All the vulnerabilites related to Redis Labs - redis
cve-2019-10193
Vulnerability from cvelistv5
Published
2019-07-11 18:30
Modified
2024-08-04 22:17
Severity ?
EPSS score ?
Summary
A stack-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x before 3.2.13, 4.x before 4.0.14 and 5.x before 5.0.4. By corrupting a hyperloglog using the SETRANGE command, an attacker could cause Redis to perform controlled increments of up to 12 bytes past the end of a stack-allocated buffer.
References
▼ | URL | Tags |
---|---|---|
https://www.debian.org/security/2019/dsa-4480 | vendor-advisory, x_refsource_DEBIAN | |
https://seclists.org/bugtraq/2019/Jul/19 | mailing-list, x_refsource_BUGTRAQ | |
https://usn.ubuntu.com/4061-1/ | vendor-advisory, x_refsource_UBUNTU | |
http://www.securityfocus.com/bid/109290 | vdb-entry, x_refsource_BID | |
https://access.redhat.com/errata/RHSA-2019:1819 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2019:2002 | vendor-advisory, x_refsource_REDHAT | |
https://security.gentoo.org/glsa/201908-04 | vendor-advisory, x_refsource_GENTOO | |
https://www.oracle.com/security-alerts/cpujul2020.html | x_refsource_MISC | |
https://raw.githubusercontent.com/antirez/redis/3.2/00-RELEASENOTES | x_refsource_MISC | |
https://raw.githubusercontent.com/antirez/redis/4.0/00-RELEASENOTES | x_refsource_MISC | |
https://raw.githubusercontent.com/antirez/redis/5.0/00-RELEASENOTES | x_refsource_MISC | |
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10193 | x_refsource_CONFIRM |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Redis Labs | redis |
Version: 3.x before 3.2.13 Version: 4.x before 4.0.14 Version: 5.x before 5.0.4 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T22:17:18.421Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "DSA-4480", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "https://www.debian.org/security/2019/dsa-4480" }, { "name": "20190712 [SECURITY] [DSA 4480-1] redis security update", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "https://seclists.org/bugtraq/2019/Jul/19" }, { "name": "USN-4061-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/4061-1/" }, { "name": "109290", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/109290" }, { "name": "RHSA-2019:1819", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2019:1819" }, { "name": "RHSA-2019:2002", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2019:2002" }, { "name": "GLSA-201908-04", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201908-04" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpujul2020.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://raw.githubusercontent.com/antirez/redis/3.2/00-RELEASENOTES" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://raw.githubusercontent.com/antirez/redis/4.0/00-RELEASENOTES" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://raw.githubusercontent.com/antirez/redis/5.0/00-RELEASENOTES" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10193" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "redis", "vendor": "Redis Labs", "versions": [ { "status": "affected", "version": "3.x before 3.2.13" }, { "status": "affected", "version": "4.x before 4.0.14" }, { "status": "affected", "version": "5.x before 5.0.4" } ] } ], "descriptions": [ { "lang": "en", "value": "A stack-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x before 3.2.13, 4.x before 4.0.14 and 5.x before 5.0.4. By corrupting a hyperloglog using the SETRANGE command, an attacker could cause Redis to perform controlled increments of up to 12 bytes past the end of a stack-allocated buffer." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-121", "description": "CWE-121", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2020-07-15T02:23:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "DSA-4480", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "https://www.debian.org/security/2019/dsa-4480" }, { "name": "20190712 [SECURITY] [DSA 4480-1] redis security update", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "https://seclists.org/bugtraq/2019/Jul/19" }, { "name": "USN-4061-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/4061-1/" }, { "name": "109290", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/109290" }, { "name": "RHSA-2019:1819", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2019:1819" }, { "name": "RHSA-2019:2002", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2019:2002" }, { "name": "GLSA-201908-04", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201908-04" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com/security-alerts/cpujul2020.html" }, { "tags": [ "x_refsource_MISC" ], "url": "https://raw.githubusercontent.com/antirez/redis/3.2/00-RELEASENOTES" }, { "tags": [ "x_refsource_MISC" ], "url": "https://raw.githubusercontent.com/antirez/redis/4.0/00-RELEASENOTES" }, { "tags": [ "x_refsource_MISC" ], "url": "https://raw.githubusercontent.com/antirez/redis/5.0/00-RELEASENOTES" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10193" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2019-10193", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "redis", "version": { "version_data": [ { "version_value": "3.x