{"url":"http://public2.vulnerablecode.io/api/packages/116111?format=json","purl":"pkg:deb/debian/memcached@1.6.38-1?distro=trixie","type":"deb","namespace":"debian","name":"memcached","version":"1.6.38-1","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"1.6.42-1","latest_non_vulnerable_version":"1.6.42-1","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59958?format=json","vulnerability_id":"VCID-6qez-zqnx-zbgk","summary":"memcached: memcached: Username enumeration via timing side channel","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-47783.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-47783.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-47783","reference_id":"","reference_type":"","scores":[{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24745","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24815","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24804","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-47783"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-47783","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-47783"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1137214","reference_id":"1137214","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1137214"},{"reference_url":"https://github.com/memcached/memcached/compare/1.6.41...1.6.42","reference_id":"1.6.41...1.6.42","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T12:49:50Z/"}],"url":"https://github.com/memcached/memcached/compare/1.6.41...1.6.42"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2480089","reference_id":"2480089","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2480089"},{"reference_url":"https://github.com/memcached/memcached/commit/d13f282b4bce33a9c33b8a1bbf07f12114160fed","reference_id":"d13f282b4bce33a9c33b8a1bbf07f12114160fed","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T12:49:50Z/"}],"url":"https://github.com/memcached/memcached/commit/d13f282b4bce33a9c33b8a1bbf07f12114160fed"},{"reference_url":"https://github.com/memcached/memcached/wiki/ReleaseNotes1642","reference_id":"ReleaseNotes1642","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T12:49:50Z/"}],"url":"https://github.com/memcached/memcached/wiki/ReleaseNotes1642"},{"reference_url":"https://usn.ubuntu.com/8320-1/","reference_id":"USN-8320-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8320-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/116110?format=json","purl":"pkg:deb/debian/memcached@1.6.42-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.42-1%3Fdistro=trixie"}],"aliases":["CVE-2026-47783"],"risk_score":3.6,"exploitability":"0.5","weighted_severity":"7.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6qez-zqnx-zbgk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59956?format=json","vulnerability_id":"VCID-n18q-v773-hkhx","summary":"memcached: Memcached: Information disclosure via timing side channel","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-47784.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-47784.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-47784","reference_id":"","reference_type":"","scores":[{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24745","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24815","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24804","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-47784"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-47784","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-47784"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1137214","reference_id":"1137214","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1137214"},{"reference_url":"https://github.com/memcached/memcached/compare/1.6.41...1.6.42","reference_id":"1.6.41...1.6.42","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T12:20:56Z/"}],"url":"https://github.com/memcached/memcached/compare/1.6.41...1.6.42"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2480088","reference_id":"2480088","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2480088"},{"reference_url":"https://github.com/memcached/memcached/commit/d13f282b4bce33a9c33b8a1bbf07f12114160fed","reference_id":"d13f282b4bce33a9c33b8a1bbf07f12114160fed","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T12:20:56Z/"}],"url":"https://github.com/memcached/memcached/commit/d13f282b4bce33a9c33b8a1bbf07f12114160fed"},{"reference_url":"https://github.com/memcached/memcached/wiki/ReleaseNotes1642","reference_id":"ReleaseNotes1642","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T12:20:56Z/"}],"url":"https://github.com/memcached/memcached/wiki/ReleaseNotes1642"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:23261","reference_id":"RHSA-2026:23261","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:23261"},{"reference_url":"https://usn.ubuntu.com/8320-1/","reference_id":"USN-8320-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8320-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/116110?format=json","purl":"pkg:deb/debian/memcached@1.6.42-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.42-1%3Fdistro=trixie"}],"aliases":["CVE-2026-47784"],"risk_score":3.6,"exploitability":"0.5","weighted_severity":"7.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n18q-v773-hkhx"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6098?format=json","vulnerability_id":"VCID-43ss-8nbc-j7au","summary":"insufficient validation","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000115.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000115.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1000115","reference_id":"","reference_type":"","scores":[{"value":"0.86753","scoring_system":"epss","scoring_elements":"0.99442","published_at":"2026-06-04T12:55:00Z"},{"value":"0.86753","scoring_system":"epss","scoring_elements":"0.99443","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1000115"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9951","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9951"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000115","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000115"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000127","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000127"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1551182","reference_id":"1551182","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1551182"},{"reference_url":"https://security.archlinux.org/AVG-941","reference_id":"AVG-941","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-941"},{"reference_url":"https://github.com/649/Memcrashed-DDoS-Exploit/tree/3422efc009a43451281d165e8b9979189c405ff1","reference_id":"CVE-2018-1000115","reference_type":"exploit","scores":[],"url":"https://github.com/649/Memcrashed-DDoS-Exploit/tree/3422efc009a43451281d165e8b9979189c405ff1"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/44264.c","reference_id":"CVE-2018-1000115","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/44264.c"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/44265.py","reference_id":"CVE-2018-1000115","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/44265.py"},{"reference_url":"https://pastebin.com/raw/ZiUeinae","reference_id":"CVE-2018-1000115","reference_type":"exploit","scores":[],"url":"https://pastebin.com/raw/ZiUeinae"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2331","reference_id":"RHSA-2018:2331","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:2331"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2857","reference_id":"RHSA-2018:2857","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:2857"},{"reference_url":"https://usn.ubuntu.com/3588-1/","reference_id":"USN-3588-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3588-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/116120?format=json","purl":"pkg:deb/debian/memcached@1.5.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.5.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/116109?format=json","purl":"pkg:deb/debian/memcached@1.6.9%2Bdfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-n5nc-37hj-c3ca"},{"vulnerability":"VCID-s9uj-hzs8-sqgx"},{"vulnerability":"VCID-tvsg-fq3c-7ub6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.9%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/116107?format=json","purl":"pkg:deb/debian/memcached@1.6.18-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6qez-zqnx-zbgk"},{"vulnerability":"VCID-n18q-v773-hkhx"},{"vulnerability":"VCID-n5nc-37hj-c3ca"},{"vulnerability":"VCID-s9uj-hzs8-sqgx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.18-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/116111?format=json","purl":"pkg:deb/debian/memcached@1.6.38-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6qez-zqnx-zbgk"},{"vulnerability":"VCID-n18q-v773-hkhx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.38-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/116110?format=json","purl":"pkg:deb/debian/memcached@1.6.42-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.42-1%3Fdistro=trixie"}],"aliases":["CVE-2018-1000115"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-43ss-8nbc-j7au"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4783?format=json","vulnerability_id":"VCID-473t-pehe-4uam","summary":"arbitrary code execution","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8704.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8704.