Vulnerability-Lookup

Vulnerability from cleanstart

Published

2026-04-01 09:13

Modified

2026-03-28 09:50

Summary

Security fixes for CVE-2015-8080, CVE-2019-10192, CVE-2019-10193, CVE-2020-14147, CVE-2021-32625, CVE-2021-32626, CVE-2021-32627, CVE-2021-32628, CVE-2021-32672, CVE-2021-32675, CVE-2021-32687, CVE-2021-32762, CVE-2021-41099, CVE-2022-24736, CVE-2022-24834, CVE-2022-35977, CVE-2022-3647, CVE-2023-36824, CVE-2023-41053, CVE-2023-41056, CVE-2023-45145, CVE-2024-31227, CVE-2024-31228, CVE-2024-31449, CVE-2025-46817, CVE-2025-46818, CVE-2025-46819, CVE-2025-49844 applied in versions: 5.0.4-r0, 5.0.8-r0, 6.0.3-r0, 6.2.0-r0, 6.2.4-r0, 6.2.5-r0, 6.2.6-r0, 6.2.7-r0, 7.0.12-r0, 7.0.4-r0, 7.0.5-r0, 7.0.6-r0, 7.0.8-r0, 7.2.1-r0, 7.2.2-r0, 7.2.4-r0, 7.2.5-r1, 8.2.2-r0

Details

Multiple security vulnerabilities affect the redis package. These issues are resolved in later releases. See references for individual vulnerability details.

References

URL

Type

	https://github.com/cleanstart-dev/cleanstart-secu…	ADVISORY
	https://osv.dev/vulnerability/CVE-2015-8080	WEB
	https://osv.dev/vulnerability/CVE-2019-10192	WEB
	https://osv.dev/vulnerability/CVE-2019-10193	WEB
	https://osv.dev/vulnerability/CVE-2020-14147	WEB
	https://osv.dev/vulnerability/CVE-2021-32625	WEB
	https://osv.dev/vulnerability/CVE-2021-32626	WEB
	https://osv.dev/vulnerability/CVE-2021-32627	WEB
	https://osv.dev/vulnerability/CVE-2021-32628	WEB
	https://osv.dev/vulnerability/CVE-2021-32672	WEB
	https://osv.dev/vulnerability/CVE-2021-32675	WEB
	https://osv.dev/vulnerability/CVE-2021-32687	WEB
	https://osv.dev/vulnerability/CVE-2021-32762	WEB
	https://osv.dev/vulnerability/CVE-2021-41099	WEB
	https://osv.dev/vulnerability/CVE-2022-24736	WEB
	https://osv.dev/vulnerability/CVE-2022-24834	WEB
	https://osv.dev/vulnerability/CVE-2022-35977	WEB
	https://osv.dev/vulnerability/CVE-2022-3647	WEB
	https://osv.dev/vulnerability/CVE-2023-36824	WEB
	https://osv.dev/vulnerability/CVE-2023-41053	WEB
	https://osv.dev/vulnerability/CVE-2023-41056	WEB
	https://osv.dev/vulnerability/CVE-2023-45145	WEB
	https://osv.dev/vulnerability/CVE-2024-31227	WEB
	https://osv.dev/vulnerability/CVE-2024-31228	WEB
	https://osv.dev/vulnerability/CVE-2024-31449	WEB
	https://osv.dev/vulnerability/CVE-2025-46817	WEB
	https://osv.dev/vulnerability/CVE-2025-46818	WEB
	https://osv.dev/vulnerability/CVE-2025-46819	WEB
	https://osv.dev/vulnerability/CVE-2025-49844	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2015-8080	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-10192	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-10193	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2020-14147	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-32625	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-32626	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-32627	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-32628	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-32672	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-32675	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-32687	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-32762	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-41099	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2022-24736	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2022-24834	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2022-35977	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2022-3647	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2023-36824	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2023-41053	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2023-41056	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2023-45145	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-31227	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-31228	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-31449	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-46817	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-46818	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-46819	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-49844	WEB

