Lucene search
+L

53 matches found

OSV
OSV
added 2025/05/09 12:42 p.m.5 views

OESA-2025-1474 redis security update

Redis is an advanced key-value store. It is often referred to as a dattructure server since keys can contain strings, hashes ,lists, sets anorted sets. Security Fixes: Redis is an open source, in-memory database that persists on disk. In versions starting at 2.6 and prior to 7.4.3, An...

7.5CVSS7.2AI score0.00843EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2025/05/06 5:25 p.m.10 views

Important: Red Hat Security Advisory: redis security update

An update for redis is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

7.5CVSS7AI score0.00843EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2025/05/06 5:25 p.m.5 views

redis: Redis DoS Vulnerability due to unlimited growth of output buffers abused by unauthenticated client

A flaw was found in the Redis server. This flaw allows an unauthenticated client to cause an unlimited growth of output buffers until the server runs out of memory or is killed. By default, the Redis configuration does not limit the output buffer of normal clients see client-output-buffer-limit...

7.5CVSS7.4AI score0.00843EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2025/05/03 12:0 a.m.12 views

Fedora 40 : redis (2025-290b0c6e2b)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-290b0c6e2b advisory. Redis 7.2.8 Released Wed 23 Apr 2025 12:00:00 IST Update urgency: SECURITY: There are security fixes in the release. Security fixes CVE-2025-21605 An...

7.5CVSS7.3AI score0.00843EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/04/29 12:0 a.m.14 views

Amazon Linux 2 : redis (ALASREDIS6-2025-012)

The version of redis installed on the remote host is prior to 6.2.14-2. It is, therefore, affected by a vulnerability as referenced in the ALAS2REDIS6-2025-012 advisory. Redis is an open source, in-memory database that persists on disk. In versions starting at 2.6 and prior to 7.4.3, An...

7.5CVSS7.4AI score0.00843EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/04/29 12:0 a.m.19 views

Amazon Linux 2023 : valkey, valkey-devel (ALAS2023-2025-949)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-949 advisory. Redis is an open source, in-memory database that persists on disk. In versions starting at 2.6 and prior to 7.4.3, An unauthenticated client can cause unlimited growth of output buffers, until the serve...

7.5CVSS7.3AI score0.00843EPSS
Exploits0References4
OSV
OSV
added 2025/04/25 7:24 a.m.36 views

BIT-REDIS-2025-21605 Redis DoS Vulnerability due to unlimited growth of output buffers abused by unauthenticated client

Redis is an open source, in-memory database that persists on disk. In versions starting at 2.6 and prior to 7.4.3, An unauthenticated client can cause unlimited growth of output buffers, until the server runs out of memory or is killed. By default, the Redis configuration does not limit the outpu...

7.5CVSS7.9AI score0.00843EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2025/04/24 12:0 a.m.15 views

FreeBSD : redis,valkey -- DoS Vulnerability due to unlimited growth of output buffers abused by unauthenticated client (af8d043f-20df-11f0-b9c5-000c295725e4)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the af8d043f-20df-11f0-b9c5-000c295725e4 advisory. Axel Mierczuk reports: By default, the Redis configuration does not limit the output buffer of normal...

7.5CVSS7.5AI score0.00843EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/04/23 3:38 p.m.23 views

CVE-2025-21605 Redis DoS Vulnerability due to unlimited growth of output buffers abused by unauthenticated client

Redis is an open source, in-memory database that persists on disk. In versions starting at 2.6 and prior to 7.4.3, An unauthenticated client can cause unlimited growth of output buffers, until the server runs out of memory or is killed. By default, the Redis configuration does not limit the outpu...

7.5CVSS0.00843EPSS
Exploits0References2
OSV
OSV
added 2025/04/23 3:38 p.m.29 views

CVE-2025-21605 Redis DoS Vulnerability due to unlimited growth of output buffers abused by unauthenticated client

Redis is an open source, in-memory database that persists on disk. In versions starting at 2.6 and prior to 7.4.3, An unauthenticated client can cause unlimited growth of output buffers, until the server runs out of memory or is killed. By default, the Redis configuration does not limit the outpu...

7.5CVSS5.1AI score0.00843EPSS
Exploits0References8
CVE
CVE
added 2025/04/23 3:38 p.m.245 views

CVE-2025-21605

CVE-2025-21605 affects Redis where, in versions starting at 2.6 and before 7.4.3, an unauthenticated client can cause unlimited growth of the output buffer, exhausting memory and potentially crashing the server. The issue occurs because Redis’ default client-output-buffer-limit does not cap norma...

7.5CVSS7.9AI score0.00843EPSS
Exploits0References6Affected Software1
ATTACKERKB
ATTACKERKB
added 2020/10/16 5:15 a.m.3 views

CVE-2020-27174

In Amazon AWS Firecracker before 0.21.3, and 0.22.x before 0.22.1, the serial console buffer can grow its memory usage without limit when data is sent to the standard input. This can result in a memory leak on the microVM emulation thread, possibly occupying more memory than intended on the host...

7.5CVSS5.6AI score0.01741EPSS
Exploits0References5
OSV
OSV
added 2020/09/25 12:0 p.m.35 views

RUSTSEC-2020-0043 Insufficient size checks in outgoing buffer in ws allows remote attacker to run the process out of memory

Affected versions of this crate did not properly check and cap the growth of the outgoing buffer. This allows a remote attacker to take down the process by growing the buffer of their single connection until the process runs out of memory it can allocate and is killed. The flaw was corrected in t...

7.5CVSS7.5AI score0.01336EPSS
Exploits0References3
Rows per page
Query Builder