24 matches found
RLSA-2025:0693 Important: redis security update
Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, ...
openSUSE: Security Advisory for redis (SUSE-SU-2023:4290-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Advisory (SUSE-SU-2024:0200-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: IBM DataPower Gateway vulnerable to unauthorized access in Redis
Summary Redis is used in gateway peering, B2B and rate-limiting. IBM has updated Redis to address the vulnerability. Vulnerability Details CVEID:CVE-2023-45145 DESCRIPTION: Redis could allow a local authenticated attacker to bypass security restrictions, caused by a race condition when a permissi...
Amazon Linux 2023 : redis6 (ALAS2023-2024-513)
The version of redis6 installed on the remote host is prior to 6.2.14-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2024-513 advisory. - Redis is an in-memory database that persists on disk. On startup, Redis begins listening on a Unix socket before adjusting its...
Important: redis6
Issue Overview: Redis is an in-memory database that persists on disk. Redis incorrectly handles resizing of memory buffers which can result in integer overflow that leads to heap overflow and potential remote code execution. This issue has been patched in version 7.0.15 and 7.2.4. CVE-2023-41056...
Amazon Linux 2023 : redis6, redis6-devel (ALAS2023-2024-516)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-516 advisory. Redis is an in-memory database that persists on disk. Redis incorrectly handles resizing of memory buffers which can result in integer overflow that leads to heap overflow and potential remote...
SUSE SLES15 / openSUSE 15 Security Update : redis7 (SUSE-SU-2024:0200-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2024:0200-1 advisory. - CVE-2023-45145: Fixed a potential permission bypass due to a race condition during UNIX socket creation bsc1216376. Tenable...
Ubuntu: Security Advisory (USN-6531-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-6531-1: Redis vulnerabilities
Seiya Nakata and Yudai Fujiwara discovered that Redis incorrectly handled certain specially crafted Lua scripts. An attacker could possibly use this issue to cause heap corruption and execute arbitrary code. CVE-2022-24834 SeungHyun Lee discovered that Redis incorrectly handled specially crafted...
CVE-2023-45145 affecting package redis for versions less than 6.2.14-1
CVE-2023-45145 affecting package redis for versions less than 6.2.14-1. A patched version of the package is available...
SUSE: Security Advisory (SUSE-SU-2023:4376-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 39 : redis (2023-fd75e4f307)
The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-fd75e4f307 advisory. Redis 7.2.2 Released Wed 18 Oct 2023 10:33:40 IDT Upgrade urgency SECURITY: See security fixes below. Security fixes CVE-2023-45145 The wrong order ...
Fedora: Security Advisory (FEDORA-2023-fd75e4f307)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 37 : redis (2023-8a9087f089)
The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-8a9087f089 advisory. Redis 7.0.14 Released Wed 18 Oct 2023 10:33:40 IDT Upgrade urgency SECURITY: See security fixes below. Security fixes CVE-2023-45145 The wrong order...
Fedora 38 : redis (2023-77ed1e26a4)
The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-77ed1e26a4 advisory. Redis 7.0.14 Released Wed 18 Oct 2023 10:33:40 IDT Upgrade urgency SECURITY: See security fixes below. Security fixes CVE-2023-45145 The wrong order...
Mageia: Security Advisory (MGASA-2023-0301)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
MGASA-2023-0301 Updated redis package fixes a security vulnerability
Redis upstream published a fix for CVE-2023-45145. CVE-2023-45145: The wrong order of listen2 and chmod2 calls creates a race condition that can be used by another process to bypass desired Unix socket permissions on startup...
Updated redis package fixes a security vulnerability
Redis upstream published a fix for CVE-2023-45145. CVE-2023-45145: The wrong order of listen2 and chmod2 calls creates a race condition that can be used by another process to bypass desired Unix socket permissions on startup...
Debian: Security Advisory (DLA-3627-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...