Lucene search

CVE-2022-24834

🗓️ 13 Jul 2023 15:08:15Reported by Alpine Linux Development TeamType

alpinelinux🔗 security.alpinelinux.org👁 34 Views

Redis heap overflow in cjson library, allows remote code execution, affects authenticated users, fixed in v7.0.12

Reporter	Title	Published	Views	Family All 91
GithubExploit	Exploit for Integer Overflow to Buffer Overflow in Redis	28 Jul 202317:42	–	githubexploit
Veracode	Remote Code Execution (RCE)	6 Aug 202317:09	–	veracode
Tenable Nessus	SUSE SLES15 / openSUSE 15 Security Update : redis (SUSE-SU-2023:2924-1)	21 Jul 202300:00	–	nessus
Tenable Nessus	Amazon Linux 2023 : redis6, redis6-devel (ALAS2023-2023-291)	14 Aug 202300:00	–	nessus
Tenable Nessus	FreeBSD : redis -- Heap overflow in the cjson and cmsgpack libraries (0e254b4a-1f37-11ee-a475-080027f5fec9)	10 Jul 202300:00	–	nessus
Tenable Nessus	Amazon Linux 2 : redis (ALASREDIS6-2023-002)	27 Sep 202300:00	–	nessus
Tenable Nessus	Fedora 38 : redis (2023-c406ba1ff6)	19 Jul 202300:00	–	nessus
Tenable Nessus	SUSE SLES15 Security Update : redis (SUSE-SU-2023:3407-1)	24 Aug 202300:00	–	nessus
Tenable Nessus	Fedora 37 : redis (2023-800612d23a)	19 Jul 202300:00	–	nessus
Tenable Nessus	Photon OS 4.0: Redis PHSA-2023-4.0-0427	24 Jul 202400:00	–	nessus

OS	OS Version	Architecture	Package	Package Version	Filename
Alpine	edge-community	noarch	redis	7.0.12-r0	UNKNOWN
Alpine	3.16-main	noarch	redis	7.0.12-r0	UNKNOWN
Alpine	3.17-main	noarch	redis	7.0.12-r0	UNKNOWN
Alpine	3.18-main	noarch	redis	7.0.12-r0	UNKNOWN
Alpine	3.19-main	noarch	redis	7.0.12-r0	UNKNOWN
Alpine	3.20-community	noarch	redis	7.0.12-r0	UNKNOWN
Alpine	3.21-community	noarch	redis	7.0.12-r0	UNKNOWN

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

13 Jul 2023 15:15Current

8.2High risk

Vulners AI Score8.2

CVSS37 - 8.8

EPSS0.17595

SSVC