Ondrejcech

**Name of the Vulnerable Software and Affected Versions** libmemcached-awesome versions prior to 1.1.4 **Description** The issue is related to insufficient protection of service data when handling the `POLL TIMEOUT` parameter, which could allow a remote attacker to gain unauthorized access to protected information. The problem occurs when `libmemcached` returns data for a previously requested key if the previous request timed out due to a low `POLL TIMEOUT`. **Recommendations** For versions prior to 1.1.4, upgrade to version 1.1.4 to address the issue. As a temporary workaround, consider using a reasonably high `POLL TIMEOUT` setting, like the default. Use separate libmemcached connections for unrelated data to minimize the risk of exploitation. Do not re-use libmemcached connections in an unknown state to lower the probability of this bug affecting a given deployment.