Mcrouter prior to v0.41.0 Uncontrolled Resource Consumption Vulnerability


Mcrouter prior to v0.41.0 suffers from uncontrolled resource consumption vulnerability.


The information has been provided by Vendor

The original article can be found at:


In Mcrouter prior to v0.41.0, the deprecated ASCII parser would allocate a buffer to a user-specified length with no maximum length enforced, allowing for resource exhaustion or denial of service.


Vulnerable Systems:

Mcrouter prior to v0.41.0


CVE Information:



Disclosure Timeline:
Published Date:12/4/2019

Categories: News