{"id":"CVE-2022-48571","details":"memcached 1.6.7 allows a Denial of Service via multi-packet uploads in UDP.","aliases":["BIT-memcached-2022-48571"],"modified":"2026-04-11T23:22:42.972545Z","published":"2023-08-22T19:16:32.233Z","references":[{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00004.html"},{"type":"FIX","url":"https://github.com/memcached/memcached/commit/6b319c8c7a29e9c353dec83dc92f01905f6c8966"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/memcached/memcached","events":[{"introduced":"0"},{"last_affected":"ad8dfd265523e027b042aec59055409a22668c64"},{"fixed":"6b319c8c7a29e9c353dec83dc92f01905f6c8966"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"1.6.7"}]}}],"versions":["1.2.0","1.2.1","1.2.2","1.2.3","1.2.4","1.3.2","1.3.3","1.4-rc1","1.4.0","1.4.0-rc1","1.4.1","1.4.1-rc1","1.4.10","1.4.11","1.4.11-beta1","1.4.11-rc1","1.4.12","1.4.13","1.4.14","1.4.15","1.4.16","1.4.17","1.4.18","1.4.19","1.4.2","1.4.2-rc1","1.4.20","1.4.21","1.4.22","1.4.23","1.4.24","1.4.25","1.4.26","1.4.27","1.4.28","1.4.29","1.4.3","1.4.3-rc1","1.4.3-rc2","1.4.30","1.4.31","1.4.32","1.4.33","1.4.34","1.4.35","1.4.36","1.4.37","1.4.38","1.4.39","1.4.4","1.4.5","1.4.6","1.4.6-rc1","1.4.7","1.4.7-rc1","1.4.8","1.4.8-rc1","1.4.9","1.5.0","1.5.1","1.5.10","1.5.11","1.5.12","1.5.13","1.5.14","1.5.15","1.5.16","1.5.17","1.5.18","1.5.19","1.5.2","1.5.20","1.5.21","1.5.22","1.5.3","1.5.4","1.5.5","1.5.6","1.5.7","1.5.8","1.5.9","1.6.0","1.6.1","1.6.2","1.6.3","1.6.4","1.6.5","1.6.6","1.6.7"],"database_specific":{"vanir_signatures_modified":"2026-04-11T23:22:42Z","vanir_signatures":[{"target":{"function":"out_string","file":"memcached.c"},"signature_type":"Function","id":"CVE-2022-48571-5a84bf62","deprecated":false,"digest":{"function_hash":"277595834115750926081168654056959466818","length":743},"signature_version":"v1","source":"https://github.com/memcached/memcached/commit/6b319c8c7a29e9c353dec83dc92f01905f6c8966"},{"target":{"file":"memcached.c"},"signature_type":"Line","id":"CVE-2022-48571-c2a6934f","deprecated":false,"digest":{"line_hashes":["16474155107867817979884601193417341473","304845883741849737249974174878835322495","163116486141553285337800761877515560800","187307495520313252599712949149420848756","157583762118996341008322745022473086232","181568582211640541597876352317543209388","329468026962106054737850338879188633569","311883249388370600519773269147305399811","104214854192785564424340080277292863319","254404948309440207701611086037120258225"],"threshold":0.9},"signature_version":"v1","source":"https://github.com/memcached/memcached/commit/6b319c8c7a29e9c353dec83dc92f01905f6c8966"},{"target":{"function":"try_read_udp","file":"memcached.c"},"signature_type":"Function","id":"CVE-2022-48571-c52df0a3","deprecated":false,"digest":{"function_hash":"305214104561482860577327136158784902875","length":896},"signature_version":"v1","source":"https://github.com/memcached/memcached/commit/6b319c8c7a29e9c353dec83dc92f01905f6c8966"}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-48571.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}