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "CleanStart",
        "name": "redis"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "8.2.2-r0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "credits": [],
  "database_specific": {},
  "details": "Multiple security vulnerabilities affect the redis package. These issues are resolved in later releases. See references for individual vulnerability details.",
  "id": "CLEANSTART-2026-UA95882",
  "modified": "2026-03-28T09:50:21Z",
  "published": "2026-04-01T09:13:33.524135Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-UA95882.json"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2015-8080"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-10192"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-10193"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-14147"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-32625"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-32626"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-32627"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-32628"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-32672"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-32675"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-32687"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-32762"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-41099"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-24736"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-24834"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-35977"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-3647"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-36824"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-41053"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-41056"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-45145"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-31227"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-31228"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-31449"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-46817"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-46818"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-46819"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-49844"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8080"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10192"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10193"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14147"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32625"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32626"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32627"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32628"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32672"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32675"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32687"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32762"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41099"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24736"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24834"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-35977"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3647"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-36824"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-41053"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-41056"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45145"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-31227"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-31228"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-31449"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-46817"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-46818"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-46819"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49844"
    }
  ],
  "related": [],
  "schema_version": "1.7.3",
  "summary": "Security fixes for CVE-2015-8080, CVE-2019-10192, CVE-2019-10193, CVE-2020-14147, CVE-2021-32625, CVE-2021-32626, CVE-2021-32627, CVE-2021-32628, CVE-2021-32672, CVE-2021-32675, CVE-2021-32687, CVE-2021-32762, CVE-2021-41099, CVE-2022-24736, CVE-2022-24834, CVE-2022-35977, CVE-2022-3647, CVE-2023-36824, CVE-2023-41053, CVE-2023-41056, CVE-2023-45145, CVE-2024-31227, CVE-2024-31228, CVE-2024-31449, CVE-2025-46817, CVE-2025-46818, CVE-2025-46819, CVE-2025-49844 applied in versions: 5.0.4-r0, 5.0.8-r0, 6.0.3-r0, 6.2.0-r0, 6.2.4-r0, 6.2.5-r0, 6.2.6-r0, 6.2.7-r0, 7.0.12-r0, 7.0.4-r0, 7.0.5-r0, 7.0.6-r0, 7.0.8-r0, 7.2.1-r0, 7.2.2-r0, 7.2.4-r0, 7.2.5-r1, 8.2.2-r0",
  "upstream": [
    "CVE-2015-8080",
    "CVE-2019-10192",
    "CVE-2019-10193",
    "CVE-2020-14147",
    "CVE-2021-32625",
    "CVE-2021-32626",
    "CVE-2021-32627",
    "CVE-2021-32628",
    "CVE-2021-32672",
    "CVE-2021-32675",
    "CVE-2021-32687",
    "CVE-2021-32762",
    "CVE-2021-41099",
    "CVE-2022-24736",
    "CVE-2022-24834",
    "CVE-2022-35977",
    "CVE-2022-3647",
    "CVE-2023-36824",
    "CVE-2023-41053",
    "CVE-2023-41056",
    "CVE-2023-45145",
    "CVE-2024-31227",
    "CVE-2024-31228",
    "CVE-2024-31449",
    "CVE-2025-46817",
    "CVE-2025-46818",
    "CVE-2025-46819",
    "CVE-2025-49844"
  ]
}

CVE-2023-45145 (GCVE-0-2023-45145)

Vulnerability from cvelistv5 – Published: 2023-10-18 20:17 – Updated: 2025-02-13 17:13

Title

Redis Unix-domain socket may have be exposed with the wrong permissions for a short time window.

Summary

Redis is an in-memory database that persists on disk. On startup, Redis begins listening on a Unix socket before adjusting its permissions to the user-provided configuration. If a permissive umask(2) is used, this creates a race condition that enables, during a short period of time, another process to establish an otherwise unauthorized connection. This problem has existed since Redis 2.6.0-RC1. This issue has been addressed in Redis versions 7.2.2, 7.0.14 and 6.2.14. Users are advised to upgrade. For users unable to upgrade, it is possible to work around the problem by disabling Unix sockets, starting Redis with a restrictive umask, or storing the Unix socket file in a protected directory.

