141 matches found
Astra Linux – Vulnerability in Redis
Redis is an open-source, in-memory database that persists data on disk. In versions prior to 8.0.3, as well as in 7.4.5, 7.2.10, and 6.2.19, an authenticated user could use a specially crafted string to trigger an out-of-bounds write operation on the hyperloglog data structure, potentially leadin...
CVE-2026-10705
A flaw has been found in dask up to 3.0. Affected by this issue is the function nuniqueapprox of the file dask/dataframe/hyperloglog.py of the component HLL Handler. This manipulation causes resource consumption. The attack is possible to be carried out remotely. A high degree of complexity is...
SUSE CVE-2026-10705
A flaw has been found in dask up to 3.0. Affected by this issue is the function nuniqueapprox of the file dask/dataframe/hyperloglog.py of the component HLL Handler. This manipulation causes resource consumption. The attack is possible to be carried out remotely. A high degree of complexity is...
CVE-2026-10705
A flaw has been found in dask up to 3.0. Affected by this issue is the function nuniqueapprox of the file dask/dataframe/hyperloglog.py of the component HLL Handler. This manipulation causes resource consumption. The attack is possible to be carried out remotely. A high degree of complexity is...
DEBIAN-CVE-2026-10705
A flaw has been found in dask up to 3.0. Affected by this issue is the function nuniqueapprox of the file dask/dataframe/hyperloglog.py of the component HLL Handler. This manipulation causes resource consumption. The attack is possible to be carried out remotely. A high degree of complexity is...
Improper Resource Shutdown or Release
Overview dask is a Parallel PyData with Task Scheduling Affected versions of this package are vulnerable to Improper Resource Shutdown or Release through the computehllarray function in the HLL Handler component. An attacker can cause excessive resource consumption by remotely invoking this...
CVE-2026-10705
CVE-2026-10705 affects dask up to 3.0, specifically the nunique_approx function in dask/dataframe/hyperloglog.py (HLL Handler). The flaw enables resource consumption and is exploitable remotely; attack complexity is reported as high. A fix is pending review (pull request awaiting acceptance). The...
CVE-2026-10705 dask HLL hyperloglog.py nunique_approx resource consumption
A flaw has been found in dask up to 3.0. Affected by this issue is the function nuniqueapprox of the file dask/dataframe/hyperloglog.py of the component HLL Handler. This manipulation causes resource consumption. The attack is possible to be carried out remotely. A high degree of complexity is...
CVE-2026-10705 dask HLL hyperloglog.py nunique_approx resource consumption
A flaw has been found in dask up to 3.0. Affected by this issue is the function nuniqueapprox of the file dask/dataframe/hyperloglog.py of the component HLL Handler. This manipulation causes resource consumption. The attack is possible to be carried out remotely. A high degree of complexity is...
EUVD-2026-34064
A flaw has been found in dask up to 3.0. Affected by this issue is the function nuniqueapprox of the file dask/dataframe/hyperloglog.py of the component HLL Handler. This manipulation causes resource consumption. The attack is possible to be carried out remotely. A high degree of complexity is...
CVE-2026-10705
A flaw has been found in dask up to 3.0. Affected by this issue is the function nuniqueapprox of the file dask/dataframe/hyperloglog.py of the component HLL Handler. This manipulation causes resource consumption. The attack is possible to be carried out remotely. A high degree of complexity is...
CVE-2026-10705
A flaw has been found in dask up to 3.0. Affected by this issue is the function nuniqueapprox of the file dask/dataframe/hyperloglog.py of the component HLL Handler. This manipulation causes resource consumption. The attack is possible to be carried out remotely. A high degree of complexity is...
Dask 安全漏洞
Dask is a parallel computing library developed by Dask with task scheduling capabilities. Versions of Dask 3.0 and earlier contained security vulnerabilities, which originated from the function nuniqueapprox in the HLL Handler component located in the file dask/dataframe/hyperloglog.py. These...
PT-2026-45899
A flaw has been found in dask up to 3.0. Affected by this issue is the function nunique approx of the file dask/dataframe/hyperloglog.py of the component HLL Handler. This manipulation causes resource consumption. The attack is possible to be carried out remotely. A high degree of complexity is...
Ubuntu 24.04 LTS : Redis vulnerability (USN-8120-1)
The remote Ubuntu 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-8120-1 advisory. Seunghyun Lee discovered that Redis incorrectly handled memory during hyperloglog operations. An attacker could use this issue to cause a denial of service, or...
USN-8120-1 redis vulnerability
Seunghyun Lee discovered that Redis incorrectly handled memory during hyperloglog operations. An attacker could use this issue to cause a denial of service, or possibly achieve remote code execution...
USN-8120-1: Redis vulnerability
Seunghyun Lee discovered that Redis incorrectly handled memory during hyperloglog operations. An attacker could use this issue to cause a denial of service, or possibly achieve remote code execution...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: redis6 (UTSA-2026-006176)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006176 advisory. Redis is an open source, in-memory database that persists on disk. From 2.8 to before 8.0.3, 7.4.5, 7.2.10, and 6.2.19, an authenticated user may use a specially...
Security update for redis (critical)
openSUSE security update: security update for redis ------------------------------------------------------------- Announcement ID: openSUSE-SU-2025-20121-1 Rating: critical References: bsc1250995 bsc1252996 Cross-References: CVE-2025-46817 CVE-2025-46818 CVE-2025-46819 CVE-2025-49844 CVE-2025-625...
Security Bulletin: Due to the use of Redis, IBM DataPower Gateway is vulnerable to a denial of service
Summary Redis is used in the API Gateway component, and for load balancing. CVE-2025-32023, CVE-2025-48367 Vulnerability Details CVEID:CVE-2025-32023 DESCRIPTION: Redis is an open source, in-memory database that persists on disk. From 2.8 to before 8.0.3, 7.4.5, 7.2.10, and 6.2.19, an authenticat...