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8704","reference_id":"","reference_type":"","scores":[{"value":"0.14266","scoring_system":"epss","scoring_elements":"0.94537","published_at":"2026-06-07T12:55:00Z"},{"value":"0.14336","scoring_system":"epss","scoring_elements":"0.94545","published_at":"2026-06-06T12:55:00Z"},{"value":"0.14336","scoring_system":"epss","scoring_elements":"0.94535","published_at":"2026-06-04T12:55:00Z"},{"value":"0.14336","scoring_system":"epss","scoring_elements":"0.94543","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8704"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8704","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8704"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8705","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8705"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8706","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8706"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1390510","reference_id":"1390510","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1390510"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=842811","reference_id":"842811","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=842811"},{"reference_url":"https://security.archlinux.org/ASA-201611-1","reference_id":"ASA-201611-1","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-1"},{"reference_url":"https://security.archlinux.org/AVG-55","reference_id":"AVG-55","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-55"},{"reference_url":"https://security.gentoo.org/glsa/201701-12","reference_id":"GLSA-201701-12","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-12"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2819","reference_id":"RHSA-2016:2819","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2819"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2820","reference_id":"RHSA-2016:2820","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2820"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0059","reference_id":"RHSA-2017:0059","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0059"},{"reference_url":"https://usn.ubuntu.com/3120-1/","reference_id":"USN-3120-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3120-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/116118?format=json","purl":"pkg:deb/debian/memcached@1.4.33-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.4.33-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/116109?format=json","purl":"pkg:deb/debian/memcached@1.6.9%2Bdfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-n5nc-37hj-c3ca"},{"vulnerability":"VCID-s9uj-hzs8-sqgx"},{"vulnerability":"VCID-tvsg-fq3c-7ub6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.9%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/116107?format=json","purl":"pkg:deb/debian/memcached@1.6.18-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6qez-zqnx-zbgk"},{"vulnerability":"VCID-n18q-v773-hkhx"},{"vulnerability":"VCID-n5nc-37hj-c3ca"},{"vulnerability":"VCID-s9uj-hzs8-sqgx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.18-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/116111?format=json","purl":"pkg:deb/debian/memcached@1.6.38-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6qez-zqnx-zbgk"},{"vulnerability":"VCID-n18q-v773-hkhx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.38-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/116110?format=json","purl":"pkg:deb/debian/memcached@1.6.42-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.42-1%3Fdistro=trixie"}],"aliases":["CVE-2016-8704"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-473t-pehe-4uam"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/93116?format=json","vulnerability_id":"VCID-4auv-4ek2-zqem","summary":"memcached version prior to 1.4.37 contains an Integer Overflow vulnerability in items.c:item_free() that can result in data corruption and deadlocks due to items existing in hash table being reused from free list. This attack appear to be exploitable via network connectivity to the memcached service. This vulnerability appears to have been fixed in 1.4.37 and later.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000127.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000127.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1000127","reference_id":"","reference_type":"","scores":[{"value":"0.01002","scoring_system":"epss","scoring_elements":"0.77361","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01002","scoring_system":"epss","scoring_elements":"0.77389","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01002","scoring_system":"epss","scoring_elements":"0.77399","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1000127"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9951","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9951"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000115","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000115"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000127","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000127"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1555064","reference_id":"1555064","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1555064"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=894404","reference_id":"894404","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=894404"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2290","reference_id":"RHSA-2018:2290","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:2290"},{"reference_url":"https://usn.ubuntu.com/3601-1/","reference_id":"USN-3601-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3601-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/116119?format=json","purl":"pkg:deb/debian/memcached@1.5.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.5.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/116109?format=json","purl":"pkg:deb/debian/memcached@1.6.9%2Bdfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-n5nc-37hj-c3ca"},{"vulnerability":"VCID-s9uj-hzs8-sqgx"},{"vulnerability":"VCID-tvsg-fq3c-7ub6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.9%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/116107?format=json","purl":"pkg:deb/debian/memcached@1.6.18-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6qez-zqnx-zbgk"},{"vulnerability":"VCID-n18q-v773-hkhx"},{"vulnerability":"VCID-n5nc-37hj-c3ca"},{"vulnerability":"VCID-s9uj-hzs8-sqgx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.18-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/116111?format=json","purl":"pkg:deb/debian/memcached@1.6.38-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6qez-zqnx-zbgk"},{"vulnerability":"VCID-n18q-v773-hkhx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.38-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/116110?format=json","purl":"pkg:deb/debian/memcached@1.6.42-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.42-1%3Fdistro=trixie"}],"aliases":["CVE-2018-1000127"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4auv-4ek2-zqem"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/93118?format=json","vulnerability_id":"VCID-5qbx-k2hw-n7br","summary":"memcached 1.5.16, when UNIX sockets are used, has a stack-based buffer over-read in conn_to_str in memcached.c.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-15026.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-15026.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-15026","reference_id":"","reference_type":"","scores":[{"value":"0.00927","scoring_system":"epss","scoring_elements":"0.76449","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00927","scoring_system":"epss","scoring_elements":"0.76478","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00927","scoring_system":"epss","scoring_elements":"0.76485","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00927","scoring_system":"epss","scoring_elements":"0.76474","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-15026"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15026","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15026"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1753862","reference_id":"1753862","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1753862"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=939337","reference_id":"939337","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=939337"},{"reference_url":"https://usn.ubuntu.com/4125-1/","reference_id":"USN-4125-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4125-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/116122?format=json","purl":"pkg:deb/debian/memcached@1.5.17-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.5.17-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/116109?format=json","purl":"pkg:deb/debian/memcached@1.6.9%2Bdfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-n5nc-37hj-c3ca"},{"vulnerability":"VCID-s9uj-hzs8-sqgx"},{"vulnerability":"VCID-tvsg-fq3c-7ub6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.9%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/116107?format=json","purl":"pkg:deb/debian/memcached@1.6.18-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6qez-zqnx-zbgk"},{"vulnerability":"VCID-n18q-v773-hkhx"},{"vulnerability":"VCID-n5nc-37hj-c3ca"},{"vulnerability":"VCID-s9uj-hzs8-sqgx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.18-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/116111?format=json","purl":"pkg:deb/debian/memcached@1.6.38-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6qez-zqnx-zbgk"},{"vulnerability":"VCID-n18q-v773-hkhx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.38-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/116110?format=json","purl":"pkg:deb/debian/memcached@1.6.42-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.42-1%3Fdistro=trixie"}],"aliases":["CVE-2019-15026"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5qbx-k2hw-n7br"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/93120?format=json","vulnerability_id":"VCID-698k-eynt-4uds","summary":"Memcached 1.6.0 before 1.6.3 allows remote attackers to cause a denial of service (daemon crash) via a crafted meta command.