Severity

3.6 (Low)


                        
                          CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N

CWE

CWE-668 - Exposure of Resource to Wrong Sphere

Assigner

GitHub_M

References

7 references

URL	Tags
https://github.com/redis/redis/security/advisorie…	x_refsource_CONFIRM
https://github.com/redis/redis/commit/03345ddc7fa…	x_refsource_MISC
https://lists.debian.org/debian-lts-announce/2023…
https://lists.fedoraproject.org/archives/list/pac…
https://lists.fedoraproject.org/archives/list/pac…
https://lists.fedoraproject.org/archives/list/pac…
https://security.netapp.com/advisory/ntap-2023111…

Impacted products

1 product

Vendor	Product	Version
redis	redis	Affected: >= 2.6.0-rc1, < 6.2.14 Affected: >= 7.0.0, < 7.0.14 Affected: >= 7.1.0, < 7.2.2

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T20:14:18.392Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "https://github.com/redis/redis/security/advisories/GHSA-ghmp-889m-7cvx",
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/redis/redis/security/advisories/GHSA-ghmp-889m-7cvx"
          },
          {
            "name": "https://github.com/redis/redis/commit/03345ddc7faf7af079485f2cbe5d17a1611cbce1",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/redis/redis/commit/03345ddc7faf7af079485f2cbe5d17a1611cbce1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00032.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/464JPNBWE433ZGYXO3KN72VR3KJPWHAW/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BNEK2K4IE7MPKRD6H36JXZMJKYS6I5GQ/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DZMGTTV5XM4LA66FSIJSETNBBRRPJYOQ/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20231116-0014/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "redis",
          "vendor": "redis",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 2.6.0-rc1, \u003c 6.2.14"
            },
            {
              "status": "affected",
              "version": "\u003e= 7.0.0, \u003c 7.0.14"
            },
            {
              "status": "affected",
              "version": "\u003e= 7.1.0, \u003c 7.2.2"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Redis is an in-memory database that persists on disk. On startup, Redis begins listening on a Unix socket before adjusting its permissions to the user-provided configuration. If a permissive umask(2) is used, this creates a race condition that enables, during a short period of time, another process to establish an otherwise unauthorized connection. This problem has existed since Redis 2.6.0-RC1. This issue has been addressed in Redis versions 7.2.2, 7.0.14 and 6.2.14. Users are advised to upgrade. For users unable to upgrade, it is possible to work around the problem by disabling Unix sockets, starting Redis with a restrictive umask, or storing the Unix socket file in a protected directory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 3.6,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-668",
              "description": "CWE-668: Exposure of Resource to Wrong Sphere",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-11-16T15:06:16.371Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/redis/redis/security/advisories/GHSA-ghmp-889m-7cvx",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/redis/redis/security/advisories/GHSA-ghmp-889m-7cvx"
        },
        {
          "name": "https://github.com/redis/redis/commit/03345ddc7faf7af079485f2cbe5d17a1611cbce1",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/redis/redis/commit/03345ddc7faf7af079485f2cbe5d17a1611cbce1"
        },
        {
          "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00032.html"
        },
        {
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/464JPNBWE433ZGYXO3KN72VR3KJPWHAW/"
        },
        {
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BNEK2K4IE7MPKRD6H36JXZMJKYS6I5GQ/"
        },
        {
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DZMGTTV5XM4LA66FSIJSETNBBRRPJYOQ/"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20231116-0014/"
        }
      ],
      "source": {
        "advisory": "GHSA-ghmp-889m-7cvx",
        "discovery": "UNKNOWN"
      },
      "title": "Redis Unix-domain socket may have be exposed with the wrong permissions for a short time window."
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2023-45145",
    "datePublished": "2023-10-18T20:17:08.588Z",
    "dateReserved": "2023-10-04T16:02:46.330Z",
    "dateUpdated": "2025-02-13T17:13:50.793Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-31227 (GCVE-0-2024-31227)

Vulnerability from cvelistv5 – Published: 2024-10-07 19:51 – Updated: 2024-10-07 20:20

Title

Denial-of-service due to malformed ACL selectors in Redis

Summary

Redis is an open source, in-memory database that persists on disk. An authenticated with sufficient privileges may create a malformed ACL selector which, when accessed, triggers a server panic and subsequent denial of service. The problem exists in Redis 7 prior to versions 7.2.6 and 7.4.1. Users are advised to upgrade. There are no known workarounds for this vulnerability.

