Search CVE reports
41 – 50 of 78 results
Redis is an in-memory database that persists on disk. By exploiting weaknesses in the Lua script execution environment, an attacker with access to Redis prior to version 7.0.0 or 6.2.7 can inject Lua code that will execute with...
1 affected package
redis
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| redis | Not affected | Needs evaluation | Needs evaluation | Needs evaluation |
It was discovered, that redis, a persistent key-value database, due to a packaging issue, is prone to a (Debian-specific) Lua sandbox escape, which could result in remote code execution.
1 affected package
redis
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| redis | — | — | Fixed | Not affected |
Stack overflow in lua_resume of ldo.c in Lua Interpreter 5.1.0~5.4.4 allows attackers to perform a Denial of Service via a crafted script file.
45 affected packages
enigma, freeciv, freedroidrpg, fs-uae, golly...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| enigma | Not affected | Not affected | Not affected | Not affected |
| freeciv | Not affected | Not affected | Not affected | Not affected |
| freedroidrpg | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| fs-uae | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| golly | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| goxel | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| grub2 | Not affected | Not affected | Not affected | Not affected |
| gtk2-engines | Not affected | Not affected | Not affected | Not affected |
| haskell-hslua | Not affected | Not affected | Not affected | Not affected |
| hedgewars | Not affected | Not affected | Not affected | Not affected |
| lua5.1 | Not affected | Not affected | Not affected | Not affected |
| lua5.2 | Not affected | Not affected | Not affected | Not affected |
| lua5.3 | Not affected | Not affected | Not affected | Not affected |
| lua5.4 | Not affected | Not affected | Not in release | Not in release |
| lua50 | Not in release | Not in release | Not affected | Not affected |
| luajit | Not affected | Not affected | Not affected | Not affected |
| mame | Not affected | Not affected | Not affected | Not affected |
| naev | Needs evaluation | Needs evaluation | Needs evaluation | — |
| openscenegraph | Not affected | Not affected | Not affected | Not affected |
| redis | Not affected | Not affected | Not affected | Not affected |
| rust-lua52-sys | Needs evaluation | Needs evaluation | Needs evaluation | — |
| scite | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| scorched3d | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| scummvm | Not affected | Not affected | Not affected | Not affected |
| spring | Not affected | Not affected | Not affected | Not affected |
| syslinux | Not affected | Not affected | Not affected | Not affected |
| syslinux-legacy | Not in release | Not in release | Not affected | Not affected |
| tagua | Not affected | Not affected | Not affected | Not affected |
| tarantool | Needs evaluation | Needs evaluation | Needs evaluation | — |
| texlive-bin | Not affected | Not affected | Not affected | Not affected |
| tup | Needs evaluation | Needs evaluation | Needs evaluation | — |
| ufoai | Not affected | Not affected | Not affected | Not affected |
| vifm | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| wcc | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| wesnoth | — | — | — | — |
| widelands | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| xmoto | Not affected | Not affected | Not affected | Not affected |
| zfs-linux | Not affected | Not affected | Not affected | Not affected |
| ardour | Not affected | Not affected | Not affected | Not affected |
| bam | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| blobby | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| ceph | Not affected | Not affected | Not affected | Not affected |
| darktable | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| eja | Not in release | Needs evaluation | Needs evaluation | Needs evaluation |
| emscripten | Needs evaluation | Needs evaluation | — | Needs evaluation |
Hiredis is a minimalistic C client library for the Redis database. In affected versions Hiredis is vulnurable to integer overflow if provided maliciously crafted or corrupted `RESP` `mult-bulk` protocol data. When parsing...
1 affected package
hiredis
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| hiredis | Not affected | Not affected | Not affected | Not affected |
Some fixes available 2 of 4
Redis is an open source, in-memory database that persists on disk. An integer overflow bug in the underlying string library can be used to corrupt the heap and potentially result with denial of service or remote code execution....
1 affected package
redis
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| redis | Not affected | Not affected | Fixed | Fixed |
Redis is an open source, in-memory database that persists on disk. The redis-cli command line tool and redis-sentinel service may be vulnerable to integer overflow when parsing specially crafted large multi-bulk network replies....
7 affected packages
discque, hiredis, nginx, python-hiredis, redis...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| discque | Not in release | Not in release | Not in release | Not in release |
| hiredis | Not affected | Not affected | Not affected | Not affected |
| nginx | Not affected | Not affected | Not affected | Not affected |
| python-hiredis | Not affected | Not affected | Not affected | Not affected |
| redis | Not affected | Not affected | Not affected | Not affected |
| rspamd | Not affected | Not affected | Not affected | Not in release |
| webdis | Not affected | Not affected | Not affected | Not in release |
Some fixes available 4 of 6
Redis is an open source, in-memory database that persists on disk. An integer overflow bug affecting all versions of Redis can be exploited to corrupt the heap and potentially be used to leak arbitrary contents of the heap or...
1 affected package
redis
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| redis | Not affected | Not affected | Fixed | Fixed |
Some fixes available 4 of 6
Redis is an open source, in-memory database that persists on disk. When parsing an incoming Redis Standard Protocol (RESP) request, Redis allocates memory according to user-specified values which determine the number of elements...
1 affected package
redis
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| redis | Not affected | Not affected | Fixed | Fixed |
Some fixes available 2 of 4
Redis is an open source, in-memory database that persists on disk. When using the Redis Lua Debugger, users can send malformed requests that cause the debugger’s protocol parser to read data beyond the actual buffer. This issue...
1 affected package
redis
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| redis | Not affected | Not affected | Fixed | Fixed |
Some fixes available 4 of 6
Redis is an open source, in-memory database that persists on disk. An integer overflow bug in the ziplist data structure used by all versions of Redis can be exploited to corrupt the heap and potentially result with remote code...
1 affected package
redis
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| redis | Not affected | Not affected | Fixed | Fixed |