before 3.2.13" }, { "version_value": "4.x before 4.0.14" }, { "version_value": "5.x before 5.0.4" } ] } } ] }, "vendor_name": "Redis Labs" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A stack-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x before 3.2.13, 4.x before 4.0.14 and 5.x before 5.0.4. By corrupting a hyperloglog using the SETRANGE command, an attacker could cause Redis to perform controlled increments of up to 12 bytes past the end of a stack-allocated buffer." } ] }, "impact": { "cvss": [ [ { "vectorString": "7.2/CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } ] ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-121" } ] } ] }, "references": { "reference_data": [ { "name": "DSA-4480", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2019/dsa-4480" }, { "name": "20190712 [SECURITY] [DSA 4480-1] redis security update", "refsource": "BUGTRAQ", "url": "https://seclists.org/bugtraq/2019/Jul/19" }, { "name": "USN-4061-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/4061-1/" }, { "name": "109290", "refsource": "BID", "url": "http://www.securityfocus.com/bid/109290" }, { "name": "RHSA-2019:1819", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:1819" }, { "name": "RHSA-2019:2002", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:2002" }, { "name": "GLSA-201908-04", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201908-04" }, { "name": "https://www.oracle.com/security-alerts/cpujul2020.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpujul2020.html" }, { "name": "https://raw.githubusercontent.com/antirez/redis/3.2/00-RELEASENOTES", "refsource": "MISC", "url": "https://raw.githubusercontent.com/antirez/redis/3.2/00-RELEASENOTES" }, { "name": "https://raw.githubusercontent.com/antirez/redis/4.0/00-RELEASENOTES", "refsource": "MISC", "url": "https://raw.githubusercontent.com/antirez/redis/4.0/00-RELEASENOTES" }, { "name": "https://raw.githubusercontent.com/antirez/redis/5.0/00-RELEASENOTES", "refsource": "MISC", "url": "https://raw.githubusercontent.com/antirez/redis/5.0/00-RELEASENOTES" }, { "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10193", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10193" } ] } } } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2019-10193", "datePublished": "2019-07-11T18:30:33", "dateReserved": "2019-03-27T00:00:00", "dateUpdated": "2024-08-04T22:17:18.421Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2013-0180
Vulnerability from cvelistv5
Published
2019-11-01 18:25
Modified
2024-08-06 14:18
Severity ?
EPSS score ?
Summary
Insecure temporary file vulnerability in Redis 2.6 related to /tmp/redis.ds.
References
▼ | URL | Tags |
---|---|---|
http://www.openwall.com/lists/oss-security/2013/01/14/7 | mailing-list, x_refsource_MLIST | |
https://bugzilla.redhat.com/show_bug.cgi?id=894659 | x_refsource_MISC |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Redis Labs | Redis |
Version: 2.6 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T14:18:09.403Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "[oss-security] 20130114 Re: CVE Request -- redis: Two insecure temporary file use flaws", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2013/01/14/7" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=894659" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Redis", "vendor": "Redis Labs", "versions": [ { "status": "affected", "version": "2.6" } ] } ], "datePublic": "2013-01-14T00:00:00", "descriptions": [ { "lang": "en", "value": "Insecure temporary file vulnerability in Redis 2.6 related to /tmp/redis.ds." } ], "problemTypes": [ { "descriptions": [ { "description": "Other", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2019-11-01T18:25:30", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "[oss-security] 20130114 Re: CVE Request -- redis: Two insecure temporary file use flaws", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://www.openwall.com/lists/oss-security/2013/01/14/7" }, { "tags": [ "x_refsource_MISC" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=894659" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2013-0180", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Redis", "version": { "version_data": [ { "version_value": "2.6" } ] } } ] }, "vendor_name": "Redis Labs" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Insecure temporary file vulnerability in Redis 2.6 related to /tmp/redis.ds." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Other" } ] } ] }, "references": { "reference_data": [ { "name": "[oss-security] 20130114 Re: CVE Request -- redis: Two insecure temporary file use flaws", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2013/01/14/7" }, { "name": "https://bugzilla.redhat.com/show_bug.cgi?id=894659", "refsource": "MISC", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=894659" } ] } } } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2013-0180", "datePublished": "2019-11-01T18:25:30", "dateReserved": "2012-12-06T00:00:00", "dateUpdated": "2024-08-06T14:18:09.403Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2013-0178
Vulnerability from cvelistv5
Published
2019-11-01 18:25
Modified
2024-08-06 14:18
Severity ?
