vulnerability

Debian: CVE-2016-9037: tarantool -- security update

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
8	(AV:N/AC:L/Au:N/C:N/I:N/A:C)	12/23/2016	07/30/2024	04/14/2025

Severity

CVSS

(AV:N/AC:L/Au:N/C:N/I:N/A:C)

Published

12/23/2016

Added

07/30/2024

Modified

04/14/2025

Description

An exploitable out-of-bounds array access vulnerability exists in the xrow_header_decode function of Tarantool 1.7.2.0-g8e92715. A specially crafted packet can cause the function to access an element outside the bounds of a global array that is used to determine the type of the specified key's value. This can lead to an out of bounds read within the context of the server. An attacker who exploits this vulnerability can cause a denial of service vulnerability on the server.

Solution

debian-upgrade-tarantool

References

CVE-2016-9037
https://attackerkb.com/topics/CVE-2016-9037

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today