Security: redis/redis
Security Advisories
View known security vulnerabilities and report new vulnerabilities privately to maintainers.
-
Redis Unix-domain socket may be exposed with the wrong permissions for a short time window.GHSA-ghmp-889m-7cvx published
Oct 18, 2023 by yossigoLow -
Certain sequence of payloads may lead to remote code executionGHSA-xr47-pcmx-fq2m published
Jan 9, 2024 by yossigoHigh -
Redis SORT_RO may bypass ACL configurationGHSA-q4jr-5p56-4xwc published
Sep 6, 2023 by yossigoLow -
Heap overflow in COMMAND GETKEYS and ACL evaluationGHSA-4cfx-h9gq-xpx3 published
Jul 10, 2023 by yossigoHigh -
HINCRBYFLOAT can be used to crash a redis-server processGHSA-hjv8-vjf6-wcr6 published
Apr 18, 2023 by yossigoModerate -
Specially crafted MSETNX command can lead to denial-of-serviceGHSA-mvmm-4vq6-vw8c published
Mar 20, 2023 by oranagraModerate -
Integer Overflow in several Redis commands can lead to denial of service.GHSA-x2r7-j9vw-3w83 published
Feb 28, 2023 by yossigoModerate -
Integer overflow in the Redis HRANDFIELD and ZRANDMEMBER commands may lead to denial-of-serviceGHSA-r8w2-2m53-gprj published
Jan 20, 2023 by yossigoModerate -
Redis string pattern matching can be abused to achieve Denial of ServiceGHSA-jr7j-rfj5-8xqv published
Feb 28, 2023 by yossigoModerate -
Integer overflow in the Redis SETRANGE and SORT/SORT_RO commands may result with false OOM panicGHSA-mrcw-fhw9-fj8j published
Jan 20, 2023 by yossigoModerate