Severity

4.4 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-20 - Improper Input Validation

Assigner

GitHub_M

References

2 references

URL	Tags
https://github.com/redis/redis/security/advisorie…	x_refsource_CONFIRM
https://github.com/redis/redis/commit/b351d5a3210…	x_refsource_MISC

Impacted products

1 product

Vendor	Product	Version
redis	redis	Affected: >= 7.0.0, < 7.2.6 Affected: >= 7.3.0, < 7.4.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-31227",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-07T20:20:44.399182Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-07T20:20:56.702Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "redis",
          "vendor": "redis",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 7.0.0, \u003c 7.2.6"
            },
            {
              "status": "affected",
              "version": "\u003e= 7.3.0, \u003c 7.4.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Redis is an open source, in-memory database that persists on disk. An authenticated with sufficient privileges may create a malformed ACL selector which, when accessed, triggers a server panic and subsequent denial of service. The problem exists in Redis 7 prior to versions 7.2.6 and 7.4.1. Users are advised to upgrade. There are no known workarounds for this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20: Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-10-07T19:51:04.520Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/redis/redis/security/advisories/GHSA-38p4-26x2-vqhh",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/redis/redis/security/advisories/GHSA-38p4-26x2-vqhh"
        },
        {
          "name": "https://github.com/redis/redis/commit/b351d5a3210e61cc3b22ba38a723d6da8f3c298a",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/redis/redis/commit/b351d5a3210e61cc3b22ba38a723d6da8f3c298a"
        }
      ],
      "source": {
        "advisory": "GHSA-38p4-26x2-vqhh",
        "discovery": "UNKNOWN"
      },
      "title": "Denial-of-service due to malformed ACL selectors in Redis"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2024-31227",
    "datePublished": "2024-10-07T19:51:04.520Z",
    "dateReserved": "2024-03-29T14:16:31.902Z",
    "dateUpdated": "2024-10-07T20:20:56.702Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-31228 (GCVE-0-2024-31228)

Vulnerability from cvelistv5 – Published: 2024-10-07 19:51 – Updated: 2025-11-03 21:54

Title

Denial-of-service due to unbounded pattern matching in Redis

Summary

Redis is an open source, in-memory database that persists on disk. Authenticated users can trigger a denial-of-service by using specially crafted, long string match patterns on supported commands such as `KEYS`, `SCAN`, `PSUBSCRIBE`, `FUNCTION LIST`, `COMMAND LIST` and ACL definitions. Matching of extremely long patterns may result in unbounded recursion, leading to stack overflow and process crash. This problem has been fixed in Redis versions 6.2.16, 7.2.6, and 7.4.1. Users are advised to upgrade. There are no known workarounds for this vulnerability.

Severity

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-674 - Uncontrolled Recursion

Assigner

GitHub_M

References

2 references

URL	Tags
https://github.com/redis/redis/security/advisorie…	x_refsource_CONFIRM
https://github.com/redis/redis/commit/9317bf64659…	x_refsource_MISC

