CVE-2020-10931

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2020-10931
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-10931.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2020-10931
Aliases
Downstream
Related
Published
2020-03-24T15:15:12Z
Modified
2025-09-19T11:33:18.010550Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

Memcached 1.6.x before 1.6.2 allows remote attackers to cause a denial of service (daemon crash) via a crafted binary protocol header to tryreadcommand_binary in memcached.c.

References

Affected packages

Git / github.com/memcached/memcached

Affected ranges

Type
GIT
Repo
https://github.com/memcached/memcached
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
02c6a2b62ddcb6fa4569a591d3461a156a636305

Affected versions

1.*

1.2.0
1.2.1
1.2.2
1.2.3
1.2.4
1.2.5
1.2.6
1.3.2
1.3.3
1.4-rc1
1.4.0
1.4.0-rc1
1.4.1
1.4.1-rc1
1.4.10
1.4.11
1.4.11-beta1
1.4.11-rc1
1.4.12
1.4.13
1.4.14
1.4.15
1.4.16
1.4.17
1.4.18
1.4.19
1.4.2
1.4.2-rc1
1.4.20
1.4.21
1.4.22
1.4.23
1.4.24
1.4.25
1.4.26
1.4.27
1.4.28
1.4.29
1.4.3
1.4.3-rc1
1.4.3-rc2
1.4.30
1.4.31
1.4.32
1.4.33
1.4.34
1.4.35
1.4.36
1.4.37
1.4.38
1.4.39
1.4.4
1.4.5
1.4.6
1.4.6-rc1
1.4.7
1.4.7-rc1
1.4.8
1.4.8-rc1
1.4.9
1.5.0
1.5.1
1.5.10
1.5.11
1.5.12
1.5.13
1.5.14
1.5.15
1.5.16
1.5.17
1.5.18
1.5.19
1.5.2
1.5.20
1.5.21
1.5.22
1.5.3
1.5.4
1.5.5
1.5.6
1.5.7
1.5.8
1.5.9
1.6.0
1.6.1

Database specific 

{
    "vanir_signatures": [
        {
            "id": "CVE-2020-10931-18df148d",
            "signature_type": "Line",
            "target": {
                "file": "memcached.c"
            },
            "digest": {
                "line_hashes": [
                    "60729425787205775525629116097709335923",
                    "155528682348179993748654765443873325237",
                    "32507371053848599705866725944711999623",
                    "28161909986594551437781044272282309277",
                    "10891478072836292451615605853983240402"
                ],
                "threshold": 0.9
            },
            "deprecated": false,
            "signature_version": "v1",
            "source": "https://github.com/memcached/memcached/commit/02c6a2b62ddcb6fa4569a591d3461a156a636305"
        },
        {
            "id": "CVE-2020-10931-4c30de66",
            "signature_type": "Function",
            "target": {
                "file": "memcached.c",
                "function": "try_read_command_binary"
            },
            "digest": {
                "function_hash": "286460963442076244618714784430206597643",
                "length": 1982.0
            },
            "deprecated": false,
            "signature_version": "v1",
            "source": "https://github.com/memcached/memcached/commit/02c6a2b62ddcb6fa4569a591d3461a156a636305"
        }
    ]
}