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-22570.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-22570.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-22570","reference_id":"","reference_type":"","scores":[{"value":"0.02068","scoring_system":"epss","scoring_elements":"0.8425","published_at":"2026-06-04T12:55:00Z"},{"value":"0.02068","scoring_system":"epss","scoring_elements":"0.84273","published_at":"2026-06-05T12:55:00Z"},{"value":"0.02068","scoring_system":"epss","scoring_elements":"0.84276","published_at":"2026-06-06T12:55:00Z"},{"value":"0.02068","scoring_system":"epss","scoring_elements":"0.8427","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-22570"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-22570","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-22570"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2234997","reference_id":"2234997","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2234997"},{"reference_url":"https://github.com/memcached/memcached/issues/636","reference_id":"636","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T18:05:22Z/"}],"url":"https://github.com/memcached/memcached/issues/636"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/116124?format=json","purl":"pkg:deb/debian/memcached@1.6.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/116109?format=json","purl":"pkg:deb/debian/memcached@1.6.9%2Bdfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-n5nc-37hj-c3ca"},{"vulnerability":"VCID-s9uj-hzs8-sqgx"},{"vulnerability":"VCID-tvsg-fq3c-7ub6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.9%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/116107?format=json","purl":"pkg:deb/debian/memcached@1.6.18-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6qez-zqnx-zbgk"},{"vulnerability":"VCID-n18q-v773-hkhx"},{"vulnerability":"VCID-n5nc-37hj-c3ca"},{"vulnerability":"VCID-s9uj-hzs8-sqgx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.18-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/116111?format=json","purl":"pkg:deb/debian/memcached@1.6.38-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6qez-zqnx-zbgk"},{"vulnerability":"VCID-n18q-v773-hkhx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.38-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/116110?format=json","purl":"pkg:deb/debian/memcached@1.6.42-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.42-1%3Fdistro=trixie"}],"aliases":["CVE-2020-22570"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-698k-eynt-4uds"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/93119?format=json","vulnerability_id":"VCID-7c4g-kzsn-dyap","summary":"Memcached 1.6.x before 1.6.2 allows remote attackers to cause a denial of service (daemon crash) via a crafted binary protocol header to try_read_command_binary in memcached.c.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10931.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10931.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-10931","reference_id":"","reference_type":"","scores":[{"value":"0.15431","scoring_system":"epss","scoring_elements":"0.9478","published_at":"2026-06-04T12:55:00Z"},{"value":"0.15431","scoring_system":"epss","scoring_elements":"0.94789","published_at":"2026-06-05T12:55:00Z"},{"value":"0.15431","scoring_system":"epss","scoring_elements":"0.9479","published_at":"2026-06-06T12:55:00Z"},{"value":"0.15431","scoring_system":"epss","scoring_elements":"0.94792","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-10931"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10931","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10931"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1816630","reference_id":"1816630","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1816630"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954808","reference_id":"954808","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954808"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/116123?format=json","purl":"pkg:deb/debian/memcached@1.6.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/116109?format=json","purl":"pkg:deb/debian/memcached@1.6.9%2Bdfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-n5nc-37hj-c3ca"},{"vulnerability":"VCID-s9uj-hzs8-sqgx"},{"vulnerability":"VCID-tvsg-fq3c-7ub6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.9%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/116107?format=json","purl":"pkg:deb/debian/memcached@1.6.18-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6qez-zqnx-zbgk"},{"vulnerability":"VCID-n18q-v773-hkhx"},{"vulnerability":"VCID-n5nc-37hj-c3ca"},{"vulnerability":"VCID-s9uj-hzs8-sqgx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.18-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/116111?format=json","purl":"pkg:deb/debian/memcached@1.6.38-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6qez-zqnx-zbgk"},{"vulnerability":"VCID-n18q-v773-hkhx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.38-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/116110?format=json","purl":"pkg:deb/debian/memcached@1.6.42-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.42-1%3Fdistro=trixie"}],"aliases":["CVE-2020-10931"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7c4g-kzsn-dyap"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/93106?format=json","vulnerability_id":"VCID-7t5g-q92j-zycy","summary":"The process_stat function in (1) Memcached before 1.2.8 and (2) MemcacheDB 1.2.0 discloses (a) the contents of /proc/self/maps in response to a stats maps command and (b) memory-allocation statistics in response to a stats malloc command, which allows remote attackers to obtain sensitive information such as the locations of memory regions, and defeat ASLR protection, by sending a command to the daemon's TCP port.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1255.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1255.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1255","reference_id":"","reference_type":"","scores":[{"value":"0.02078","scoring_system":"epss","scoring_elements":"0.84287","published_at":"2026-06-04T12:55:00Z"},{"value":"0.02078","scoring_system":"epss","scoring_elements":"0.84311","published_at":"2026-06-05T12:55:00Z"},{"value":"0.02078","scoring_system":"epss","scoring_elements":"0.84313","published_at":"2026-06-06T12:55:00Z"},{"value":"0.02078","scoring_system":"epss","scoring_elements":"0.84307","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1255"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1255","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1255"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=498271","reference_id":"498271","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=498271"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/116108?format=json","purl":"pkg:deb/debian/memcached@1.2.8-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.2.8-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/116109?format=json","purl":"pkg:deb/debian/memcached@1.6.9%2Bdfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-n5nc-37hj-c3ca"},{"vulnerability":"VCID-s9uj-hzs8-sqgx"},{"vulnerability":"VCID-tvsg-fq3c-7ub6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.9%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/116107?format=json","purl":"pkg:deb/debian/memcached@1.6.18-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6qez-zqnx-zbgk"},{"vulnerability":"VCID-n18q-v773-hkhx"},{"vulnerability":"VCID-n5nc-37hj-c3ca"},{"vulnerability":"VCID-s9uj-hzs8-sqgx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.18-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/116111?format=json","purl":"pkg:deb/debian/memcached@1.6.38-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6qez-zqnx-zbgk"},{"vulnerability":"VCID-n18q-v773-hkhx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.38-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/116110?format=json","purl":"pkg:deb/debian/memcached@1.6.42-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.42-1%3Fdistro=trixie"}],"aliases":["CVE-2009-1255"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7t5g-q92j-zycy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/93113?format=json","vulnerability_id":"VCID-cm45-8gft-jqhd","summary":"The do_item_get function in items.c in memcached 1.4.4 and other versions before 1.4.17, when running in verbose mode, allows remote attackers to cause a denial of service (segmentation fault) via a request to delete a key, which does not account for the lack of a null terminator in the key and triggers a buffer over-read when printing to stderr, a different vulnerability than CVE-2013-0179.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-7290.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-7290.