Apache

Kvrocks

9 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.27%
  • Veröffentlicht 25.06.2026 08:04:25
  • Zuletzt bearbeitet 25.06.2026 13:27:40

Improper Handling of Insufficient Permissions or Privileges vulnerability in Apache Kvrocks. This issue affects Apache Kvrocks: 2.8.0. Users are recommended to upgrade to version 2.16.0, which fixes the issue.

  • EPSS 0.14%
  • Veröffentlicht 25.06.2026 08:01:49
  • Zuletzt bearbeitet 25.06.2026 13:27:40

Relative Path Traversal vulnerability in Apache Kvrocks. This issue affects Apache Kvrocks: from 1.0.0 through 2.15.0. Users are recommended to upgrade to version 2.16.0, which fixes the issue.

  • EPSS 0.28%
  • Veröffentlicht 25.06.2026 08:01:00
  • Zuletzt bearbeitet 25.06.2026 13:27:40

A vulnerability in Apache Kvrocks. This issue affects Apache Kvrocks: from 2.2.0 through 2.15.0. Users are recommended to upgrade to version 2.16.0, which fixes the issue.

  • EPSS 0.34%
  • Veröffentlicht 25.06.2026 08:00:18
  • Zuletzt bearbeitet 25.06.2026 13:27:40

Redis Lua HEAP overflow in cjson library vulnerability in Apache Kvrocks. This issue affects Apache Kvrocks: from 2.0.4 through 2.15.0. Users are recommended to upgrade to version 2.16.0, which fixes the issue.

  • EPSS 0.32%
  • Veröffentlicht 25.06.2026 07:59:24
  • Zuletzt bearbeitet 25.06.2026 14:16:46

A vulnerability in Apache Kvrocks. This issue affects Apache Kvrocks: from 2.6.0 through 2.15.0. Users are recommended to upgrade to version 2.16.0, which fixes the issue.

  • EPSS 0.26%
  • Veröffentlicht 28.11.2025 14:21:22
  • Zuletzt bearbeitet 04.12.2025 17:04:38

Reveals plaintext credentials in the MONITOR command vulnerability in Apache Kvrocks. This issue affects Apache Kvrocks: from 1.0.0 through 2.13.0. Users are recommended to upgrade to version 2.14.0, which fixes the issue.

  • EPSS 0.36%
  • Veröffentlicht 28.11.2025 14:20:31
  • Zuletzt bearbeitet 04.12.2025 17:03:00

Improper Privilege Management vulnerability in Apache Kvrocks. This issue affects Apache Kvrocks: from v2.9.0 through v2.13.0. Users are recommended to upgrade to version 2.14.0, which fixes the issue.

  • EPSS 0.61%
  • Veröffentlicht 22.04.2025 07:07:49
  • Zuletzt bearbeitet 23.06.2025 19:25:25

Improper Input Validation vulnerability in Apache Kvrocks. The SETRANGE command didn't check if the `offset` input is a positive integer and use it as an index of a string. So it will cause the server to crash due to its index is  out of range. This...

  • EPSS 0.78%
  • Veröffentlicht 07.02.2025 13:15:32
  • Zuletzt bearbeitet 16.07.2025 14:47:38

A Cross-Protocol Scripting vulnerability is found in Apache Kvrocks. Since Kvrocks didn't detect if "Host:" or "POST" appears in RESP requests, a valid HTTP request can also be sent to Kvrocks as a valid RESP request and trigger some database opera...