Impacted products

1 product

Vendor	Product	Version
redis	redis	Affected: >= 2.2.5, < 6.2.16 Affected: >= 7.0.0, < 7.2.6 Affected: >= 7.3.0, < 7.4.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-31228",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-07T20:20:14.689611Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-07T20:20:24.001Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-03T21:54:38.487Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://lists.debian.org/debian-lts-announce/2024/11/msg00031.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "redis",
          "vendor": "redis",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 2.2.5, \u003c 6.2.16"
            },
            {
              "status": "affected",
              "version": "\u003e= 7.0.0, \u003c 7.2.6"
            },
            {
              "status": "affected",
              "version": "\u003e= 7.3.0, \u003c 7.4.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Redis is an open source, in-memory database that persists on disk. Authenticated users can trigger a denial-of-service by using specially crafted, long string match patterns on supported commands such as `KEYS`, `SCAN`, `PSUBSCRIBE`, `FUNCTION LIST`, `COMMAND LIST` and ACL definitions. Matching of extremely long patterns may result in unbounded recursion, leading to stack overflow and process crash. This problem has been fixed in Redis versions 6.2.16, 7.2.6, and 7.4.1. Users are advised to upgrade. There are no known workarounds for this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-674",
              "description": "CWE-674: Uncontrolled Recursion",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-10-07T19:51:06.784Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/redis/redis/security/advisories/GHSA-66gq-c942-6976",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/redis/redis/security/advisories/GHSA-66gq-c942-6976"
        },
        {
          "name": "https://github.com/redis/redis/commit/9317bf64659b33166a943ec03d5d9b954e86afb0",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/redis/redis/commit/9317bf64659b33166a943ec03d5d9b954e86afb0"
        }
      ],
      "source": {
        "advisory": "GHSA-66gq-c942-6976",
        "discovery": "UNKNOWN"
      },
      "title": "Denial-of-service due to unbounded pattern matching in Redis"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2024-31228",
    "datePublished": "2024-10-07T19:51:06.784Z",
    "dateReserved": "2024-03-29T14:16:31.902Z",
    "dateUpdated": "2025-11-03T21:54:38.487Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2024-31449 (GCVE-0-2024-31449)

Vulnerability from cvelistv5 – Published: 2024-10-07 19:51 – Updated: 2024-11-19 04:55

Title

Lua library commands may lead to stack overflow and RCE in Redis

Summary

Redis is an open source, in-memory database that persists on disk. An authenticated user may use a specially crafted Lua script to trigger a stack buffer overflow in the bit library, which may potentially lead to remote code execution. The problem exists in all versions of Redis with Lua scripting. This problem has been fixed in Redis versions 6.2.16, 7.2.6, and 7.4.1. Users are advised to upgrade. There are no known workarounds for this vulnerability.

Severity

7 (High)


                        
                          CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-20 - Improper Input Validation
CWE-121 - Stack-based Buffer Overflow

Assigner

GitHub_M

References

2 references

URL	Tags
https://github.com/redis/redis/security/advisorie…	x_refsource_CONFIRM
https://github.com/redis/redis/commit/1f7c148be2c…	x_refsource_MISC

Impacted products

1 product

Vendor	Product	Version
redis	redis	Affected: >= 2.6, < 6.2.16 Affected: >= 7.0.0, < 7.2.6 Affected: >= 7.3.0, < 7.4.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:redis:redis:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "redis",
            "vendor": "redis",
            "versions": [
              {
                "lessThan": "6.2.16",
                "status": "affected",
                "version": "2.6",
                "versionType": "custom"
              },
              {
                "lessThan": "7.2.6",
                "status": "affected",
                "version": "7.0.0",
                "versionType": "custom"
              },
              {
                "lessThan": "7.4.1",
                "status": "affected",
                "version": "7.3.0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-31449",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-11T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-19T04:55:42.670Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "redis",
          "vendor": "redis",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 2.6, \u003c 6.2.16"
            },
            {
              "status": "affected",
              "version": "\u003e= 7.0.0, \u003c 7.2.6"
            },
            {
              "status": "affected",
              "version": "\u003e= 7.3.0, \u003c 7.4.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Redis is an open source, in-memory database that persists on disk. An authenticated user may use a specially crafted Lua script to trigger a stack buffer overflow in the bit library, which may potentially lead to remote code execution. The problem exists in all versions of Redis with Lua scripting. This problem has been fixed in Redis versions 6.2.16, 7.2.6, and 7.4.1. Users are advised to upgrade. There are no known workarounds for this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20: Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-121",
              "description": "CWE-121: Stack-based Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-10-07T19:51:08.775Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/redis/redis/security/advisories/GHSA-whxg-wx83-85p5",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/redis/redis/security/advisories/GHSA-whxg-wx83-85p5"
        },
        {
          "name": "https://github.com/redis/redis/commit/1f7c148be2cbacf7d50aa461c58b871e87cc5ed9",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/redis/redis/commit/1f7c148be2cbacf7d50aa461c58b871e87cc5ed9"
        }
      ],
      "source": {
        "advisory": "GHSA-whxg-wx83-85p5",
        "discovery": "UNKNOWN"
      },
      "title": "Lua library commands may lead to stack overflow and RCE in Redis"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2024-31449",
    "datePublished": "2024-10-07T19:51:08.775Z",
    "dateReserved": "2024-04-03T17:55:32.646Z",
    "dateUpdated": "2024-11-19T04:55:42.670Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-46817 (GCVE-0-2025-46817)

