Redis 7.0

Redis Lua Use-After-Free may lead to remote code execution

Redis vulnerable to integer overflow in certain payloads

redis-server RESTORE invalid memory access may allow remote code execution

Redis DoS Vulnerability due to bad connection error handling

Redis DoS Vulnerability due to unlimited growth of output buffers abused by unauthenticated client

redis: contain a segmentation violation in redisraft.c

redis: memory leak via streamGetEdgeID

Heap overflow in COMMAND GETKEYS and ACL evaluation in Redis

Redis allows out of bounds writes in hyperloglog commands leading to RCE

Lua library commands may lead to integer overflow and potential RCE

Potential heap overflow in Redis

Redis subject to Integer Overflow leading to Remote Code Execution via Heap Overflow

Heap overflow issue with the Lua cjson library used by Redis

Redis is vulnerable to DoS via specially crafted LUA scripts

Redis: Authenticated users can execute LUA scripts as a different user

redis: an assertion failure in a primary server by sending a non-administrative command

Denial-of-service due to unbounded pattern matching in Redis

Integer overflow in multiple Redis commands can lead to denial-of-service

Integer Overflow in several Redis commands can lead to denial of service.

Specially crafted MSETNX command can lead to denial-of-service

`HINCRBYFLOAT` can be used to crash a redis-server process

Integer overflow in certain command arguments can drive Redis to OOM panic

Redis string pattern matching can be abused to achieve Denial of Service

redis-check-aof may lead to stack overflow and potential RCE

Denial-of-service due to malformed ACL selectors in Redis

Lua scripts can be manipulated to overcome ACL rules in Redis

Redis Unix-domain socket may have be exposed with the wrong permissions for a short time window.

A Malformed Lua script can crash Redis

Redis SORT_RO may bypass ACL configuration

Redis Crash Report debug.c sigsegvHandler denial of service