28 matches found
CVE-2026-33615
An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the setinfo endpoint due to improper neutralization of special elements in a SQL UPDATE command. This can result in a total loss of integrity and availability...
EUVD-2026-18176
An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the setinfo endpoint due to improper neutralization of special elements in a SQL UPDATE command. This can result in a total loss of integrity and availability...
CVE-2026-33615
An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the setinfo endpoint due to improper neutralization of special elements in a SQL UPDATE command. This can result in a total loss of integrity and availability...
CVE-2026-33615 MB connect line mbCONNECT24 vulnerable to an unauthenticated SQL injection in the setinfo Endpoint
An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the setinfo endpoint due to improper neutralization of special elements in a SQL UPDATE command. This can result in a total loss of integrity and availability...
CVE-2026-33615 MB connect line mbCONNECT24 vulnerable to an unauthenticated SQL injection in the setinfo Endpoint
An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the setinfo endpoint due to improper neutralization of special elements in a SQL UPDATE command. This can result in a total loss of integrity and availability...
CVE-2026-33615
An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the setinfo endpoint due to improper neutralization of special elements in a SQL UPDATE command. This can result in a total loss of integrity and availability...
CVE-2026-33615
The CVE-2026-33615 entry concerns MB connect line mbCONNECT24 with an unauthenticated SQL injection in the setinfo endpoint. The issue arises from improper neutralization in a SQL UPDATE command, enabling an attacker with network access (no auth, no user interaction) to compromise integrity and a...
PT-2026-29712
An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the setinfo endpoint due to improper neutralization of special elements in a SQL UPDATE command. This can result in a total loss of integrity and availability...
SUSE-SU-2026:0383-1 Security update for rekor
This update for rekor fixes the following issues: Security fixes: - CVE-2025-58058: Fixed github.com/ulikunitz/xz leaks memory bsc1248910 - CVE-2025-29923: Fixed potential out of order responses when CLIENT SETINFO times out during connection establishment bsc1241153 Other fixes: - Update to...
go-redis allows potential out of order responses when `CLIENT SETINFO` times out during connection establishment
...
SUSE CVE-2025-29923
go-redis is the official Redis client library for the Go programming language. Prior to 9.5.5, 9.6.3, and 9.7.3, go-redis potentially responds out of order when CLIENT SETINFO times out during connection establishment. This can happen when the client is configured to transmit its identity, there...
Unexpected Status Code Or Return Value
go-redis is vulnerable to Unexpected Status Code or Return Value. The vulnerability is due to improper request handling due to timeouts in the CLIENT SETINFO command during connection establishment, leading to incorrect command responses and potential data inconsistency...
GO-2025-3540 Potential out of order responses when CLIENT SETINFO times out during connection establishment in github.com/redis/go-redis
Potential out of order responses when CLIENT SETINFO times out during connection establishment in github.com/redis/go-redis...
go-redis allows potential out of order responses when `CLIENT SETINFO` times out during connection establishment
Impact The issue only occurs when the CLIENT SETINFO command times out during connection establishment. The following circumstances can cause such a timeout: 1. The client is configured to transmit its identity. This can be disabled via the DisableIndentity flag. 2. There are network connectivity...
GHSA-92CP-5422-2MW7 go-redis allows potential out of order responses when `CLIENT SETINFO` times out during connection establishment
Impact The issue only occurs when the CLIENT SETINFO command times out during connection establishment. The following circumstances can cause such a timeout: 1. The client is configured to transmit its identity. This can be disabled via the DisableIndentity flag. 2. There are network connectivity...
AZL-59192 CVE-2025-29923 affecting package keda for versions less than 2.14.1-5
go-redis is the official Redis client library for the Go programming language. Prior to 9.5.5, 9.6.3, and 9.7.3, go-redis potentially responds out of order when CLIENT SETINFO times out during connection establishment. This can happen when the client is configured to transmit its identity, there...
AZL-59156 CVE-2025-29923 affecting package telegraf 1.31.0-15
go-redis is the official Redis client library for the Go programming language. Prior to 9.5.5, 9.6.3, and 9.7.3, go-redis potentially responds out of order when CLIENT SETINFO times out during connection establishment. This can happen when the client is configured to transmit its identity, there...
UBUNTU-CVE-2025-29923
go-redis is the official Redis client library for the Go programming language. Prior to 9.5.5, 9.6.3, and 9.7.3, go-redis potentially responds out of order when CLIENT SETINFO times out during connection establishment. This can happen when the client is configured to transmit its identity, there...
CVE-2025-29923 go-redis allows potential out of order responses when `CLIENT SETINFO` times out during connection establishment
go-redis is the official Redis client library for the Go programming language. Prior to 9.5.5, 9.6.3, and 9.7.3, go-redis potentially responds out of order when CLIENT SETINFO times out during connection establishment. This can happen when the client is configured to transmit its identity, there...
Redis client for Go 输入验证错误漏洞
Redis client for Go is a Redis Go client for the Redis open source. An input validation error vulnerability exists in Redis client for Go, which stems from a CLIENT SETINFO timeout that can cause responses to be out of order, which can affect the response to connection and pipeline commands...