Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5
CVE-2025-26413
- EPSS 0.34%
- Published 22.04.2025 07:07:49
- Last modified 23.06.2025 19:25:25
Improper Input Validation vulnerability in Apache Kvrocks. The SETRANGE command didn't check if the `offset` input is a positive integer and use it as an index of a string. So it will cause the server to crash due to its index is out of range. This...
6.5
CVE-2025-25069
- EPSS 0.62%
- Published 07.02.2025 13:15:32
- Last modified 16.07.2025 14:47:38
A Cross-Protocol Scripting vulnerability is found in Apache Kvrocks. Since Kvrocks didn't detect if "Host:" or "POST" appears in RESP requests, a valid HTTP request can also be sent to Kvrocks as a valid RESP request and trigger some database opera...
1