CVSS: 3.3EPSS: 0%CPEs: 5EXPL: 0CVE-2023-41053 – Redis SORT_RO may bypass ACL configuration
https://notcve.org/view.php?id=CVE-2023-41053
06 Sep 2023 — Redis is an in-memory database that persists on disk. Redis does not correctly identify keys accessed by `SORT_RO` and as a result may grant users executing this command access to keys that are not explicitly authorized by the ACL configuration. The problem exists in Redis 7.0 or newer and has been fixed in Redis 7.0.13 and 7.2.1. Users are advised to upgrade. There are no known workarounds for this vulnerability. • https://github.com/redis/redis/commit/9e505e6cd842338424e05883521ca1fb7d0f47f6 • CWE-269: Improper Privilege Management •
CVSS: 9.0EPSS: 30%CPEs: 5EXPL: 2CVE-2022-24834 – Heap overflow issue with the Lua cjson library used by Redis
https://notcve.org/view.php?id=CVE-2022-24834
13 Jul 2023 — Redis is an in-memory database that persists on disk. A specially crafted Lua script executing in Redis can trigger a heap overflow in the cjson library, and result with heap corruption and potentially remote code execution. The problem exists in all versions of Redis with Lua scripting support, starting from 2.6, and affects only authenticated and authorized users. The problem is fixed in versions 7.0.12, 6.2.13, and 6.0.20. A heap-based buffer overflow flaw was found in Redis. • https://github.com/convisolabs/CVE-2022-24834 • CWE-122: Heap-based Buffer Overflow CWE-680: Integer Overflow to Buffer Overflow •
CVSS: 9.0EPSS: 90%CPEs: 3EXPL: 0CVE-2023-36824 – Heap overflow in COMMAND GETKEYS and ACL evaluation in Redis
https://notcve.org/view.php?id=CVE-2023-36824
11 Jul 2023 — Redis is an in-memory database that persists on disk. In Redit 7.0 prior to 7.0.12, extracting key names from a command and a list of arguments may, in some cases, trigger a heap overflow and result in reading random heap memory, heap corruption and potentially remote code execution. Several scenarios that may lead to authenticated users executing a specially crafted `COMMAND GETKEYS` or `COMMAND GETKEYSANDFLAGS`and authenticated users who were set with ACL rules that match key names, executing a specially ... • https://github.com/redis/redis/releases/tag/7.0.12 • CWE-122: Heap-based Buffer Overflow CWE-131: Incorrect Calculation of Buffer Size •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-31655
https://notcve.org/view.php?id=CVE-2023-31655
18 May 2023 — redis v7.0.10 was discovered to contain a segmentation violation. This vulnerability allows attackers to cause a Denial of Service (DoS) via unspecified vectors. • https://github.com/RedisLabs/redisraft/issues/608 •
CVSS: 6.8EPSS: 0%CPEs: 7EXPL: 0CVE-2023-28856 – `HINCRBYFLOAT` can be used to crash a redis-server process
https://notcve.org/view.php?id=CVE-2023-28856
18 Apr 2023 — Redis is an open source, in-memory database that persists on disk. Authenticated users can use the `HINCRBYFLOAT` command to create an invalid hash field that will crash Redis on access in affected versions. This issue has been addressed in in versions 7.0.11, 6.2.12, and 6.0.19. Users are advised to upgrade. There are no known workarounds for this issue. • https://github.com/redis/redis/commit/bc7fe41e5857a0854d524e2a63a028e9394d2a5c • CWE-20: Improper Input Validation CWE-617: Reachable Assertion •