Redis is an in-memory database that persists on disk. Versions 6.0.0 and above, prior to 6.0.5 are vulnerable to a NULL Pointer Dereference. An attacker may be able to cause a denial of service by sending specially crafted messages to the `server` command. This has been patched in Redis version 6.0.5. No known workarounds exist. Redis is an in-memory database that persists on disk. Versions 5.0.0 and above are vulnerable to a Denial of Service via Network. Redis is prone to denial of service due to a network issue. This has been patched in Redis version 5.0.5. No known workarounds exist. Redis is an in-memory database that persists on disk. Versions 3.2.0 and above are vulnerable to a Denial of Service via Server Failure. Redis is prone to a denial of service due to a server failure. This has been patched in Redis version 3.2.5. No known workarounds exist. Redis is an in-memory database that persists on disk. Versions 0.9.0 and above are vulnerable to a Denial of Service via Server Failure. Redis is prone to a denial of service due to a server failure. This has been patched in Redis version 0.9.10. No known workarounds exist. Redis is an in-memory
Redis Overview
Redis is an open source, in-memory data structure store with support for different types of aggregates including lists, sets, sorted sets, hashes, and hyperloglogs. It is written in ANSI C. Redis is a single-threaded server that persists its data to disk only when it absolutely must do so.
Redis is vulnerable to denial of service due to a server failure. Versions 0.9.0 and above are vulnerable to a Denial of Service via Server Failure. Redis is prone to a denial of service due to a server failure. This has been patched in Redis version 0.9.10. No known workarounds exist.
What is Redis?
Redis is a key-value database with advanced features such as atomic operations, pipelining, and pub/sub. It has support for data types such as strings, hashes, lists, sets, sorted sets and hyperloglogs.
Timeline
Published on: 09/23/2022 04:15:00 UTC
Last modified on: 11/09/2022 20:40:00 UTC
References
- https://github.com/redis/redis/security/advisories/GHSA-5gc4-76rx-22c9
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A7INCOOFPPEAKNDBZU3TIZJPYXBULI2C/
- https://security.gentoo.org/glsa/202209-17
- https://security.netapp.com/advisory/ntap-20221020-0005/
- https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-35951