VYPR
Vendor

RedisBloom

Products
1
CVEs
4
Across products
4
Status
Private

Products

1

Recent CVEs

4
  • CVE-2024-55656HigJan 8, 2025
    risk 0.51cvss 8.8epss 0.15

    RedisBloom adds a set of probabilistic data structures to Redis. There is an integer overflow vulnerability in RedisBloom, which is a module used in Redis. The integer overflow vulnerability allows an attacker (a redis client which knows the password) to allocate memory in the…

  • CVE-2026-25589HigMay 5, 2026
    risk 0.50cvss 8.8epss 0.01

    RedisBloom is a probabilistic data structures module for Redis. In all versions of RedisBloom before 2.8.20, the module does not properly validate serialized values processed through the Redis RESTORE command. An authenticated attacker with permission to execute RESTORE on a…

  • CVE-2024-25115HigApr 9, 2024
    risk 0.39cvss 7.0epss 0.00

    RedisBloom adds a set of probabilistic data structures to Redis. Starting in version 2.0.0 and prior to version 2.4.7 and 2.6.10, specially crafted `CF.LOADCHUNK` commands may be used by authenticated users to perform heap overflow, which may lead to remote code execution. The…

  • CVE-2024-25116MedApr 9, 2024
    risk 0.29cvss 5.5epss 0.00

    RedisBloom adds a set of probabilistic data structures to Redis. Starting in version 2.0.0 and prior to version 2.4.7 and 2.6.10, authenticated users can use the `CF.RESERVE` command to trigger a runtime assertion and termination of the Redis server process. The problem is fixed…