CVSS: 7.5EPSS: 4%CPEs: 1EXPL: 2CVE-2018-12453 – Redis 5.0 - Denial of Service
https://notcve.org/view.php?id=CVE-2018-12453
Type confusion in the xgroupCommand function in t_stream.c in redis-server in Redis before 5.0 allows remote attackers to cause denial-of-service via an XGROUP command in which the key is not a stream. Confusión de tipos en la función xgroupCommand en t_stream.c en redis-server en Redis en versiones anteriores a la 5.0 permite que atacantes remotos provoquen una denegación de servicio (DoS) mediante un comando XGROUP en el que la clave no es una secuencia. Redis version 5.0 suffers from a denial of service vulnerability. • https://www.exploit-db.com/exploits/44908 https://gist.github.com/fakhrizulkifli/34a56d575030682f6c564553c53b82b5 https://github.com/antirez/redis/commit/c04082cf138f1f51cedf05ee9ad36fb6763cafc6 • CWE-704: Incorrect Type Conversion or Cast •
CVSS: 7.4EPSS: 0%CPEs: 1EXPL: 0CVE-2016-10517
https://notcve.org/view.php?id=CVE-2016-10517
networking.c in Redis before 3.2.7 allows "Cross Protocol Scripting" because it lacks a check for POST and Host: strings, which are not valid in the Redis protocol (but commonly occur when an attack triggers an HTTP request to the Redis TCP port). networking.c en Redis en versiones anteriores a la 3.2.7 permite Cross Protocol Scripting porque carece de un control para cadenas POST y Host: que no son válidas en el protocolo Redis (pero suele ocurrir cuando un ataque desencadena una petición HTTP al puerto TCP de Redis). • http://www.securityfocus.com/bid/101572 https://github.com/antirez/redis/commit/874804da0c014a7d704b3d285aa500098a931f50 https://raw.githubusercontent.com/antirez/redis/3.2/00-RELEASENOTES https://www.reddit.com/r/redis/comments/5r8wxn/redis_327_is_out_important_security_fixes_inside • CWE-254: 7PK - Security Features •
CVSS: 3.3EPSS: 0%CPEs: 2EXPL: 0CVE-2013-7458
https://notcve.org/view.php?id=CVE-2013-7458
linenoise, as used in Redis before 3.2.3, uses world-readable permissions for .rediscli_history, which allows local users to obtain sensitive information by reading the file. linenoise, tal y como se utiliza en Redis en versiones anteriores a 3.2.3, utiliza permisos accesibles a todos para .rediscli_history, lo que permite a usuarios locales obtener información sensible leyendo el archivo. • http://lists.opensuse.org/opensuse-updates/2016-08/msg00029.html http://lists.opensuse.org/opensuse-updates/2016-08/msg00030.html http://www.debian.org/security/2016/dsa-3634 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=832460 https://github.com/antirez/linenoise/issues/121 https://github.com/antirez/linenoise/pull/122 https://github.com/antirez/redis/blob/3.2/00-RELEASENOTES https://github.com/antirez/redis/issues/3284 https://github.com/antirez/redis/pull/1418 ht • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 10.0EPSS: 1%CPEs: 5EXPL: 1CVE-2015-4335 – redis: Lua sandbox escape and arbitrary code execution
https://notcve.org/view.php?id=CVE-2015-4335
Redis before 2.8.21 and 3.x before 3.0.2 allows remote attackers to execute arbitrary Lua bytecode via the eval command. Redis anterior a versión 2.8.21 y versiones 3.x y anteriores a 3.0.2, permite a los atacantes remotos ejecutar el código byte Lua arbitrario por medio del comando eval. A flaw was discovered in redis that could allow an authenticated user, who was able to use the EVAL command to run Lua code, to break out of the Lua sandbox and execute arbitrary code on the system. • http://benmmurphy.github.io/blog/2015/06/04/redis-eval-lua-sandbox-escape http://lists.fedoraproject.org/pipermail/package-announce/2015-July/162094.html http://lists.fedoraproject.org/pipermail/package-announce/2015-July/162146.html http://lists.opensuse.org/opensuse-updates/2015-10/msg00014.html http://rhn.redhat.com/errata/RHSA-2015-1676.html http://www.debian.org/security/2015/dsa-3279 http://www.openwall.com/lists/oss-security/2015/06/04/12 http://www.openwall.com/lists/ • CWE-17: DEPRECATED: Code •