Search CVE reports
1 – 10 of 13 results
Valkey is a distributed key-value database. Starting in version 9.0.0 and prior to version 9.0.3, a malicious actor with network access to Valkey can cause the system to abort by triggering an assertion. When processing incoming...
1 affected package
valkey
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| valkey | Needs evaluation | Not in release | — | — |
Valkey is a distributed key-value database. Prior to versions 9.0.2, 8.1.6, 8.0.7, and 7.2.12, a malicious actor with access to the Valkey clusterbus port can send an invalid packet that may cause an out bound read, which might...
1 affected package
valkey
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| valkey | Needs evaluation | Not in release | — | — |
Valkey is a distributed key-value database. Prior to versions 9.0.2, 8.1.6, 8.0.7, and 7.2.12, a malicious user can use scripting commands to inject arbitrary information into the response stream for the given client, potentially...
1 affected package
valkey
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| valkey | Needs evaluation | Not in release | — | — |
Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lua script to manipulate the garbage collector, trigger a use-after-free...
3 affected packages
redict, redis, valkey
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| redict | Not in release | Not in release | — | — |
| redis | Fixed | Fixed | Fixed | Fixed |
| valkey | Fixed | Not in release | — | — |
Some fixes available 3 of 13
Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted LUA script to read out-of-bound data or crash the server and subsequent denial of...
3 affected packages
redict, valkey, redis
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| redict | Not in release | Not in release | — | — |
| valkey | Fixed | Not in release | — | — |
| redis | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
Some fixes available 3 of 13
Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lua script to manipulate different LUA objects and potentially run their own code...
3 affected packages
redict, valkey, redis
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| redict | Not in release | Not in release | — | — |
| valkey | Fixed | Not in release | — | — |
| redis | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
Some fixes available 3 of 5
Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lua script to cause an integer overflow and potentially lead to remote...
3 affected packages
redict, valkey, redis
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| redict | Not in release | Not in release | — | — |
| valkey | Fixed | Not in release | — | — |
| redis | Not affected | Not affected | Not affected | Not affected |
Redis is an open source, in-memory database that persists on disk. An unauthenticated connection can cause repeated IP protocol errors, leading to client starvation and, ultimately, a denial of service. This vulnerability is fixed...
3 affected packages
redict, valkey, redis
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| redict | Not in release | Not in release | — | — |
| valkey | Needs evaluation | Not in release | — | — |
| redis | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
Redis is an open source, in-memory database that persists on disk. From 2.8 to before 8.0.3, 7.4.5, 7.2.10, and 6.2.19, an authenticated user may use a specially crafted string to trigger a stack/heap out of bounds write...
3 affected packages
redict, valkey, redis
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| redict | Not in release | Not in release | — | — |
| valkey | Needs evaluation | Not in release | — | — |
| redis | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
Some fixes available 3 of 16
setDeferredReply in networking.c in Valkey through 8.1.1 has an integer underflow for prev->size - prev->used.
3 affected packages
redict, redis, valkey
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| redict | Not in release | Not in release | Not in release | — |
| redis | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| valkey | Fixed | Not in release | Not in release | — |