CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2023-47003
https://notcve.org/view.php?id=CVE-2023-47003
16 Nov 2023 — An issue in RedisGraph v.2.12.10 allows an attacker to execute arbitrary code and cause a denial of service via a crafted string in DataBlock_ItemIsDeleted. Un problema en RedisGraph v.2.12.10 permite a un atacante ejecutar código arbitrario y provocar una denegación de servicio a través de una cadena manipulada en DataBlock_ItemIsDeleted. • https://github.com/RedisGraph/RedisGraph/issues/3063 • CWE-20: Improper Input Validation CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-476: NULL Pointer Dereference •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 1CVE-2023-47004
https://notcve.org/view.php?id=CVE-2023-47004
06 Nov 2023 — Buffer Overflow vulnerability in Redis RedisGraph v.2.x through v.2.12.8 and fixed in v.2.12.9 allows an attacker to execute arbitrary code via the code logic after valid authentication. La vulnerabilidad de desbordamiento del búfer en Redis RedisGraph v.2.x a v.2.12.8 y corregida en v.2.12.9 permite a un atacante ejecutar código arbitrario a través de la lógica del código después de una autenticación válida. • https://github.com/RedisGraph/RedisGraph/issues/3178 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-21468
https://notcve.org/view.php?id=CVE-2020-21468
20 Sep 2021 — A segmentation fault in the redis-server component of Redis 5.0.7 leads to a denial of service (DOS). NOTE: the vendor cannot reproduce this issue in a released version, such as 5.0.7 ** EN DISPUTA ** Un fallo de segmentación en el componente redis-server de Redis 5.0.7 conduce a una denegación de servicio (DOS). NOTA: el proveedor no puede reproducir este problema en una versión liberada, como la 5.0.7 • http://redis.com •
CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0CVE-2021-32761 – Integer overflow issues with *BIT commands on 32-bit systems
https://notcve.org/view.php?id=CVE-2021-32761
21 Jul 2021 — Redis is an in-memory database that persists on disk. A vulnerability involving out-of-bounds read and integer overflow to buffer overflow exists starting with version 2.2 and prior to versions 5.0.13, 6.0.15, and 6.2.5. On 32-bit systems, Redis `*BIT*` command are vulnerable to integer overflow that can potentially be exploited to corrupt the heap, leak arbitrary heap contents or trigger remote code execution. The vulnerability involves changing the default `proto-max-bulk-len` configuration parameter to a... • https://github.com/redis/redis/security/advisories/GHSA-8wxq-j7rp-g8wj • CWE-125: Out-of-bounds Read CWE-190: Integer Overflow or Wraparound CWE-680: Integer Overflow to Buffer Overflow •
CVSS: 8.8EPSS: 1%CPEs: 4EXPL: 0CVE-2021-32625 – Redis vulnerability in STRALGO LCS on 32-bit systems
https://notcve.org/view.php?id=CVE-2021-32625
02 Jun 2021 — Redis is an open source (BSD licensed), in-memory data structure store, used as a database, cache, and message broker. An integer overflow bug in Redis version 6.0 or newer, could be exploited using the STRALGO LCS command to corrupt the heap and potentially result with remote code execution. This is a result of an incomplete fix by CVE-2021-29477. The problem is fixed in version 6.2.4 and 6.0.14. An additional workaround to mitigate the problem without patching the redis-server executable is to use ACL con... • https://github.com/redis/redis/releases/tag/6.0.14 • CWE-190: Integer Overflow or Wraparound CWE-680: Integer Overflow to Buffer Overflow •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2021-29478 – Vulnerability in the COPY command for large intsets
https://notcve.org/view.php?id=CVE-2021-29478
04 May 2021 — Redis is an open source (BSD licensed), in-memory data structure store, used as a database, cache, and message broker. An integer overflow bug in Redis 6.2 before 6.2.3 could be exploited to corrupt the heap and potentially result with remote code execution. Redis 6.0 and earlier are not directly affected by this issue. The problem is fixed in version 6.2.3. An additional workaround to mitigate the problem without patching the `redis-server` executable is to prevent users from modifying the `set-max-intset-... • https://github.com/redis/redis/security/advisories/GHSA-qh52-crrg-44g3 • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 1%CPEs: 4EXPL: 0CVE-2021-29477 – Vulnerability in the STRALGO LCS command
https://notcve.org/view.php?id=CVE-2021-29477
04 May 2021 — Redis is an open source (BSD licensed), in-memory data structure store, used as a database, cache, and message broker. An integer overflow bug in Redis version 6.0 or newer could be exploited using the `STRALGO LCS` command to corrupt the heap and potentially result with remote code execution. The problem is fixed in version 6.2.3 and 6.0.13. An additional workaround to mitigate the problem without patching the redis-server executable is to use ACL configuration to prevent clients from using the `STRALGO LC... • https://github.com/redis/redis/security/advisories/GHSA-vqxj-26vj-996g • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 5.3EPSS: 0%CPEs: 5EXPL: 0CVE-2021-3470
https://notcve.org/view.php?id=CVE-2021-3470
31 Mar 2021 — A heap overflow issue was found in Redis in versions before 5.0.10, before 6.0.9 and before 6.2.0 when using a heap allocator other than jemalloc or glibc's malloc, leading to potential out of bound write or process crash. Effectively this flaw does not affect the vast majority of users, who use jemalloc or glibc malloc. Se encontró un problema de desbordamiento de pila en Redis en las versiones anteriores a 5.0.10, versiones anteriores a 6.0.9 y versiones anteriores a 6.2.0, cuando se usaba un asignador de... • https://bugzilla.redhat.com/show_bug.cgi?id=1943623 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2021-21309 – Integer overflow on 32-bit systems
https://notcve.org/view.php?id=CVE-2021-21309
26 Feb 2021 — Redis is an open-source, in-memory database that persists on disk. In affected versions of Redis an integer overflow bug in 32-bit Redis version 4.0 or newer could be exploited to corrupt the heap and potentially result with remote code execution. Redis 4.0 or newer uses a configurable limit for the maximum supported bulk input size. By default, it is 512MB which is a safe value for all platforms. If the limit is significantly increased, receiving a large request from a client may trigger several integer ov... • https://github.com/redis/redis/commit/c992857618db99776917f10bf4f2345a5fdc78b0 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-190: Integer Overflow or Wraparound •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2020-35668
https://notcve.org/view.php?id=CVE-2020-35668
23 Dec 2020 — RedisGraph 2.x through 2.2.11 has a NULL Pointer Dereference that leads to a server crash because it mishandles an unquoted string, such as an alias that has not yet been introduced. RedisGraph versiones 2.x hasta 2.2.11, presenta una desreferencia del puntero NULL que conlleva a un bloqueo del servidor porque maneja inapropiadamente una cadena sin comillas, tal y como un alias que aún no ha sido introducido • https://github.com/RedisGraph/RedisGraph/issues/1502 • CWE-476: NULL Pointer Dereference •