Known Vulnerabilities for products from Redislabs
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Redislabs".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2021-32761 | Redis is an in-memory database that persists on disk. A vulnerability involving out-of-bounds read and integer overflow to bu... | 7.5 - HIGH | 2021-07-21 | 2023-11-07 |
| CVE-2021-32672 | Redis is an open source, in-memory database that persists on disk. When using the Redis Lua Debugger, users can send malforme... | 4.3 - MEDIUM | 2021-10-04 | 2023-11-07 |
| CVE-2021-32625 | Redis is an open source (BSD licensed), in-memory data structure store, used as a database, cache, and message broker. An int... | 8.8 - HIGH | 2021-06-02 | 2023-11-07 |
| CVE-2021-29478 | Redis is an open source (BSD licensed), in-memory data structure store, used as a database, cache, and message broker. An int... | 8.8 - HIGH | 2021-05-04 | 2023-11-07 |
| CVE-2021-29477 | Redis is an open source (BSD licensed), in-memory data structure store, used as a database, cache, and message broker. An int... | 8.8 - HIGH | 2021-05-04 | 2023-11-07 |
| CVE-2021-21309 | Redis is an open-source, in-memory database that persists on disk. In affected versions of Redis an integer overflow bug in 3... | 8.8 - HIGH | 2021-02-26 | 2022-10-19 |
| CVE-2021-3470 | A heap overflow issue was found in Redis in versions before 5.0.10, before 6.0.9 and before 6.2.0 when using a heap allocator... | 5.3 - MEDIUM | 2021-03-31 | 2021-04-05 |
| CVE-2020-35668 | RedisGraph 2.x through 2.2.11 has a NULL Pointer Dereference that leads to a server crash because it mishandles an unquoted s... | 7.5 - HIGH | 2020-12-23 | 2020-12-28 |
| CVE-2020-21468 | ** DISPUTED ** A segmentation fault in the redis-server component of Redis 5.0.7 leads to a denial of service (DOS). NOTE: th... | 7.5 - HIGH | 2021-09-20 | 2023-11-07 |
| CVE-2020-14147 | An integer overflow in the getnum function in lua_struct.c in Redis before 6.0.3 allows context-dependent attackers with perm... | 7.7 - HIGH | 2020-06-15 | 2021-07-30 |
| CVE-2020-7105 | async.c and dict.c in libhiredis.a in hiredis through 0.14.0 allow a NULL pointer dereference because malloc return values ar... | 7.5 - HIGH | 2020-01-16 | 2023-11-07 |
| CVE-2019-10193 | A stack-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x before 3.2.13, 4.x befor... | 7.2 - HIGH | 2019-07-11 | 2021-10-28 |
| CVE-2019-10192 | A heap-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x before 3.2.13, 4.x before... | 7.2 - HIGH | 2019-07-11 | 2021-10-28 |
| CVE-2018-12453 | Type confusion in the xgroupCommand function in t_stream.c in redis-server in Redis before 5.0 allows remote attackers to cau... | 7.5 - HIGH | 2018-06-16 | 2018-08-14 |
| CVE-2018-12326 | Buffer overflow in redis-cli of Redis before 4.0.10 and 5.x before 5.0 RC3 allows an attacker to achieve code execution and e... | 8.4 - HIGH | 2018-06-17 | 2019-01-17 |
| CVE-2018-11219 | An Integer Overflow issue was discovered in the struct library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10... | 9.8 - CRITICAL | 2018-06-17 | 2021-08-04 |
| CVE-2018-11218 | Memory Corruption was discovered in the cmsgpack library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and ... | 9.8 - CRITICAL | 2018-06-17 | 2021-08-04 |
| CVE-2017-15047 | The clusterLoadConfig function in cluster.c in Redis 4.0.2 allows attackers to cause a denial of service (out-of-bounds array... | 9.8 - CRITICAL | 2017-10-06 | 2020-08-28 |
| CVE-2016-10517 | networking.c in Redis before 3.2.7 allows "Cross Protocol Scripting" because it lacks a check for POST and Host: strings, whi... | 7.4 - HIGH | 2017-10-24 | 2018-08-08 |
| CVE-2016-8339 | A buffer overflow in Redis 3.2.x prior to 3.2.4 causes arbitrary code execution when a crafted command is sent. An out of bou... | 9.8 - CRITICAL | 2016-10-28 | 2023-01-30 |