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-7290","reference_id":"","reference_type":"","scores":[{"value":"0.00207","scoring_system":"epss","scoring_elements":"0.43056","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00207","scoring_system":"epss","scoring_elements":"0.43129","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00207","scoring_system":"epss","scoring_elements":"0.43138","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00207","scoring_system":"epss","scoring_elements":"0.43116","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-7290"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7290","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7290"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1052863","reference_id":"1052863","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1052863"},{"reference_url":"https://security.gentoo.org/glsa/201406-13","reference_id":"GLSA-201406-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201406-13"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/116116?format=json","purl":"pkg:deb/debian/memcached@1.4.13-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.4.13-0.2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/116109?format=json","purl":"pkg:deb/debian/memcached@1.6.9%2Bdfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-n5nc-37hj-c3ca"},{"vulnerability":"VCID-s9uj-hzs8-sqgx"},{"vulnerability":"VCID-tvsg-fq3c-7ub6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.9%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/116107?format=json","purl":"pkg:deb/debian/memcached@1.6.18-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6qez-zqnx-zbgk"},{"vulnerability":"VCID-n18q-v773-hkhx"},{"vulnerability":"VCID-n5nc-37hj-c3ca"},{"vulnerability":"VCID-s9uj-hzs8-sqgx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.18-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/116111?format=json","purl":"pkg:deb/debian/memcached@1.6.38-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6qez-zqnx-zbgk"},{"vulnerability":"VCID-n18q-v773-hkhx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.38-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/116110?format=json","purl":"pkg:deb/debian/memcached@1.6.42-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.42-1%3Fdistro=trixie"}],"aliases":["CVE-2013-7290"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cm45-8gft-jqhd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/93122?format=json","vulnerability_id":"VCID-cpe7-qj2p-jfbk","summary":"memcached 1.6.7 allows a Denial of Service via multi-packet uploads in UDP.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48571.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48571.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-48571","reference_id":"","reference_type":"","scores":[{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18909","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18984","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18943","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-48571"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48571","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48571"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2235661","reference_id":"2235661","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2235661"},{"reference_url":"https://usn.ubuntu.com/6382-1/","reference_id":"USN-6382-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6382-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/116126?format=json","purl":"pkg:deb/debian/memcached@1.6.8%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.8%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/116109?format=json","purl":"pkg:deb/debian/memcached@1.6.9%2Bdfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-n5nc-37hj-c3ca"},{"vulnerability":"VCID-s9uj-hzs8-sqgx"},{"vulnerability":"VCID-tvsg-fq3c-7ub6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.9%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/116107?format=json","purl":"pkg:deb/debian/memcached@1.6.18-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6qez-zqnx-zbgk"},{"vulnerability":"VCID-n18q-v773-hkhx"},{"vulnerability":"VCID-n5nc-37hj-c3ca"},{"vulnerability":"VCID-s9uj-hzs8-sqgx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.18-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/116111?format=json","purl":"pkg:deb/debian/memcached@1.6.38-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6qez-zqnx-zbgk"},{"vulnerability":"VCID-n18q-v773-hkhx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.38-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/116110?format=json","purl":"pkg:deb/debian/memcached@1.6.42-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.42-1%3Fdistro=trixie"}],"aliases":["CVE-2022-48571"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cpe7-qj2p-jfbk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/93108?format=json","vulnerability_id":"VCID-d17x-z4pz-8bgq","summary":"Multiple integer overflows in memcached 1.1.12 and 1.2.2 allow remote attackers to execute arbitrary code via vectors involving length attributes that trigger heap-based buffer overflows.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2415.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2415.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-2415","reference_id":"","reference_type":"","scores":[{"value":"0.12077","scoring_system":"epss","scoring_elements":"0.93923","published_at":"2026-06-04T12:55:00Z"},{"value":"0.12077","scoring_system":"epss","scoring_elements":"0.93932","published_at":"2026-06-07T12:55:00Z"},{"value":"0.12077","scoring_system":"epss","scoring_elements":"0.93931","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-2415"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2415","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2415"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=516489","reference_id":"516489","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=516489"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=540379","reference_id":"540379","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=540379"},{"reference_url":"https://security.gentoo.org/glsa/201406-13","reference_id":"GLSA-201406-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201406-13"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/116112?format=json","purl":"pkg:deb/debian/memcached@1.4.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.4.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/116109?format=json","purl":"pkg:deb/debian/memcached@1.6.9%2Bdfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-n5nc-37hj-c3ca"},{"vulnerability":"VCID-s9uj-hzs8-sqgx"},{"vulnerability":"VCID-tvsg-fq3c-7ub6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.9%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/116107?format=json","purl":"pkg:deb/debian/memcached@1.6.18-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6qez-zqnx-zbgk"},{"vulnerability":"VCID-n18q-v773-hkhx"},{"vulnerability":"VCID-n5nc-37hj-c3ca"},{"vulnerability":"VCID-s9uj-hzs8-sqgx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.18-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/116111?format=json","purl":"pkg:deb/debian/memcached@1.6.38-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6qez-zqnx-zbgk"},{"vulnerability":"VCID-n18q-v773-hkhx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.38-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/116110?format=json","purl":"pkg:deb/debian/memcached@1.6.42-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.42-1%3Fdistro=trixie"}],"aliases":["CVE-2009-2415"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-d17x-z4pz-8bgq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4782?format=json","vulnerability_id":"VCID-dzaf-56cq-uka2","summary":"arbitrary code execution","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8705.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8705.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8705","reference_id":"","reference_type":"","scores":[{"value":"0.08475","scoring_system":"epss","scoring_elements":"0.92508","published_at":"2026-06-07T12:55:00Z"},{"value":"0.12618","scoring_system":"epss","scoring_elements":"0.941","published_at":"2026-06-06T12:55:00Z"},{"value":"0.12618","scoring_system":"epss","scoring_elements":"0.94093","published_at":"2026-06-04T12:55:00Z"},{"value":"0.12618","scoring_system":"epss","scoring_elements":"0.94101","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8705"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8704","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8704"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8705","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8705"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8706","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8706"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"9.