366 matches found
Fedora: Security Advisory for redis (FEDORA-2023-8a9087f089)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 38 Update: redis-7.0.14-1.fc38
Redis is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing se...
[SECURITY] Fedora 37 Update: redis-7.0.14-1.fc37
Redis is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing se...
Amazon Linux 2 : redis (ALASREDIS6-2023-007)
The version of redis installed on the remote host is prior to 6.2.6-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2REDIS6-2023-007 advisory. Redis is an open source, in-memory database that persists on disk. In affected versions specially crafted Lua scripts...
Amazon Linux 2 : redis (ALASREDIS6-2023-002)
The version of redis installed on the remote host is prior to 6.2.13-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2REDIS6-2023-002 advisory. A heap-based buffer overflow flaw was found in Redis. This flaw allows an attacker to trick an authenticated user into executin...
Mysterious 'Sandman' Threat Actor Targets Telecom Providers Across Three Continents
A previously undocumented threat actor dubbed Sandman has been attributed to a set of cyber attacks targeting telecommunication providers in the Middle East, Western Europe, and the South Asian subcontinent. Notably, the intrusions leverage a just-in-time JIT compiler for the Lua programming...
[SECURITY] Fedora 37 Update: redis-7.0.13-1.fc37
Redis is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing se...
[SECURITY] Fedora 38 Update: redis-7.0.13-1.fc38
Redis is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing se...
SUSE SLES15 Security Update : redis (SUSE-SU-2023:3407-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3407-1 advisory. - Redis is an in-memory database that persists on disk. A specially crafted Lua script executing in Redis can trigger a heap overfl...
OESA-2023-1458 redis security update
Redis is an advanced key-value store. It is often referred to as a dattructure server since keys can contain strings, hashes,lists, sets anorted sets. Security Fixes: Redis is an in-memory database that persists on disk. A specially crafted Lua script executing in Redis can trigger a heap overflo...
SUSE SLES15 / openSUSE 15 Security Update : redis (SUSE-SU-2023:2924-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2023:2924-1 advisory. - Redis is an in-memory database that persists on disk. A specially crafted Lua script executing in Redis can trigger a heap...
Fedora 38 : redis (2023-c406ba1ff6)
The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-c406ba1ff6 advisory. Redis 7.0.12 - Released Mon July 10 12:00:00 IDT 2023 Upgrade urgency SECURITY: See security fixes below. Security Fixes: CVE-2022-24834 A specially...
Fedora 37 : redis (2023-800612d23a)
The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-800612d23a advisory. Redis 7.0.12 - Released Mon July 10 12:00:00 IDT 2023 Upgrade urgency SECURITY: See security fixes below. Security Fixes: CVE-2022-24834 A specially...
ALPINE-CVE-2022-24834
Redis is an in-memory database that persists on disk. A specially crafted Lua script executing in Redis can trigger a heap overflow in the cjson library, and result with heap corruption and potentially remote code execution. The problem exists in all versions of Redis with Lua scripting support,...
DEBIAN-CVE-2022-24834
Redis is an in-memory database that persists on disk. A specially crafted Lua script executing in Redis can trigger a heap overflow in the cjson library, and result with heap corruption and potentially remote code execution. The problem exists in all versions of Redis with Lua scripting support,...
AZL-27477 CVE-2022-24834 affecting package redis for versions less than 6.2.13-2
Redis is an in-memory database that persists on disk. A specially crafted Lua script executing in Redis can trigger a heap overflow in the cjson library, and result with heap corruption and potentially remote code execution. The problem exists in all versions of Redis with Lua scripting support,...
Null pointer dereference
Redis is an in-memory database that persists on disk. A specially crafted Lua script executing in Redis can trigger a heap overflow in the cjson library, and result with heap corruption and potentially remote code execution. The problem exists in all versions of Redis with Lua scripting support,...
UBUNTU-CVE-2022-24834
Redis is an in-memory database that persists on disk. A specially crafted Lua script executing in Redis can trigger a heap overflow in the cjson library, and result with heap corruption and potentially remote code execution. The problem exists in all versions of Redis with Lua scripting support,...
CVE-2022-24834 Heap overflow issue with the Lua cjson library used by Redis
Redis is an in-memory database that persists on disk. A specially crafted Lua script executing in Redis can trigger a heap overflow in the cjson library, and result with heap corruption and potentially remote code execution. The problem exists in all versions of Redis with Lua scripting support,...
CVE-2022-24834
Redis is an in-memory database that persists on disk. A specially crafted Lua script executing in Redis can trigger a heap overflow in the cjson library, and result with heap corruption and potentially remote code execution. The problem exists in all versions of Redis with Lua scripting support,...