Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2019-10193

Опубликовано: 11 июл. 2019
Источник: ubuntu
Приоритет: medium
EPSS Средний
CVSS2: 6.5
CVSS3: 7.2

Описание

A stack-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x before 3.2.13, 4.x before 4.0.14 and 5.x before 5.0.4. By corrupting a hyperloglog using the SETRANGE command, an attacker could cause Redis to perform controlled increments of up to 12 bytes past the end of a stack-allocated buffer.

РелизСтатусПримечание
bionic

not-affected

code not present
cosmic

not-affected

code not present
devel

not-affected

5:5.0.5-1
disco

released

5:5.0.3-4ubuntu0.1
esm-apps/bionic

not-affected

code not present
esm-apps/xenial

not-affected

code not present
esm-infra-legacy/trusty

not-affected

code not present
precise/esm

DNE

trusty

ignored

end of standard support
trusty/esm

not-affected

code not present

Показывать по

Ссылки на источники

EPSS

Процентиль: 97%
0.33463
Средний

6.5 Medium

CVSS2

7.2 High

CVSS3

Связанные уязвимости

redhat логотип

CVE-2019-10193

CVSS3: 7.2
redhat
больше 6 лет назад

A stack-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x before 3.2.13, 4.x before 4.0.14 and 5.x before 5.0.4. By corrupting a hyperloglog using the SETRANGE command, an attacker could cause Redis to perform controlled increments of up to 12 bytes past the end of a stack-allocated buffer.

nvd логотип

CVE-2019-10193

CVSS3: 7.2
nvd
больше 6 лет назад

A stack-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x before 3.2.13, 4.x before 4.0.14 and 5.x before 5.0.4. By corrupting a hyperloglog using the SETRANGE command, an attacker could cause Redis to perform controlled increments of up to 12 bytes past the end of a stack-allocated buffer.

debian логотип

CVE-2019-10193

CVSS3: 7.2
debian
больше 6 лет назад

A stack-buffer overflow vulnerability was found in the Redis hyperlogl ...

github логотип

GHSA-7c9p-23p9-r8x2

github
больше 3 лет назад

A stack-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x before 3.2.13, 4.x before 4.0.14 and 5.x before 5.0.4. By corrupting a hyperloglog using the SETRANGE command, an attacker could cause Redis to perform controlled increments of up to 12 bytes past the end of a stack-allocated buffer.

fstec логотип

BDU:2019-03575

CVSS3: 7.2
fstec
больше 6 лет назад

Уязвимость алгоритма HyperLogLog резидентной системы управления базами данных класса NoSQL Redis, позволяющая нарушителю оказать воздействие на целостность данных, получить несанкционированный доступ к защищаемой информации, а также вызвать отказ в обслуживании

EPSS

Процентиль: 97%
0.33463
Средний

6.5 Medium

CVSS2

7.2 High

CVSS3