Lucene search
Veracode Vulnerability DatabaseVERACODE:42347HistoryAug 06, 2023 - 4:37 p.m.
Remote Code Execution (RCE)
2023-08-0616:37:27
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
9
remote code execution
redis
vulnerability
key handling
arbitrary code
0.002 Low
EPSS
Percentile
61.1%
redis is vulnerable to Remote Code Execution (RCE). This vulnerability occurs due to a flaw in the way that Redis handles key names. An attacker can exploit this vulnerability to cause Redis to crash or to execute arbitrary code.
References
github.com/redis/redis/releases/tag/7.0.12
github.com/redis/redis/security/advisories/GHSA-4cfx-h9gq-xpx3
lists.fedoraproject.org/archives/list/[email protected]/message/MIF5MAGYARYUMRFK7PQI7HYXMK2HZE5T/
lists.fedoraproject.org/archives/list/[email protected]/message/TDNNH2ONMVNBQ6LUIAOAGDNFPKXNST5K/
security-tracker.debian.org/tracker/CVE-2023-36824
security.netapp.com/advisory/ntap-20230814-0009/
Related
cvelist
cvelist
CVE-2023-36824 Heap overflow in COMMAND GETKEYS and ACL evaluation in Redis
2023-07-11 16:16:16
openvas
openvas
Redis 7.0.0 < 7.0.12 Heap Overflow Vulnerability
2023-07-12 00:00:00
Fedora: Security Advisory for redis (FEDORA-2023-c406ba1ff6)
2023-07-20 00:00:00
Fedora: Security Advisory for redis (FEDORA-2023-800612d23a)
2023-07-20 00:00:00
alpinelinux
alpinelinux
CVE-2023-36824
2023-07-11 17:15:13
prion
prion
Design/Logic Flaw
2023-07-11 17:15:00
osv
osv
CVE-2023-36824
2023-07-11 17:15:13
BIT-redis-2023-36824
2024-03-06 11:03:54
redis - security update
2024-01-29 00:00:00
redos
redos
ROS-20230825-04
2023-08-25 00:00:00
redhatcve
redhatcve
CVE-2023-36824
2023-07-12 09:36:20
debiancve
debiancve
CVE-2023-36824
2023-07-11 17:15:13
ubuntucve
ubuntucve
CVE-2023-36824
2023-07-11 00:00:00
freebsd
freebsd
redis -- heap overflow in COMMAND GETKEYS and ACL evaluation
2023-07-10 00:00:00
nessus
nessus
FreeBSD : redis -- heap overflow in COMMAND GETKEYS and ACL evaluation (6fae2d6c-1f38-11ee-a475-080027f5fec9)
2023-07-10 00:00:00
Fedora 38 : redis (2023-c406ba1ff6)
2023-07-19 00:00:00
Fedora 37 : redis (2023-800612d23a)
2023-07-19 00:00:00
cve
cve
CVE-2023-36824
2023-07-11 17:15:13
fedora
fedora
[SECURITY] Fedora 37 Update: redis-7.0.12-1.fc37
2023-07-19 04:21:00
[SECURITY] Fedora 38 Update: redis-7.0.12-1.fc38
2023-07-19 03:14:46
rosalinux
rosalinux
Advisory ROSA-SA-2023-2296
2023-11-21 12:45:37
debian
debian
[SECURITY] [DSA 5610-1] redis security update
2024-01-29 21:15:54
photon
photon
Critical Photon OS Security Update - PHSA-2023-4.0-0427
2023-07-14 00:00:00
Critical Photon OS Security Update - PHSA-2023-5.0-0049
2023-07-14 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - October 2023
2023-10-17 00:00:00