Lucene search
K

4 matches found

Vulnrichment
Vulnrichment
added 2026/06/12 2:52 p.m.9 views

CVE-2026-50011 Netty has unbounded pre-allocation in RedisArrayAggregator from RESP array length

Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, RedisArrayAggregator pre-allocates ArrayList with initial capacity equal to the RESP array element count declared in an array header. That count is taken fro...

7.5CVSS5.3AI score0.00371EPSS
Exploits0References3
Microsoft CVE
Microsoft CVE
added 2026/02/26 9:1 a.m.8 views

Valkey Affected by RESP Protocol Injection via Lua error_reply

...

8.5CVSS5.9AI score0.00586EPSS
Exploits0
Metasploit
Metasploit
added 2023/02/15 7:51 p.m.697 views

GitLab GitHub Repo Import Deserialization RCE

An authenticated user can import a repository from GitHub into GitLab. If a user attempts to import a repo from an attacker-controlled server, the server will reply with a Redis serialization protocol object in the nested defaultbranch. GitLab will cache this object and then deserialize it when...

9.9CVSS9AI score0.86194EPSS
Exploits5
0day.today
0day.today
added 2023/02/15 12:0 a.m.373 views

GitLab GitHub Repo Import Deserialization Remote Code Execution Exploit

An authenticated user can import a repository from GitHub into GitLab. If a user attempts to import a repo from an attacker-controlled server, the server will reply with a Redis serialization protocol object in the nested defaultbranch. GitLab will cache this object and then deserialize it when...

9.9CVSS9.6AI score0.86194EPSS
Exploits5
Rows per page
Query Builder