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1390511","reference_id":"1390511","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1390511"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=842812","reference_id":"842812","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=842812"},{"reference_url":"https://security.archlinux.org/ASA-201611-1","reference_id":"ASA-201611-1","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-1"},{"reference_url":"https://security.archlinux.org/AVG-55","reference_id":"AVG-55","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-55"},{"reference_url":"https://security.gentoo.org/glsa/201701-12","reference_id":"GLSA-201701-12","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-12"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2819","reference_id":"RHSA-2016:2819","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2819"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2820","reference_id":"RHSA-2016:2820","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2820"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0059","reference_id":"RHSA-2017:0059","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0059"},{"reference_url":"https://usn.ubuntu.com/3120-1/","reference_id":"USN-3120-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3120-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/116118?format=json","purl":"pkg:deb/debian/memcached@1.4.33-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.4.33-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/116109?format=json","purl":"pkg:deb/debian/memcached@1.6.9%2Bdfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-n5nc-37hj-c3ca"},{"vulnerability":"VCID-s9uj-hzs8-sqgx"},{"vulnerability":"VCID-tvsg-fq3c-7ub6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.9%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/116107?format=json","purl":"pkg:deb/debian/memcached@1.6.18-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6qez-zqnx-zbgk"},{"vulnerability":"VCID-n18q-v773-hkhx"},{"vulnerability":"VCID-n5nc-37hj-c3ca"},{"vulnerability":"VCID-s9uj-hzs8-sqgx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.18-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/116111?format=json","purl":"pkg:deb/debian/memcached@1.6.38-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6qez-zqnx-zbgk"},{"vulnerability":"VCID-n18q-v773-hkhx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.38-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/116110?format=json","purl":"pkg:deb/debian/memcached@1.6.42-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.42-1%3Fdistro=trixie"}],"aliases":["CVE-2016-8705"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dzaf-56cq-uka2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/93112?format=json","vulnerability_id":"VCID-hsuj-2gvt-9bc1","summary":"memcached before 1.4.17 allows remote attackers to bypass authentication by sending an invalid request with SASL credentials, then sending another request with incorrect SASL credentials.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-7239.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-7239.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-7239","reference_id":"","reference_type":"","scores":[{"value":"0.00299","scoring_system":"epss","scoring_elements":"0.5351","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00299","scoring_system":"epss","scoring_elements":"0.5357","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00299","scoring_system":"epss","scoring_elements":"0.53578","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00299","scoring_system":"epss","scoring_elements":"0.53565","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-7239"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4971","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4971"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7239","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7239"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1047299","reference_id":"1047299","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1047299"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=733643","reference_id":"733643","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=733643"},{"reference_url":"https://security.gentoo.org/glsa/201406-13","reference_id":"GLSA-201406-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201406-13"},{"reference_url":"https://usn.ubuntu.com/2080-1/","reference_id":"USN-2080-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2080-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/116115?format=json","purl":"pkg:deb/debian/memcached@1.4.13-0.3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.4.13-0.3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/116109?format=json","purl":"pkg:deb/debian/memcached@1.6.9%2Bdfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-n5nc-37hj-c3ca"},{"vulnerability":"VCID-s9uj-hzs8-sqgx"},{"vulnerability":"VCID-tvsg-fq3c-7ub6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.9%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/116107?format=json","purl":"pkg:deb/debian/memcached@1.6.18-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6qez-zqnx-zbgk"},{"vulnerability":"VCID-n18q-v773-hkhx"},{"vulnerability":"VCID-n5nc-37hj-c3ca"},{"vulnerability":"VCID-s9uj-hzs8-sqgx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.18-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/116111?format=json","purl":"pkg:deb/debian/memcached@1.6.38-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6qez-zqnx-zbgk"},{"vulnerability":"VCID-n18q-v773-hkhx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.38-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/116110?format=json","purl":"pkg:deb/debian/memcached@1.6.42-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.42-1%3Fdistro=trixie"}],"aliases":["CVE-2013-7239"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hsuj-2gvt-9bc1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/93117?format=json","vulnerability_id":"VCID-khju-ysa6-qugz","summary":"In memcached before 1.5.14, a NULL pointer dereference was found in the \"lru mode\" and \"lru temp_ttl\" commands. This causes a denial of service when parsing crafted lru command messages in process_lru_command in memcached.c.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11596.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11596.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-11596","reference_id":"","reference_type":"","scores":[{"value":"0.01552","scoring_system":"epss","scoring_elements":"0.81757","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01552","scoring_system":"epss","scoring_elements":"0.81792","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-11596"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11596","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11596"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1706001","reference_id":"1706001","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1706001"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=928205","reference_id":"928205","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=928205"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1576","reference_id":"RHSA-2020:1576","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1576"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5583","reference_id":"RHSA-2020:5583","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5583"},{"reference_url":"https://usn.ubuntu.com/3963-1/","reference_id":"USN-3963-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3963-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/116121?format=json","purl":"pkg:deb/debian/memcached@1.5.6-1.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.5.6-1.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/116109?format=json","purl":"pkg:deb/debian/memcached@1.6.9%2Bdfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-n5nc-37hj-c3ca"},{"vulnerability":"VCID-s9uj-hzs8-sqgx"},{"vulnerability":"VCID-tvsg-fq3c-7ub6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.9%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/116107?format=json","purl":"pkg:deb/debian/memcached@1.6.18-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6qez-zqnx-zbgk"},{"vulnerability":"VCID-n18q-v773-hkhx"},{"vulnerability":"VCID-n5nc-37hj-c3ca"},{"vulnerability":"VCID-s9uj-hzs8-sqgx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.18-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/116111?format=json","purl":"pkg:deb/debian/memcached@1.6.38-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6qez-zqnx-zbgk"},{"vulnerability":"VCID-n18q-v773-hkhx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.38-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/116110?format=json","purl":"pkg:deb/debian/memcached@1.6.42-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.42-1%3Fdistro=trixie"}],"aliases":["CVE-2019-11596"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-khju-ysa6-qugz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/93115?format=json","vulnerability_id":"VCID-m5cq-v7pd-cudx","summary":"The try_read_command function in memcached.c in memcached before 1.4.39 allows remote attackers to cause a denial of service (segmentation fault) via a request to add/set a key, which makes a comparison between signed and unsigned int and triggers a heap-based buffer over-read. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8705.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9951.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9951.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9951","reference_id":"","reference_type":"","scores":[{"value":"0.01674","scoring_system":"epss","scoring_elements":"0.82506","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01674","scoring_system":"epss","scoring_elements":"0.82481","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01674","scoring_system":"epss","scoring_elements":"0.8251","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01674","scoring_system":"epss","scoring_elements":"0.82509","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9951"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9951","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9951"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000115","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000115"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000127","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000127"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"9.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1471970","reference_id":"1471970","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1471970"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868701","reference_id":"868701","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868701"},{"reference_url":"https://usn.ubuntu.com/3588-1/","reference_id":"USN-3588-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3588-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/116119?format=json","purl":"pkg:deb/debian/memcached@1.5.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.5.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/116109?format=json","purl":"pkg:deb/debian/memcached@1.6.9%2Bdfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-n5nc-37hj-c3ca"},{"vulnerability":"VCID-s9uj-hzs8-sqgx"},{"vulnerability":"VCID-tvsg-fq3c-7ub6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.9%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/116107?format=json","purl":"pkg:deb/debian/memcached@1.6.18-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6qez-zqnx-zbgk"},{"vulnerability":"VCID-n18q-v773-hkhx"},{"vulnerability":"VCID-n5nc-37hj-c3ca"},{"vulnerability":"VCID-s9uj-hzs8-sqgx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.18-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/116111?format=json","purl":"pkg:deb/debian/memcached@1.6.38-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6qez-zqnx-zbgk"},{"vulnerability":"VCID-n18q-v773-hkhx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.38-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/116110?format=json","purl":"pkg:deb/debian/memcached@1.6.42-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.42-1%3Fdistro=trixie"}],"aliases":["CVE-2017-9951"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m5cq-v7pd-cudx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/92098?format=json","vulnerability_id":"VCID-n5nc-37hj-c3ca","summary":"memcached: off-by-one error when processing proxy requests in proxy mode","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-46853.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-46853.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-46853","reference_id":"","reference_type":"","scores":[{"value":"0.00152","scoring_system":"epss","scoring_elements":"0.35673","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00152","scoring_system":"epss","scoring_elements":"0.35634","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00152","scoring_system":"epss","scoring_elements":"0.35661","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-46853"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46853","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46853"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/memcached/memcached/compare/1.6.21...1.6.22","reference_id":"1.6.21...1.6.22","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-09-09T15:29:52Z/"}],"url":"https://github.com/memcached/memcached/compare/1.6.21...1.6.22"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2246951","reference_id":"2246951","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2246951"},{"reference_url":"https://github.com/memcached/memcached/commit/6987918e9a3094ec4fc8976f01f769f624d790fa","reference_id":"6987918e9a3094ec4fc8976f01f769f624d790fa","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-09-09T15:29:52Z/"}],"url":"https://github.com/memcached/memcached/commit/6987918e9a3094ec4fc8976f01f769f624d790fa"},{"reference_url":"https://usn.ubuntu.com/6476-1/","reference_id":"USN-6476-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6476-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/116127?format=json","purl":"pkg:deb/debian/memcached@1.6.22-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.22-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/116111?format=json","purl":"pkg:deb/debian/memcached@1.6.38-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6qez-zqnx-zbgk"},{"vulnerability":"VCID-n18q-v773-hkhx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.38-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/116110?format=json","purl":"pkg:deb/debian/memcached@1.6.42-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.42-1%3Fdistro=trixie"}],"aliases":["CVE-2023-46853"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n5nc-37hj-c3ca"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/93107?format=json","vulnerability_id":"VCID-pxmk-h7me-mbdy","summary":"The process_stat function in Memcached 1.2.8 discloses memory-allocation statistics in response to a stats malloc command, which allows remote attackers to obtain potentially sensitive information by sending this command to the daemon's TCP port.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1494.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1494.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1494","reference_id":"","reference_type":"","scores":[{"value":"0.00517","scoring_system":"epss","scoring_elements":"0.67072","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00517","scoring_system":"epss","scoring_elements":"0.67113","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00517","scoring_system":"epss","scoring_elements":"0.67121","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00517","scoring_system":"epss","scoring_elements":"0.67105","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1494"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1494","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1494"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=498271","reference_id":"498271","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=498271"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=526554","reference_id":"526554","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=526554"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/116108?format=json","purl":"pkg:deb/debian/memcached@1.2.8-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.2.8-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/116109?format=json","purl":"pkg:deb/debian/memcached@1.6.9%2Bdfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-n5nc-37hj-c3ca"},{"vulnerability":"VCID-s9uj-hzs8-sqgx"},{"vulnerability":"VCID-tvsg-fq3c-7ub6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.9%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/116107?format=json","purl":"pkg:deb/debian/memcached@1.6.18-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6qez-zqnx-zbgk"},{"vulnerability":"VCID-n18q-v773-hkhx"},{"vulnerability":"VCID-n5nc-37hj-c3ca"},{"vulnerability":"VCID-s9uj-hzs8-sqgx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.18-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/116111?format=json","purl":"pkg:deb/debian/memcached@1.6.38-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6qez-zqnx-zbgk"},{"vulnerability":"VCID-n18q-v773-hkhx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.38-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/116110?format=json","purl":"pkg:deb/debian/memcached@1.6.42-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.42-1%3Fdistro=trixie"}],"aliases":["CVE-2009-1494"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pxmk-h7me-mbdy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/92097?format=json","vulnerability_id":"VCID-s9uj-hzs8-sqgx","summary":"memcached: buffer overflow when processing multiget requests in proxy mode","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-46852.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-46852.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-46852","reference_id":"","reference_type":"","scores":[{"value":"0.00099","scoring_system":"epss","scoring_elements":"0.27108","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00099","scoring_system":"epss","scoring_elements":"0.27202","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00099","scoring_system":"epss","scoring_elements":"0.27148","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-46852"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46852","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46852"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/memcached/memcached/compare/1.6.21...1.6.22","reference_id":"1.6.21...1.6.22","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-09T15:34:10Z/"}],"url":"https://github.com/memcached/memcached/compare/1.6.21...1.6.22"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2246948","reference_id":"2246948","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2246948"},{"reference_url":"https://github.com/memcached/memcached/commit/76a6c363c18cfe7b6a1524ae64202ac9db330767","reference_id":"76a6c363c18cfe7b6a1524ae64202ac9db330767","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-09T15:34:10Z/"}],"url":"https://github.com/memcached/memcached/commit/76a6c363c18cfe7b6a1524ae64202ac9db330767"},{"reference_url":"https://usn.ubuntu.com/6476-1/","reference_id":"USN-6476-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6476-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/116127?format=json","purl":"pkg:deb/debian/memcached@1.6.22-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.22-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/116111?format=json","purl":"pkg:deb/debian/memcached@1.6.38-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6qez-zqnx-zbgk"},{"vulnerability":"VCID-n18q-v773-hkhx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.38-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/116110?format=json","purl":"pkg:deb/debian/memcached@1.6.42-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.42-1%3Fdistro=trixie"}],"aliases":["CVE-2023-46852"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-s9uj-hzs8-sqgx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/93121?format=json","vulnerability_id":"VCID-tvsg-fq3c-7ub6","summary":"Buffer Overflow vulnerability in authfile.c memcached 1.6.9 allows attackers to cause a denial of service via crafted authenticattion file.