{"id":"CVE-2020-13151","details":"Aerospike Community Edition 4.9.0.5 allows for unauthenticated submission and execution of user-defined functions (UDFs), written in Lua, as part of a database query. It attempts to restrict code execution by disabling os.execute() calls, but this is insufficient. Anyone with network access can use a crafted UDF to execute arbitrary OS commands on all nodes of the cluster at the permission level of the user running the Aerospike service.","modified":"2026-04-11T21:19:46.521349Z","published":"2020-08-05T13:15:10.603Z","references":[{"type":"ADVISORY","url":"https://www.aerospike.com/download/server/notes.html#5.1.0.3"},{"type":"ADVISORY","url":"https://www.aerospike.com/enterprise/download/server/notes.html#5.1.0.3"},{"type":"EVIDENCE","url":"https://www.aerospike.com/docs/operations/configure/security/access-control/index.html#create-users-and-assign-roles"},{"type":"EVIDENCE","url":"http://packetstormsecurity.com/files/160106/Aerospike-Database-5.1.0.3-Remote-Command-Execution.html"},{"type":"EVIDENCE","url":"http://packetstormsecurity.com/files/160451/Aerospike-Database-UDF-Lua-Code-Execution.html"},{"type":"EVIDENCE","url":"https://b4ny4n.github.io/network-pentest/2020/08/01/cve-2020-13151-poc-aerospike.html"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/aerospike/aerospike-server","events":[{"introduced":"0"},{"fixed":"e4210e67d2c94be6f5b2f9498e17b8797fd4835c"},{"introduced":"0"},{"fixed":"e85a2f1af8b35ec319ed3c5af3a2688fa745763c"},{"introduced":"0"},{"fixed":"c319c35a6ab5f4c238e47b67067763d1da60d4be"},{"introduced":"5ff5796376618cb0a80ff4aa2a1edcda5af2faae"},{"fixed":"a405a4c9d58c575915dc0c54533579d1232f59ca"},{"introduced":"0"},{"fixed":"aa32a09f487653a2d8896efae526b7a139f7bd1f"},{"introduced":"0"},{"fixed":"7644d13688bb914a384cf8a40da3645085636cd3"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"4.5.3.21"},{"introduced":"4.6.0.1"},{"fixed":"4.6.0.19"},{"introduced":"4.7.0.1"},{"fixed":"4.7.0.17"},{"introduced":"4.8.0.1"},{"fixed":"4.8.0.13"},{"introduced":"4.9.0.1"},{"fixed":"4.9.0.10"},{"introduced":"5.0.0.1"},{"fixed":"5.0.0.7"}]}}],"versions":["4.0.0.1","4.1.0.1","4.2.0.2","4.3.0.2","4.3.1.3","4.3.1.4","4.5.0.1","4.5.1.5","4.5.2.1","4.5.3.10","4.5.3.11","4.5.3.12","4.5.3.13","4.5.3.14","4.5.3.15","4.5.3.16","4.5.3.17","4.5.3.18","4.5.3.19","4.5.3.2","4.5.3.3","4.5.3.4","4.5.3.5","4.5.3.6","4.5.3.7","4.5.3.8","4.6.0.10","4.6.0.11","4.6.0.12","4.6.0.13","4.6.0.14","4.6.0.15","4.6.0.16","4.6.0.17","4.6.0.2","4.6.0.4","4.6.0.5","4.6.0.6","4.6.0.8","4.6.0.9","4.7.0.10","4.7.0.11","4.7.0.12","4.7.0.13","4.7.0.14","4.7.0.15","4.7.0.2","4.7.0.3","4.7.0.5","4.7.0.6","4.7.0.7","4.7.0.8","4.7.0.9","4.8.0.1","4.8.0.10","4.8.0.11","4.8.0.2","4.8.0.3","4.8.0.4","4.8.0.5","4.8.0.6","4.8.0.8","4.8.0.9","4.9.0.3","4.9.0.4","4.9.0.5","4.9.0.6","4.9.0.7","4.9.0.8","5.0.0.3","5.0.0.4"],"database_specific":{"vanir_signatures":[{"signature_version":"v1","signature_type":"Line","source":"https://github.com/aerospike/aerospike-server/commit/7644d13688bb914a384cf8a40da3645085636cd3","target":{"file":"as/include/base/cfg.h"},"deprecated":false,"id":"CVE-2020-13151-011fc4c5","digest":{"line_hashes":["16309535103818816350504484165634871036","81800544256711248927896954049406762257","135909975338816035559192205993035481086","20445908659062039961573390301228317867"],"threshold":0.9}},{"signature_version":"v1","signature_type":"Function","source":"https://github.com/aerospike/aerospike-server/commit/a405a4c9d58c575915dc0c54533579d1232f59ca","target":{"file":"as/src/transaction/udf.c","function":"as_udf_start"},"deprecated":false,"id":"CVE-2020-13151-01ecc7d3","digest":{"length":1668,"function_hash":"253069122332726189558927990907365248194"}},{"signature_version":"v1","signature_type":"Line","source":"https://github.com/aerospike/aerospike-server/commit/7644d13688bb914a384cf8a40da3645085636cd3","target":{"file":"as/src/base/cfg.c"},"deprecated":false,"id":"CVE-2020-13151-05db2bb2","digest":{"line_hashes":["25942185911634172447238326887291527996","1477435531273