Search CVE reports
41 – 50 of 59 results
CVE-2021-21309
Medium prioritySome fixes available 2 of 3
Redis is an open-source, in-memory database that persists on disk. In affected versions of Redis an integer overflow bug in 32-bit Redis version 4.0 or newer could be exploited to corrupt the heap and potentially result with...
1 affected packages
redis
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
redis | — | Not affected | Not affected | Fixed | Not affected |
CVE-2020-14147
Medium priorityAn integer overflow in the getnum function in lua_struct.c in Redis before 6.0.3 allows context-dependent attackers with permission to run Lua code in a Redis session to cause a denial of service (memory corruption and application...
1 affected packages
redis
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
redis | Not affected | Not affected | Vulnerable | Not affected | Not affected |
CVE-2020-7105
Medium prioritySome fixes available 1 of 5
async.c and dict.c in libhiredis.a in hiredis through 0.14.0 allow a NULL pointer dereference because malloc return values are unchecked.
1 affected packages
hiredis
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
hiredis | Not affected | Not affected | Not affected | Vulnerable | Vulnerable |
CVE-2013-0180
Low priorityInsecure temporary file vulnerability in Redis 2.6 related to /tmp/redis.ds.
1 affected packages
redis
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
redis | — | — | — | — | Not affected |
CVE-2013-0178
Low priorityInsecure temporary file vulnerability in Redis before 2.6 related to /tmp/redis-%p.vm.
1 affected packages
redis
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
redis | — | — | — | Not affected | Not affected |
CVE-2019-10193
Medium priorityA stack-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x before 3.2.13, 4.x before 4.0.14 and 5.x before 5.0.4. By corrupting a hyperloglog using the SETRANGE command, an attacker could...
1 affected packages
redis
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
redis | — | — | — | Not affected | Not affected |
CVE-2019-10192
Medium prioritySome fixes available 3 of 4
A heap-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x before 3.2.13, 4.x before 4.0.14 and 5.x before 5.0.4. By carefully corrupting a hyperloglog using the SETRANGE command,...
1 affected packages
redis
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
redis | — | — | — | Fixed | Fixed |
CVE-2016-2121
Medium prioritySome fixes available 2 of 6
A permissions flaw was found in redis, which sets weak permissions on certain files and directories that could potentially contain sensitive information. A local, unprivileged user could possibly use this flaw to access...
1 affected packages
redis
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
redis | — | Not affected | Not affected | Not affected | Fixed |
CVE-2018-11219
Medium prioritySome fixes available 3 of 4
An Integer Overflow issue was discovered in the struct library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2, leading to a failure of bounds checking.
1 affected packages
redis
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
redis | — | — | — | Fixed | Fixed |
CVE-2018-11218
Medium prioritySome fixes available 3 of 4
Memory Corruption was discovered in the cmsgpack library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2 because of stack-based buffer overflows.
1 affected packages
redis
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
redis | — | — | — | Fixed | Fixed |