EPSS score ?
Summary
Insecure temporary file vulnerability in Redis before 2.6 related to /tmp/redis-%p.vm.
References
▼ | URL | Tags |
---|---|---|
https://security-tracker.debian.org/tracker/CVE-2013-0178 | x_refsource_MISC | |
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-0178 | x_refsource_MISC | |
http://www.openwall.com/lists/oss-security/2013/01/14/5 | x_refsource_MISC | |
http://www.openwall.com/lists/oss-security/2013/01/14/7 | x_refsource_MISC | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/81329 | x_refsource_MISC | |
https://github.com/antirez/redis/commit/697af434fbeb2e3ba2ba9687cd283ed1a2734fa5 | x_refsource_MISC |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Redis Labs | Redis |
Version: before 2.6 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T14:18:09.441Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://security-tracker.debian.org/tracker/CVE-2013-0178" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-0178" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2013/01/14/5" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2013/01/14/7" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/81329" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/antirez/redis/commit/697af434fbeb2e3ba2ba9687cd283ed1a2734fa5" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Redis", "vendor": "Redis Labs", "versions": [ { "status": "affected", "version": "before 2.6" } ] } ], "datePublic": "2013-01-14T00:00:00", "descriptions": [ { "lang": "en", "value": "Insecure temporary file vulnerability in Redis before 2.6 related to /tmp/redis-%p.vm." } ], "problemTypes": [ { "descriptions": [ { "description": "Other", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2019-11-01T18:25:27", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://security-tracker.debian.org/tracker/CVE-2013-0178" }, { "tags": [ "x_refsource_MISC" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-0178" }, { "tags": [ "x_refsource_MISC" ], "url": "http://www.openwall.com/lists/oss-security/2013/01/14/5" }, { "tags": [ "x_refsource_MISC" ], "url": "http://www.openwall.com/lists/oss-security/2013/01/14/7" }, { "tags": [ "x_refsource_MISC" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/81329" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/antirez/redis/commit/697af434fbeb2e3ba2ba9687cd283ed1a2734fa5" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2013-0178", "datePublished": "2019-11-01T18:25:27", "dateReserved": "2012-12-06T00:00:00", "dateUpdated": "2024-08-06T14:18:09.441Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2019-10192
Vulnerability from cvelistv5
Published
2019-07-11 18:30
Modified
2024-08-04 22:17
Severity ?
EPSS score ?
Summary
A heap-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x before 3.2.13, 4.x before 4.0.14 and 5.x before 5.0.4. By carefully corrupting a hyperloglog using the SETRANGE command, an attacker could trick Redis interpretation of dense HLL encoding to write up to 3 bytes beyond the end of a heap-allocated buffer.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Redis Labs | redis |
Version: 3.x before 3.2.13 Version: 4.x before 4.0.14 Version: 5.x before 5.0.4 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T22:17:18.947Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "DSA-4480", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "https://www.debian.org/security/2019/dsa-4480" }, { "name": "20190712 [SECURITY] [DSA 4480-1] redis security update", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "https://seclists.org/bugtraq/2019/Jul/19" }, { "name": "USN-4061-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/4061-1/" }, { "name": "109290", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/109290" }, { "name": "RHSA-2019:1819", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2019:1819" }, { "name": "RHSA-2019:1860", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2019:1860" }, { "name": "RHSA-2019:2002", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2019:2002" }, { "name": "GLSA-201908-04", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201908-04" }, { "name": "RHSA-2019:2508", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2019:2508" }, { "name": "RHSA-2019:2506", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2019:2506" }, { "name": "RHSA-2019:2621", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2019:2621" }, { "name": "RHSA-2019:2630", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2019:2630" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpujul2020.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://raw.githubusercontent.com/antirez/redis/3.2/00-RELEASENOTES" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://raw.githubusercontent.com/antirez/redis/4.0/00-RELEASENOTES" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://raw.githubusercontent.com/antirez/redis/5.0/00-RELEASENOTES" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10192" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "redis", "vendor": "Redis Labs", "versions": [ { "status": "affected", "version": "3.x before 3.2.13" }, { "status": "affected", "version": "4.x before 4.0.14" }, { "status": "affected", "version": "5.x before 5.0.4" } ] } ], "descriptions": [ { "lang": "en", "value": "A heap-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x before 3.2.13, 4.x before 4.0.14 and 5.x before 5.0.4. By carefully corrupting a hyperloglog using the SETRANGE command, an attacker could trick Redis interpretation of dense HLL encoding to write up to 3 bytes beyond the end of a heap-allocated buffer." