CVE-2022-26635

Updated: 2024-11-30 03:58:48.138113

Description:

PHP-Memcached v2.2.0 and below contains an improper NULL termination which allows attackers to execute CLRF injection. Note: Third parties have disputed this as not affecting PHP-Memcached directly.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x HIGH 7.5
CVSS Version 3.x CRITICAL 9.8

Status

OS name Project name Version Score Severity Status Errata Last updated

Statement

Ubuntu 16.04 ELS memcached 1.4.25-2 9.8 CRITICAL Not Vulnerable 2022-04-20 16:02:55
Ubuntu 18.04 ELS memcached 1.5.6-0 9.8 CRITICAL Not Vulnerable 2023-05-30 14:06:05