Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

21 – 30 of 62 results


CVE-2022-35951

Medium priority
Ignored

Redis is an in-memory database that persists on disk. Versions 7.0.0 and above, prior to 7.0.5 are vulnerable to an Integer Overflow. Executing an `XAUTOCLAIM` command on a stream key in a specific state, with a specially crafted...

1 affected packages

redis

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
redis Not affected Not affected Not affected Not affected Not affected
Show less packages

CVE-2022-31144

Medium priority
Ignored

Redis is an in-memory database that persists on disk. A specially crafted `XAUTOCLAIM` command on a stream key in a specific state may result with heap overflow, and potentially remote code execution. This problem affects versions...

1 affected packages

redis

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
redis Not affected Not affected Not affected Not affected Not affected
Show less packages

CVE-2022-33105

Medium priority
Ignored

Redis v7.0 was discovered to contain a memory leak via the component streamGetEdgeID.

1 affected packages

redis

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
redis Not affected Not affected Not affected Not affected Not affected
Show less packages

CVE-2022-24736

Medium priority
Vulnerable

Redis is an in-memory database that persists on disk. Prior to versions 6.2.7 and 7.0.0, an attacker attempting to load a specially crafted Lua script can cause NULL pointer dereference which will result with a crash of the...

1 affected packages

redis

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
redis Not affected Vulnerable Vulnerable Vulnerable Vulnerable
Show less packages

CVE-2022-24735

Medium priority
Needs evaluation

Redis is an in-memory database that persists on disk. By exploiting weaknesses in the Lua script execution environment, an attacker with access to Redis prior to version 7.0.0 or 6.2.7 can inject Lua code that will execute with...

1 affected packages

redis

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
redis Not affected Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2022-0543

Medium priority
Fixed

It was discovered, that redis, a persistent key-value database, due to a packaging issue, is prone to a (Debian-specific) Lua sandbox escape, which could result in remote code execution.

1 affected packages

redis

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
redis Fixed Not affected Not affected
Show less packages

CVE-2021-43519

Low priority
Needs evaluation

Stack overflow in lua_resume of ldo.c in Lua Interpreter 5.1.0~5.4.4 allows attackers to perform a Denial of Service via a crafted script file.

45 affected packages

ardour, bam, blobby, ceph, darktable...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ardour Not affected Not affected Not affected Not affected Not affected
bam Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
blobby Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
ceph Not affected Not affected Not affected Not affected Not affected
darktable Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
eja Not in release Needs evaluation Needs evaluation Needs evaluation Ignored
emscripten Needs evaluation Needs evaluation Needs evaluation Needs evaluation
enigma Not affected Not affected Not affected Not affected Not affected
freeciv Not affected Not affected Not affected Not affected Not affected
freedroidrpg Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
fs-uae Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
golly Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
goxel Needs evaluation Needs evaluation Needs evaluation Needs evaluation Ignored
grub2 Not affected Not affected Not affected Not affected Not affected
gtk2-engines Not affected Not affected Not affected Not affected Not affected
haskell-hslua Not affected Not affected Not affected Not affected Not affected
hedgewars Not affected Not affected Not affected Not affected Not affected
lua5.1 Not affected Not affected Not affected Not affected Not affected
lua5.2 Not affected Not affected Not affected Not affected Not affected
lua5.3 Not affected Not affected Not affected Not affected Not affected
lua5.4 Not affected Not affected Not in release Not in release Not in release
lua50 Not in release Not in release Not affected Not affected Not affected
luajit Not affected Not affected Not affected Not affected Not affected
mame Not affected Not affected Not affected Not affected Not affected
naev Needs evaluation Needs evaluation Needs evaluation Ignored
openscenegraph Not affected Not affected Not affected Not affected Not affected
redis Not affected Not affected Not affected Not affected Not affected
rust-lua52-sys Needs evaluation Needs evaluation Needs evaluation Ignored
scite Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
scorched3d Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
scummvm Not affected Not affected Not affected Not affected Not affected
spring Not affected Not affected Not affected Not affected Not affected
syslinux Not affected Not affected Not affected Not affected Not affected
syslinux-legacy Not in release Not in release Not affected Not affected Not affected
tagua Not affected Not affected Not affected Not affected Not affected
tarantool Needs evaluation Needs evaluation Needs evaluation Needs evaluation
texlive-bin Not affected Not affected Not affected Not affected Not affected
tup Needs evaluation Needs evaluation Needs evaluation Ignored
ufoai Not affected Not affected Not affected Not affected Not affected
vifm Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
wcc Needs evaluation Needs evaluation Needs evaluation Needs evaluation Ignored
wesnoth Ignored
widelands Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
xmoto Not affected Not affected Not affected Not affected Not affected
zfs-linux Not affected Not affected Not affected Not affected Not affected
Show all 45 packages Show less packages

CVE-2021-32765

Medium priority
Vulnerable

Hiredis is a minimalistic C client library for the Redis database. In affected versions Hiredis is vulnurable to integer overflow if provided maliciously crafted or corrupted `RESP` `mult-bulk` protocol data. When parsing...

1 affected packages

hiredis

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
hiredis Not affected Not affected Not affected Not affected Vulnerable
Show less packages

CVE-2021-41099

Medium priority

Some fixes available 2 of 4

Redis is an open source, in-memory database that persists on disk. An integer overflow bug in the underlying string library can be used to corrupt the heap and potentially result with denial of service or remote code execution....

1 affected packages

redis

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
redis Not affected Not affected Fixed Fixed Not affected
Show less packages

CVE-2021-32762

Negligible priority
Needs evaluation

Redis is an open source, in-memory database that persists on disk. The redis-cli command line tool and redis-sentinel service may be vulnerable to integer overflow when parsing specially crafted large multi-bulk network replies....

7 affected packages

discque, hiredis, nginx, python-hiredis, redis...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
discque Not in release Not in release Not in release Not in release Ignored
hiredis Not affected Not affected Not affected Not affected Needs evaluation
nginx Not affected Not affected Not affected Not affected Not affected
python-hiredis Not affected Not affected Not affected Not affected Needs evaluation
redis Not affected Not affected Not affected Not affected Needs evaluation
rspamd Not affected Not affected Not affected Not in release Ignored
webdis Not affected Not affected Not affected Not in release Needs evaluation
Show all 7 packages Show less packages