057602445699680992589029","181914347299822761217859966398788635071","131624337039994582697007806322107348911","241597818448432463403821441072162140027","97461144157333987989817049799365326745","175708484054767710553715442563999375985","37041331014437929244966699628923149522","63475408585334497776685577515380679055","249863319065901377195001093492397106626","150669539495625935520436296182608283122","321628611344522217419685275480470658167"],"threshold":0.9}},{"signature_version":"v1","signature_type":"Function","source":"https://github.com/aerospike/aerospike-server/commit/e4210e67d2c94be6f5b2f9498e17b8797fd4835c","target":{"file":"as/src/transaction/udf.c","function":"as_udf_start"},"deprecated":false,"id":"CVE-2020-13151-06c296b1","digest":{"length":1668,"function_hash":"253069122332726189558927990907365248194"}},{"signature_version":"v1","signature_type":"Line","source":"https://github.com/aerospike/aerospike-server/commit/e4210e67d2c94be6f5b2f9498e17b8797fd4835c","target":{"file":"as/src/base/scan.c"},"deprecated":false,"id":"CVE-2020-13151-09bf2f13","digest":{"line_hashes":["22455773842526794301408086656321645039","32152795425802279178797476957557087500","190363507864186738405983512308360773499","113879003478519394298522289954776836877","38595729889410439204960564027621299366","120036468284798154917617929109422241060","16161199656749405725211745748870052738","99449098510128306637886267816956741926"],"threshold":0.9}},{"signature_version":"v1","signature_type":"Function","source":"https://github.com/aerospike/aerospike-server/commit/aa32a09f487653a2d8896efae526b7a139f7bd1f","target":{"file":"as/src/transaction/udf.c","function":"as_udf_start"},"deprecated":false,"id":"CVE-2020-13151-0accc7ff","digest":{"length":1668,"function_hash":"205589459115979329551578286112813538494"}},{"signature_version":"v1","signature_type":"Line","source":"https://github.com/aerospike/aerospike-server/commit/aa32a09f487653a2d8896efae526b7a139f7bd1f","target":{"file":"as/src/transaction/udf.c"},"deprecated":false,"id":"CVE-2020-13151-0c473b89","digest":{"line_hashes":["125860499790665322865240437054719844180","11716189888806726652307737457102325412","285391960485756240834853007887752036363"],"threshold":0.9}},{"signature_version":"v1","signature_type":"Function","source":"https://github.com/aerospike/aerospike-server/commit/a405a4c9d58c575915dc0c54533579d1232f59ca","target":{"file":"as/src/base/thr_query.c","function":"query_setup"},"deprecated":false,"id":"CVE-2020-13151-15cd04c9","digest":{"length":4427,"function_hash":"268472943276855646094816467361463894434"}},{"signature_version":"v1","signature_type":"Function","source":"https://github.com/aerospike/aerospike-server/commit/e85a2f1af8b35ec319ed3c5af3a2688fa745763c","target":{"file":"as/src/base/thr_info.c","function":"info_service_config_get"},"deprecated":false,"id":"CVE-2020-13151-18fd2409","digest":{"length":4986,"function_hash":"5515098107810273683739317998372783138"}},{"signature_version":"v1","signature_type":"Line","source":"https://github.com/aerospike/aerospike-server/commit/c319c35a6ab5f4c238e47b67067763d1da60d4be","target":{"file":"as/src/transaction/udf.c"},"deprecated":false,"id":"CVE-2020-13151-1cd26b8f","digest":{"line_hashes":["125860499790665322865240437054719844180","11716189888806726652307737457102325412","285391960485756240834853007887752036363"],"threshold":0.9}},{"signature_version":"v1","signature_type":"Function","source":"https://github.com/aerospike/aerospike-server/commit/c319c35a6ab5f4c238e47b67067763d1da60d4be","target":{"file":"as/src/base/thr_query.c","function":"query_setup"},"deprecated":false,"id":"CVE-2020-13151-1fee0205","digest":{"length":4280,"function_hash":"63958386031904812899489883213729853788"}},{"signature_version":"v1","signature_type":"Function","source":"https://github.com/aerospike/aerospike-server/commit/a405a4c9d58c575915dc0c54533579d1232f59ca","target":{"file":"as/src/base/thr_info.c","function":"info_service_config_get"},"deprecated":false,"id":"CVE-2020-13151-21b1ab13","digest":{"length":4579,"