OESA-2024-2271 redis security update

Redis is an advanced key-value store. It is often referred to as a dattructure server since keys can contain strings, hashes ,lists, sets anorted sets. Security Fixes: Redis is an in-memory database that persists on disk. On startup, Redis begins listening on a Unix socket before adjusting its...

AZL-50154 CVE-2024-31228 affecting package redis for versions less than 6.2.16-1

Redis is an open source, in-memory database that persists on disk. Authenticated users can trigger a denial-of-service by using specially crafted, long string match patterns on supported commands such as KEYS, SCAN, PSUBSCRIBE, FUNCTION LIST, COMMAND LIST and ACL definitions. Matching of extremel...

SUSE CVE-2024-31228

Redis is an open source, in-memory database that persists on disk. Authenticated users can trigger a denial-of-service by using specially crafted, long string match patterns on supported commands such as KEYS, SCAN, PSUBSCRIBE, FUNCTION LIST, COMMAND LIST and ACL definitions. Matching of extremel...

GHSA-6VFC-QV3F-VR6C Uncontrolled Resource Consumption in markdown-it

Impact Special patterns with length 50K chars can slow down parser significantly. js const md = require'markdown-it'; md.renderx $' '.repeat150000 x \nx; Patches Upgrade to v12.3.2+ Workarounds No. References Fix + test sample:...

DEBIAN-CVE-2022-21670

markdown-it is a Markdown parser. Prior to version 1.3.2, special patterns with length greater than 50 thousand characterss could slow down the parser significantly. Users should upgrade to version 12.3.2 to receive a patch. There are no known workarounds aside from upgrading...

UBUNTU-CVE-2022-21670

markdown-it is a Markdown parser. Prior to version 1.3.2, special patterns with length greater than 50 thousand characterss could slow down the parser significantly. Users should upgrade to version 12.3.2 to receive a patch. There are no known workarounds aside from upgrading...