Lucene search
K

24 matches found

OSV
OSV
added 2025/03/17 8:16 p.m.17 views

RLSA-2025:0693 Important: redis security update

Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, ...

9.8CVSS8AI score0.4292EPSS
Exploits4References6
OpenVAS
OpenVAS
added 2024/03/04 12:0 a.m.30 views

openSUSE: Security Advisory for redis (SUSE-SU-2023:4290-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

3.6CVSS6AI score0.00444EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2024/03/04 12:0 a.m.20 views

openSUSE Security Advisory (SUSE-SU-2024:0200-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

3.6CVSS4.8AI score0.00444EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2024/02/07 3:45 p.m.64 views

Security Bulletin: IBM DataPower Gateway vulnerable to unauthorized access in Redis

Summary Redis is used in gateway peering, B2B and rate-limiting. IBM has updated Redis to address the vulnerability. Vulnerability Details CVEID:CVE-2023-45145 DESCRIPTION: Redis could allow a local authenticated attacker to bypass security restrictions, caused by a race condition when a permissi...

3.6CVSS3.8AI score0.00444EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/02/06 12:0 a.m.59 views

Amazon Linux 2023 : redis6 (ALAS2023-2024-513)

The version of redis6 installed on the remote host is prior to 6.2.14-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2024-513 advisory. - Redis is an in-memory database that persists on disk. On startup, Redis begins listening on a Unix socket before adjusting its...

3.6CVSS6.9AI score0.00444EPSS
Exploits0References4
Amazon
Amazon
added 2024/02/06 12:0 a.m.4 views

Important: redis6

Issue Overview: Redis is an in-memory database that persists on disk. Redis incorrectly handles resizing of memory buffers which can result in integer overflow that leads to heap overflow and potential remote code execution. This issue has been patched in version 7.0.15 and 7.2.4. CVE-2023-41056...

8.1CVSS6.8AI score0.02582EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/02/06 12:0 a.m.52 views

Amazon Linux 2023 : redis6, redis6-devel (ALAS2023-2024-516)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-516 advisory. Redis is an in-memory database that persists on disk. Redis incorrectly handles resizing of memory buffers which can result in integer overflow that leads to heap overflow and potential remote...

8.1CVSS7.4AI score0.02582EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2024/01/24 12:0 a.m.37 views

SUSE SLES15 / openSUSE 15 Security Update : redis7 (SUSE-SU-2024:0200-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2024:0200-1 advisory. - CVE-2023-45145: Fixed a potential permission bypass due to a race condition during UNIX socket creation bsc1216376. Tenable...

3.6CVSS6.7AI score0.00444EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2023/12/06 12:0 a.m.128 views

Ubuntu: Security Advisory (USN-6531-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS6.2AI score0.59706EPSS
Exploits1References2
Ubuntu
Ubuntu
added 2023/12/05 4:35 p.m.501 views

USN-6531-1: Redis vulnerabilities

Seiya Nakata and Yudai Fujiwara discovered that Redis incorrectly handled certain specially crafted Lua scripts. An attacker could possibly use this issue to cause heap corruption and execute arbitrary code. CVE-2022-24834 SeungHyun Lee discovered that Redis incorrectly handled specially crafted...

8.8CVSS7.5AI score0.59706EPSS
Exploits1
CBLMariner
CBLMariner
added 2023/11/08 2:7 a.m.14 views

CVE-2023-45145 affecting package redis for versions less than 6.2.14-1

CVE-2023-45145 affecting package redis for versions less than 6.2.14-1. A patched version of the package is available...

3.6CVSS4.4AI score0.00444EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/11/07 12:0 a.m.37 views

Fedora 39 : redis (2023-fd75e4f307)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-fd75e4f307 advisory. Redis 7.2.2 Released Wed 18 Oct 2023 10:33:40 IDT Upgrade urgency SECURITY: See security fixes below. Security fixes CVE-2023-45145 The wrong order ...

3.6CVSS7.2AI score0.00444EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2023/11/07 12:0 a.m.24 views

SUSE: Security Advisory (SUSE-SU-2023:4376-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

3.6CVSS4.8AI score0.00444EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2023/11/05 12:0 a.m.17 views

Fedora: Security Advisory (FEDORA-2023-fd75e4f307)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

3.6CVSS4.6AI score0.00444EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/10/26 12:0 a.m.26 views

Fedora 37 : redis (2023-8a9087f089)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-8a9087f089 advisory. Redis 7.0.14 Released Wed 18 Oct 2023 10:33:40 IDT Upgrade urgency SECURITY: See security fixes below. Security fixes CVE-2023-45145 The wrong order...

3.6CVSS7.1AI score0.00444EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/10/26 12:0 a.m.21 views

Fedora 38 : redis (2023-77ed1e26a4)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-77ed1e26a4 advisory. Redis 7.0.14 Released Wed 18 Oct 2023 10:33:40 IDT Upgrade urgency SECURITY: See security fixes below. Security fixes CVE-2023-45145 The wrong order...

3.6CVSS7.1AI score0.00444EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2023/10/25 12:0 a.m.25 views

Mageia: Security Advisory (MGASA-2023-0301)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

3.6CVSS4.4AI score0.00444EPSS
Exploits0References4
OSV
OSV
added 2023/10/24 5:25 p.m.8 views

MGASA-2023-0301 Updated redis package fixes a security vulnerability

Redis upstream published a fix for CVE-2023-45145. CVE-2023-45145: The wrong order of listen2 and chmod2 calls creates a race condition that can be used by another process to bypass desired Unix socket permissions on startup...

3.6CVSS5.3AI score0.00444EPSS
Exploits0References3
Mageia
Mageia
added 2023/10/24 5:25 p.m.36 views

Updated redis package fixes a security vulnerability

Redis upstream published a fix for CVE-2023-45145. CVE-2023-45145: The wrong order of listen2 and chmod2 calls creates a race condition that can be used by another process to bypass desired Unix socket permissions on startup...

3.6CVSS7AI score0.00444EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2023/10/24 12:0 a.m.13 views

Debian: Security Advisory (DLA-3627-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

3.6CVSS4.4AI score0.00444EPSS
Exploits0References3
Rows per page
Query Builder