Important: redis6

Issue Overview: Redis is an open source, in-memory database that persists on disk. In versions starting at 2.6 and prior to 7.4.3, An unauthenticated client can cause unlimited growth of output buffers, until the server runs out of memory or is killed. By default, the Redis configuration does not...

CVE-2024-46981 affecting package redis for versions less than 6.2.17-1

CVE-2024-46981 affecting package redis for versions less than 6.2.17-1. An upgraded version of the package is available that resolves this issue...

Important: redis

Issue Overview: Denial-of-service due to unbounded pattern matching CVE-2024-31228 Lua library commands may be exploited by an authenticated user to achieve remote-code-execution CVE-2024-31449 Affected Packages: redis Note: This advisory is applicable to Amazon Linux 2 - Redis6 Extra. Visit this...

CVE-2022-35977 Integer overflow in certain command arguments can drive Redis to OOM panic

Redis is an in-memory database that persists on disk. Authenticated users issuing specially crafted SETRANGE and SORTRO commands can trigger an integer overflow, resulting with Redis attempting to allocate impossible amounts of memory and abort with an out-of-memory OOM panic. The problem is fixe...

OPENSUSE-SU-2021:2294-1 Security update for redis

This update for redis fixes the following issues: - Upgrade to 6.0.14 - CVE-2021-32625: An integer overflow bug could be exploited by using the STRALGO LCS command to cause remote remote code execution bsc1186722 - Fix crash in UNLINK on a stream key with deleted consumer groups - SINTERSTORE: Ad...