| Reporter | Title | Published | Views | Family All 93 |
|---|---|---|---|---|
| Amazon Linux 2023 : redis6, redis6-devel (ALAS2023-2023-154) | 4 Apr 202300:00 | – | nessus | |
| Photon OS 4.0: Redis PHSA-2022-4.0-0276 | 23 Jul 202400:00 | – | nessus | |
| Photon OS 5.0: Redis PHSA-2023-5.0-0175 | 24 Jul 202400:00 | – | nessus | |
| RHEL 8 : redis (Unpatched Vulnerability) | 12 Jul 202400:00 | – | nessus | |
| RHEL 9 : redis (Unpatched Vulnerability) | 12 Jul 202400:00 | – | nessus | |
| SUSE SLES15 / openSUSE 15 Security Update : redis (SUSE-SU-2022:4168-1) | 23 Nov 202200:00 | – | nessus | |
| SUSE SLES15 / openSUSE 15 Security Update : redis (SUSE-SU-2022:4169-1) | 23 Nov 202200:00 | – | nessus | |
| TencentOS Server 4: redis (TSSA-2024:0037) | 16 Jun 202500:00 | – | nessus | |
| Linux Distros Unpatched Vulnerability : CVE-2022-3647 | 5 Mar 202500:00 | – | nessus | |
| Medium: redis6 | 10 Apr 202300:00 | – | amazon |
# SPDX-FileCopyrightText: 2022 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
CPE = "cpe:/a:redis:redis";
if (description)
{
script_oid("1.3.6.1.4.1.25623.1.0.148871");
script_version("2026-06-25T06:55:31+0000");
script_tag(name:"last_modification", value:"2026-06-25 06:55:31 +0000 (Thu, 25 Jun 2026)");
script_tag(name:"creation_date", value:"2022-11-08 10:20:46 +0000 (Tue, 08 Nov 2022)");
script_tag(name:"cvss_base", value:"1.8");
script_tag(name:"cvss_base_vector", value:"AV:A/AC:H/Au:N/C:N/I:N/A:P");
script_tag(name:"severity_vector", value:"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L");
script_tag(name:"severity_origin", value:"NVD");
script_tag(name:"severity_date", value:"2022-10-21 18:15:10 +0000 (Fri, 21 Oct 2022)");
script_cve_id("CVE-2022-3647");
script_tag(name:"qod_type", value:"remote_banner_unreliable");
script_tag(name:"solution_type", value:"Mitigation");
script_name("Redis <= 7.0.5 DoS Vulnerability");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2022 Greenbone AG");
script_family("Databases");
script_dependencies("gb_redis_tcp_detect.nasl");
script_mandatory_keys("redis/detected");
script_tag(name:"summary", value:"Redis is prone to a denial of service (DoS) vulnerability.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present on the target host.");
script_tag(name:"insight", value:"A vulnerability, which was classified as problematic, was
found in Redis. Affected is the function sigsegvHandler of the file debug.c of the component
Crash Report. The manipulation leads to denial of service.
The real existence of this vulnerability is still doubted at the moment. The name of the
patch is 0bf90d944313919eb8e63d3588bf63a367f020a3. It is recommended to apply a patch to fix
this issue. VDB-211962 is the identifier assigned to this vulnerability.
NOTE: The vendor claims that this is not a DoS because it applies to the crash logging
mechanism which is triggered after a crash has occurred.");
script_tag(name:"affected", value:"Redis version 7.0.5 and prior.");
script_tag(name:"solution", value:"Apply the referenced patch.");
script_xref(name:"URL", value:"https://github.com/redis/redis/pull/11298");
script_xref(name:"URL", value:"https://github.com/redis/redis/commit/0bf90d944313919eb8e63d3588bf63a367f020a3");
exit(0);
}
include("host_details.inc");
include("version_func.inc");
if (!port = get_app_port(cpe: CPE))
exit(0);
if (!version = get_app_version(cpe: CPE, port: port))
exit(0);
if (version_is_less_equal(version: version, test_version: "7.0.5")) {
report = report_fixed_ver(installed_version: version, fixed_version: "See references");
security_message(port: port, data: report);
exit(0);
}
exit(0);
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation