Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

51 – 60 of 62 results


CVE-2016-2121

Medium priority

Some fixes available 2 of 6

A permissions flaw was found in redis, which sets weak permissions on certain files and directories that could potentially contain sensitive information. A local, unprivileged user could possibly use this flaw to access...

1 affected packages

redis

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
redis Not affected Not affected Not affected Fixed
Show less packages

CVE-2018-11219

Medium priority

Some fixes available 3 of 4

An Integer Overflow issue was discovered in the struct library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2, leading to a failure of bounds checking.

1 affected packages

redis

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
redis Fixed Fixed
Show less packages

CVE-2018-11218

Medium priority

Some fixes available 3 of 4

Memory Corruption was discovered in the cmsgpack library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2 because of stack-based buffer overflows.

1 affected packages

redis

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
redis Fixed Fixed
Show less packages

CVE-2018-12326

Medium priority

Some fixes available 3 of 4

Buffer overflow in redis-cli of Redis before 4.0.10 and 5.x before 5.0 RC3 allows an attacker to achieve code execution and escalate to higher privileges via a crafted command line. NOTE: It is unclear whether there are any common...

1 affected packages

redis

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
redis Fixed Fixed
Show less packages

CVE-2018-12453

Low priority
Ignored

Type confusion in the xgroupCommand function in t_stream.c in redis-server in Redis before 5.0 allows remote attackers to cause denial-of-service via an XGROUP command in which the key is not a stream.

1 affected packages

redis

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
redis Not affected Not affected
Show less packages

CVE-2017-1000248

Unknown priority

Some fixes available 1 of 3

Redis-store <=v1.3.0 allows unsafe objects to be loaded from redis

1 affected packages

ruby-redis-store

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ruby-redis-store Not affected Fixed
Show less packages

CVE-2016-10517

Medium priority

Some fixes available 3 of 4

networking.c in Redis before 3.2.7 allows "Cross Protocol Scripting" because it lacks a check for POST and Host: strings, which are not valid in the Redis protocol (but commonly occur when an attack triggers an HTTP request to the...

1 affected packages

redis

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
redis Not affected Fixed
Show less packages

CVE-2017-15047

Low priority

Some fixes available 1 of 3

The clusterLoadConfig function in cluster.c in Redis 4.0.2 allows attackers to cause a denial of service (out-of-bounds array index and application crash) or possibly have unspecified other impact by leveraging "limited access to...

1 affected packages

redis

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
redis Not affected Fixed
Show less packages

CVE-2016-8339

Medium priority
Ignored

A buffer overflow in Redis 3.2.x prior to 3.2.4 causes arbitrary code execution when a crafted command is sent. An out of bounds write vulnerability exists in the handling of the client-output-buffer-limit option during the CONFIG...

1 affected packages

redis

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
redis Not affected Not affected
Show less packages

CVE-2013-7458

Medium priority

Some fixes available 2 of 7

linenoise, as used in Redis before 3.2.3, uses world-readable permissions for .rediscli_history, which allows local users to obtain sensitive information by reading the file.

1 affected packages

redis

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
redis Not affected Fixed
Show less packages