Search CVE reports
1 – 10 of 12 results
Valkey is a distributed key-value database. Starting in version 9.0.0 and prior to version 9.0.3, a malicious actor with network access to Valkey can cause the system to abort by triggering an assertion. When processing incoming...
1 affected package
valkey
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| valkey | Needs evaluation | Not in release | — | — |
Valkey is a distributed key-value database. Prior to versions 9.0.2, 8.1.6, 8.0.7, and 7.2.12, a malicious user can use scripting commands to inject arbitrary information into the response stream for the given client, potentially...
1 affected package
valkey
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| valkey | Needs evaluation | Not in release | — | — |
Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lua script to manipulate the garbage collector, trigger a use-after-free...
3 affected packages
redict, redis, valkey
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| redict | Not in release | Not in release | — | — |
| redis | Fixed | Fixed | Fixed | Fixed |
| valkey | Fixed | Not in release | — | — |
Some fixes available 3 of 13
Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted LUA script to read out-of-bound data or crash the server and subsequent denial of...
3 affected packages
redict, valkey, redis
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| redict | Not in release | Not in release | — | — |
| valkey | Fixed | Not in release | — | — |
| redis | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
Some fixes available 3 of 13
Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lua script to manipulate different LUA objects and potentially run their own code...
3 affected packages
redict, valkey, redis
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| redict | Not in release | Not in release | — | — |
| valkey | Fixed | Not in release | — | — |
| redis | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
Some fixes available 3 of 5
Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lua script to cause an integer overflow and potentially lead to remote...
3 affected packages
redict, valkey, redis
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| redict | Not in release | Not in release | — | — |
| valkey | Fixed | Not in release | — | — |
| redis | Not affected | Not affected | Not affected | Not affected |
Redis is an open source, in-memory database that persists on disk. An unauthenticated connection can cause repeated IP protocol errors, leading to client starvation and, ultimately, a denial of service. This vulnerability is fixed...
3 affected packages
redict, valkey, redis
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| redict | Not in release | Not in release | — | — |
| valkey | Needs evaluation | Not in release | — | — |
| redis | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
Redis is an open source, in-memory database that persists on disk. From 2.8 to before 8.0.3, 7.4.5, 7.2.10, and 6.2.19, an authenticated user may use a specially crafted string to trigger a stack/heap out of bounds write...
3 affected packages
redict, valkey, redis
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| redict | Not in release | Not in release | — | — |
| valkey | Needs evaluation | Not in release | — | — |
| redis | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
Some fixes available 3 of 16
setDeferredReply in networking.c in Valkey through 8.1.1 has an integer underflow for prev->size - prev->used.
3 affected packages
redict, redis, valkey
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| redict | Not in release | Not in release | Not in release | — |
| redis | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| valkey | Fixed | Not in release | Not in release | — |
Redis is an open source, in-memory database that persists on disk. In versions starting at 2.6 and prior to 7.4.3, An unauthenticated client can cause unlimited growth of output buffers, until the server runs out of memory or is...
3 affected packages
redict, valkey, redis
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| redict | Not in release | Not in release | Not in release | — |
| valkey | Needs evaluation | Not in release | Not in release | — |
| redis | Vulnerable | Vulnerable | Vulnerable | Vulnerable |