Astra Linux – Vulnerability in Redis

Redis is an in-memory database that persists data on disk. A vulnerability exists starting from version 2.2, and is related to out-of-bounds reads and integer overflow leading to buffer overflow. This vulnerability is present in versions 5.0.13, 6.0.15, and 6.2.5. On 32-bit systems, the Redis BIT...

Astra Linux – Vulnerability in Redis

Redis is an open-source, in-memory database that persists data on disk. In affected versions, a integer overflow bug in Redis can be exploited to corrupt the heap and potentially lead to remote code execution. The vulnerability involves changing the default proto-max-bulk-len and...

Astra Linux – Vulnerability in Redis

Redis is an open-source, in-memory database that persists data on disk. A integer overflow bug in the underlying string library can be exploited to corrupt the heap, potentially leading to denial of service or remote code execution. The vulnerability involves changing the default proto-max-bulk-l...

EUVD-2021-28238

Malicious code in bioql PyPI...

The vulnerability of NoSQL Redis database management systems, related to integer overflows, allows attackers to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the NoSQL Redis database management system is related to a numerical overflow when changing the proto-max-bulk-len configuration parameter to a high value. Exploiting this vulnerability allows an attacker to gain access to confidential data, compromise its integrity, and caus...

SUSE CVE-2021-32761

Redis is an in-memory database that persists on disk. A vulnerability involving out-of-bounds read and integer overflow to buffer overflow exists starting with version 2.2 and prior to versions 5.0.13, 6.0.15, and 6.2.5. On 32-bit systems, Redis BIT command are vulnerable to integer overflow that...

Debian DSA-5001-1 : redis - security update

The remote Debian 10 / 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5001 advisory. Multiple vulnerabilities were discovered in Redis, a persistent key-value database, which could result in denial of service or the execution of arbitrary cod...

redis: Integer overflow issue with Streams

An integer overflow issue was found in redis. The vulnerability involves changing the default "proto-max-bulk-len" and "client-query-buffer-limit" configuration parameters to very large values and constructing specially crafted large stream elements. This flaw allows a remote attacker to corrupt...

redis: Integer overflow issue with Streams

An integer overflow issue was found in redis. The vulnerability involves changing the default "proto-max-bulk-len" and "client-query-buffer-limit" configuration parameters to very large values and constructing specially crafted large stream elements. This flaw allows a remote attacker to corrupt...

redis: Integer overflow issue with strings

An integer overflow issue was found in redis in the underlying string library. The vulnerability involves changing the default "proto-max-bulk-len" configuration parameter to a very large value and constructing specially crafted network payloads or commands. This flaw allows a remote attacker to...

redis: Integer overflow issue with strings

An integer overflow issue was found in redis in the underlying string library. The vulnerability involves changing the default "proto-max-bulk-len" configuration parameter to a very large value and constructing specially crafted network payloads or commands. This flaw allows a remote attacker to...

The vulnerability of the configuration parameters `proto-max-bulk-len` and `client-query-buffer-limit` of the Redis database management system allows a hacker to execute arbitrary code.

The vulnerability of the Redis database management system’s configuration parameters, proto-max-bulk-len and client-query-buffer-limit, is related to the possibility of integer overflow in the buffer. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

DEBIAN-CVE-2021-41099

Redis is an open source, in-memory database that persists on disk. An integer overflow bug in the underlying string library can be used to corrupt the heap and potentially result with denial of service or remote code execution. The vulnerability involves changing the default proto-max-bulk-len...

AZL-6853 CVE-2021-41099 affecting package redis for versions less than 6.2.6-1

Redis is an open source, in-memory database that persists on disk. An integer overflow bug in the underlying string library can be used to corrupt the heap and potentially result with denial of service or remote code execution. The vulnerability involves changing the default proto-max-bulk-len...

DEBIAN-CVE-2021-32627

Redis is an open source, in-memory database that persists on disk. In affected versions an integer overflow bug in Redis can be exploited to corrupt the heap and potentially result with remote code execution. The vulnerability involves changing the default proto-max-bulk-len and...

ALPINE-CVE-2021-32627

Redis is an open source, in-memory database that persists on disk. In affected versions an integer overflow bug in Redis can be exploited to corrupt the heap and potentially result with remote code execution. The vulnerability involves changing the default proto-max-bulk-len and...

UBUNTU-CVE-2021-41099

Redis is an open source, in-memory database that persists on disk. An integer overflow bug in the underlying string library can be used to corrupt the heap and potentially result with denial of service or remote code execution. The vulnerability involves changing the default proto-max-bulk-len...

PT-2021-4341 · Redis +9 · Redis +9

Name of the Vulnerable Software and Affected Versions: Redis versions prior to 5.0.14 Redis versions prior to 6.0.16 Redis versions prior to 6.2.6 Description: The issue is related to an integer overflow bug in Redis that can be exploited to corrupt the heap and potentially result in remote code...

PT-2021-7742 · Redis +9 · Redis +9

Name of the Vulnerable Software and Affected Versions: Redis versions prior to 5.0.14 Redis versions prior to 6.0.16 Redis versions prior to 6.2.6 Description: The issue is related to an integer overflow bug in the underlying string library of Redis, an open-source, in-memory database. This bug c...

The vulnerability of the proto-max-bulk-len configuration parameter in the Redis database management system allows a hacker to execute arbitrary code.

The vulnerability of the proto-max-bulk-len configuration parameter in the Redis database management system is related to reading beyond the range and integer overflow of the buffer. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...