Redis 6.2

Redis Lua Use-After-Free may lead to remote code execution

redis-server RESTORE invalid memory access may allow remote code execution

Redis DoS Vulnerability due to bad connection error handling

Redis DoS Vulnerability due to unlimited growth of output buffers abused by unauthenticated client

Integer overflow issue with Streams in Redis

Vulnerability in handling large ziplists

Lua scripts can overflow the heap-based Lua stack in Redis

Integer overflow issue with intsets in Redis

DoS vulnerability in Redis

Integer overflow that can lead to heap overflow in redis-cli, redis-sentinel on some platforms

Integer overflow issue with strings in Redis

Redis allows out of bounds writes in hyperloglog commands leading to RCE

Lua library commands may lead to integer overflow and potential RCE

Redis' Lua library commands may lead to remote code execution

Lua library commands may lead to stack overflow and RCE in Redis

Heap overflow issue with the Lua cjson library used by Redis

Redis is vulnerable to DoS via specially crafted LUA scripts

Redis: Authenticated users can execute LUA scripts as a different user

redis: an assertion failure in a primary server by sending a non-administrative command

Denial-of-service due to unbounded pattern matching in Redis

Integer overflow in multiple Redis commands can lead to denial-of-service

Integer Overflow in several Redis commands can lead to denial of service.

`HINCRBYFLOAT` can be used to crash a redis-server process

Integer overflow in certain command arguments can drive Redis to OOM panic

Redis string pattern matching can be abused to achieve Denial of Service

Vulnerability in Lua Debugger in Redis

Lua scripts can be manipulated to overcome ACL rules in Redis

Redis Unix-domain socket may have be exposed with the wrong permissions for a short time window.

A Malformed Lua script can crash Redis

Redis Crash Report debug.c sigsegvHandler denial of service