VYPR

Hiredis

by Redis

CVEs (2)

  • CVE-2020-7105HigJan 16, 2020
    risk 0.49cvss 7.5epss 0.03

    async.c and dict.c in libhiredis.a in hiredis through 0.14.0 allow a NULL pointer dereference because malloc return values are unchecked.

  • CVE-2021-32765HigOct 4, 2021
    risk 0.00cvss 8.8epss 0.02

    Hiredis is a minimalistic C client library for the Redis database. In affected versions Hiredis is vulnurable to integer overflow if provided maliciously crafted or corrupted `RESP` `mult-bulk` protocol data. When parsing `multi-bulk` (array-like) replies, hiredis fails to check…