CVSS: 6.5EPSS: 0%CPEs: 7EXPL: 0CVE-2023-28856 – `HINCRBYFLOAT` can be used to crash a redis-server process
https://notcve.org/view.php?id=CVE-2023-28856
Redis is an open source, in-memory database that persists on disk. Authenticated users can use the `HINCRBYFLOAT` command to create an invalid hash field that will crash Redis on access in affected versions. This issue has been addressed in in versions 7.0.11, 6.2.12, and 6.0.19. Users are advised to upgrade. There are no known workarounds for this issue. • https://github.com/redis/redis/commit/bc7fe41e5857a0854d524e2a63a028e9394d2a5c https://github.com/redis/redis/pull/11149 https://github.com/redis/redis/security/advisories/GHSA-hjv8-vjf6-wcr6 https://lists.debian.org/debian-lts-announce/2023/04/msg00023.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EQ4DJSO4DMR55AWK6OPVJH5UTEB35R2Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LPUTH7NBQTZDVJWFNUD24ZCS6NDUFYS6 https://lists.fedoraproject. • CWE-20: Improper Input Validation CWE-617: Reachable Assertion •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-25155 – Integer Overflow in several Redis commands can lead to denial of service.
https://notcve.org/view.php?id=CVE-2023-25155
Redis is an in-memory database that persists on disk. Authenticated users issuing specially crafted `SRANDMEMBER`, `ZRANDMEMBER`, and `HRANDFIELD` commands can trigger an integer overflow, resulting in a runtime assertion and termination of the Redis server process. This problem affects all Redis versions. Patches were released in Redis version(s) 6.0.18, 6.2.11 and 7.0.9. • https://github.com/redis/redis/commit/2a2a582e7cd99ba3b531336b8bd41df2b566e619 https://github.com/redis/redis/releases/tag/6.0.18 https://github.com/redis/redis/releases/tag/6.2.11 https://github.com/redis/redis/releases/tag/7.0.9 https://github.com/redis/redis/security/advisories/GHSA-x2r7-j9vw-3w83 • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-36021 – Redis string pattern matching can be abused to achieve Denial of Service
https://notcve.org/view.php?id=CVE-2022-36021
Redis is an in-memory database that persists on disk. Authenticated users can use string matching commands (like `SCAN` or `KEYS`) with a specially crafted pattern to trigger a denial-of-service attack on Redis, causing it to hang and consume 100% CPU time. The problem is fixed in Redis versions 6.0.18, 6.2.11, 7.0.9. • https://github.com/redis/redis/commit/dcbfcb916ca1a269b3feef86ee86835294758f84 https://github.com/redis/redis/security/advisories/GHSA-jr7j-rfj5-8xqv • CWE-407: Inefficient Algorithmic Complexity •
CVSS: 3.3EPSS: 0%CPEs: 2EXPL: 1CVE-2022-3647 – Redis Crash Report debug.c sigsegvHandler denial of service
https://notcve.org/view.php?id=CVE-2022-3647
** DISPUTED ** A vulnerability, which was classified as problematic, was found in Redis up to 6.2.7/7.0.5. Affected is the function sigsegvHandler of the file debug.c of the component Crash Report. The manipulation leads to denial of service. The complexity of an attack is rather high. The exploitability is told to be difficult. • https://github.com/redis/redis/commit/0bf90d944313919eb8e63d3588bf63a367f020a3 https://vuldb.com/?ctiid.211962 https://vuldb.com/?id.211962 • CWE-404: Improper Resource Shutdown or Release •
CVSS: 5.5EPSS: 0%CPEs: 12EXPL: 1CVE-2022-24736 – A Malformed Lua script can crash Redis
https://notcve.org/view.php?id=CVE-2022-24736
Redis is an in-memory database that persists on disk. Prior to versions 6.2.7 and 7.0.0, an attacker attempting to load a specially crafted Lua script can cause NULL pointer dereference which will result with a crash of the redis-server process. The problem is fixed in Redis versions 7.0.0 and 6.2.7. An additional workaround to mitigate this problem without patching the redis-server executable, if Lua scripting is not being used, is to block access to `SCRIPT LOAD` and `EVAL` commands using ACL rules. Redis es una base de datos en memoria que persiste en el disco. • https://github.com/redis/redis/pull/10651 https://github.com/redis/redis/releases/tag/6.2.7 https://github.com/redis/redis/releases/tag/7.0.0 https://github.com/redis/redis/security/advisories/GHSA-3qpw-7686-5984 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/J4ZK3675DGHVVDOFLJN7WX6YYH27GPMK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VPYKSG7LKUJGVM2P72EHXKVRVRWHLORX https://lists.fedoraproject.org/archives/list/ • CWE-476: NULL Pointer Dereference •