AZL-68360 CVE-2025-46819 affecting package compat-lua 5.1.5-17

Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted LUA script to read out-of-bound data or crash the server and subsequent denial of service. The problem exists in all versions of Redis with Lua...

CVE-2025-46818 Redis: Authenticated users can execute LUA scripts as a different user

Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lua script to manipulate different LUA objects and potentially run their own code in the context of another user. The problem exists in all versions o...

CVE-2024-31208

Synapse is an open-source Matrix homeserver. A remote Matrix user with malicious intent, sharing a room with Synapse instances before 1.105.1, can dispatch specially crafted events to exploit a weakness in the V2 state resolution algorithm. This can induce high CPU consumption and accumulate...

PT-2021-4401 · Redis +9 · Redis +9

Name of the Vulnerable Software and Affected Versions: Redis versions 2.6 through 6.2.5 Redis versions 6.0.0 through 6.0.15 Redis versions 5.0.0 through 5.0.13 Description: The issue is related to the Lua scripting support in Redis, where specially crafted Lua scripts can cause a heap-based Lua...