function_hash":"85685151850321742800093729930493163462"}},{"signature_version":"v1","signature_type":"Function","source":"https://github.com/aerospike/aerospike-server/commit/7644d13688bb914a384cf8a40da3645085636cd3","target":{"file":"as/src/transaction/udf.c","function":"as_udf_start"},"deprecated":false,"id":"CVE-2020-13151-2bc7fa78","digest":{"length":1661,"function_hash":"113495018380845564634491879805548405890"}},{"signature_version":"v1","signature_type":"Line","source":"https://github.com/aerospike/aerospike-server/commit/c319c35a6ab5f4c238e47b67067763d1da60d4be","target":{"file":"as/src/base/scan.c"},"deprecated":false,"id":"CVE-2020-13151-306b96d3","digest":{"line_hashes":["22455773842526794301408086656321645039","32152795425802279178797476957557087500","289151374546365499671025595600894398360","255888360587267468722038333817381515123","323208125837595779656097045759081611258","120036468284798154917617929109422241060","303493842194483594015861277630012193142","322861807103644304250335647768942796996"],"threshold":0.9}},{"signature_version":"v1","signature_type":"Line","source":"https://github.com/aerospike/aerospike-server/commit/7644d13688bb914a384cf8a40da3645085636cd3","target":{"file":"as/src/base/thr_info.c"},"deprecated":false,"id":"CVE-2020-13151-35275485","digest":{"line_hashes":["108187628289546976834131186113918648600","137104148772872335419988200823951136561","117992999809389175407942819560427411760"],"threshold":0.9}},{"signature_version":"v1","signature_type":"Line","source":"https://github.com/aerospike/aerospike-server/commit/aa32a09f487653a2d8896efae526b7a139f7bd1f","target":{"file":"as/src/base/scan.c"},"deprecated":false,"id":"CVE-2020-13151-38600c59","digest":{"line_hashes":["139730653498664903263244419740208562262","75603404603888313638893169485695106848","183734595356678319438395533427123294679","209388339382065594441813613585425931651","196897536435032192371936732098516427750","167782733062792646618395141056849388612","110293704982319793128628380811150367204","209388339382065594441813613585425931651"],"threshold":0.9}},{"signature_version":"v1","signature_type":"Line","source":"https://github.com/aerospike/aerospike-server/commit/e4210e67d2c94be6f5b2f9498e17b8797fd4835c","target":{"file":"as/include/base/cfg.h"},"deprecated":false,"id":"CVE-2020-13151-3fd1cd46","digest":{"line_hashes":["302712324662938608444569796492902662847","68411424231617555068310505404723177492","120742944432993997381765801673393243718","197909576909143298330802518677942444028"],"threshold":0.9}},{"signature_version":"v1","signature_type":"Line","source":"https://github.com/aerospike/aerospike-server/commit/e85a2f1af8b35ec319ed3c5af3a2688fa745763c","target":{"file":"as/include/base/cfg.h"},"deprecated":false,"id":"CVE-2020-13151-50b2cc16","digest":{"line_hashes":["302712324662938608444569796492902662847","68411424231617555068310505404723177492","120742944432993997381765801673393243718","197909576909143298330802518677942444028"],"threshold":0.9}},{"signature_version":"v1","signature_type":"Line","source":"https://github.com/aerospike/aerospike-server/commit/a405a4c9d58c575915dc0c54533579d1232f59ca","target":{"file":"as/src/base/thr_info.c"},"deprecated":false,"id":"CVE-2020-13151-51f44951","digest":{"line_hashes":["108187628289546976834131186113918648600","137104148772872335419988200823951136561","117992999809389175407942819560427411760"],"threshold":0.9}},{"signature_version":"v1","signature_type":"Function","source":"https://github.com/aerospike/aerospike-server/commit/c319c35a6ab5f4c238e47b67067763d1da60d4be","target":{"file":"as/src/base/scan.c","function":"udf_bg_scan_job_start"},"deprecated":false,"id":"CVE-2020-13151-567c490e","digest":{"length":2019,"function_hash":"306990981372298723724139617543608747863"}},{"signature_version":"v1","signature_type":"Line","source":"https://github.com/aerospike/aerospike-server/commit/e85a2f1af8b35ec319ed3c5af3a2688fa745763c","target":{"file":"as/src/base/scan.c"},"deprecated":false,"id":"CVE-2020-13151-58ae4cb8","digest":{"line_hashes":["