Redislabs

Redis

22 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2020-21468

  • EPSS 0.5%
  • Published 20.09.2021 16:15:09
  • Last modified 21.11.2024 05:12:35

A segmentation fault in the redis-server component of Redis 5.0.7 leads to a denial of service (DOS). NOTE: the vendor cannot reproduce this issue in a released version, such as 5.0.7

7.5

CVE-2021-32761

  • EPSS 0.63%
  • Published 21.07.2021 21:15:07
  • Last modified 21.11.2024 06:07:41

Redis is an in-memory database that persists on disk. A vulnerability involving out-of-bounds read and integer overflow to buffer overflow exists starting with version 2.2 and prior to versions 5.0.13, 6.0.15, and 6.2.5. On 32-bit systems, Redis `*BI...

8.8

CVE-2021-32625

  • EPSS 1.57%
  • Published 02.06.2021 20:15:07
  • Last modified 21.11.2024 06:07:24

Redis is an open source (BSD licensed), in-memory data structure store, used as a database, cache, and message broker. An integer overflow bug in Redis version 6.0 or newer, could be exploited using the STRALGO LCS command to corrupt the heap and pot...

8.8

CVE-2021-29478

  • EPSS 2.49%
  • Published 04.05.2021 16:15:07
  • Last modified 21.11.2024 06:01:13

Redis is an open source (BSD licensed), in-memory data structure store, used as a database, cache, and message broker. An integer overflow bug in Redis 6.2 before 6.2.3 could be exploited to corrupt the heap and potentially result with remote code ex...

8.8

CVE-2021-29477

  • EPSS 2.02%
  • Published 04.05.2021 16:15:07
  • Last modified 21.11.2024 06:01:13

Redis is an open source (BSD licensed), in-memory data structure store, used as a database, cache, and message broker. An integer overflow bug in Redis version 6.0 or newer could be exploited using the `STRALGO LCS` command to corrupt the heap and po...

5.3

CVE-2021-3470

  • EPSS 0.67%
  • Published 31.03.2021 14:15:20
  • Last modified 21.11.2024 06:21:37

A heap overflow issue was found in Redis in versions before 5.0.10, before 6.0.9 and before 6.2.0 when using a heap allocator other than jemalloc or glibc's malloc, leading to potential out of bound write or process crash. Effectively this flaw does ...

8.8

CVE-2021-21309

  • EPSS 0.47%
  • Published 26.02.2021 22:15:19
  • Last modified 21.11.2024 05:47:59

Redis is an open-source, in-memory database that persists on disk. In affected versions of Redis an integer overflow bug in 32-bit Redis version 4.0 or newer could be exploited to corrupt the heap and potentially result with remote code execution. Re...

7.7

CVE-2020-14147

  • EPSS 0.27%
  • Published 15.06.2020 18:15:14
  • Last modified 21.11.2024 05:02:44

An integer overflow in the getnum function in lua_struct.c in Redis before 6.0.3 allows context-dependent attackers with permission to run Lua code in a Redis session to cause a denial of service (memory corruption and application crash) or possibly ...

5.5

CVE-2013-0180

  • EPSS 0.05%
  • Published 01.11.2019 19:15:10
  • Last modified 21.11.2024 01:47:00

Insecure temporary file vulnerability in Redis 2.6 related to /tmp/redis.ds.

5.5

CVE-2013-0178

  • EPSS 0.14%
  • Published 01.11.2019 19:15:10
  • Last modified 21.11.2024 01:47:00

Insecure temporary file vulnerability in Redis before 2.6 related to /tmp/redis-%p.vm.