VYPR

apk package

chainguard/redis-cli-7.0

pkg:apk/chainguard/redis-cli-7.0

Vulnerabilities (5)

  • CVE-2023-41056Jan 10, 2024
    affected < 7.0.15-r0fixed 7.0.15-r0

    Redis is an in-memory database that persists on disk. Redis incorrectly handles resizing of memory buffers which can result in integer overflow that leads to heap overflow and potential remote code execution. This issue has been patched in version 7.0.15 and 7.2.4.

  • CVE-2023-41053Sep 6, 2023
    affected < 7.0.13-r0fixed 7.0.13-r0

    Redis is an in-memory database that persists on disk. Redis does not correctly identify keys accessed by `SORT_RO` and as a result may grant users executing this command access to keys that are not explicitly authorized by the ACL configuration. The problem exists in Redis 7.0 or

  • CVE-2022-3734Oct 28, 2022
    affected < 0fixed 0

    A vulnerability was found in a port or fork of Redis. It has been declared as critical. This vulnerability affects unknown code in the library C:/Program Files/Redis/dbghelp.dll. The manipulation leads to uncontrolled search path. The attack can be initiated remotely. The exploit

  • CVE-2022-3647Oct 21, 2022
    affected < 0fixed 0

    ** DISPUTED ** A vulnerability, which was classified as problematic, was found in Redis up to 6.2.7/7.0.5. Affected is the function sigsegvHandler of the file debug.c of the component Crash Report. The manipulation leads to denial of service. The complexity of an attack is rather

  • CVE-2022-0543KEVFeb 18, 2022
    affected < 0fixed 0

    It was discovered, that redis, a persistent key-value database, due to a packaging issue, is prone to a (Debian-specific) Lua sandbox escape, which could result in remote code execution.