Redis@4.0 Security Vulnerabilities and Issues — Redis@4.0 CVE List

Lucene search

RedislabsRedis4.0

3 matches found

CVE•added 2021/02/26 10:15 p.m.•437 views

CVE-2021-21309

Redis is an open-source, in-memory database that persists on disk. In affected versions of Redis an integer overflow bug in 32-bit Redis version 4.0 or newer could be exploited to corrupt the heap and potentially result with remote code execution. Redis 4.0 or newer uses a configurable limit for th...

8.8CVSS7.5AI score0.00529EPSS

CVE•added 2018/06/17 5:29 p.m.•206 views

CVE-2018-11219

An Integer Overflow issue was discovered in the struct library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2, leading to a failure of bounds checking.

9.8CVSS7.9AI score0.02402EPSS

CVE•added 2018/06/17 5:29 p.m.•193 views

CVE-2018-11218

Memory Corruption was discovered in the cmsgpack library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2 because of stack-based buffer overflows.

9.8CVSS8.1AI score0.16212EPSS