22455773842526794301408086656321645039","32152795425802279178797476957557087500","190363507864186738405983512308360773499","113879003478519394298522289954776836877","38595729889410439204960564027621299366","120036468284798154917617929109422241060","16161199656749405725211745748870052738","99449098510128306637886267816956741926"],"threshold":0.9}},{"signature_version":"v1","signature_type":"Function","source":"https://github.com/aerospike/aerospike-server/commit/e85a2f1af8b35ec319ed3c5af3a2688fa745763c","target":{"file":"as/src/transaction/udf.c","function":"as_udf_start"},"deprecated":false,"id":"CVE-2020-13151-5b7c297c","digest":{"length":1668,"function_hash":"253069122332726189558927990907365248194"}},{"signature_version":"v1","signature_type":"Function","source":"https://github.com/aerospike/aerospike-server/commit/e4210e67d2c94be6f5b2f9498e17b8797fd4835c","target":{"file":"as/src/base/scan.c","function":"aggr_scan_job_start"},"deprecated":false,"id":"CVE-2020-13151-5d11efcf","digest":{"length":1405,"function_hash":"256745808512523035197614737787460322694"}},{"signature_version":"v1","signature_type":"Line","source":"https://github.com/aerospike/aerospike-server/commit/a405a4c9d58c575915dc0c54533579d1232f59ca","target":{"file":"as/src/transaction/udf.c"},"deprecated":false,"id":"CVE-2020-13151-5d884f05","digest":{"line_hashes":["125860499790665322865240437054719844180","11716189888806726652307737457102325412","285391960485756240834853007887752036363"],"threshold":0.9}},{"signature_version":"v1","signature_type":"Function","source":"https://github.com/aerospike/aerospike-server/commit/7644d13688bb914a384cf8a40da3645085636cd3","target":{"file":"as/src/base/scan.c","function":"aggr_scan_job_start"},"deprecated":false,"id":"CVE-2020-13151-5f340306","digest":{"length":1558,"function_hash":"303687870144325292057195553574033606765"}},{"signature_version":"v1","signature_type":"Function","source":"https://github.com/aerospike/aerospike-server/commit/aa32a09f487653a2d8896efae526b7a139f7bd1f","target":{"file":"as/src/base/scan.c","function":"aggr_scan_job_start"},"deprecated":false,"id":"CVE-2020-13151-6181f046","digest":{"length":1558,"function_hash":"303687870144325292057195553574033606765"}},{"signature_version":"v1","signature_type":"Function","source":"https://github.com/aerospike/aerospike-server/commit/c319c35a6ab5f4c238e47b67067763d1da60d4be","target":{"file":"as/src/base/thr_info.c","function":"info_service_config_get"},"deprecated":false,"id":"CVE-2020-13151-688d3e70","digest":{"length":4662,"function_hash":"193772871589056546767664050796495696733"}},{"signature_version":"v1","signature_type":"Function","source":"https://github.com/aerospike/aerospike-server/commit/e4210e67d2c94be6f5b2f9498e17b8797fd4835c","target":{"file":"as/src/base/scan.c","function":"udf_bg_scan_job_start"},"deprecated":false,"id":"CVE-2020-13151-69152bf1","digest":{"length":1656,"function_hash":"216376558925352772928195571336271450765"}},{"signature_version":"v1","signature_type":"Line","source":"https://github.com/aerospike/aerospike-server/commit/c319c35a6ab5f4c238e47b67067763d1da60d4be","target":{"file":"as/include/base/cfg.h"},"deprecated":false,"id":"CVE-2020-13151-7743b860","digest":{"line_hashes":["302712324662938608444569796492902662847","68411424231617555068310505404723177492","120742944432993997381765801673393243718","197909576909143298330802518677942444028"],"threshold":0.9}},{"signature_version":"v1","signature_type":"Line","source":"https://github.com/aerospike/aerospike-server/commit/e85a2f1af8b35ec319ed3c5af3a2688fa745763c","target":{"file":"as/src/base/cfg.c"},"deprecated":false,"id":"CVE-2020-13151-78f981c1","digest":{"line_hashes":["305367625443653845201617492302973192013","238890599193137203576715272047567039955","263177662685905238961609455846799239502","172727168274454922042447287538045697595","205398025090446508955888561867648111045","108196368298692426613648564652569063490","206381664794011138987489996392002646936","200937906415398502217918704285151142664","63475408585334497776685577