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-37519.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-37519.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-37519","reference_id":"","reference_type":"","scores":[{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25638","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25683","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25739","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.2573","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-37519"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37519","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37519"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2167008","reference_id":"2167008","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2167008"},{"reference_url":"https://github.com/memcached/memcached/pull/806/commits/264722ae4e248b453be00e97197dadc685b60fd0","reference_id":"264722ae4e248b453be00e97197dadc685b60fd0","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-26T18:16:10Z/"}],"url":"https://github.com/memcached/memcached/pull/806/commits/264722ae4e248b453be00e97197dadc685b60fd0"},{"reference_url":"https://github.com/memcached/memcached/issues/805","reference_id":"805","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-26T18:16:10Z/"}],"url":"https://github.com/memcached/memcached/issues/805"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/116125?format=json","purl":"pkg:deb/debian/memcached@1.6.10%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.10%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/116107?format=json","purl":"pkg:deb/debian/memcached@1.6.18-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6qez-zqnx-zbgk"},{"vulnerability":"VCID-n18q-v773-hkhx"},{"vulnerability":"VCID-n5nc-37hj-c3ca"},{"vulnerability":"VCID-s9uj-hzs8-sqgx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.18-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/116111?format=json","purl":"pkg:deb/debian/memcached@1.6.38-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6qez-zqnx-zbgk"},{"vulnerability":"VCID-n18q-v773-hkhx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.38-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/116110?format=json","purl":"pkg:deb/debian/memcached@1.6.42-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.42-1%3Fdistro=trixie"}],"aliases":["CVE-2021-37519"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tvsg-fq3c-7ub6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/93114?format=json","vulnerability_id":"VCID-v9vn-ckw2-bucw","summary":"memcached before 1.4.17, when running in verbose mode, allows remote attackers to cause a denial of service (crash) via a request that triggers an \"unbounded key print\" during logging, related to an issue that was \"quickly grepped out of the source tree,\" a different vulnerability than CVE-2013-0179 and CVE-2013-7290.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-7291.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-7291.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-7291","reference_id":"","reference_type":"","scores":[{"value":"0.00207","scoring_system":"epss","scoring_elements":"0.43056","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00207","scoring_system":"epss","scoring_elements":"0.43129","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00207","scoring_system":"epss","scoring_elements":"0.43138","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00207","scoring_system":"epss","scoring_elements":"0.43116","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-7291"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7291","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7291"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1052864","reference_id":"1052864","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1052864"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=735314","reference_id":"735314","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=735314"},{"reference_url":"https://security.gentoo.org/glsa/201406-13","reference_id":"GLSA-201406-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201406-13"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/116117?format=json","purl":"pkg:deb/debian/memcached@1.4.20-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.4.20-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/116109?format=json","purl":"pkg:deb/debian/memcached@1.6.9%2Bdfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-n5nc-37hj-c3ca"},{"vulnerability":"VCID-s9uj-hzs8-sqgx"},{"vulnerability":"VCID-tvsg-fq3c-7ub6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.9%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/116107?format=json","purl":"pkg:deb/debian/memcached@1.6.18-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6qez-zqnx-zbgk"},{"vulnerability":"VCID-n18q-v773-hkhx"},{"vulnerability":"VCID-n5nc-37hj-c3ca"},{"vulnerability":"VCID-s9uj-hzs8-sqgx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.18-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/116111?format=json","purl":"pkg:deb/debian/memcached@1.6.38-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6qez-zqnx-zbgk"},{"vulnerability":"VCID-n18q-v773-hkhx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.38-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/116110?format=json","purl":"pkg:deb/debian/memcached@1.6.42-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.42-1%3Fdistro=trixie"}],"aliases":["CVE-2013-7291"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-v9vn-ckw2-bucw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/93111?format=json","vulnerability_id":"VCID-xsfx-vjd9-puae","summary":"The process_bin_delete function in memcached.c in memcached 1.4.4 and other versions before 1.4.17, when running in verbose mode, allows remote attackers to cause a denial of service (segmentation fault) via a request to delete a key, which does not account for the lack of a null terminator in the key and triggers a buffer over-read when printing to stderr.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0179.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0179.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-0179","reference_id":"","reference_type":"","scores":[{"value":"0.01337","scoring_system":"epss","scoring_elements":"0.80328","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01337","scoring_system":"epss","scoring_elements":"0.80353","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01337","scoring_system":"epss","scoring_elements":"0.80356","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-0179"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0179","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0179"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=698231","reference_id":"698231","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=698231"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=895054","reference_id":"895054","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=895054"},{"reference_url":"https://security.gentoo.org/glsa/201406-13","reference_id":"GLSA-201406-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201406-13"},{"reference_url":"https://usn.ubuntu.com/2080-1/","reference_id":"USN-2080-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2080-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/116116?format=json","purl":"pkg:deb/debian/memcached@1.4.13-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.4.13-0.2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/116109?format=json","purl":"pkg:deb/debian/memcached@1.6.9%2Bdfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-n5nc-37hj-c3ca"},{"vulnerability":"VCID-s9uj-hzs8-sqgx"},{"vulnerability":"VCID-tvsg-fq3c-7ub6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.9%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/116107?format=json","purl":"pkg:deb/debian/memcached@1.6.18-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6qez-zqnx-zbgk"},{"vulnerability":"VCID-n18q-v773-hkhx"},{"vulnerability":"VCID-n5nc-37hj-c3ca"},{"vulnerability":"VCID-s9uj-hzs8-sqgx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.18-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/116111?format=json","purl":"pkg:deb/debian/memcached@1.6.38-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6qez-zqnx-zbgk"},{"vulnerability":"VCID-n18q-v773-hkhx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.38-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/116110?format=json","purl":"pkg:deb/debian/memcached@1.6.42-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.42-1%3Fdistro=trixie"}],"aliases":["CVE-2013-0179"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xsfx-vjd9-puae"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/93109?format=json","vulnerability_id":"VCID-xzzd-ewr8-t3dr","summary":"memcached.c in memcached before 1.4.3 allows remote attackers to cause a denial of service (daemon hang or crash) via a long line that triggers excessive memory allocation.  NOTE: some of these details are obtained from third party information.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1152.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1152.