13 matches found
Alibaba Cloud Linux 3 : 0014: redis:6 (ALINUX3-SA-2025:0014)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2025:0014 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2022-24834: Redis is an in-memory...
RHEL 8 : redis:6 (RHSA-2025:0595)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:0595 advisory. Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets...
Linux Distros Unpatched Vulnerability : CVE-2023-22458
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Redis is an in-memory database that persists on disk. Authenticated users can issue a HRANDFIELD or ZRANDMEMBER command with specially crafted arguments to...
openSUSE: Security Advisory for redis (SUSE-SU-2023:0295-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Amazon Linux 2 : redis (ALASREDIS6-2023-001)
The version of redis installed on the remote host is prior to 6.2.11-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2REDIS6-2023-001 advisory. Redis is an in-memory database that persists on disk. Authenticated users issuing specially crafted SETRANGE and SORTR...
CBL Mariner 2.0 Security Update: redis (CVE-2023-22458)
The version of redis installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-22458 advisory. - Redis is an in-memory database that persists on disk. Authenticated users can issue a HRANDFIELD or ZRANDMEMB...
CVE-2023-22458 affecting package redis for versions less than 6.2.9-1
CVE-2023-22458 affecting package redis for versions less than 6.2.9-1. An upgraded version of the package is available that resolves this issue...
CVE-2023-22458 affecting package redis 6.2.7-2
CVE-2023-22458 affecting package redis 6.2.7-2. A patched version of the package is available...
SUSE-SU-2023:0295-1 Security update for redis
This update for redis fixes the following issues: - CVE-2022-35977: Fixed an integer overflow that could allow authenticated users to cause a crash bsc1207202. - CVE-2023-22458: Fixed a missing check that could allow authenticated users to cause a crash bsc1207203...
Fedora 36 : redis (2023-68ae37fca3)
The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-68ae37fca3 advisory. Redis 6.2.10 Released Mon Jan 17 12:00:00 IST 2023 Upgrade urgency: MODERATE, a quick followup fix for a recently released 6.2.9. Bug Fixes Revert t...
CVE-2023-22458
CVE-2023-22458 affects Redis: authenticated users can issue HRANDFIELD or ZRANDMEMBER with specially crafted arguments to trigger a denial-of-service via assertion failure. Affected versions are Redis 6.2.x (6.2 up to but not including 6.2.9) and 7.0.x (7.0 up to but not including 7.0.8). Remedia...
CVE-2023-22458 Integer overflow in multiple Redis commands can lead to denial-of-service
Redis is an in-memory database that persists on disk. Authenticated users can issue a HRANDFIELD or ZRANDMEMBER command with specially crafted arguments to trigger a denial-of-service by crashing Redis with an assertion failure. This problem affects Redis versions 6.2 or newer up to but not...
FreeBSD : redis -- multiple vulnerabilities (5fa68bd9-95d9-11ed-811a-080027f5fec9)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 5fa68bd9-95d9-11ed-811a-080027f5fec9 advisory. - The Redis core team reports: CVE-2022-35977, CVE-2023-22458 Note that Nessus has not tested...