Lucene search

K

Veracode Vulnerability DatabaseVERACODE:32370

HistoryOct 05, 2021 - 5:12 a.m.

Remote Code Execution (RCE)

2021-10-0505:12:59

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

20

0.009 Low

EPSS

Percentile

82.6%

Redis is vulnerable to remote code execution. The vulnerability exists due to an integer overflow in the underlying string library can be used to corrupt the heap and potentially result with denial of service or remote code execution.

CPENameOperatorVersion
redis:3.14eq6.2.5-r0
redis:3.14eq6.2.4-r0
redis:3.12eq5.0.9-r0
redis:3.12eq5.0.13-r0
redis:3.12eq5.0.11-r0
redis:3.13eq6.0.15-r0
redis:3.13eq6.0.11-r0
redis:3.13eq6.0.14-r0
redis:3.11eq5.0.13-r0
redis:3.11eq5.0.7-r0

Rows per page:

1-10 of 741

References

github.com/redis/redis/commit/c6ad876774f3cc11e32681ea02a2eead00f2c521

github.com/redis/redis/security/advisories/GHSA-j3cr-9h5g-6cph

lists.fedoraproject.org/archives/list/[email protected]/message/HTYQ5ZF37HNGTZWVNJD3VXP7I6MEEF42/

lists.fedoraproject.org/archives/list/[email protected]/message/VL5KXFN3ATM7IIM7Q4O4PWTSRGZ5744Z/

lists.fedoraproject.org/archives/list/[email protected]/message/WR5WKJWXD4D6S3DJCZ56V74ESLTDQRAB/

secdb.alpinelinux.org/edge/main.yaml

secdb.alpinelinux.org/v3.11/main.yaml

secdb.alpinelinux.org/v3.12/main.yaml

secdb.alpinelinux.org/v3.13/main.yaml

secdb.alpinelinux.org/v3.14/main.yaml

security.gentoo.org/glsa/202209-17

security.netapp.com/advisory/ntap-20211104-0003/

www.debian.org/security/2021/dsa-5001

www.oracle.com/security-alerts/cpuapr2022.html

0.009 Low

EPSS

Percentile

82.6%

Related for VERACODE:32370

debiancve1 osv9 nvd1 prion1 cve1 redhatcve1 cvelist1 cbl_mariner2 alpinelinux1 ubuntucve1 openvas10 almalinux2 nessus21 oraclelinux2 redhat11 debian2 rocky2 ibm5 fedora3 mageia1 freebsd1 suse1 ubuntu1 photon3 gentoo1 oracle1