Vulnerabilities > Redislabs

DATE CVE VULNERABILITY TITLE RISK
2021-10-04 CVE-2021-32672 Out-of-bounds Read vulnerability in multiple products
Redis is an open source, in-memory database that persists on disk.
network
low complexity
redislabs redhat CWE-125
4.0
2021-09-20 CVE-2020-21468 Unspecified vulnerability in Redislabs Redis 5.0.7
** DISPUTED ** A segmentation fault in the redis-server component of Redis 5.0.7 leads to a denial of service (DOS).
network
low complexity
redislabs
5.0
2021-07-21 CVE-2021-32761 Integer Overflow to Buffer Overflow vulnerability in multiple products
Redis is an in-memory database that persists on disk.
6.0
2021-06-02 CVE-2021-32625 Classic Buffer Overflow vulnerability in multiple products
Redis is an open source (BSD licensed), in-memory data structure store, used as a database, cache, and message broker.
network
low complexity
redislabs fedoraproject CWE-120
6.5
2021-05-04 CVE-2021-29478 Integer Overflow or Wraparound vulnerability in multiple products
Redis is an open source (BSD licensed), in-memory data structure store, used as a database, cache, and message broker.
6.0
2021-05-04 CVE-2021-29477 Integer Overflow or Wraparound vulnerability in multiple products
Redis is an open source (BSD licensed), in-memory data structure store, used as a database, cache, and message broker.
network
low complexity
redislabs fedoraproject CWE-190
6.5
2021-03-31 CVE-2021-3470 Out-of-bounds Write vulnerability in Redislabs Redis
A heap overflow issue was found in Redis in versions before 5.0.10, before 6.0.9 and before 6.2.0 when using a heap allocator other than jemalloc or glibc's malloc, leading to potential out of bound write or process crash.
network
low complexity
redislabs CWE-787
5.0
2021-02-26 CVE-2021-21309 Integer Overflow or Wraparound vulnerability in Redislabs Redis
Redis is an open-source, in-memory database that persists on disk.
network
low complexity
redislabs CWE-190
6.5
2020-12-23 CVE-2020-35668 NULL Pointer Dereference vulnerability in Redislabs Redisgraph
RedisGraph 2.x through 2.2.11 has a NULL Pointer Dereference that leads to a server crash because it mishandles an unquoted string, such as an alias that has not yet been introduced.
network
low complexity
redislabs CWE-476
5.0
2020-06-15 CVE-2020-14147 Integer Overflow or Wraparound vulnerability in multiple products
An integer overflow in the getnum function in lua_struct.c in Redis before 6.0.3 allows context-dependent attackers with permission to run Lua code in a Redis session to cause a denial of service (memory corruption and application crash) or possibly bypass intended sandbox restrictions via a large number, which triggers a stack-based buffer overflow.
network
low complexity
redislabs oracle suse debian CWE-190
4.0