421 matches found
Amazon Linux 2 : redis (ALASREDIS6-2023-002)
The version of redis installed on the remote host is prior to 6.2.13-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2REDIS6-2023-002 advisory. A heap-based buffer overflow flaw was found in Redis. This flaw allows an attacker to trick an authenticated user into executin...
Important: redis
Issue Overview: A heap-based buffer overflow flaw was found in Redis. This flaw allows an attacker to trick an authenticated user into executing a specially crafted Lua script in Redis. This attack triggers a heap overflow in the cjson and cmsgpack libraries, resulting in heap corruption and...
SUSE SLES15 Security Update : redis (SUSE-SU-2023:3407-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3407-1 advisory. - Redis is an in-memory database that persists on disk. A specially crafted Lua script executing in Redis can trigger a heap overfl...
Mageia: Security Advisory (MGASA-2023-0246)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Updated redis packages fix security vulnerability
A specially crafted Lua script executing in Redis can trigger a heap overflow in the cjson and cmsgpack libraries, and result in heap corruption and potentially remote code execution. CVE-2022-24834...
Amazon Linux 2023 : redis6, redis6-devel (ALAS2023-2023-291)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-291 advisory. A heap-based buffer overflow flaw was found in Redis. This flaw allows an attacker to trick an authenticated user into executing a specially crafted Lua script in Redis. This attack triggers a heap...
Remote Code Execution (RCE)
redis is vulnerable to Remote Code Execution RCE. This vulnerability occurs due to a flaw in the way that Redis handles cJSON and cmsgpack libraries. An attacker can exploit this vulnerability to cause Redis to crash or to execute arbitrary code...
OESA-2023-1458 redis security update
Redis is an advanced key-value store. It is often referred to as a dattructure server since keys can contain strings, hashes,lists, sets anorted sets. Security Fixes: Redis is an in-memory database that persists on disk. A specially crafted Lua script executing in Redis can trigger a heap overflo...
Heap overflow issue with the Lua cjson library used by Redis
...
SUSE SLES15 / openSUSE 15 Security Update : redis (SUSE-SU-2023:2924-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2023:2924-1 advisory. - Redis is an in-memory database that persists on disk. A specially crafted Lua script executing in Redis can trigger a heap...
SUSE-SU-2023:2924-1 Security update for redis
This update for redis fixes the following issues: - CVE-2022-24834: Fixed heap overflow in the cjson and cmsgpack libraries bsc1213193...
Fedora 38 : redis (2023-c406ba1ff6)
The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-c406ba1ff6 advisory. Redis 7.0.12 - Released Mon July 10 12:00:00 IDT 2023 Upgrade urgency SECURITY: See security fixes below. Security Fixes: CVE-2022-24834 A specially...
ALPINE-CVE-2022-24834
Redis is an in-memory database that persists on disk. A specially crafted Lua script executing in Redis can trigger a heap overflow in the cjson library, and result with heap corruption and potentially remote code execution. The problem exists in all versions of Redis with Lua scripting support,...
CVE-2022-24834
Redis is an in-memory database that persists on disk. A specially crafted Lua script executing in Redis can trigger a heap overflow in the cjson library, and result with heap corruption and potentially remote code execution. The problem exists in all versions of Redis with Lua scripting support,...
DEBIAN-CVE-2022-24834
Redis is an in-memory database that persists on disk. A specially crafted Lua script executing in Redis can trigger a heap overflow in the cjson library, and result with heap corruption and potentially remote code execution. The problem exists in all versions of Redis with Lua scripting support,...
AZL-27477 CVE-2022-24834 affecting package redis for versions less than 6.2.13-2
Redis is an in-memory database that persists on disk. A specially crafted Lua script executing in Redis can trigger a heap overflow in the cjson library, and result with heap corruption and potentially remote code execution. The problem exists in all versions of Redis with Lua scripting support,...
Null pointer dereference
Redis is an in-memory database that persists on disk. A specially crafted Lua script executing in Redis can trigger a heap overflow in the cjson library, and result with heap corruption and potentially remote code execution. The problem exists in all versions of Redis with Lua scripting support,...
UBUNTU-CVE-2022-24834
Redis is an in-memory database that persists on disk. A specially crafted Lua script executing in Redis can trigger a heap overflow in the cjson library, and result with heap corruption and potentially remote code execution. The problem exists in all versions of Redis with Lua scripting support,...
CVE-2022-24834 Heap overflow issue with the Lua cjson library used by Redis
Redis is an in-memory database that persists on disk. A specially crafted Lua script executing in Redis can trigger a heap overflow in the cjson library, and result with heap corruption and potentially remote code execution. The problem exists in all versions of Redis with Lua scripting support,...
CVE-2022-24834
Redis is an in-memory database that persists on disk. A specially crafted Lua script executing in Redis can trigger a heap overflow in the cjson library, and result with heap corruption and potentially remote code execution. The problem exists in all versions of Redis with Lua scripting support,...