Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:rpm/redhat/memcached@1.4.39-2?arch=el7ost

Type rpm

Namespace redhat

Name memcached

Version 1.4.39-2

Qualifiers

arch	el7ost

Subpath

Is_vulnerable true

Next_non_vulnerable_version null

Latest_non_vulnerable_version null

Affected_by_vulnerabilities

url

VCID-4auv-4ek2-zqem

vulnerability_id

VCID-4auv-4ek2-zqem

summary

memcached version prior to 1.4.37 contains an Integer Overflow vulnerability in items.c:item_free() that can result in data corruption and deadlocks due to items existing in hash table being reused from free list. This attack appear to be exploitable via network connectivity to the memcached service. This vulnerability appears to have been fixed in 1.4.37 and later.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000127.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000127.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-1000127

reference_id

reference_type

scores

value	0.01002
scoring_system	epss
scoring_elements	0.77361
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-1000127

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1555064
reference_id	1555064
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1555064

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=894404
reference_id	894404
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=894404

reference_url	https://access.redhat.com/errata/RHSA-2018:2290
reference_id	RHSA-2018:2290
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:2290

fixed_packages

aliases

CVE-2018-1000127

risk_score

3.0

exploitability

0.5

weighted_severity

5.9

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-4auv-4ek2-zqem

Fixing_vulnerabilities

Risk_score 3.0

Resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/memcached@1.4.39-2%3Farch=el7ost

Package Instance