30 matches found
TencentOS Server 3: redis (TSSA-2022:0174)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2022:0174 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
BELL-CVE-2021-32675 CVE-2021-32675 does not affect BellSoft software
Bulletin has no description...
SUSE CVE-2021-32675
Redis is an open source, in-memory database that persists on disk. When parsing an incoming Redis Standard Protocol RESP request, Redis allocates memory according to user-specified values which determine the number of elements in the multi-bulk header and size of each element in the bulk header. ...
Ubuntu: Security Advisory (USN-5221-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: IBM Cloud Pak for Multicloud Management Monitoring is vulnerable to various attacks due to its use of redis (CVE-2021-32675, CVE-2021-32626, CVE-2021-32672)
Summary Redis is used by several components in IBM Cloud Pak for Multicloud Management Monitoring as an in-memory shared cache database. It is not exposed outside the cluster. Vulnerability Details CVEID: CVE-2021-32672 DESCRIPTION: Redis could allow a remote authenticated attacker to obtain...
Security Bulletin: IBM DataPower Gateway: Update Redis to remediate two CVEs
Summary IBM has addressed the CVEs Vulnerability Details CVEID: CVE-2021-32626 DESCRIPTION: Redis is vulnerable to a heap-based buffer overflow, caused by improper bounds checking. By executing specially-crafted Lua scripts, a remote authenticated attacker could overflow a buffer and execute...
CVE-2021-32675 affecting package redis for versions less than 6.2.6-1
CVE-2021-32675 affecting package redis for versions less than 6.2.6-1. An upgraded version of the package is available that resolves this issue...
openSUSE: Security Advisory for redis (openSUSE-SU-2021:3772-1)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
SUSE: Security Advisory (SUSE-SU-2021:3772-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
OPENSUSE-SU-2021:3772-1 Security update for redis
This update for redis fixes the following issues: - CVE-2021-32627: Fixed integer to heap buffer overflows with streams bsc1191305. - CVE-2021-32628: Fixed integer to heap buffer overflows handling ziplist-encoded data types bsc1191305. - CVE-2021-32687: Fixed integer to heap buffer overflow with...
Debian: Security Advisory (DLA-2810-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DSA 5001-1] redis security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5001-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff November 05, 2021 https://www.debian.org/security/faq -...
[SECURITY] [DLA 2810-1] redis security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2810-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb November 05, 2021 https://wiki.debian.org/LTS -...
CentOS 8 : redis:5 (CESA-2021:3918)
The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2021:3918 advisory. - redis: Lua scripts can overflow the heap-based Lua stack CVE-2021-32626 - redis: Integer overflow issue with Streams CVE-2021-32627 - redis: Integer...
RHEL 7 : Red Hat OpenStack Platform 13.0 (redis) (RHSA-2021:3980)
The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:3980 advisory. Redis is an advanced key-value store. Security Fixes: Lua scripts can overflow the heap-based Lua stack CVE-2021-32626 Integer overflow issu...
Important: Red Hat Security Advisory: Red Hat OpenStack Platform 10.0 (redis) security update
An update for redis is now available for Red Hat OpenStack Platform 10 Newton. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabilit...
CVE-2021-32675 affecting package redis 5.0.5-7
CVE-2021-32675 affecting package redis 5.0.5-7. An upgraded version of the package is available that resolves this issue...
RHEL 8 : redis:6 (RHSA-2021:3945)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:3945 advisory. Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets...
RHEL 8 : redis:5 (RHSA-2021:3946)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:3946 advisory. Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets...
Updated redis packages fix security vulnerability
CVE-2021-32626: Specially crafted Lua scripts executing in Redis can cause the heap-based Lua stack to be overflowed, due to incomplete checks for this condition. This can result with heap corruption and potentially remote code execution. CVE-2021-32627: An integer overflow bug in Redis 5.0 or...