4 matches found
Oracle Linux 9 : valkey (ELSA-2026-25925)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-25925 advisory. 8.0.9-1 - Rebase to 8.0.9 for CVE-2026-23479 CVE-2026-25243 CVE-2026-23631 Tenable has extracted the preceding description block directly from the...
CLSA-2026-1779351595 Fix CVE(s): CVE-2026-23631
SECURITY UPDATE: Use-after-free in readSyncBulkPayload during fullsync - debian/patches/0015-CVE-2026-23631.patch: guard readSyncBulkPayload in src/replication.c with an early return when server.luatimedout is set, so a fullsync cannot free the Lua scripting engine while a timed-out script is sti...
CVE-2026-23631
Redis is an in-memory data structure store. In all versions of redis-server with Lua scripting, an authenticated attacker can exploit the master-replica synchronization mechanism to trigger a use-after-free on replicas where replica-read-only is disabled or can be disabled, which may lead to remo...
CVE-2026-23631
creationtimestamp| type| source ---|---|--- 2026-05-05 12:03:10+00:00| seen| https://cyber.gc.ca/en/alerts-advisories/redis-security-advisory-av26-423 2026-05-06 14:35:15+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3ml6wd7neux2u 2026-05-07 05:34:51+00:00| seen|...