515380679055","249863319065901377195001093492397106626","150669539495625935520436296182608283122","321628611344522217419685275480470658167"],"threshold":0.9}},{"signature_version":"v1","signature_type":"Line","source":"https://github.com/aerospike/aerospike-server/commit/e85a2f1af8b35ec319ed3c5af3a2688fa745763c","target":{"file":"as/src/transaction/udf.c"},"deprecated":false,"id":"CVE-2020-13151-7b2c78d9","digest":{"line_hashes":["125860499790665322865240437054719844180","11716189888806726652307737457102325412","285391960485756240834853007887752036363"],"threshold":0.9}},{"signature_version":"v1","signature_type":"Function","source":"https://github.com/aerospike/aerospike-server/commit/a405a4c9d58c575915dc0c54533579d1232f59ca","target":{"file":"as/src/base/scan.c","function":"aggr_scan_job_start"},"deprecated":false,"id":"CVE-2020-13151-7da4562c","digest":{"length":1447,"function_hash":"146137524387730008359888399056582656334"}},{"signature_version":"v1","signature_type":"Function","source":"https://github.com/aerospike/aerospike-server/commit/e4210e67d2c94be6f5b2f9498e17b8797fd4835c","target":{"file":"as/src/base/thr_info.c","function":"info_service_config_get"},"deprecated":false,"id":"CVE-2020-13151-7dc86d13","digest":{"length":4910,"function_hash":"334180542315967797211392931713379452366"}},{"signature_version":"v1","signature_type":"Function","source":"https://github.com/aerospike/aerospike-server/commit/7644d13688bb914a384cf8a40da3645085636cd3","target":{"file":"as/src/base/thr_query.c","function":"query_setup"},"deprecated":false,"id":"CVE-2020-13151-8b0d7f50","digest":{"length":4427,"function_hash":"268472943276855646094816467361463894434"}},{"signature_version":"v1","signature_type":"Line","source":"https://github.com/aerospike/aerospike-server/commit/e85a2f1af8b35ec319ed3c5af3a2688fa745763c","target":{"file":"as/src/base/thr_info.c"},"deprecated":false,"id":"CVE-2020-13151-8deb3edd","digest":{"line_hashes":["108187628289546976834131186113918648600","327684205307337753576239131026258342649","242435643169527584760216303567031417658"],"threshold":0.9}},{"signature_version":"v1","signature_type":"Line","source":"https://github.com/aerospike/aerospike-server/commit/a405a4c9d58c575915dc0c54533579d1232f59ca","target":{"file":"as/src/base/cfg.c"},"deprecated":false,"id":"CVE-2020-13151-8fbb04ae","digest":{"line_hashes":["305367625443653845201617492302973192013","238890599193137203576715272047567039955","322978056222375322472008144797923118005","131624337039994582697007806322107348911","205398025090446508955888561867648111045","108196368298692426613648564652569063490","141953949289052959843095180590267767973","37041331014437929244966699628923149522","63475408585334497776685577515380679055","249863319065901377195001093492397106626","150669539495625935520436296182608283122","321628611344522217419685275480470658167"],"threshold":0.9}},{"signature_version":"v1","signature_type":"Function","source":"https://github.com/aerospike/aerospike-server/commit/7644d13688bb914a384cf8a40da3645085636cd3","target":{"file":"as/src/base/thr_info.c","function":"info_service_config_get"},"deprecated":false,"id":"CVE-2020-13151-9434daa6","digest":{"length":4639,"function_hash":"86824557772351290095264227778658030966"}},{"signature_version":"v1","signature_type":"Line","source":"https://github.com/aerospike/aerospike-server/commit/c319c35a6ab5f4c238e47b67067763d1da60d4be","target":{"file":"as/src/base/thr_info.c"},"deprecated":false,"id":"CVE-2020-13151-9435b438","digest":{"line_hashes":["108187628289546976834131186113918648600","327684205307337753576239131026258342649","242435643169527584760216303567031417658"],"threshold":0.9}},{"signature_version":"v1","signature_type":"Function","source":"https://github.com/aerospike/aerospike-server/commit/aa32a09f487653a2d8896efae526b7a139f7bd1f","target":{"file":"as/src/base/scan.c","function":"udf_bg_scan_job_start"},"deprecated":false,"id":"CVE-2020-13151-95677490","digest":{"length":2111,"function_hash":"25517905833220644488439473508483898741"}},{"signature_version