VYPR

RedisGraph

by RedisGraph

CVEs (3)

  • CVE-2023-47003CriNov 16, 2023
    risk 0.64cvss 9.8epss 0.01

    An issue in RedisGraph v.2.12.10 allows an attacker to execute arbitrary code and cause a denial of service via a crafted string in DataBlock_ItemIsDeleted.

  • CVE-2023-47004HigNov 6, 2023
    risk 0.57cvss 8.8epss 0.01

    Buffer Overflow vulnerability in Redis RedisGraph v.2.x through v.2.12.8 and fixed in v.2.12.9 allows an attacker to execute arbitrary code via the code logic after valid authentication.

  • CVE-2020-35668HigDec 23, 2020
    risk 0.42cvss 7.5epss 0.02

    RedisGraph 2.x through 2.2.11 has a NULL Pointer Dereference that leads to a server crash because it mishandles an unquoted string, such as an alias that has not yet been introduced.