21 matches found
TencentOS Server 4: redis (TSSA-2024:0037)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0037 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...
Alibaba Cloud Linux 3 : 0014: redis:6 (ALINUX3-SA-2025:0014)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2025:0014 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2022-24834: Redis is an in-memory...
Linux Distros Unpatched Vulnerability : CVE-2022-36021
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Redis is an in-memory database that persists on disk. Authenticated users can use string matching commands like SCAN or KEYS with a specially crafted pattern to...
openSUSE: Security Advisory for redis7 (SUSE-SU-2023:2925-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-6531-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-6531-1: Redis vulnerabilities
Seiya Nakata and Yudai Fujiwara discovered that Redis incorrectly handled certain specially crafted Lua scripts. An attacker could possibly use this issue to cause heap corruption and execute arbitrary code. CVE-2022-24834 SeungHyun Lee discovered that Redis incorrectly handled specially crafted...
Amazon Linux 2 : redis (ALASREDIS6-2023-001)
The version of redis installed on the remote host is prior to 6.2.11-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2REDIS6-2023-001 advisory. Redis is an in-memory database that persists on disk. Authenticated users issuing specially crafted SETRANGE and SORTR...
CVE-2022-36021 affecting package redis 6.2.9-1
CVE-2022-36021 affecting package redis 6.2.9-1. An upgraded version of the package is available that resolves this issue...
SUSE: Security Advisory (SUSE-SU-2023:0693-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2022-36021 affecting package redis for versions less than 6.2.11-1
CVE-2022-36021 affecting package redis for versions less than 6.2.11-1. An upgraded version of the package is available that resolves this issue...
Redis < 6.0.18, 6.2.x < 6.2.11, 7.0.x < 7.0.9 Multiple Vulnerabilities
Redis is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:redis:redis"; if description...
Debian dla-3361 : redis - security update
The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3361 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3361-1 [email protected] https://www.debian.org/lts/security/...
Updated redis packages fix security vulnerability
Specially crafted SRANDMEMBER, ZRANDMEMBER, and HRANDFIELD commands can trigger an integer overflow, resulting in a runtime assertion and termination of the Redis server process. CVE-2023-25155 String matching commands like SCAN or KEYS with a specially crafted pattern to trigger a...
SUSE SLES15 / openSUSE 15 Security Update : redis (SUSE-SU-2023:0694-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0694-1 advisory. - CVE-2022-36021: Fixed integer overflow in RANDMEMBER, ZRANDMEMBER, and HRANDFIELD commands bsc1208790. -...
SUSE-SU-2023:0693-1 Security update for redis
This update for redis fixes the following issues: - CVE-2022-36021: Fixed integer overflow in RANDMEMBER, ZRANDMEMBER, and HRANDFIELD commands bsc1208790. - CVE-2023-25155: Fixed integer Overflow in RAND commands can lead to assertion bsc1208793...
AZL-13830 CVE-2022-36021 affecting package redis for versions less than 6.2.11-1
Redis is an in-memory database that persists on disk. Authenticated users can use string matching commands like SCAN or KEYS with a specially crafted pattern to trigger a denial-of-service attack on Redis, causing it to hang and consume 100% CPU time. The problem is fixed in Redis versions 6.0.18...
CVE-2022-36021
Redis is an in-memory database that persists on disk. Authenticated users can use string matching commands like SCAN or KEYS with a specially crafted pattern to trigger a denial-of-service attack on Redis, causing it to hang and consume 100% CPU time. The problem is fixed in Redis versions 6.0.18...
CVE-2022-36021 Redis string pattern matching can be abused to achieve Denial of Service
Redis is an in-memory database that persists on disk. Authenticated users can use string matching commands like SCAN or KEYS with a specially crafted pattern to trigger a denial-of-service attack on Redis, causing it to hang and consume 100% CPU time. The problem is fixed in Redis versions 6.0.18...
CVE-2022-36021 Redis string pattern matching can be abused to achieve Denial of Service
Redis is an in-memory database that persists on disk. Authenticated users can use string matching commands like SCAN or KEYS with a specially crafted pattern to trigger a denial-of-service attack on Redis, causing it to hang and consume 100% CPU time. The problem is fixed in Redis versions 6.0.18...
CVE-2022-36021
CVE-2022-36021 affects Redis: authenticated users can issue string-matching commands (e.g., SCAN or KEYS) with a crafted pattern to trigger a denial-of-service, causing Redis to hang and use 100% CPU. Public advisories in connected documents confirm the issue and document the fixed versions: Redi...