CLEANSTART-2026-PO40318 go-redis is the official Redis client library for the Go programming language

Multiple security vulnerabilities affect the harbor-registry-fips package. go-redis is the official Redis client library for the Go programming language. See references for individual vulnerability details...

CLEANSTART-2026-ZO91195 go-redis is the official Redis client library for the Go programming language

Multiple security vulnerabilities affect the harbor-registry-fips package. go-redis is the official Redis client library for the Go programming language. See references for individual vulnerability details...

EUVD-2021-0743

Malware in sbrugna...

编号撤回

Hiredis is a C client for Redis databases from redis open source. This CVE number has been withdrawn...

CVE-2025-29923

go-redis is the official Redis client library for the Go programming language. Prior to 9.5.5, 9.6.3, and 9.7.3, go-redis potentially responds out of order when CLIENT SETINFO times out during connection establishment. This can happen when the client is configured to transmit its identity, there...

CVE-2025-29923 go-redis allows potential out of order responses when `CLIENT SETINFO` times out during connection establishment

go-redis is the official Redis client library for the Go programming language. Prior to 9.5.5, 9.6.3, and 9.7.3, go-redis potentially responds out of order when CLIENT SETINFO times out during connection establishment. This can happen when the client is configured to transmit its identity, there...

CVE-2025-29923

go-redis is the official Redis client library for the Go programming language. Prior to 9.5.5, 9.6.3, and 9.7.3, go-redis potentially responds out of order when CLIENT SETINFO times out during connection establishment. This can happen when the client is configured to transmit its identity, there...

Redis client for Go 输入验证错误漏洞

Redis client for Go is a Redis Go client for the Redis open source. An input validation error vulnerability exists in Redis client for Go, which stems from a CLIENT SETINFO timeout that can cause responses to be out of order, which can affect the response to connection and pipeline commands...

Unexpected Status Code or Return Value

Overview Affected versions of this package are vulnerable to Unexpected Status Code or Return Value in initConn, which causes out of order responses when CLIENT SETINFO times out while establishing a connection. Workaround This vulnerability can be avoided by setting DisableIndentity to true when...

CVE-2023-42809

Redisson is a Java Redis client that uses the Netty framework. Prior to version 3.22.0, some of the messages received from the Redis server contain Java objects that the client deserializes without further validation. Attackers that manage to trick clients into communicating with a malicious serv...

SUSE CVE-2023-28858

redis-py before 4.5.3 leaves a connection open after canceling an async Redis command at an inopportune time, and can send response data to the client of an unrelated request in an off-by-one manner. NOTE: this CVE Record was initially created in response to reports about ChatGPT, and 4.3.6, 4.4....

PYSEC-2023-46

redis-py through 4.5.3 leaves a connection open after canceling an async Redis command at an inopportune time in the case of a non-pipeline operation, and can send response data to the client of an unrelated request. NOTE: this issue exists because of an incomplete fix for CVE-2023-28858...

MAL-2022-6076 Malicious code in sharded-redis-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d865c1c6b738fef08ee9e527bb7d993b8641f48eecfa5a0f06e4ba946a89a2a2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in sharded-redis-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d865c1c6b738fef08ee9e527bb7d993b8641f48eecfa5a0f06e4ba946a89a2a2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

DEBIAN-CVE-2021-32765

Hiredis is a minimalistic C client library for the Redis database. In affected versions Hiredis is vulnurable to integer overflow if provided maliciously crafted or corrupted RESP mult-bulk protocol data. When parsing multi-bulk array-like replies, hiredis fails to check if count sizeofredisReply...

Hiredis 输入验证错误漏洞

Hiredis is a C client for Redis databases. Hiredis suffers from a security vulnerability that allows attackers to provide maliciously crafted or corrupted RESP, mult-bulk protocol data that can lead to integer overflows. No detailed vulnerability details are currently available...

DEBIAN-CVE-2021-29469

Node-redis is a Node.js Redis client. Before version 3.1.1, when a client is in monitoring mode, the regex begin used to detected monitor messages could cause exponential backtracking on some strings. This issue could lead to a denial of service. The issue is patched in version 3.1.1...

CVE-2021-29469

Node-redis is a Node.js Redis client. Before version 3.1.1, when a client is in monitoring mode, the regex begin used to detected monitor messages could cause exponential backtracking on some strings. This issue could lead to a denial of service. The issue is patched in version 3.1.1...

CVE-2021-29469

Node-redis is a Node.js Redis client. Before version 3.1.1, when a client is in monitoring mode, the regex begin used to detected monitor messages could cause exponential backtracking on some strings. This issue could lead to a denial of service. The issue is patched in version 3.1.1...

CVE-2021-29469

Node-redis (Node.js Redis client) is vulnerable prior to version 3.1.1 due to a regex used to detect monitor messages that can backtrack exponentially, potentially causing a denial of service when a client is in monitoring mode. The issue is fixed in version 3.1.1. Affected context includes IBM a...