Vulnerability from cvelistv5 – Published: 2025-10-03 17:52 – Updated: 2025-10-03 18:32

Title

Lua library commands may lead to integer overflow and potential RCE

Summary

Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lua script to cause an integer overflow and potentially lead to remote code execution The problem exists in all versions of Redis with Lua scripting. This issue is fixed in version 8.2.2.

Severity

7 (High)


                        
                          CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-190 - Integer Overflow or Wraparound

Assigner

GitHub_M

References

3 references

URL	Tags
https://github.com/redis/redis/security/advisorie…	x_refsource_CONFIRM
https://github.com/redis/redis/commit/fc9abc775e3…	x_refsource_MISC
https://github.com/redis/redis/releases/tag/8.2.2	x_refsource_MISC

Impacted products

1 product

Vendor	Product	Version
redis	redis	Affected: < 8.2.2

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-46817",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-10-03T18:31:53.907831Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-03T18:32:16.521Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "redis",
          "vendor": "redis",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 8.2.2"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lua script to cause an integer overflow and potentially lead to remote code execution The problem exists in all versions of Redis with Lua scripting. This issue is fixed in version 8.2.2."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-190",
              "description": "CWE-190: Integer Overflow or Wraparound",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-10-03T17:52:48.478Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/redis/redis/security/advisories/GHSA-m8fj-85cg-7vhp",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/redis/redis/security/advisories/GHSA-m8fj-85cg-7vhp"
        },
        {
          "name": "https://github.com/redis/redis/commit/fc9abc775e308374f667fdf3e723ef4b7eb0e3ca",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/redis/redis/commit/fc9abc775e308374f667fdf3e723ef4b7eb0e3ca"
        },
        {
          "name": "https://github.com/redis/redis/releases/tag/8.2.2",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/redis/redis/releases/tag/8.2.2"
        }
      ],
      "source": {
        "advisory": "GHSA-m8fj-85cg-7vhp",
        "discovery": "UNKNOWN"
      },
      "title": "Lua library commands may lead to integer overflow and potential RCE"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2025-46817",
    "datePublished": "2025-10-03T17:52:48.478Z",
    "dateReserved": "2025-04-30T19:41:58.134Z",
    "dateUpdated": "2025-10-03T18:32:16.521Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-46818 (GCVE-0-2025-46818)

Vulnerability from cvelistv5 – Published: 2025-10-03 18:38 – Updated: 2025-10-03 19:14

Title

Redis: Authenticated users can execute LUA scripts as a different user

Summary

Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lua script to manipulate different LUA objects and potentially run their own code in the context of another user. The problem exists in all versions of Redis with LUA scripting. This issue is fixed in version 8.2.2. A workaround to mitigate the problem without patching the redis-server executable is to prevent users from executing LUA scripts. This can be done using ACL to block a script by restricting both the EVAL and FUNCTION command families.

