Search CVE reports
31 – 40 of 74 results
Redis is an in-memory database that persists on disk. Versions 7.0.0 and above, prior to 7.0.5 are vulnerable to an Integer Overflow. Executing an `XAUTOCLAIM` command on a stream key in a specific state, with a specially crafted...
1 affected package
redis
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| redis | Not affected | Not affected | Not affected | Not affected |
Redis v7.0 was discovered to contain a memory leak via the component streamGetEdgeID.
1 affected package
redis
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| redis | Not affected | Not affected | Not affected | Not affected |
Redis is an in-memory database that persists on disk. A specially crafted `XAUTOCLAIM` command on a stream key in a specific state may result with heap overflow, and potentially remote code execution. This problem affects versions...
1 affected package
redis
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| redis | Not affected | Not affected | Not affected | Not affected |
Some fixes available 5 of 7
Redis is an in-memory database that persists on disk. A specially crafted Lua script executing in Redis can trigger a heap overflow in the cjson library, and result with heap corruption and potentially remote code execution. The...
1 affected package
redis
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| redis | Not affected | Fixed | Fixed | Fixed |
Redis is an in-memory database that persists on disk. Prior to versions 6.2.7 and 7.0.0, an attacker attempting to load a specially crafted Lua script can cause NULL pointer dereference which will result with a crash of the...
1 affected package
redis
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| redis | Not affected | Vulnerable | Vulnerable | Vulnerable |
Redis is an in-memory database that persists on disk. By exploiting weaknesses in the Lua script execution environment, an attacker with access to Redis prior to version 7.0.0 or 6.2.7 can inject Lua code that will execute with...
1 affected package
redis
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| redis | Not affected | Needs evaluation | Needs evaluation | Needs evaluation |
It was discovered, that redis, a persistent key-value database, due to a packaging issue, is prone to a (Debian-specific) Lua sandbox escape, which could result in remote code execution.
1 affected package
redis
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| redis | — | — | Fixed | Not affected |
Stack overflow in lua_resume of ldo.c in Lua Interpreter 5.1.0~5.4.4 allows attackers to perform a Denial of Service via a crafted script file.
45 affected packages
enigma, freeciv, freedroidrpg, fs-uae, golly...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| enigma | Not affected | Not affected | Not affected | Not affected |
| freeciv | Not affected | Not affected | Not affected | Not affected |
| freedroidrpg | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| fs-uae | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| golly | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| goxel | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| grub2 | Not affected | Not affected | Not affected | Not affected |
| gtk2-engines | Not affected | Not affected | Not affected | Not affected |
| haskell-hslua | Not affected | Not affected | Not affected | Not affected |
| hedgewars | Not affected | Not affected | Not affected | Not affected |
| lua5.1 | Not affected | Not affected | Not affected | Not affected |
| lua5.2 | Not affected | Not affected | Not affected | Not affected |
| lua5.3 | Not affected | Not affected | Not affected | Not affected |
| lua5.4 | Not affected | Not affected | Not in release | Not in release |
| lua50 | Not in release | Not in release | Not affected | Not affected |
| luajit | Not affected | Not affected | Not affected | Not affected |
| mame | Not affected | Not affected | Not affected | Not affected |
| naev | Needs evaluation | Needs evaluation | Needs evaluation | — |
| openscenegraph | Not affected | Not affected | Not affected | Not affected |
| redis | Not affected | Not affected | Not affected | Not affected |
| rust-lua52-sys | Needs evaluation | Needs evaluation | Needs evaluation | — |
| scite | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| scorched3d | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| scummvm | Not affected | Not affected | Not affected | Not affected |
| spring | Not affected | Not affected | Not affected | Not affected |
| syslinux | Not affected | Not affected | Not affected | Not affected |
| syslinux-legacy | Not in release | Not in release | Not affected | Not affected |
| tagua | Not affected | Not affected | Not affected | Not affected |
| tarantool | Needs evaluation | Needs evaluation | Needs evaluation | — |
| texlive-bin | Not affected | Not affected | Not affected | Not affected |
| tup | Needs evaluation | Needs evaluation | Needs evaluation | — |
| ufoai | Not affected | Not affected | Not affected | Not affected |
| vifm | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| wcc | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| wesnoth | — | — | — | — |
| widelands | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| xmoto | Not affected | Not affected | Not affected | Not affected |
| zfs-linux | Not affected | Not affected | Not affected | Not affected |
| ardour | Not affected | Not affected | Not affected | Not affected |
| bam | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| blobby | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| ceph | Not affected | Not affected | Not affected | Not affected |
| darktable | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| eja | Not in release | Needs evaluation | Needs evaluation | Needs evaluation |
| emscripten | Needs evaluation | Needs evaluation | — | Needs evaluation |
Some fixes available 2 of 4
Redis is an open source, in-memory database that persists on disk. An integer overflow bug in the underlying string library can be used to corrupt the heap and potentially result with denial of service or remote code execution....
1 affected package
redis
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| redis | Not affected | Not affected | Fixed | Fixed |
A heap overflow issue was found in Redis in versions before 5.0.10, before 6.0.9 and before 6.2.0 when using a heap allocator other than jemalloc or glibc's malloc, leading to potential out of bound write or process...
1 affected package
redis
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| redis | Not affected | Not affected | Needs evaluation | Needs evaluation |