UBUNTU-CVE-2022-0543

It was discovered, that redis, a persistent key-value database, due to a packaging issue, is prone to a Debian-specific Lua sandbox escape, which could result in remote code execution...

CVE-2022-0543

It was discovered, that redis, a persistent key-value database, due to a packaging issue, is prone to a Debian-specific Lua sandbox escape, which could result in remote code execution...

CVE-2022-0543

CVE-2022-0543 concerns Redis with a Debian-specific Lua sandbox escape packaging issue that can lead to remote code execution. The vulnerability is described as a Debian packaging problem in Redis, enabling a sandbox escape and potential arbitrary code execution on affected systems. Public adviso...

CVE-2022-0543

It was discovered, that redis, a persistent key-value database, due to a packaging issue, is prone to a Debian-specific Lua sandbox escape, which could result in remote code execution...

[SECURITY] [DSA 5081-1] redis security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5081-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff February 18, 2022 https://www.debian.org/security/faq -...

CVE-2022-0543

It was discovered, that redis, a persistent key-value database, due to a packaging issue, is prone to a Debian-specific Lua sandbox escape, which could result in remote code execution. Recent assessments: NinjaOperator at March 25, 2022 8:04pm UTC reported: Muhstik Gang has been seen exploiting...

PT-2022-1643

Name of the Vulnerable Software and Affected Versions Redis versions prior to the fixed version Debian-specific Redis Server affected versions not specified Description A Lua sandbox escape vulnerability in Redis could result in remote code execution. The issue is related to a packaging problem a...

CVE-2017-11615

A sandbox escape in the Lua interface in Wube Factorio before 0.15.31 allows remote game servers or user-assisted attackers to execute arbitrary C code by including and loading a C library...

Moderate: Red Hat Security Advisory: redis security advisory

Updated redis packages that fix a security issue are now available for Red Hat Enterprise Linux OpenStack Platform 7.0. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating,...

redis: Integer wraparound in lua_struct.c causing stack-based buffer overflow

An integer-wraparound flaw leading to a stack-based overflow was found in Redis. A user with access to run Lua code in a Redis session could possibly use this flaw to crash the server denial of service or gain code execution outside of the Lua sandbox...

redis: Integer wraparound in lua_struct.c causing stack-based buffer overflow

An integer-wraparound flaw leading to a stack-based overflow was found in Redis. A user with access to run Lua code in a Redis session could possibly use this flaw to crash the server denial of service or gain code execution outside of the Lua sandbox...

openSUSE Security Update : redis (openSUSE-2015-634)

redis was updated to version 2.8.22 boo934048 to fix a LUA sandbox update. CVE-2015-4335 Details can be found on http://benmmurphy.github.io/blog/2015/06/04/redis-eval-lua-sandbox-esc ape/ For the other changes see in the package: /usr/share/doc/packages/redis/00-RELEASENOTES %NASLMINLEVEL 70300 ...

redis: Lua sandbox escape and arbitrary code execution

A flaw was discovered in redis that could allow an authenticated user, who was able to use the EVAL command to run Lua code, to break out of the Lua sandbox and execute arbitrary code on the system...

Fedora 21 : redis-2.8.21-1.fc21 (2015-9488)

Upstream 2.8.21 RHBZ 1228245 - Fix Lua sandbox escape and arbitrary code execution RHBZ 1228331 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as...

Redis EVAL Lua Sandbox Security Bypass Vulnerability

Redis is an open source memory-based and key-value pair storage the simplest form of database organization database system. Redis has a security vulnerability that allows a remote attacker to bypass certain security restrictions by submitting a special eval command to execute arbitrary Lua byteco...

Debian Security Advisory DSA 3279-1 (redis - security update)

It was discovered that redis, a persistent key-value database, could execute insecure Lua bytecode by way of the EVAL command. This could allow remote attackers to break out of the Lua sandbox and execute arbitrary code. OpenVAS Vulnerability Test $Id: deb3279.nasl 6609 2017-07-07 12:05:59Z...

Redis < 2.8.21, 3.x < 3.0.2 EVAL Lua Sandbox Escape Vulnerability

It is possible to break out of the Lua sandbox in Redis and execute arbitrary code. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...