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-1152","reference_id":"","reference_type":"","scores":[{"value":"0.22721","scoring_system":"epss","scoring_elements":"0.95971","published_at":"2026-06-04T12:55:00Z"},{"value":"0.22721","scoring_system":"epss","scoring_elements":"0.95975","published_at":"2026-06-05T12:55:00Z"},{"value":"0.22721","scoring_system":"epss","scoring_elements":"0.95978","published_at":"2026-06-06T12:55:00Z"},{"value":"0.22721","scoring_system":"epss","scoring_elements":"0.95979","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-1152"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1152","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1152"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=579913","reference_id":"579913","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=579913"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=581113","reference_id":"581113","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=581113"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/33850.txt","reference_id":"CVE-2010-1152;OSVDB-63600","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/33850.txt"},{"reference_url":"https://www.securityfocus.com/bid/39577/info","reference_id":"CVE-2010-1152;OSVDB-63600","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/39577/info"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/116113?format=json","purl":"pkg:deb/debian/memcached@1.4.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.4.5-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/116109?format=json","purl":"pkg:deb/debian/memcached@1.6.9%2Bdfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-n5nc-37hj-c3ca"},{"vulnerability":"VCID-s9uj-hzs8-sqgx"},{"vulnerability":"VCID-tvsg-fq3c-7ub6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.9%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/116107?format=json","purl":"pkg:deb/debian/memcached@1.6.18-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6qez-zqnx-zbgk"},{"vulnerability":"VCID-n18q-v773-hkhx"},{"vulnerability":"VCID-n5nc-37hj-c3ca"},{"vulnerability":"VCID-s9uj-hzs8-sqgx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.18-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/116111?format=json","purl":"pkg:deb/debian/memcached@1.6.38-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6qez-zqnx-zbgk"},{"vulnerability":"VCID-n18q-v773-hkhx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.38-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/116110?format=json","purl":"pkg:deb/debian/memcached@1.6.42-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.42-1%3Fdistro=trixie"}],"aliases":["CVE-2010-1152"],"risk_score":0.4,"exploitability":"2.0","weighted_severity":"0.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xzzd-ewr8-t3dr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/93110?format=json","vulnerability_id":"VCID-yqd7-9a4n-pbgb","summary":"Multiple integer signedness errors in the (1) process_bin_sasl_auth, (2) process_bin_complete_sasl_auth, (3) process_bin_update, and (4) process_bin_append_prepend functions in Memcached 1.4.5 and earlier allow remote attackers to cause a denial of service (crash) via a large body length value in a packet.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4971.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4971.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4971","reference_id":"","reference_type":"","scores":[{"value":"0.46068","scoring_system":"epss","scoring_elements":"0.977","published_at":"2026-06-04T12:55:00Z"},{"value":"0.46068","scoring_system":"epss","scoring_elements":"0.97704","published_at":"2026-06-05T12:55:00Z"},{"value":"0.46068","scoring_system":"epss","scoring_elements":"0.97705","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4971"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4971","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4971"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7239","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7239"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"1.8","scoring_system":"cvssv2","scoring_elements":"AV:A/AC:H/Au:N/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=706426","reference_id":"706426","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=706426"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=957964","reference_id":"957964","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=957964"},{"reference_url":"https://security.gentoo.org/glsa/201406-13","reference_id":"GLSA-201406-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201406-13"},{"reference_url":"https://usn.ubuntu.com/2080-1/","reference_id":"USN-2080-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2080-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/116115?format=json","purl":"pkg:deb/debian/memcached@1.4.13-0.3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.4.13-0.3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/116109?format=json","purl":"pkg:deb/debian/memcached@1.6.9%2Bdfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-n5nc-37hj-c3ca"},{"vulnerability":"VCID-s9uj-hzs8-sqgx"},{"vulnerability":"VCID-tvsg-fq3c-7ub6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.9%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/116107?format=json","purl":"pkg:deb/debian/memcached@1.6.18-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6qez-zqnx-zbgk"},{"vulnerability":"VCID-n18q-v773-hkhx"},{"vulnerability":"VCID-n5nc-37hj-c3ca"},{"vulnerability":"VCID-s9uj-hzs8-sqgx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.18-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/116111?format=json","purl":"pkg:deb/debian/memcached@1.6.38-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6qez-zqnx-zbgk"},{"vulnerability":"VCID-n18q-v773-hkhx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.38-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/116110?format=json","purl":"pkg:deb/debian/memcached@1.6.42-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.42-1%3Fdistro=trixie"}],"aliases":["CVE-2011-4971"],"risk_score":1.8,"exploitability":"2.0","weighted_severity":"0.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yqd7-9a4n-pbgb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4781?format=json","vulnerability_id":"VCID-zdtr-q584-d3h4","summary":"arbitrary code execution","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8706.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8706.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8706","reference_id":"","reference_type":"","scores":[{"value":"0.60255","scoring_system":"epss","scoring_elements":"0.98307","published_at":"2026-06-04T12:55:00Z"},{"value":"0.60255","scoring_system":"epss","scoring_elements":"0.98309","published_at":"2026-06-05T12:55:00Z"},{"value":"0.60255","scoring_system":"epss","scoring_elements":"0.9831","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8706"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8704","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8704"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8705","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8705"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8706","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8706"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1390512","reference_id":"1390512","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1390512"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=842814","reference_id":"842814","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=842814"},{"reference_url":"https://security.archlinux.org/ASA-201611-1","reference_id":"ASA-201611-1","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-1"},{"reference_url":"https://security.archlinux.org/AVG-55","reference_id":"AVG-55","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-55"},{"reference_url":"https://security.gentoo.org/glsa/201701-12","reference_id":"GLSA-201701-12","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-12"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2819","reference_id":"RHSA-2016:2819","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2819"},{"reference_url":"https://usn.ubuntu.com/3120-1/","reference_id":"USN-3120-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3120-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/116118?format=json","purl":"pkg:deb/debian/memcached@1.4.33-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.4.33-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/116109?format=json","purl":"pkg:deb/debian/memcached@1.6.9%2Bdfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-n5nc-37hj-c3ca"},{"vulnerability":"VCID-s9uj-hzs8-sqgx"},{"vulnerability":"VCID-tvsg-fq3c-7ub6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.9%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/116107?format=json","purl":"pkg:deb/debian/memcached@1.6.18-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6qez-zqnx-zbgk"},{"vulnerability":"VCID-n18q-v773-hkhx"},{"vulnerability":"VCID-n5nc-37hj-c3ca"},{"vulnerability":"VCID-s9uj-hzs8-sqgx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.18-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/116111?format=json","purl":"pkg:deb/debian/memcached@1.6.38-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6qez-zqnx-zbgk"},{"vulnerability":"VCID-n18q-v773-hkhx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.38-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/116110?format=json","purl":"pkg:deb/debian/memcached@1.6.42-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.42-1%3Fdistro=trixie"}],"aliases":["CVE-2016-8706"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zdtr-q584-d3h4"}],"risk_score":"3.6","resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/memcached@1.6.38-1%3Fdistro=trixie"}