "3.6", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.38-1%3Fdistro=trixie" }