":"v1","signature_type":"Line","source":"https://github.com/aerospike/aerospike-server/commit/aa32a09f487653a2d8896efae526b7a139f7bd1f","target":{"file":"as/src/base/thr_info.c"},"deprecated":false,"id":"CVE-2020-13151-97082110","digest":{"line_hashes":["108187628289546976834131186113918648600","137104148772872335419988200823951136561","117992999809389175407942819560427411760"],"threshold":0.9}},{"signature_version":"v1","signature_type":"Function","source":"https://github.com/aerospike/aerospike-server/commit/aa32a09f487653a2d8896efae526b7a139f7bd1f","target":{"file":"as/src/base/cfg.c","function":"as_config_init"},"deprecated":false,"id":"CVE-2020-13151-97ac1dca","digest":{"length":60363,"function_hash":"280589817827447669638848956909057446268"}},{"signature_version":"v1","signature_type":"Function","source":"https://github.com/aerospike/aerospike-server/commit/e4210e67d2c94be6f5b2f9498e17b8797fd4835c","target":{"file":"as/src/base/thr_query.c","function":"query_setup"},"deprecated":false,"id":"CVE-2020-13151-9a916b9c","digest":{"length":4051,"function_hash":"334023043858363065219995347439481972610"}},{"signature_version":"v1","signature_type":"Line","source":"https://github.com/aerospike/aerospike-server/commit/aa32a09f487653a2d8896efae526b7a139f7bd1f","target":{"file":"as/src/base/cfg.c"},"deprecated":false,"id":"CVE-2020-13151-9b4b0565","digest":{"line_hashes":["25942185911634172447238326887291527996","1477435531273057602445699680992589029","181914347299822761217859966398788635071","131624337039994582697007806322107348911","241597818448432463403821441072162140027","97461144157333987989817049799365326745","175708484054767710553715442563999375985","37041331014437929244966699628923149522","63475408585334497776685577515380679055","249863319065901377195001093492397106626","150669539495625935520436296182608283122","321628611344522217419685275480470658167"],"threshold":0.9}},{"signature_version":"v1","signature_type":"Line","source":"https://github.com/aerospike/aerospike-server/commit/7644d13688bb914a384cf8a40da3645085636cd3","target":{"file":"as/src/base/scan.c"},"deprecated":false,"id":"CVE-2020-13151-9e4a71ff","digest":{"line_hashes":["139730653498664903263244419740208562262","75603404603888313638893169485695106848","183734595356678319438395533427123294679","209388339382065594441813613585425931651","196897536435032192371936732098516427750","167782733062792646618395141056849388612","110293704982319793128628380811150367204","209388339382065594441813613585425931651"],"threshold":0.9}},{"signature_version":"v1","signature_type":"Function","source":"https://github.com/aerospike/aerospike-server/commit/aa32a09f487653a2d8896efae526b7a139f7bd1f","target":{"file":"as/src/base/thr_info.c","function":"info_service_config_get"},"deprecated":false,"id":"CVE-2020-13151-9eb4b8d1","digest":{"length":4639,"function_hash":"86824557772351290095264227778658030966"}},{"signature_version":"v1","signature_type":"Function","source":"https://github.com/aerospike/aerospike-server/commit/e85a2f1af8b35ec319ed3c5af3a2688fa745763c","target":{"file":"as/src/base/thr_query.c","function":"query_setup"},"deprecated":false,"id":"CVE-2020-13151-9f0c27f2","digest":{"length":4051,"function_hash":"334023043858363065219995347439481972610"}},{"signature_version":"v1","signature_type":"Function","source":"https://github.com/aerospike/aerospike-server/commit/7644d13688bb914a384cf8a40da3645085636cd3","target":{"file":"as/src/base/scan.c","function":"udf_bg_scan_job_start"},"deprecated":false,"id":"CVE-2020-13151-a64ca046","digest":{"length":2111,"function_hash":"25517905833220644488439473508483898741"}},{"signature_version":"v1","signature_type":"Function","source":"https://github.com/aerospike/aerospike-server/commit/e85a2f1af8b35ec319ed3c5af3a2688fa745763c","target":{"file":"as/src/base/scan.c","function":"udf_bg_scan_job_start"},"deprecated":false,"id":"CVE-2020-13151-a8660d8e","digest":{"length":1656,"function_hash":"216376558925352772928195571336271450765"}},{"signature_version":"v1","signature_type":"Line","source