Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2021-32765
HistoryOct 04, 2021 - 9:15 p.m.

Integer overflow

2021-10-0421:15:00
PRIOn knowledge base
www.prio-n.com
7

8.7 High

AI Score

Confidence

High

0.035 Low

EPSS

Percentile

91.5%

JSON

Hiredis is a minimalistic C client library for the Redis database. In affected versions Hiredis is vulnurable to integer overflow if provided maliciously crafted or corrupted RESP mult-bulk protocol data. When parsing multi-bulk (array-like) replies, hiredis fails to check if count * sizeof(redisReply*) can be represented in SIZE_MAX. If it can not, and the calloc() call doesn’t itself make this check, it would result in a short allocation and subsequent buffer overflow. Users of hiredis who are unable to update may set the maxelements context option to a value small enough that no overflow is possible.

CPENameOperatorVersion
debian_linuxeq9.0
hiredislt1.0.1

Related

nessus 5
nvd 1
cvelist 1
openvas 4
suse 2
rosalinux 2
gentoo 1
fedora 1
debiancve 1
cnvd 1
debian 1
redhatcve 1
alpinelinux 1
cve 1
ubuntucve 1
mageia 1
freebsd 1
osv 2
nessus
nessus
Debian DLA-2783-1 : hiredis - LTS security update
2021-10-12 00:00:00
FreeBSD : hiredis -- integer/buffer overflow (2220827b-c732-11ec-b272-901b0e934d69)
2023-11-06 00:00:00
GLSA-202210-32 : hiredis, hiredis-py: Multiple Vulnerabilities
2022-10-31 00:00:00
nvd
nvd
CVE-2021-32765
2021-10-04 21:15:12
cvelist
cvelist
CVE-2021-32765 Integer Overflow to Buffer Overflow in Hiredis
2021-10-04 00:00:00
openvas
openvas
Debian: Security Advisory (DLA-2783-1)
2021-10-13 00:00:00
Fedora: Security Advisory for hiredis (FEDORA-2022-ec83686a30)
2022-01-30 00:00:00
Mageia: Security Advisory (MGASA-2021-0562)
2022-01-28 00:00:00
suse
suse
Security update for hiredis (moderate)
2021-12-09 00:00:00
Security update for hiredis (moderate)
2021-12-06 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2024-2336
2024-02-06 07:40:56
Advisory ROSA-SA-2024-2337
2024-02-06 07:45:40
gentoo
gentoo
hiredis, hiredis-py: Multiple Vulnerabilities
2022-10-31 00:00:00
fedora
fedora
[SECURITY] Fedora 35 Update: hiredis-0.13.3-17.fc35
2022-01-30 01:44:09
debiancve
debiancve
CVE-2021-32765
2021-10-04 21:15:12
cnvd
cnvd
Redis input validation error vulnerability
2021-10-09 00:00:00
debian
debian
[SECURITY] [DLA 2783-1] hiredis security update
2021-10-12 10:23:31
redhatcve
redhatcve
CVE-2021-32765
2021-10-13 05:14:13
alpinelinux
alpinelinux
CVE-2021-32765
2021-10-04 21:15:00
cve
cve
CVE-2021-32765
2021-10-04 21:15:12
ubuntucve
ubuntucve
CVE-2021-32765
2021-10-04 00:00:00
mageia
mageia
Updated hiredis packages fix security vulnerability
2021-12-19 15:26:08
freebsd
freebsd
hiredis -- integer/buffer overflow
2021-10-04 00:00:00
osv
osv
hiredis - security update
2021-10-12 00:00:00
CVE-2021-32765
2021-10-04 21:15:12

8.7 High

AI Score

Confidence

High

0.035 Low

EPSS

Percentile

91.5%

JSON
Related for PRION:CVE-2021-32765
nessus5nvd1cvelist1openvas4suse2rosalinux2gentoo1fedora1debiancve1cnvd1debian1redhatcve1alpinelinux1cve1ubuntucve1mageia1freebsd1osv2