CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-25155 – Integer Overflow in several Redis commands can lead to denial of service.
https://notcve.org/view.php?id=CVE-2023-25155
Redis is an in-memory database that persists on disk. Authenticated users issuing specially crafted `SRANDMEMBER`, `ZRANDMEMBER`, and `HRANDFIELD` commands can trigger an integer overflow, resulting in a runtime assertion and termination of the Redis server process. This problem affects all Redis versions. Patches were released in Redis version(s) 6.0.18, 6.2.11 and 7.0.9. • https://github.com/redis/redis/commit/2a2a582e7cd99ba3b531336b8bd41df2b566e619 https://github.com/redis/redis/releases/tag/6.0.18 https://github.com/redis/redis/releases/tag/6.2.11 https://github.com/redis/redis/releases/tag/7.0.9 https://github.com/redis/redis/security/advisories/GHSA-x2r7-j9vw-3w83 • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-36021 – Redis string pattern matching can be abused to achieve Denial of Service
https://notcve.org/view.php?id=CVE-2022-36021
Redis is an in-memory database that persists on disk. Authenticated users can use string matching commands (like `SCAN` or `KEYS`) with a specially crafted pattern to trigger a denial-of-service attack on Redis, causing it to hang and consume 100% CPU time. The problem is fixed in Redis versions 6.0.18, 6.2.11, 7.0.9. • https://github.com/redis/redis/commit/dcbfcb916ca1a269b3feef86ee86835294758f84 https://github.com/redis/redis/security/advisories/GHSA-jr7j-rfj5-8xqv • CWE-407: Inefficient Algorithmic Complexity •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-35977 – Integer overflow in certain command arguments can drive Redis to OOM panic
https://notcve.org/view.php?id=CVE-2022-35977
Redis is an in-memory database that persists on disk. Authenticated users issuing specially crafted `SETRANGE` and `SORT(_RO)` commands can trigger an integer overflow, resulting with Redis attempting to allocate impossible amounts of memory and abort with an out-of-memory (OOM) panic. The problem is fixed in Redis versions 7.0.8, 6.2.9 and 6.0.17. Users are advised to upgrade. There are no known workarounds for this vulnerability. • https://github.com/redis/redis/commit/1ec82e6e97e1db06a72ca505f9fbf6b981f31ef7 https://github.com/redis/redis/releases/tag/6.0.17 https://github.com/redis/redis/releases/tag/6.2.9 https://github.com/redis/redis/releases/tag/7.0.8 https://github.com/redis/redis/security/advisories/GHSA-mrcw-fhw9-fj8j • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-22458 – Integer overflow in multiple Redis commands can lead to denial-of-service
https://notcve.org/view.php?id=CVE-2023-22458
Redis is an in-memory database that persists on disk. Authenticated users can issue a `HRANDFIELD` or `ZRANDMEMBER` command with specially crafted arguments to trigger a denial-of-service by crashing Redis with an assertion failure. This problem affects Redis versions 6.2 or newer up to but not including 6.2.9 as well as versions 7.0 up to but not including 7.0.8. Users are advised to upgrade. There are no known workarounds for this vulnerability. • https://github.com/redis/redis/commit/16f408b1a0121cacd44cbf8aee275d69dc627f02 https://github.com/redis/redis/releases/tag/6.2.9 https://github.com/redis/redis/releases/tag/7.0.8 https://github.com/redis/redis/security/advisories/GHSA-r8w2-2m53-gprj • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-3734 – Redis on Windows dbghelp.dll uncontrolled search path
https://notcve.org/view.php?id=CVE-2022-3734
A vulnerability was found in a port or fork of Redis. It has been declared as critical. This vulnerability affects unknown code in the library C:/Program Files/Redis/dbghelp.dll. The manipulation leads to uncontrolled search path. The attack can be initiated remotely. • https://vuldb.com/?id.212416 https://www.cnblogs.com/J0o1ey/p/16829380.html • CWE-426: Untrusted Search Path •