Vulnerabilities > Redislabs > Redis > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-17 | CVE-2018-11218 | Out-of-bounds Write vulnerability in multiple products Memory Corruption was discovered in the cmsgpack library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2 because of stack-based buffer overflows. | 9.8 |
| 2018-06-17 | CVE-2018-11219 | Integer Overflow or Wraparound vulnerability in multiple products An Integer Overflow issue was discovered in the struct library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2, leading to a failure of bounds checking. | 9.8 |
| 2017-10-06 | CVE-2017-15047 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Redislabs Redis 4.0.2 The clusterLoadConfig function in cluster.c in Redis 4.0.2 allows attackers to cause a denial of service (out-of-bounds array index and application crash) or possibly have unspecified other impact by leveraging "limited access to the machine." | 9.8 |
| 2016-10-28 | CVE-2016-8339 | Out-of-bounds Write vulnerability in Redislabs Redis A buffer overflow in Redis 3.2.x prior to 3.2.4 causes arbitrary code execution when a crafted command is sent. | 9.8 |