Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:BIT-MEMCACHED-2023-27478
HistoryMar 06, 2024 - 10:55 a.m.

BIT-memcached-2023-27478

2024-03-0610:55:50
Google
osv.dev
2
libmemcached
memcached
open source
client library
version 1.1.4 addressed

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

EPSS

0.001

Percentile

43.0%

JSON

libmemcached-awesome is an open source C/C++ client library and tools for the memcached server. libmemcached could return data for a previously requested key, if that previous request timed out due to a low POLL_TIMEOUT. This issue has been addressed in version 1.1.4. Users are advised to upgrade. There are several ways to workaround or lower the probability of this bug affecting a given deployment. 1: use a reasonably high POLL_TIMEOUT setting, like the default. 2: use separate libmemcached connections for unrelated data. 3: do not re-use libmemcached connections in an unknown state.

Related

osv 2
veracode 1
nvd 1
debiancve 1
redhatcve 1
nessus 4
altlinux 1
cbl_mariner 2
cve 1
ubuntucve 1
alpinelinux 1
prion 1
cvelist 1
osv
osv
BIT-libmemcached-2023-27478
2024-03-06 10:55:12
CVE-2023-27478
2023-03-07 18:15:09
veracode
veracode
Information Disclosure
2023-03-16 07:22:38
nvd
nvd
CVE-2023-27478
2023-03-07 18:15:09
debiancve
debiancve
CVE-2023-27478
2023-03-07 18:15:09
redhatcve
redhatcve
CVE-2023-27478
2023-03-09 00:15:25
nessus
nessus
Fedora 36 : libmemcached-awesome (2023-7da1639d3f)
2023-03-15 00:00:00
Fedora 38 : libmemcached-awesome (2023-fd848970c4)
2023-03-11 00:00:00
Fedora 37 : libmemcached-awesome (2023-c9bbaadcbf)
2023-03-14 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package libmemcached version 1.1.4-alt1
2023-04-03 00:00:00
cbl_mariner
cbl_mariner
CVE-2023-27478 affecting package libmemcached-awesome for versions less than 1.1.4-1
2024-07-12 23:45:26
CVE-2023-27478 affecting package libmemcached-awesome for versions less than 1.1.4-1
2024-04-17 22:02:46
cve
cve
CVE-2023-27478
2023-03-07 18:15:09
ubuntucve
ubuntucve
CVE-2023-27478
2023-03-07 00:00:00
alpinelinux
alpinelinux
CVE-2023-27478
2023-03-07 18:15:09
prion
prion
Design/Logic Flaw
2023-03-07 18:15:00
cvelist
cvelist
CVE-2023-27478 Disclosure of unrelated data in libmemcached-awesome
2023-03-07 17:55:39

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

EPSS

0.001

Percentile

43.0%

JSON
Related for OSV:BIT-MEMCACHED-2023-27478
osv2veracode1nvd1debiancve1redhatcve1nessus4altlinux1cbl_mariner2cve1ubuntucve1alpinelinux1prion1cvelist1