Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An exploitable out-of-bounds array access vulnerability exists in the xrow_header_decode function of Tarantool 1.7.2.0-g8e92715. A specially crafted packet can cause the function to access an element outside the bounds of a global array that is used to determine the type of the specified key's value. This can lead to an out of bounds read within the context of the server. An attacker who exploits this vulnerability can cause a denial of service vulnerability on the server.
CVSS Information
N/A
Vulnerability Type
跨界内存读
Vulnerability Title
Tarantool 安全漏洞
Vulnerability Description
Tarantool是一套使用Lua语言编写的集成了Node.js的网络编程和Redis数据持久性的嵌入式NoSQL数据库管理系统。 Tarantool 1.7.2.0-g8e92715版本中的‘the xrow_header_decode’函数存在越边界数组访问漏洞。攻击者可借助特制的数据包利用该漏洞在服务器的上下文中越边界读取数据,造成拒绝服务。
CVSS Information
N/A
Vulnerability Type
N/A