CVE-2023-46853

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2023-46853

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-46853.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2023-46853

Aliases

BIT-memcached-2023-46853

Related

Published

2023-10-27T20:15:09Z

Modified

2024-11-08T19:57:16.087674Z

Severity

9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

In Memcached before 1.6.22, an off-by-one error exists when processing proxy requests in proxy mode, if \n is used instead of \r\n.

References

Affected packages

Debian:11 / memcached

Package

Name: memcached
Purl: pkg:deb/debian/memcached?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

1.*

1.6.9+dfsg-1

1.6.10+dfsg-1

1.6.10+dfsg-2

1.6.12+dfsg-1

1.6.12+dfsg-2

1.6.12+dfsg-3

1.6.12+dfsg-4

1.6.13-1

1.6.14-1

1.6.15-1

1.6.16-1

1.6.17-1

1.6.18-1

1.6.19-1

1.6.21-1

1.6.21-2

1.6.21-3

1.6.22-1

1.6.23-1

1.6.24-1

1.6.26-1

1.6.27-1

1.6.28-1

1.6.29-1

1.6.31-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / memcached

Package

Name: memcached
Purl: pkg:deb/debian/memcached?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

1.*

1.6.18-1

1.6.19-1

1.6.21-1

1.6.21-2

1.6.21-3

1.6.22-1

1.6.23-1

1.6.24-1

1.6.26-1

1.6.27-1

1.6.28-1

1.6.29-1

1.6.31-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / memcached

Package

Name: memcached
Purl: pkg:deb/debian/memcached?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.6.22-1

Affected versions

1.*

1.6.18-1

1.6.19-1

1.6.21-1

1.6.21-2

1.6.21-3

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/memcached/memcached

Affected ranges

Type: GIT
Repo: https://github.com/memcached/memcached
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

6987918e9a3094ec4fc8976f01f769f624d790fa

Affected versions

1.*

1.2.0

1.2.1

1.2.2

1.2.3

1.2.4

1.2.5

1.2.6

1.3.2

1.3.3

1.4-rc1

1.4.0

1.4.0-rc1

1.4.1

1.4.1-rc1

1.4.10

1.4.11

1.4.11-beta1

1.4.11-rc1

1.4.12

1.4.13

1.4.14

1.4.15

1.4.16

1.4.17

1.4.18

1.4.19

1.4.2

1.4.2-rc1

1.4.20

1.4.21

1.4.22

1.4.23

1.4.24

1.4.25

1.4.26

1.4.27

1.4.28

1.4.29

1.4.3

1.4.3-rc1

1.4.3-rc2

1.4.30

1.4.31

1.4.32

1.4.33

1.4.34

1.4.35

1.4.36

1.4.37

1.4.38

1.4.39

1.4.4

1.4.5

1.4.6

1.4.6-rc1

1.4.7

1.4.7-rc1

1.4.8

1.4.8-rc1

1.4.9

1.5.0

1.5.1

1.5.10

1.5.11

1.5.12

1.5.13

1.5.14

1.5.15

1.5.16

1.5.17

1.5.18

1.5.19

1.5.2

1.5.20

1.5.21

1.5.22

1.5.3

1.5.4

1.5.5

1.5.6

1.5.7

1.5.8

1.5.9

1.6.0

1.6.1

1.6.10

1.6.11

1.6.12

1.6.13

1.6.14

1.6.15

1.6.16

1.6.17

1.6.18

1.6.19

1.6.2

1.6.20

1.6.21

1.6.3

1.6.4

1.6.5

1.6.6

1.6.7

1.6.8

1.6.9