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2020-07-15T02:23:00", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "DSA-4480", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "https://www.debian.org/security/2019/dsa-4480" }, { "name": "20190712 [SECURITY] [DSA 4480-1] redis security update", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "https://seclists.org/bugtraq/2019/Jul/19" }, { "name": "USN-4061-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/4061-1/" }, { "name": "109290", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/109290" }, { "name": "RHSA-2019:1819", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2019:1819" }, { "name": "RHSA-2019:1860", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2019:1860" }, { "name": "RHSA-2019:2002", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2019:2002" }, { "name": "GLSA-201908-04", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201908-04" }, { "name": "RHSA-2019:2508", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2019:2508" }, { "name": "RHSA-2019:2506", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2019:2506" }, { "name": "RHSA-2019:2621", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2019:2621" }, { "name": "RHSA-2019:2630", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2019:2630" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com/security-alerts/cpujul2020.html" }, { "tags": [ "x_refsource_MISC" ], "url": "https://raw.githubusercontent.com/antirez/redis/3.2/00-RELEASENOTES" }, { "tags": [ "x_refsource_MISC" ], "url": "https://raw.githubusercontent.com/antirez/redis/4.0/00-RELEASENOTES" }, { "tags": [ "x_refsource_MISC" ], "url": "https://raw.githubusercontent.com/antirez/redis/5.0/00-RELEASENOTES" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10192" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2019-10192", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "redis", "version": { "version_data": [ { "version_value": "3.x before 3.2.13" }, { "version_value": "4.x before 4.0.14" }, { "version_value": "5.x before 5.0.4" } ] } } ] }, "vendor_name": "Redis Labs" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A heap-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x before 3.2.13, 4.x before 4.0.14 and 5.x before 5.0.4. By carefully corrupting a hyperloglog using the SETRANGE command, an attacker could trick Redis interpretation of dense HLL encoding to write up to 3 bytes beyond the end of a heap-allocated buffer." } ] }, "impact": { "cvss": [ [ { "vectorString": "7.2/CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } ] ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-122" } ] } ] }, "references": { "reference_data": [ { "name": "DSA-4480", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2019/dsa-4480" }, { "name": "20190712 [SECURITY] [DSA 4480-1] redis security update", "refsource": "BUGTRAQ", "url": "https://seclists.org/bugtraq/2019/Jul/19" }, { "name": "USN-4061-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/4061-1/" }, { "name": "109290", "refsource": "BID", "url": "http://www.securityfocus.com/bid/109290" }, { "name": "RHSA-2019:1819", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:1819" }, { "name": "RHSA-2019:1860", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:1860" }, { "name": "RHSA-2019:2002", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:2002" }, { "name": "GLSA-201908-04", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201908-04" }, { "name": "RHSA-2019:2508", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:2508" }, { "name": "RHSA-2019:2506", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:2506" }, { "name": "RHSA-2019:2621", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:2621" }, { "name": "RHSA-2019:2630", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:2630" }, { "name": "https://www.oracle.com/security-alerts/cpujul2020.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpujul2020.html" }, { "name": "https://raw.githubusercontent.com/antirez/redis/3.2/00-RELEASENOTES", "refsource": "MISC", "url": "https://raw.githubusercontent.com/antirez/redis/3.2/00-RELEASENOTES" }, { "name": "https://raw.githubusercontent.com/antirez/redis/4.0/00-RELEASENOTES", "refsource": "MISC", "url": "https://raw.githubusercontent.com/antirez/redis/4.0/00-RELEASENOTES" }, { "name": "https://raw.githubusercontent.com/antirez/redis/5.0/00-RELEASENOTES", "refsource": "MISC", "url": "https://raw.githubusercontent.com/antirez/redis/5.0/00-RELEASENOTES" }, { "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10192", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10192" } ] } } } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2019-10192", "datePublished": "2019-07-11T18:30:33", "dateReserved": "2019-03-27T00:00:00", "dateUpdated": "2024-08-04T22:17:18.947Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }