Lucene search
K

14 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2023-0223

Malicious code in bioql PyPI...

6.5CVSS5.9AI score0.01034EPSS
Exploits0References11
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-0222

Malicious code in bioql PyPI...

3.7CVSS5.3AI score0.01018EPSS
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.4 views

TencentOS Server 4: python-redis (TSSA-2024:0819)

"The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0819 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilitie...

6.5CVSS6.3AI score0.01034EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/05/15 12:0 a.m.28 views

SUSE SLED15: python-paramiko-doc / python-tqdm-bash-completion / etc (SUSE-SU-2024:1639-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1639-1 advisory. Changes in python-argcomplete - Update to 3.3.0 bsc1222880: Preserve compatibility with argparse...

6.5CVSS6.3AI score0.01034EPSS
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2023/04/14 12:0 a.m.20 views

FreeBSD : py39-redis -- can send response data to the client of an unrelated request (8aa6340d-e7c6-41e0-b2a3-3c9e9930312a)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 8aa6340d-e7c6-41e0-b2a3-3c9e9930312a advisory. - redis-py before 4.4.4 and 4.5.x before 4.5.4 leaves a connection open after canceling an async Redis...

6.5CVSS6.3AI score0.01034EPSS
Exploits0References3
OSV
OSV
added 2023/03/26 9:30 p.m.2 views

GHSA-24WV-MV5M-XV4H redis-py Race Condition vulnerability

redis-py before 4.5.3, as used in ChatGPT and other products, leaves a connection open after canceling an async Redis command at an inopportune time in the case of a pipeline operation, and can send response data to the client of an unrelated request in an off-by-one manner. The fixed versions fo...

6.3CVSS6.5AI score0.01018EPSS
Exploits0References12
vulnersOsv
vulnersOsv
added 2023/03/26 9:30 p.m.4 views

ad-sdl-wei (>=0.5.1 <=0.5.4), addok (>=1.1.0 <=1.1.0rc2) +143 more potentially affected by CVE-2023-28859 via redis (>=4.2.0 <=4.4.3)

redis PYPI version =4.2.0, =0.5.1, =1.1.0, =1.2.0a20250730, =2.2.1, =22.5.13, =0.1.1, =0.10.0, =0.2.0, =0.5.0, =22.6.0b4, =22.6.0b4, =22.6.0b4, =22.9.5, =23.3.2 and more Source cves: CVE-2023-28859 Source advisory: OSV:GHSA-8FWW-64CX-X8P5...

6.5CVSS6.5AI score0.01034EPSS
Exploits0
Github Security Blog
Github Security Blog
added 2023/03/26 9:30 p.m.86 views

redis-py Race Condition vulnerability

redis-py before 4.5.3, as used in ChatGPT and other products, leaves a connection open after canceling an async Redis command at an inopportune time in the case of a pipeline operation, and can send response data to the client of an unrelated request in an off-by-one manner. The fixed versions fo...

3.7CVSS6AI score0.01018EPSS
Exploits0References12Affected Software1
Cvelist
Cvelist
added 2023/03/26 12:0 a.m.52 views

CVE-2023-28859

redis-py before 4.4.4 and 4.5.x before 4.5.4 leaves a connection open after canceling an async Redis command at an inopportune time, and can send response data to the client of an unrelated request. This could, for example, happen for a non-pipeline operation. NOTE: the solutions for CVE-2023-288...

5.5AI score0.01034EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2023/03/26 12:0 a.m.8 views

CVE-2023-28859

redis-py before 4.4.4 and 4.5.x before 4.5.4 leaves a connection open after canceling an async Redis command at an inopportune time, and can send response data to the client of an unrelated request. This could, for example, happen for a non-pipeline operation. NOTE: the solutions for CVE-2023-288...

5.4AI score0.01034EPSS
Exploits0References5
OSV
OSV
added 2023/03/26 12:0 a.m.31 views

CVE-2023-28859

redis-py before 4.4.4 and 4.5.x before 4.5.4 leaves a connection open after canceling an async Redis command at an inopportune time, and can send response data to the client of an unrelated request. This could, for example, happen for a non-pipeline operation. NOTE: the solutions for CVE-2023-288...

6.5CVSS5.7AI score0.01034EPSS
Exploits0References7
CVE
CVE
added 2023/03/26 12:0 a.m.154 views

CVE-2023-28859

CVE-2023-28859 affects redis-py: vulnerable in versions before 4.4.4 and 4.5.x before 4.5.4. The issue leaves a connection open after canceling an async Redis command at an inopportune time, potentially sending response data to the client of an unrelated request (e.g., non-pipeline operations). T...

6.5CVSS5.1AI score0.01034EPSS
Exploits0References5Affected Software1
AlpineLinux
AlpineLinux
added 2023/03/26 12:0 a.m.41 views

CVE-2023-28859

redis-py before 4.4.4 and 4.5.x before 4.5.4 leaves a connection open after canceling an async Redis command at an inopportune time, and can send response data to the client of an unrelated request. This could, for example, happen for a non-pipeline operation. NOTE: the solutions for CVE-2023-288...

6.5CVSS5.3AI score0.01034EPSS
Exploits0
FreeBSD
FreeBSD
added 2023/03/26 12:0 a.m.29 views

py39-redis -- can send response data to the client of an unrelated request

drago-balto reports: redis-py before 4.5.3, as used in ChatGPT and other products, leaves a connection open after canceling an async Redis command at an inopportune time in the case of a pipeline operation, and can send response data to the client of an unrelated request in an off-by-one manner...

6.5CVSS6.2AI score0.01034EPSS
Exploits0References1
Rows per page
Query Builder