Vulnerabilities > Redislabs > Redis > 4.0.14
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-07-21 | CVE-2021-32761 | Integer Overflow to Buffer Overflow vulnerability in multiple products Redis is an in-memory database that persists on disk. | 7.5 |
| 2021-03-31 | CVE-2021-3470 | Out-of-bounds Write vulnerability in Redislabs Redis A heap overflow issue was found in Redis in versions before 5.0.10, before 6.0.9 and before 6.2.0 when using a heap allocator other than jemalloc or glibc's malloc, leading to potential out of bound write or process crash. | 5.0 |
| 2021-02-26 | CVE-2021-21309 | Integer Overflow or Wraparound vulnerability in Redislabs Redis Redis is an open-source, in-memory database that persists on disk. | 8.8 |
| 2020-06-15 | CVE-2020-14147 | Integer Overflow or Wraparound vulnerability in multiple products An integer overflow in the getnum function in lua_struct.c in Redis before 6.0.3 allows context-dependent attackers with permission to run Lua code in a Redis session to cause a denial of service (memory corruption and application crash) or possibly bypass intended sandbox restrictions via a large number, which triggers a stack-based buffer overflow. | 4.0 |
| 2018-06-16 | CVE-2018-12453 | Incorrect Type Conversion or Cast vulnerability in Redislabs Redis Type confusion in the xgroupCommand function in t_stream.c in redis-server in Redis before 5.0 allows remote attackers to cause denial-of-service via an XGROUP command in which the key is not a stream. | 5.0 |