Количество 36
Количество 36
SUSE-SU-2025:03507-1
Security update for redis
SUSE-SU-2025:03506-1
Security update for redis
SUSE-SU-2025:03505-1
Security update for redis
SUSE-SU-2025:03502-1
Security update for valkey
SUSE-SU-2025:03501-1
Security update for redis7
SUSE-SU-2025:03500-1
Security update for redis7
SUSE-SU-2025:03499-1
Security update for valkey
ELSA-2025-19345
ELSA-2025-19345: redis:7 security update (IMPORTANT)
ELSA-2025-19238
ELSA-2025-19238: redis:6 security update (IMPORTANT)
ELSA-2025-19237
ELSA-2025-19237: redis security update (IMPORTANT)
ROS-20251029-06
Множественные уязвимости redis
CVE-2025-46817
Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lua script to cause an integer overflow and potentially lead to remote code execution The problem exists in all versions of Redis with Lua scripting. This issue is fixed in version 8.2.2.
CVE-2025-46817
Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lua script to cause an integer overflow and potentially lead to remote code execution The problem exists in all versions of Redis with Lua scripting. This issue is fixed in version 8.2.2.
CVE-2025-46817
Lua library commands may lead to integer overflow and potential RCE
CVE-2025-46817
Redis is an open source, in-memory database that persists on disk. Ver ...
BDU:2025-12820
Уязвимость системы управления базами данных (СУБД) Redis, связанная с целочисленным переполнением, позволяющая нарушителю выполнить произвольный код
BDU:2025-01671
Уязвимость компонентов drm/amd/display ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
CVE-2025-46818
Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lua script to manipulate different LUA objects and potentially run their own code in the context of another user. The problem exists in all versions of Redis with LUA scripting. This issue is fixed in version 8.2.2. A workaround to mitigate the problem without patching the redis-server executable is to prevent users from executing LUA scripts. This can be done using ACL to block a script by restricting both the EVAL and FUNCTION command families.
CVE-2025-46818
Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lua script to manipulate different LUA objects and potentially run their own code in the context of another user. The problem exists in all versions of Redis with LUA scripting. This issue is fixed in version 8.2.2. A workaround to mitigate the problem without patching the redis-server executable is to prevent users from executing LUA scripts. This can be done using ACL to block a script by restricting both the EVAL and FUNCTION command families.
CVE-2025-46818
Redis: Authenticated users can execute LUA scripts as a different user
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | SUSE-SU-2025:03507-1 Security update for redis | 25 дней назад | ||
| SUSE-SU-2025:03506-1 Security update for redis | 25 дней назад | ||
| SUSE-SU-2025:03505-1 Security update for redis | 25 дней назад | ||
| SUSE-SU-2025:03502-1 Security update for valkey | 26 дней назад | ||
| SUSE-SU-2025:03501-1 Security update for redis7 | 26 дней назад | ||
| SUSE-SU-2025:03500-1 Security update for redis7 | 26 дней назад | ||
| SUSE-SU-2025:03499-1 Security update for valkey | 26 дней назад | ||
| ELSA-2025-19345 ELSA-2025-19345: redis:7 security update (IMPORTANT) | 4 дня назад | ||
| ELSA-2025-19238 ELSA-2025-19238: redis:6 security update (IMPORTANT) | 5 дней назад | ||
| ELSA-2025-19237 ELSA-2025-19237: redis security update (IMPORTANT) | 5 дней назад | ||
 | ROS-20251029-06 Множественные уязвимости redis | CVSS3: 9.9 | 6 дней назад | |
 | CVE-2025-46817 Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lua script to cause an integer overflow and potentially lead to remote code execution The problem exists in all versions of Redis with Lua scripting. This issue is fixed in version 8.2.2. | CVSS3: 7 | 29% Средний | около 1 месяца назад |
 | CVE-2025-46817 Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lua script to cause an integer overflow and potentially lead to remote code execution The problem exists in all versions of Redis with Lua scripting. This issue is fixed in version 8.2.2. | CVSS3: 7 | 29% Средний | около 1 месяца назад |
 | CVE-2025-46817 Lua library commands may lead to integer overflow and potential RCE | CVSS3: 7 | 29% Средний | 25 дней назад |
| CVE-2025-46817 Redis is an open source, in-memory database that persists on disk. Ver ... | CVSS3: 7 | 29% Средний | около 1 месяца назад |
 | BDU:2025-12820 Уязвимость системы управления базами данных (СУБД) Redis, связанная с целочисленным переполнением, позволяющая нарушителю выполнить произвольный код | CVSS3: 9.8 | 29% Средний | около 1 месяца назад |
| BDU:2025-01671 Уязвимость компонентов drm/amd/display ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании | CVSS3: 5.5 | 0% Низкий | больше 1 года назад |
| CVE-2025-46818 Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lua script to manipulate different LUA objects and potentially run their own code in the context of another user. The problem exists in all versions of Redis with LUA scripting. This issue is fixed in version 8.2.2. A workaround to mitigate the problem without patching the redis-server executable is to prevent users from executing LUA scripts. This can be done using ACL to block a script by restricting both the EVAL and FUNCTION command families. | CVSS3: 6 | 4% Низкий | около 1 месяца назад |
| CVE-2025-46818 Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lua script to manipulate different LUA objects and potentially run their own code in the context of another user. The problem exists in all versions of Redis with LUA scripting. This issue is fixed in version 8.2.2. A workaround to mitigate the problem without patching the redis-server executable is to prevent users from executing LUA scripts. This can be done using ACL to block a script by restricting both the EVAL and FUNCTION command families. | CVSS3: 6 | 4% Низкий | около 1 месяца назад |
| CVE-2025-46818 Redis: Authenticated users can execute LUA scripts as a different user | CVSS3: 6 | 4% Низкий | 25 дней назад |
Уязвимостей на страницу