Severity

6 (Medium)


                        
                          CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N

CWE

CWE-94 - Improper Control of Generation of Code ('Code Injection')

Assigner

GitHub_M

References

3 references

URL	Tags
https://github.com/redis/redis/security/advisorie…	x_refsource_CONFIRM
https://github.com/redis/redis/commit/45eac026202…	x_refsource_MISC
https://github.com/redis/redis/releases/tag/8.2.2	x_refsource_MISC

Impacted products

1 product

Vendor	Product	Version
redis	redis	Affected: < 8.2.2

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-46818",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-10-03T19:02:57.936547Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-03T19:14:19.668Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "redis",
          "vendor": "redis",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 8.2.2"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lua script to manipulate different LUA objects and potentially run their own code in the context of another user. The problem exists in all versions of Redis with LUA scripting. This issue is fixed in version 8.2.2. A workaround to mitigate the problem without patching the redis-server executable is to prevent users from executing LUA scripts. This can be done using ACL to block a script by restricting both the EVAL and FUNCTION command families."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 6,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-94",
              "description": "CWE-94: Improper Control of Generation of Code (\u0027Code Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-10-03T18:38:57.170Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/redis/redis/security/advisories/GHSA-qrv7-wcrx-q5jp",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/redis/redis/security/advisories/GHSA-qrv7-wcrx-q5jp"
        },
        {
          "name": "https://github.com/redis/redis/commit/45eac0262028c771b6f5307372814b75f49f7a9e",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/redis/redis/commit/45eac0262028c771b6f5307372814b75f49f7a9e"
        },
        {
          "name": "https://github.com/redis/redis/releases/tag/8.2.2",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/redis/redis/releases/tag/8.2.2"
        }
      ],
      "source": {
        "advisory": "GHSA-qrv7-wcrx-q5jp",
        "discovery": "UNKNOWN"
      },
      "title": "Redis: Authenticated users can execute LUA scripts as a different user"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2025-46818",
    "datePublished": "2025-10-03T18:38:57.170Z",
    "dateReserved": "2025-04-30T19:41:58.134Z",
    "dateUpdated": "2025-10-03T19:14:19.668Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-46819 (GCVE-0-2025-46819)

Vulnerability from cvelistv5 – Published: 2025-10-03 19:12 – Updated: 2025-10-31 14:53

Title

Redis is vulnerable to DoS via specially crafted LUA scripts

Summary

Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted LUA script to read out-of-bound data or crash the server and subsequent denial of service. The problem exists in all versions of Redis with Lua scripting. This issue is fixed in version 8.2.2. To workaround this issue without patching the redis-server executable is to prevent users from executing Lua scripts. This can be done using ACL to block a script by restricting both the EVAL and FUNCTION command families.

Severity

6.3 (Medium)


                        
                          CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H

CWE

CWE-190 - Integer Overflow or Wraparound

Assigner

GitHub_M

References

3 references

URL	Tags
https://github.com/redis/redis/security/advisorie…	x_refsource_CONFIRM
https://github.com/redis/redis/commit/3a1624da244…	x_refsource_MISC
https://github.com/redis/redis/releases/tag/8.2.2	x_refsource_MISC

Impacted products

1 product

Vendor	Product	Version
redis	redis	Affected: < 8.2.2

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-46819",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-10-03T19:24:17.581618Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-03T19:24:24.823Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-10-31T14:53:41.010Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://www.vicarius.io/vsociety/posts/cve-2025-46819-detect-redis-vulnerability"
          },
          {
            "url": "https://www.vicarius.io/vsociety/posts/cve-2025-46819-mitigate-redis-vulnerability"
          }
        ],
        "title": "CVE Program Container",
        "x_generator": {
          "engine": "ADPogram 0.0.1"
        }
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "redis",
          "vendor": "redis",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 8.2.2"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted LUA script to read out-of-bound data or crash the server and subsequent denial of service. The problem exists in all versions of Redis with Lua scripting. This issue is fixed in version 8.2.2. To workaround this issue without patching the redis-server executable is to prevent users from executing Lua scripts. This can be done using ACL to block a script by restricting both the EVAL and FUNCTION command families."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-190",
              "description": "CWE-190: Integer Overflow or Wraparound",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-10-03T19:12:10.999Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/redis/redis/security/advisories/GHSA-4c68-q8q8-3g4f",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/redis/redis/security/advisories/GHSA-4c68-q8q8-3g4f"
        },
        {
          "name": "https://github.com/redis/redis/commit/3a1624da2449ac3dbfc4bdaed43adf77a0b7bfba",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/redis/redis/commit/3a1624da2449ac3dbfc4bdaed43adf77a0b7bfba"
        },
        {
          "name": "https://github.com/redis/redis/releases/tag/8.2.2",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/redis/redis/releases/tag/8.2.2"
        }
      ],
      "source": {
        "advisory": "GHSA-4c68-q8q8-3g4f",
        "discovery": "UNKNOWN"
      },
      "title": "Redis is vulnerable to DoS via specially crafted LUA scripts"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2025-46819",
    "datePublished": "2025-10-03T19:12:10.999Z",
    "dateReserved": "2025-04-30T19:41:58.134Z",
    "dateUpdated": "2025-10-31T14:53:41.010Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-49844 (GCVE-0-2025-49844)

