Описание
Memory Corruption was discovered in the cmsgpack library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2 because of stack-based buffer overflows.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | ignored | end of life |
| bionic | released | 5:4.0.9-1ubuntu0.1 |
| cosmic | not-affected | 5:4.0.11-2 |
| devel | not-affected | 5:4.0.11-2 |
| esm-apps/bionic | released | 5:4.0.9-1ubuntu0.1 |
| esm-apps/xenial | released | 2:3.0.6-1ubuntu0.2 |
| esm-infra-legacy/trusty | released | 2:2.8.4-2ubuntu0.2 |
| precise/esm | DNE | |
| trusty | released | 2:2.8.4-2ubuntu0.2 |
| trusty/esm | released | 2:2.8.4-2ubuntu0.2 |
Показывать по
Ссылки на источники
7.5 High
CVSS2
9.8 Critical
CVSS3
Связанные уязвимости
Memory Corruption was discovered in the cmsgpack library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2 because of stack-based buffer overflows.
Memory Corruption was discovered in the cmsgpack library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2 because of stack-based buffer overflows.
Memory Corruption was discovered in the cmsgpack library in the Lua su ...
Memory Corruption was discovered in the cmsgpack library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2 because of stack-based buffer overflows.
Уязвимость библиотеки cmsgpack подсистемы Lua системы управления базами данных Redis, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации
7.5 High
CVSS2
9.8 Critical
CVSS3