AZL-68360 CVE-2025-46819 affecting package compat-lua 5.1.5-17

Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted LUA script to read out-of-bound data or crash the server and subsequent denial of service. The problem exists in all versions of Redis with Lua...

Updated redis packages fix security vulnerability

Authenticated users can use the HINCRBYFLOAT command to create an invalid hash field that will crash Redis on access. CVE-2023-28856...

Redis 安全漏洞

Redis Labs Redis is Redis Labs, Inc. is a set of open source written in ANSI C, network-enabled, memory-based can also be persistent log-type, key-value Key-Value storage database, and provides a variety of languages API. A security vulnerability exists in Redis versions 7.0.0 through 7.0.10, 6.2...

UBUNTU-CVE-2023-28425

Redis is an in-memory database that persists on disk. Starting in version 7.0.8 and prior to version 7.0.10, authenticated users can use the MSETNX command to trigger a runtime assertion and termination of the Redis server process. The problem is fixed in Redis version 7.0.10...

SUSE CVE-2023-22458

Redis is an in-memory database that persists on disk. Authenticated users can issue a HRANDFIELD or ZRANDMEMBER command with specially crafted arguments to trigger a denial-of-service by crashing Redis with an assertion failure. This problem affects Redis versions 6.2 or newer up to but not...

SUSE-SU-2022:4168-1 Security update for redis

This update for redis fixes the following issues: - CVE-2022-3647: Fixed crash in sigsegvHandler debug function bsc1204633...

Redis Crash Report debug.c sigsegvHandler denial of service

...

A Malformed Lua script can crash Redis

...

AZL-9599 CVE-2022-24736 affecting package redis for versions less than 6.2.7-1

Redis is an in-memory database that persists on disk. Prior to versions 6.2.7 and 7.0.0, an attacker attempting to load a specially crafted Lua script can cause NULL pointer dereference which will result with a crash of the redis-server process. The problem is fixed in Redis versions 7.0.0 and...

AZL-45357 CVE-2022-24736 affecting package compat-lua 5.1.5-17

Redis is an in-memory database that persists on disk. Prior to versions 6.2.7 and 7.0.0, an attacker attempting to load a specially crafted Lua script can cause NULL pointer dereference which will result with a crash of the redis-server process. The problem is fixed in Redis versions 7.0.0 and...

UBUNTU-CVE-2022-24736

Redis is an in-memory database that persists on disk. Prior to versions 6.2.7 and 7.0.0, an attacker attempting to load a specially crafted Lua script can cause NULL pointer dereference which will result with a crash of the redis-server process. The problem is fixed in Redis versions 7.0.0 and...

CVE-2022-24736 A Malformed Lua script can crash Redis

Redis is an in-memory database that persists on disk. Prior to versions 6.2.7 and 7.0.0, an attacker attempting to load a specially crafted Lua script can cause NULL pointer dereference which will result with a crash of the redis-server process. The problem is fixed in Redis versions 7.0.0 and...