15 matches found
Alibaba Cloud Linux 3 : 0014: redis:6 (ALINUX3-SA-2025:0014)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2025:0014 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2022-24834: Redis is an in-memory...
Linux Distros Unpatched Vulnerability : CVE-2022-35977
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Redis is an in-memory database that persists on disk. Authenticated users issuing specially crafted SETRANGE and SORTRO commands can trigger an integer overflow...
[SECURITY] [DLA 3973-1] redis security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3973-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk November 28, 2024 https://wiki.debian.org/LTS -...
openSUSE: Security Advisory for redis (SUSE-SU-2023:0295-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-6531-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-6531-1: Redis vulnerabilities
Seiya Nakata and Yudai Fujiwara discovered that Redis incorrectly handled certain specially crafted Lua scripts. An attacker could possibly use this issue to cause heap corruption and execute arbitrary code. CVE-2022-24834 SeungHyun Lee discovered that Redis incorrectly handled specially crafted...
Amazon Linux 2 : redis (ALASREDIS6-2023-001)
The version of redis installed on the remote host is prior to 6.2.11-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2REDIS6-2023-001 advisory. Redis is an in-memory database that persists on disk. Authenticated users issuing specially crafted SETRANGE and SORTR...
CVE-2022-35977 affecting package redis for versions less than 6.2.9-1
CVE-2022-35977 affecting package redis for versions less than 6.2.9-1. An upgraded version of the package is available that resolves this issue...
CVE-2022-35977 affecting package redis 6.2.7-2
CVE-2022-35977 affecting package redis 6.2.7-2. A patched version of the package is available...
SUSE-SU-2023:0295-1 Security update for redis
This update for redis fixes the following issues: - CVE-2022-35977: Fixed an integer overflow that could allow authenticated users to cause a crash bsc1207202. - CVE-2023-22458: Fixed a missing check that could allow authenticated users to cause a crash bsc1207203...
SUSE: Security Advisory (SUSE-SU-2023:0274-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 36 : redis (2023-68ae37fca3)
The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-68ae37fca3 advisory. Redis 6.2.10 Released Mon Jan 17 12:00:00 IST 2023 Upgrade urgency: MODERATE, a quick followup fix for a recently released 6.2.9. Bug Fixes Revert t...
CVE-2022-35977
CVE-2022-35977 affects Redis and is caused by an integer overflow triggered by authenticated users issuing SETRANGE and SORT(_RO) commands, leading Redis to allocate excessive memory and abort with an OOM panic. Affected fixes are available in Redis versions 7.0.8, 6.2.9, and 6.0.17; upgrading to...
CVE-2022-35977
Redis is an in-memory database that persists on disk. Authenticated users issuing specially crafted SETRANGE and SORTRO commands can trigger an integer overflow, resulting with Redis attempting to allocate impossible amounts of memory and abort with an out-of-memory OOM panic. The problem is fixe...
FreeBSD : redis -- multiple vulnerabilities (5fa68bd9-95d9-11ed-811a-080027f5fec9)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 5fa68bd9-95d9-11ed-811a-080027f5fec9 advisory. - The Redis core team reports: CVE-2022-35977, CVE-2023-22458 Note that Nessus has not tested...