Known Vulnerabilities for products from Redislabs
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Redislabs".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-47004 json | Buffer Overflow vulnerability in Redis RedisGraph v.2.x through v.2.12.8 and fixed in v.2.12.9 allows an attacker to execute ... | 8.8 - HIGH | 2023-11-06 | 2023-11-16 |
| CVE-2023-47003 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 9.8 - CRITICAL | 2023-11-16 | 2023-11-21 |
| CVE-2021-32761 json | Redis is an in-memory database that persists on disk. A vulnerability involving out-of-bounds read and integer overflow to bu... | 7.5 - HIGH | 2021-07-21 | 2023-11-07 |
| CVE-2021-32672 json | Redis is an open source, in-memory database that persists on disk. When using the Redis Lua Debugger, users can send malforme... | 4.3 - MEDIUM | 2021-10-04 | 2023-11-07 |
| CVE-2021-32625 json | Redis is an open source (BSD licensed), in-memory data structure store, used as a database, cache, and message broker. An int... | 8.8 - HIGH | 2021-06-02 | 2023-11-07 |
| CVE-2021-29478 json | Redis is an open source (BSD licensed), in-memory data structure store, used as a database, cache, and message broker. An int... | 8.8 - HIGH | 2021-05-04 | 2023-11-07 |
| CVE-2021-29477 json | Redis is an open source (BSD licensed), in-memory data structure store, used as a database, cache, and message broker. An int... | 8.8 - HIGH | 2021-05-04 | 2023-11-07 |
| CVE-2021-21309 json | Redis is an open-source, in-memory database that persists on disk. In affected versions of Redis an integer overflow bug in 3... | 8.8 - HIGH | 2021-02-26 | 2022-10-19 |
| CVE-2021-3470 json | A heap overflow issue was found in Redis in versions before 5.0.10, before 6.0.9 and before 6.2.0 when using a heap allocator... | 5.3 - MEDIUM | 2021-03-31 | 2021-04-05 |
| CVE-2020-35668 json | RedisGraph 2.x through 2.2.11 has a NULL Pointer Dereference that leads to a server crash because it mishandles an unquoted s... | 7.5 - HIGH | 2020-12-23 | 2020-12-28 |
| CVE-2020-21468 json | ** DISPUTED ** A segmentation fault in the redis-server component of Redis 5.0.7 leads to a denial of service (DOS). NOTE: th... | 7.5 - HIGH | 2021-09-20 | 2023-11-07 |
| CVE-2020-14147 json | An integer overflow in the getnum function in lua_struct.c in Redis before 6.0.3 allows context-dependent attackers with perm... | 7.7 - HIGH | 2020-06-15 | 2021-07-30 |
| CVE-2020-7105 json | async.c and dict.c in libhiredis.a in hiredis through 0.14.0 allow a NULL pointer dereference because malloc return values ar... | 7.5 - HIGH | 2020-01-16 | 2023-11-07 |
| CVE-2019-10193 json | A stack-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x before 3.2.13, 4.x befor... | 7.2 - HIGH | 2019-07-11 | 2021-10-28 |
| CVE-2019-10192 json | A heap-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x before 3.2.13, 4.x before... | 7.2 - HIGH | 2019-07-11 | 2021-10-28 |
| CVE-2018-12453 json | Type confusion in the xgroupCommand function in t_stream.c in redis-server in Redis before 5.0 allows remote attackers to cau... | 7.5 - HIGH | 2018-06-16 | 2018-08-14 |
| CVE-2018-12326 json | Buffer overflow in redis-cli of Redis before 4.0.10 and 5.x before 5.0 RC3 allows an attacker to achieve code execution and e... | 8.4 - HIGH | 2018-06-17 | 2019-01-17 |
| CVE-2018-11219 json | An Integer Overflow issue was discovered in the struct library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10... | 9.8 - CRITICAL | 2018-06-17 | 2021-08-04 |
| CVE-2018-11218 json | Memory Corruption was discovered in the cmsgpack library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and ... | 9.8 - CRITICAL | 2018-06-17 | 2021-08-04 |
| CVE-2017-15047 json | The clusterLoadConfig function in cluster.c in Redis 4.0.2 allows attackers to cause a denial of service (out-of-bounds array... | 9.8 - CRITICAL | 2017-10-06 | 2020-08-28 |