Security: redis/redis
Security Advisories
View known security vulnerabilities and report new vulnerabilities privately to maintainers.
-
Heap overflow in Redis 7.0 XAUTOCLAIM command's COUNT argument.GHSA-5gc4-76rx-22c9 published
Sep 22, 2022 by yossigoHigh -
Potential heap overflow in Redis 7.0 XAUTOCLAIM command.GHSA-96f7-42fg-2jrh published
Jul 18, 2022 by yossigoHigh -
Heap overflow issue with the Lua cjson and cmsgpack libraries used by RedisGHSA-p8x2-9v9q-c838 published
Jul 10, 2023 by yossigoHigh -
Lua scripts can be manipulated to overcome ACL rulesGHSA-647m-2wmq-qmvq published
Apr 27, 2022 by yossigoLow -
A Malformed Lua script can crash RedisGHSA-3qpw-7686-5984 published
Apr 27, 2022 by yossigoLow -
DEBUG command is dangerous and enabled by defaultGHSA-px78-xgh7-74fw published
Apr 27, 2022 by yossigoModerate -
Integer overflow issue with stringsGHSA-j3cr-9h5g-6cph published
Oct 4, 2021 by yossigoHigh -
Integer overflow that can lead to heap overflow in redis-cli, redis-sentinel on some platformsGHSA-833w-8v3m-8wwr published
Oct 4, 2021 by yossigoHigh -
Integer overflow issues with BITFIELD command on 32-bit systemsGHSA-8wxq-j7rp-g8wj published
Jul 21, 2021 by yossigoHigh -
Integer overflow issue with intsetsGHSA-m3mf-8x9w-r27q published
Oct 4, 2021 by yossigoHigh