3325 matches found
CVE-2020-15945 affecting package lua 5.3.5-9
CVE-2020-15945 affecting package lua 5.3.5-9. This CVE either no longer is or was never applicable...
CVE-2022-33099 affecting package lua 5.3.5-9
CVE-2022-33099 affecting package lua 5.3.5-9. This CVE either no longer is or was never applicable...
FreeBSD : redis,valkey -- Remote code execution valnerability (5f19ac58-cc90-11ef-abed-08002784c58d)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 5f19ac58-cc90-11ef-abed-08002784c58d advisory. Redis core team reports: An authenticated user may use a specially crafted Lua script to manipulate the...
[SECURITY] Fedora 41 Update: valkey-8.0.2-1.fc41
Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing s...
Redis Stack Lua Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Redis Stack. Authentication is required to exploit this vulnerability. The specific flaw exists within the Lua module. The issue results from the lack of validating the existence of an object prior t...
BIT-VALKEY-2024-46981 Redis' Lua library commands may lead to remote code execution
Redis is an open source, in-memory database that persists on disk. An authenticated user may use a specially crafted Lua script to manipulate the garbage collector and potentially lead to remote code execution. The problem is fixed in 7.4.2, 7.2.7, and 6.2.17. An additional workaround to mitigate...
BIT-REDIS-2024-46981 Redis' Lua library commands may lead to remote code execution
Redis is an open source, in-memory database that persists on disk. An authenticated user may use a specially crafted Lua script to manipulate the garbage collector and potentially lead to remote code execution. The problem is fixed in 7.4.2, 7.2.7, and 6.2.17. An additional workaround to mitigate...
BIT-KEYDB-2024-46981 Redis' Lua library commands may lead to remote code execution
Redis is an open source, in-memory database that persists on disk. An authenticated user may use a specially crafted Lua script to manipulate the garbage collector and potentially lead to remote code execution. The problem is fixed in 7.4.2, 7.2.7, and 6.2.17. An additional workaround to mitigate...
SUSE CVE-2024-46981
Redis is an open source, in-memory database that persists on disk. An authenticated user may use a specially crafted Lua script to manipulate the garbage collector and potentially lead to remote code execution. The problem is fixed in 7.4.2, 7.2.7, and 6.2.17. An additional workaround to mitigate...
CVE-2024-46981
A flaw was found in the Redis server. This flaw allows an authenticated user to use a specially crafted Lua script to manipulate the garbage collector, potentially leading to remote code execution. Mitigation A workaround to mitigate the problem without patching the redis-server executable is to...
CVE-2024-46981
Redis is an open source, in-memory database that persists on disk. An authenticated user may use a specially crafted Lua script to manipulate the garbage collector and potentially lead to remote code execution. The problem is fixed in 7.4.2, 7.2.7, and 6.2.17. An additional workaround to mitigate...
DEBIAN-CVE-2024-46981
Redis is an open source, in-memory database that persists on disk. An authenticated user may use a specially crafted Lua script to manipulate the garbage collector and potentially lead to remote code execution. The problem is fixed in 7.4.2, 7.2.7, and 6.2.17. An additional workaround to mitigate...
AZL-54969 CVE-2024-46981 affecting package redis for versions less than 6.2.17-1
Redis is an open source, in-memory database that persists on disk. An authenticated user may use a specially crafted Lua script to manipulate the garbage collector and potentially lead to remote code execution. The problem is fixed in 7.4.2, 7.2.7, and 6.2.17. An additional workaround to mitigate...
ALPINE-CVE-2024-46981
Redis is an open source, in-memory database that persists on disk. An authenticated user may use a specially crafted Lua script to manipulate the garbage collector and potentially lead to remote code execution. The problem is fixed in 7.4.2, 7.2.7, and 6.2.17. An additional workaround to mitigate...
AZL-55286 CVE-2024-46981 affecting package valkey for versions less than 8.0.2-1
Redis is an open source, in-memory database that persists on disk. An authenticated user may use a specially crafted Lua script to manipulate the garbage collector and potentially lead to remote code execution. The problem is fixed in 7.4.2, 7.2.7, and 6.2.17. An additional workaround to mitigate...
UBUNTU-CVE-2024-46981
Redis is an open source, in-memory database that persists on disk. An authenticated user may use a specially crafted Lua script to manipulate the garbage collector and potentially lead to remote code execution. The problem is fixed in 7.4.2, 7.2.7, and 6.2.17. An additional workaround to mitigate...
CVE-2024-46981 Redis' Lua library commands may lead to remote code execution
Redis is an open source, in-memory database that persists on disk. An authenticated user may use a specially crafted Lua script to manipulate the garbage collector and potentially lead to remote code execution. The problem is fixed in 7.4.2, 7.2.7, and 6.2.17. An additional workaround to mitigate...
CVE-2024-46981 Redis' Lua library commands may lead to remote code execution
Redis is an open source, in-memory database that persists on disk. An authenticated user may use a specially crafted Lua script to manipulate the garbage collector and potentially lead to remote code execution. The problem is fixed in 7.4.2, 7.2.7, and 6.2.17. An additional workaround to mitigate...
CVE-2024-46981
Redis is an open source, in-memory database that persists on disk. An authenticated user may use a specially crafted Lua script to manipulate the garbage collector and potentially lead to remote code execution. The problem is fixed in 7.4.2, 7.2.7, and 6.2.17. An additional workaround to mitigate...
CVE-2024-46981
CVE-2024-46981 affects Redis where an authenticated user using a crafted Lua script can manipulate the Lua garbage collector, potentially leading to remote code execution. Affected Redis versions are fixed in 7.4.2, 7.2.7, and 6.2.17; advisories also note an added mitigation: restricting Lua exec...