Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An exploitable incorrect return value vulnerability exists in the mp_check function of Tarantool's Msgpuck library 1.0.3. A specially crafted packet can cause the mp_check function to incorrectly return success when trying to check if decoding a map16 packet will read outside the bounds of a buffer, resulting in a denial of service vulnerability.
CVSS Information
N/A
Vulnerability Type
跨界内存读
Vulnerability Title
Tarantool Msgpuck 安全漏洞
Vulnerability Description
Tarantool是一套使用Lua语言编写的集成了Node.js的网络编程和Redis数据持久性的嵌入式NoSQL数据库管理系统。Tarantool Msgpuck是其中的一个二进制序列化库。 Tarantool Msgpuck库1.0.3版本中的‘mp_check’函数存在安全漏洞,该漏洞源于程序没有正确处理返回值。攻击者可借助特制的数据包利用该漏洞造成拒绝服务。
CVSS Information
N/A
Vulnerability Type
N/A