":"https://github.com/aerospike/aerospike-server/commit/e4210e67d2c94be6f5b2f9498e17b8797fd4835c","target":{"file":"as/src/base/cfg.c"},"deprecated":false,"id":"CVE-2020-13151-a8dd01db","digest":{"line_hashes":["305367625443653845201617492302973192013","238890599193137203576715272047567039955","263177662685905238961609455846799239502","172727168274454922042447287538045697595","205398025090446508955888561867648111045","108196368298692426613648564652569063490","206381664794011138987489996392002646936","200937906415398502217918704285151142664","63475408585334497776685577515380679055","249863319065901377195001093492397106626","150669539495625935520436296182608283122","321628611344522217419685275480470658167"],"threshold":0.9}},{"signature_version":"v1","signature_type":"Function","source":"https://github.com/aerospike/aerospike-server/commit/aa32a09f487653a2d8896efae526b7a139f7bd1f","target":{"file":"as/src/base/thr_query.c","function":"query_setup"},"deprecated":false,"id":"CVE-2020-13151-ab250988","digest":{"length":4427,"function_hash":"268472943276855646094816467361463894434"}},{"signature_version":"v1","signature_type":"Line","source":"https://github.com/aerospike/aerospike-server/commit/a405a4c9d58c575915dc0c54533579d1232f59ca","target":{"file":"as/src/base/scan.c"},"deprecated":false,"id":"CVE-2020-13151-bc73fca6","digest":{"line_hashes":["22455773842526794301408086656321645039","32152795425802279178797476957557087500","289151374546365499671025595600894398360","255888360587267468722038333817381515123","323208125837595779656097045759081611258","120036468284798154917617929109422241060","303493842194483594015861277630012193142","322861807103644304250335647768942796996"],"threshold":0.9}},{"signature_version":"v1","signature_type":"Function","source":"https://github.com/aerospike/aerospike-server/commit/c319c35a6ab5f4c238e47b67067763d1da60d4be","target":{"file":"as/src/base/cfg.c","function":"as_config_init"},"deprecated":false,"id":"CVE-2020-13151-be4251f0","digest":{"length":55822,"function_hash":"110524032278449093480136899808728222597"}},{"signature_version":"v1","signature_type":"Function","source":"https://github.com/aerospike/aerospike-server/commit/a405a4c9d58c575915dc0c54533579d1232f59ca","target":{"file":"as/src/base/cfg.c","function":"as_config_init"},"deprecated":false,"id":"CVE-2020-13151-c3ea3ea2","digest":{"length":60686,"function_hash":"272524313590781866239090095101513388375"}},{"signature_version":"v1","signature_type":"Line","source":"https://github.com/aerospike/aerospike-server/commit/e4210e67d2c94be6f5b2f9498e17b8797fd4835c","target":{"file":"as/src/transaction/udf.c"},"deprecated":false,"id":"CVE-2020-13151-cd14ed94","digest":{"line_hashes":["125860499790665322865240437054719844180","11716189888806726652307737457102325412","285391960485756240834853007887752036363"],"threshold":0.9}},{"signature_version":"v1","signature_type":"Line","source":"https://github.com/aerospike/aerospike-server/commit/c319c35a6ab5f4c238e47b67067763d1da60d4be","target":{"file":"as/src/base/cfg.c"},"deprecated":false,"id":"CVE-2020-13151-cf37e564","digest":{"line_hashes":["305367625443653845201617492302973192013","238890599193137203576715272047567039955","263177662685905238961609455846799239502","172727168274454922042447287538045697595","205398025090446508955888561867648111045","108196368298692426613648564652569063490","206381664794011138987489996392002646936","200937906415398502217918704285151142664","63475408585334497776685577515380679055","249863319065901377195001093492397106626","150669539495625935520436296182608283122","321628611344522217419685275480470658167"],"threshold":0.9}},{"signature_version":"v1","signature_type":"Line","source":"https://github.com/aerospike/aerospike-server/commit/e4210e67d2c94be6f5b2f9498e17b8797fd4835c","target":{"file":"as/src/base/thr_info.c"},"deprecated":false,"id":"CVE-2020-13151-d1bc66a3","digest":{"line_hashes":["108187628289546976834131186113918648600","327684205307337753576239131026258342649","242435643169527584760216303567031417658"],"threshold":0.9}},{"signature_version":"v1","signature_type":"Function","source":"https://github.com/aerospike/aerospike-server/commit/e85a2f1af8b35ec319ed3c5af3a2688fa745763c","target":{"file":"as/src/base/scan.c","function":"aggr_scan_job_start"},"deprecated":false,"id":"CVE-2020-13151-d3a432fe","digest":{"length":1405,"function_hash":"256745808512523035197614737787460322694"}},{"signature_version":"v1","signature_type":"Line","source":"https://github.com/aerospike/aerospike-server/commit/a405a4c9d58c575915dc0c54533579d1232f59ca","target":{"file":"as/include/base/cfg.h"},"deprecated":false,"id":"CVE-2020-13151-dfc00f56","digest":{"line_hashes":["302712324662938608444569796492902662847","68411424231617555068310505404723177492","135909975338816035559192205993035481086","20445908659062039961573390301228317867"],"threshold":0.9}},{"signature_version":"v1","signature_type":"Line","source":"https://github.com/aerospike/aerospike-server/commit/aa32a09f487653a2d8896efae526b7a139f7bd1f","target":{"file":"as/include/base/cfg.h"},"deprecated":false,"id":"CVE-2020-13151-e1b21bbb","digest":{"line_hashes":["16309535103818816350504484165634871036","81800544256711248927896954049406762257","135909975338816035559192205993035481086","20445908659062039961573390301228317867"],"threshold":0.9}},{"signature_version":"v1","signature_type":"Function","source":"https://github.com/aerospike/aerospike-server/commit/e4210e67d2c94be6f5b2f9498e17b8797fd4835c","target":{"file":"as/src/base/cfg.c","function":"as_config_init"},"deprecated":false,"id":"CVE-2020-13151-e23d8d10","digest":{"length":54577,"function_hash":"25541062654460354938152704273599980560"}},{"signature_version":"v1","signature_type":"Function","source":"https://github.com/aerospike/aerospike-server/commit/a405a4c9d58c575915dc0c54533579d1232f59ca","target":{"file":"as/src/base/scan.c","function":"udf_bg_scan_job_start"},"deprecated":false,"id":"CVE-2020-13151-e770207a","digest":{"length":2019,"function_hash":"306990981372298723724139617543608747863"}},{"signature_version":"v1","signature_type":"Function","source":"https://github.com/aerospike/aerospike-server/commit/c319c35a6ab5f4c238e47b67067763d1da60d4be","target":{"file":"as/src/base/scan.c","function":"aggr_scan_job_start"},"deprecated":false,"id":"CVE-2020-13151-f3a68772","digest":{"length":1426,"function_hash":"135288349546446308839165295636798917496"}},{"signature_version":"v1","signature_type":"Function","source":"https://github.com/aerospike/aerospike-server/commit/c319c35a6ab5f4c238e47b67067763d1da60d4be","target":{"file":"as/src/transaction/udf.c","function":"as_udf_start"},"deprecated":false,"id":"CVE-2020-13151-f5383ccd","digest":{"length":1668,"function_hash":"253069122332726189558927990907365248194"}},{"signature_version":"v1","signature_type":"Line","source":"https://github.com/aerospike/aerospike-server/commit/7644d13688bb914a384cf8a40da3645085636cd3","target":{"file":"as/src/transaction/udf.c"},"deprecated":false,"id":"CVE-2020-13151-f95ddb3e","digest":{"line_hashes":["125860499790665322865240437054719844180","175475700359499703077811768675489818833","254148762294915826472744441527602671896"],"threshold":0.9}},{"signature_version":"v1","signature_type":"Function","source":"https://github.com/aerospike/aerospike-server/commit/e85a2f1af8b35ec319ed3c5af3a2688fa745763c","target":{"file":"as/src/base/cfg.c","function":"as_config_init"},"deprecated":false,"id":"CVE-2020-13151-f9c5204c","digest":{"length":54781,"function_hash":"52016253741416336695835208452959757353"}},{"signature_version":"v1","signature_type":"Function","source":"https://github.com/aerospike/aerospike-server/commit/7644d13688bb914a384cf8a40da3645085636cd3","target":{"file":"as/src/base/cfg.c","function":"as_config_init"},"deprecated":false,"id":"CVE-2020-13151-fc9e3264","digest":{"length":54237,"function_hash":"165308238752324936907799084897764850270"}}],"vanir_signatures_modified":"2026-04-11T21:19:46Z","source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-13151.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}