CVSS: 5.5EPSS: 66%CPEs: 2EXPL: 0CVE-2023-22458 – Integer overflow in multiple Redis commands can lead to denial-of-service
https://notcve.org/view.php?id=CVE-2023-22458
20 Jan 2023 — Redis is an in-memory database that persists on disk. Authenticated users can issue a `HRANDFIELD` or `ZRANDMEMBER` command with specially crafted arguments to trigger a denial-of-service by crashing Redis with an assertion failure. This problem affects Redis versions 6.2 or newer up to but not including 6.2.9 as well as versions 7.0 up to but not including 7.0.8. Users are advised to upgrade. There are no known workarounds for this vulnerability. • https://github.com/redis/redis/commit/16f408b1a0121cacd44cbf8aee275d69dc627f02 • CWE-190: Integer Overflow or Wraparound •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2022-3734 – Redis on Windows dbghelp.dll uncontrolled search path
https://notcve.org/view.php?id=CVE-2022-3734
28 Oct 2022 — A vulnerability was found in a port or fork of Redis. It has been declared as critical. This vulnerability affects unknown code in the library C:/Program Files/Redis/dbghelp.dll. The manipulation leads to uncontrolled search path. The attack can be initiated remotely. • https://vuldb.com/?id.212416 • CWE-426: Untrusted Search Path •
CVSS: 3.3EPSS: 0%CPEs: 2EXPL: 1CVE-2022-3647 – Redis Crash Report debug.c sigsegvHandler denial of service
https://notcve.org/view.php?id=CVE-2022-3647
21 Oct 2022 — ** DISPUTED ** A vulnerability, which was classified as problematic, was found in Redis up to 6.2.7/7.0.5. Affected is the function sigsegvHandler of the file debug.c of the component Crash Report. The manipulation leads to denial of service. The complexity of an attack is rather high. The exploitability is told to be difficult. • https://github.com/redis/redis/commit/0bf90d944313919eb8e63d3588bf63a367f020a3 • CWE-404: Improper Resource Shutdown or Release •
CVSS: 10.0EPSS: 80%CPEs: 2EXPL: 0CVE-2022-35951 – Redis subject to Integer Overflow leading to Remote Code Execution via Heap Overflow
https://notcve.org/view.php?id=CVE-2022-35951
23 Sep 2022 — Redis is an in-memory database that persists on disk. Versions 7.0.0 and above, prior to 7.0.5 are vulnerable to an Integer Overflow. Executing an `XAUTOCLAIM` command on a stream key in a specific state, with a specially crafted `COUNT` argument may cause an integer overflow, a subsequent heap overflow, and potentially lead to remote code execution. This has been patched in Redis version 7.0.5. No known workarounds exist. • https://github.com/redis/redis/security/advisories/GHSA-5gc4-76rx-22c9 • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.0EPSS: 8%CPEs: 1EXPL: 1CVE-2022-31144 – Potential heap overflow in Redis
https://notcve.org/view.php?id=CVE-2022-31144
19 Jul 2022 — Redis is an in-memory database that persists on disk. A specially crafted `XAUTOCLAIM` command on a stream key in a specific state may result with heap overflow, and potentially remote code execution. This problem affects versions on the 7.x branch prior to 7.0.4. The patch is released in version 7.0.4. Redis es una base de datos en memoria que persiste en el disco. • https://github.com/SpiralBL0CK/CVE-2022-31144 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 2CVE-2022-33105 – Gentoo Linux Security Advisory 202209-17
https://notcve.org/view.php?id=CVE-2022-33105
22 Jun 2022 — Redis v7.0 was discovered to contain a memory leak via the component streamGetEdgeID. Se ha detectado que Redis versión v7.0, contiene una pérdida de memoria por medio del componente streamGetEdgeID Multiple vulnerabilities have been found in Redis, the worst of which could result in arbitrary code execution. Versions less than 7.0.5 are affected. • https://github.com/redis/redis/commit/4a7a4e42db8ff757cdf3f4a824f66426036034ef • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 5.5EPSS: 0%CPEs: 12EXPL: 1CVE-2022-24736 – A Malformed Lua script can crash Redis
https://notcve.org/view.php?id=CVE-2022-24736
27 Apr 2022 — Redis is an in-memory database that persists on disk. Prior to versions 6.2.7 and 7.0.0, an attacker attempting to load a specially crafted Lua script can cause NULL pointer dereference which will result with a crash of the redis-server process. The problem is fixed in Redis versions 7.0.0 and 6.2.7. An additional workaround to mitigate this problem without patching the redis-server executable, if Lua scripting is not being used, is to block access to `SCRIPT LOAD` and `EVAL` commands using ACL rules. Redis... • https://github.com/redis/redis/pull/10651 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 2%CPEs: 12EXPL: 1CVE-2022-24735 – Lua scripts can be manipulated to overcome ACL rules in Redis
https://notcve.org/view.php?id=CVE-2022-24735
27 Apr 2022 — Redis is an in-memory database that persists on disk. By exploiting weaknesses in the Lua script execution environment, an attacker with access to Redis prior to version 7.0.0 or 6.2.7 can inject Lua code that will execute with the (potentially higher) privileges of another Redis user. The Lua script execution environment in Redis provides some measures that prevent a script from creating side effects that persist and can affect the execution of the same, or different script, at a later time. Several weakne... • https://github.com/redis/redis/pull/10651 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 10.0EPSS: 94%CPEs: 6EXPL: 6CVE-2022-0543 – Debian-specific Redis Server Lua Sandbox Escape Vulnerability
https://notcve.org/view.php?id=CVE-2022-0543
18 Feb 2022 — It was discovered, that redis, a persistent key-value database, due to a packaging issue, is prone to a (Debian-specific) Lua sandbox escape, which could result in remote code execution. Se ha detectado que redis, una base de datos persistente de valores clave, debido a un problema de empaquetado, es propenso a un escape del sandbox de Lua (específico de Debian), que podría resultar en una ejecución de código remota Reginaldo Silva discovered that due to a packaging issue, a remote attacker with the ability... • https://packetstorm.news/files/id/166885 • CWE-862: Missing Authorization •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2021-43697
https://notcve.org/view.php?id=CVE-2021-43697
29 Nov 2021 — Workerman-ThinkPHP-Redis (last update Mar 16, 2018) is affected by a Cross Site Scripting (XSS) vulnerability. In file Controller.class.php, the exit function will terminate the script and print the message to the user. The message will contain $_GET{C('VAR_JSONP_HANDLER')] then there is a XSS vulnerability. Workerman-ThinkPHP-Redis (última actualización 16 de marzo de 2018) está afectado por una vulnerabilidad de Cross Site Scripting (XSS). En el archivo Controller.class.php, la función exit terminará el s... • https://github.com/happyliu2014/Workerman-ThinkPHP-Redis/issues/1 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •