Количество 32
Количество 32
CVE-2025-27151
Redis is an open source, in-memory database that persists on disk. In ...
CVE-2025-32023
Redis is an open source, in-memory database that persists on disk. From 2.8 to before 8.0.3, 7.4.5, 7.2.10, and 6.2.19, an authenticated user may use a specially crafted string to trigger a stack/heap out of bounds write on hyperloglog operations, potentially leading to remote code execution. The bug likely affects all Redis versions with hyperloglog operations implemented. This vulnerability is fixed in 8.0.3, 7.4.5, 7.2.10, and 6.2.19. An additional workaround to mitigate the problem without patching the redis-server executable is to prevent users from executing hyperloglog operations. This can be done using ACL to restrict HLL commands.
CVE-2025-32023
Redis is an open source, in-memory database that persists on disk. From 2.8 to before 8.0.3, 7.4.5, 7.2.10, and 6.2.19, an authenticated user may use a specially crafted string to trigger a stack/heap out of bounds write on hyperloglog operations, potentially leading to remote code execution. The bug likely affects all Redis versions with hyperloglog operations implemented. This vulnerability is fixed in 8.0.3, 7.4.5, 7.2.10, and 6.2.19. An additional workaround to mitigate the problem without patching the redis-server executable is to prevent users from executing hyperloglog operations. This can be done using ACL to restrict HLL commands.
CVE-2025-32023
Redis is an open source, in-memory database that persists on disk. From 2.8 to before 8.0.3, 7.4.5, 7.2.10, and 6.2.19, an authenticated user may use a specially crafted string to trigger a stack/heap out of bounds write on hyperloglog operations, potentially leading to remote code execution. The bug likely affects all Redis versions with hyperloglog operations implemented. This vulnerability is fixed in 8.0.3, 7.4.5, 7.2.10, and 6.2.19. An additional workaround to mitigate the problem without patching the redis-server executable is to prevent users from executing hyperloglog operations. This can be done using ACL to restrict HLL commands.
CVE-2025-32023
CVE-2025-32023
Redis is an open source, in-memory database that persists on disk. Fro ...
SUSE-SU-2025:02190-1
Security update for redis
ROS-20250710-06
Уязвимость redis
BDU:2025-08608
Уязвимость команды redis-check-aof системы управления базами данных (СУБД) Redis, позволяющая нарушителю выполнить произвольный код
BDU:2025-08113
Уязвимость сервера системы управления базами данных (СУБД) Redis, позволяющая нарушителю выполнить произвольный код
SUSE-SU-2025:02231-1
Security update for valkey
SUSE-SU-2025:01942-1
Security update for valkey
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| CVE-2025-27151 Redis is an open source, in-memory database that persists on disk. In ... | CVSS3: 4.7 | 0% Низкий | 3 месяца назад |
 | CVE-2025-32023 Redis is an open source, in-memory database that persists on disk. From 2.8 to before 8.0.3, 7.4.5, 7.2.10, and 6.2.19, an authenticated user may use a specially crafted string to trigger a stack/heap out of bounds write on hyperloglog operations, potentially leading to remote code execution. The bug likely affects all Redis versions with hyperloglog operations implemented. This vulnerability is fixed in 8.0.3, 7.4.5, 7.2.10, and 6.2.19. An additional workaround to mitigate the problem without patching the redis-server executable is to prevent users from executing hyperloglog operations. This can be done using ACL to restrict HLL commands. | CVSS3: 7 | 0% Низкий | около 1 месяца назад |
 | CVE-2025-32023 Redis is an open source, in-memory database that persists on disk. From 2.8 to before 8.0.3, 7.4.5, 7.2.10, and 6.2.19, an authenticated user may use a specially crafted string to trigger a stack/heap out of bounds write on hyperloglog operations, potentially leading to remote code execution. The bug likely affects all Redis versions with hyperloglog operations implemented. This vulnerability is fixed in 8.0.3, 7.4.5, 7.2.10, and 6.2.19. An additional workaround to mitigate the problem without patching the redis-server executable is to prevent users from executing hyperloglog operations. This can be done using ACL to restrict HLL commands. | CVSS3: 8.8 | 0% Низкий | около 1 месяца назад |
 | CVE-2025-32023 Redis is an open source, in-memory database that persists on disk. From 2.8 to before 8.0.3, 7.4.5, 7.2.10, and 6.2.19, an authenticated user may use a specially crafted string to trigger a stack/heap out of bounds write on hyperloglog operations, potentially leading to remote code execution. The bug likely affects all Redis versions with hyperloglog operations implemented. This vulnerability is fixed in 8.0.3, 7.4.5, 7.2.10, and 6.2.19. An additional workaround to mitigate the problem without patching the redis-server executable is to prevent users from executing hyperloglog operations. This can be done using ACL to restrict HLL commands. | CVSS3: 7 | 0% Низкий | около 1 месяца назад |
 | CVSS3: 7 | 0% Низкий | 15 дней назад | |
| CVE-2025-32023 Redis is an open source, in-memory database that persists on disk. Fro ... | CVSS3: 7 | 0% Низкий | около 1 месяца назад |
 | SUSE-SU-2025:02190-1 Security update for redis | 0% Низкий | около 1 месяца назад | |
 | ROS-20250710-06 Уязвимость redis | CVSS3: 4.7 | 0% Низкий | около 1 месяца назад |
 | BDU:2025-08608 Уязвимость команды redis-check-aof системы управления базами данных (СУБД) Redis, позволяющая нарушителю выполнить произвольный код | CVSS3: 4.7 | 0% Низкий | 3 месяца назад |
| BDU:2025-08113 Уязвимость сервера системы управления базами данных (СУБД) Redis, позволяющая нарушителю выполнить произвольный код | CVSS3: 7 | 0% Низкий | около 1 месяца назад |
| SUSE-SU-2025:02231-1 Security update for valkey | около 1 месяца назад | ||
| SUSE-SU-2025:01942-1 Security update for valkey | 2 месяца назад |
Уязвимостей на страницу