21 matches found
TencentOS Server 4: redis (TSSA-2024:0037)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0037 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...
Linux Distros Unpatched Vulnerability : CVE-2023-25155
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Redis is an in-memory database that persists on disk. Authenticated users issuing specially crafted SRANDMEMBER, ZRANDMEMBER, and HRANDFIELD commands can trigge...
openSUSE: Security Advisory for redis7 (SUSE-SU-2023:2925-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-6531-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-6531-1: Redis vulnerabilities
Seiya Nakata and Yudai Fujiwara discovered that Redis incorrectly handled certain specially crafted Lua scripts. An attacker could possibly use this issue to cause heap corruption and execute arbitrary code. CVE-2022-24834 SeungHyun Lee discovered that Redis incorrectly handled specially crafted...
Amazon Linux 2 : redis (ALASREDIS6-2023-001)
The version of redis installed on the remote host is prior to 6.2.11-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2REDIS6-2023-001 advisory. Redis is an in-memory database that persists on disk. Authenticated users issuing specially crafted SETRANGE and SORTR...
CVE-2023-25155 affecting package redis 6.2.9-1
CVE-2023-25155 affecting package redis 6.2.9-1. An upgraded version of the package is available that resolves this issue...
Security Bulletin: IBM Event Streams is vulnerable to a denial of service due to Redis (CVE-2023-25155)
Summary A vulnerability in Redis affects IBM Event Streams. Vulnerability Details CVEID:CVE-2023-25155 DESCRIPTION: Redis is vulnerable to a denial of service, caused by an integer overflow. By sending a specially-crafted SRANDMEMBER, ZRANDMEMBER, and HRANDFIELD command, a remote authenticated...
CBL Mariner 2.0 Security Update: redis (CVE-2023-25155)
The version of redis installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-25155 advisory. - Redis is an in-memory database that persists on disk. Authenticated users issuing specially crafted...
SUSE: Security Advisory (SUSE-SU-2023:0693-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2023-25155 affecting package redis for versions less than 6.2.11-1
CVE-2023-25155 affecting package redis for versions less than 6.2.11-1. An upgraded version of the package is available that resolves this issue...
Redis < 6.0.18, 6.2.x < 6.2.11, 7.0.x < 7.0.9 Multiple Vulnerabilities
Redis is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:redis:redis"; if description...
Updated redis packages fix security vulnerability
Specially crafted SRANDMEMBER, ZRANDMEMBER, and HRANDFIELD commands can trigger an integer overflow, resulting in a runtime assertion and termination of the Redis server process. CVE-2023-25155 String matching commands like SCAN or KEYS with a specially crafted pattern to trigger a...
SUSE SLES15 / openSUSE 15 Security Update : redis (SUSE-SU-2023:0694-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0694-1 advisory. - CVE-2022-36021: Fixed integer overflow in RANDMEMBER, ZRANDMEMBER, and HRANDFIELD commands bsc1208790. -...
SUSE-SU-2023:0693-1 Security update for redis
This update for redis fixes the following issues: - CVE-2022-36021: Fixed integer overflow in RANDMEMBER, ZRANDMEMBER, and HRANDFIELD commands bsc1208790. - CVE-2023-25155: Fixed integer Overflow in RAND commands can lead to assertion bsc1208793...
AZL-25354 CVE-2023-25155 affecting package redis for versions less than 6.2.11-1
Redis is an in-memory database that persists on disk. Authenticated users issuing specially crafted SRANDMEMBER, ZRANDMEMBER, and HRANDFIELD commands can trigger an integer overflow, resulting in a runtime assertion and termination of the Redis server process. This problem affects all Redis...
CVE-2023-25155 Integer Overflow in several Redis commands can lead to denial of service.
Redis is an in-memory database that persists on disk. Authenticated users issuing specially crafted SRANDMEMBER, ZRANDMEMBER, and HRANDFIELD commands can trigger an integer overflow, resulting in a runtime assertion and termination of the Redis server process. This problem affects all Redis...
CVE-2023-25155 Integer Overflow in several Redis commands can lead to denial of service.
Redis is an in-memory database that persists on disk. Authenticated users issuing specially crafted SRANDMEMBER, ZRANDMEMBER, and HRANDFIELD commands can trigger an integer overflow, resulting in a runtime assertion and termination of the Redis server process. This problem affects all Redis...
CVE-2023-25155
Redis is affected by CVE-2023-25155 via authenticated SRANDMEMBER, ZRANDMEMBER, and HRANDFIELD usage, which can trigger an integer overflow and cause Redis to terminate due to an assertion. Patches are available in Redis 6.0.18, 6.2.11, and 7.0.9. Upgrading to these versions (or newer) is the adv...
CVE-2023-25155
Redis is an in-memory database that persists on disk. Authenticated users issuing specially crafted SRANDMEMBER, ZRANDMEMBER, and HRANDFIELD commands can trigger an integer overflow, resulting in a runtime assertion and termination of the Redis server process. This problem affects all Redis...