Search CVE reports
1 – 10 of 79 results
Redis is an open source, in-memory database that persists on disk. In versions 8.2.0 and above, a user can run the XACKDEL command with multiple ID's and trigger a stack buffer overflow, which may potentially lead to remote code...
1 affected package
redis
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| redis | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
Some fixes available 10 of 13
Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lua script to manipulate the garbage collector, trigger a use-after-free...
3 affected packages
redict, redis, valkey
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| redict | Not in release | Not in release | — | — |
| redis | Fixed | Fixed | Fixed | Fixed |
| valkey | Vulnerable | Not in release | — | — |
Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted LUA script to read out-of-bound data or crash the server and subsequent denial of...
3 affected packages
redict, redis, valkey
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| redict | Not in release | Not in release | — | — |
| redis | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| valkey | Needs evaluation | Not in release | — | — |
Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lua script to manipulate different LUA objects and potentially run their own code...
3 affected packages
redict, redis, valkey
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| redict | Not in release | Not in release | — | — |
| redis | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| valkey | Needs evaluation | Not in release | — | — |
Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lua script to cause an integer overflow and potentially lead to remote...
3 affected packages
redict, redis, valkey
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| redict | Not in release | Not in release | — | — |
| redis | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| valkey | Needs evaluation | Not in release | — | — |
Redis through 8.0.3 allows memory consumption via a multi-bulk command composed of many bulks, sent by an authenticated user. This occurs because the server allocates memory for the command arguments of every bulk, even when the...
1 affected package
redis
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| redis | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
Redis is an open source, in-memory database that persists on disk. An unauthenticated connection can cause repeated IP protocol errors, leading to client starvation and, ultimately, a denial of service. This vulnerability is fixed...
3 affected packages
redict, redis, valkey
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| redict | Not in release | Not in release | — | — |
| redis | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| valkey | Needs evaluation | Not in release | — | — |
Redis is an open source, in-memory database that persists on disk. From 2.8 to before 8.0.3, 7.4.5, 7.2.10, and 6.2.19, an authenticated user may use a specially crafted string to trigger a stack/heap out of bounds write...
3 affected packages
redict, redis, valkey
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| redict | Not in release | Not in release | — | — |
| redis | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| valkey | Needs evaluation | Not in release | — | — |
setDeferredReply in networking.c in Valkey through 8.1.1 has an integer underflow for prev->size - prev->used.
3 affected packages
redict, redis, valkey
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| redict | Not in release | Not in release | Not in release | — |
| redis | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| valkey | Needs evaluation | Not in release | Not in release | — |
Redis is an open source, in-memory database that persists on disk. In versions starting from 7.0.0 to before 8.0.2, a stack-based buffer overflow exists in redis-check-aof due to the use of memcpy with strlen(filepath) when...
1 affected package
redis
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| redis | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |