Описание
In Memcached before 1.6.22, an off-by-one error exists when processing proxy requests in proxy mode, if \n is used instead of \r\n.
An off-by-one error was found in Memcached. This issue occurs when processing proxy requests in proxy mode if \n is used instead of \r\n.
Отчет
Proxy mode in memcached was introduced in 1.6.13, so Red Hat Enterprise Linux is not affected by this CVE.
Меры по смягчению последствий
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | memcached | Not affected | ||
| Red Hat Enterprise Linux 7 | memcached | Not affected | ||
| Red Hat Enterprise Linux 8 | memcached | Not affected | ||
| Red Hat Enterprise Linux 9 | memcached | Not affected |
Показывать по
Дополнительная информация
Статус:
EPSS
9.8 Critical
CVSS3
Связанные уязвимости
In Memcached before 1.6.22, an off-by-one error exists when processing proxy requests in proxy mode, if \n is used instead of \r\n.
In Memcached before 1.6.22, an off-by-one error exists when processing proxy requests in proxy mode, if \n is used instead of \r\n.
In Memcached before 1.6.22, an off-by-one error exists when processing ...
In Memcached before 1.6.22, an off-by-one error exists when processing proxy requests in proxy mode, if \n is used instead of \r\n.
EPSS
9.8 Critical
CVSS3