Vulnerability from cvelistv5 – Published: 2025-10-03 19:27 – Updated: 2026-03-20 14:08

Title

Redis Lua Use-After-Free may lead to remote code execution

Summary

Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lua script to manipulate the garbage collector, trigger a use-after-free and potentially lead to remote code execution. The problem exists in all versions of Redis with Lua scripting. This issue is fixed in version 8.2.2. To workaround this issue without patching the redis-server executable is to prevent users from executing Lua scripts. This can be done using ACL to restrict EVAL and EVALSHA commands.

Severity

10 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

CWE

CWE-416 - Use After Free

Assigner

GitHub_M

References

3 references

URL	Tags
https://github.com/redis/redis/security/advisorie…	x_refsource_CONFIRM
https://github.com/redis/redis/commit/d5728cb5795…	x_refsource_MISC
https://github.com/redis/redis/releases/tag/8.2.2	x_refsource_MISC

Impacted products

1 product

Vendor	Product	Version
redis	redis	Affected: < 8.2.2

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-49844",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-03-20T03:55:40.030296Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-03-20T14:08:37.823Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "exploit"
            ],
            "url": "https://github.com/lastvocher/redis-CVE-2025-49844"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-04T21:11:33.153Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://www.openwall.com/lists/oss-security/2025/10/07/2"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "redis",
          "vendor": "redis",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 8.2.2"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lua script to manipulate the garbage collector, trigger a use-after-free and potentially lead to remote code execution. The problem exists in all versions of Redis with Lua scripting. This issue is fixed in version 8.2.2. To workaround this issue without patching the redis-server executable is to prevent users from executing Lua scripts. This can be done using ACL to restrict EVAL and EVALSHA commands."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 10,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-416",
              "description": "CWE-416: Use After Free",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-10-03T19:27:23.609Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/redis/redis/security/advisories/GHSA-4789-qfc9-5f9q",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/redis/redis/security/advisories/GHSA-4789-qfc9-5f9q"
        },
        {
          "name": "https://github.com/redis/redis/commit/d5728cb5795c966c5b5b1e0f0ac576a7e69af539",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/redis/redis/commit/d5728cb5795c966c5b5b1e0f0ac576a7e69af539"
        },
        {
          "name": "https://github.com/redis/redis/releases/tag/8.2.2",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/redis/redis/releases/tag/8.2.2"
        }
      ],
      "source": {
        "advisory": "GHSA-4789-qfc9-5f9q",
        "discovery": "UNKNOWN"
      },
      "title": "Redis Lua Use-After-Free may lead to remote code execution"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2025-49844",
    "datePublished": "2025-10-03T19:27:23.609Z",
    "dateReserved": "2025-06-11T14:33:57.800Z",
    "dateUpdated": "2026-03-20T14:08:37.823Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

Vulnerability from cleanstart

CVE-2023-45145 (GCVE-0-2023-45145)

CVE-2024-31227 (GCVE-0-2024-31227)

CVE-2024-31228 (GCVE-0-2024-31228)

CVE-2024-31449 (GCVE-0-2024-31449)

CVE-2025-46817 (GCVE-0-2025-46817)

CVE-2025-46818 (GCVE-0-2025-46818)

CVE-2025-46819 (GCVE-0-2025-46819)

CVE-2025-49844 (GCVE-0-2025-49844)

Tags

Sightings

Nomenclature