diff options
author | Yasuhiro Kimura <yasu@FreeBSD.org> | 2023-07-10 15:51:17 +0000 |
---|---|---|
committer | Yasuhiro Kimura <yasu@FreeBSD.org> | 2023-07-10 16:32:19 +0000 |
commit | 1d28f4000a9537b41ec9915e20b1efc4a6468176 (patch) | |
tree | bafc15f712618088dc426986889308fc3396f4b5 | |
parent | bba460c16ff290d3ee975c9b4b14a7a75acbfc42 (diff) | |
download | ports-1d28f4000a9537b41ec9915e20b1efc4a6468176.tar.gz ports-1d28f4000a9537b41ec9915e20b1efc4a6468176.zip |
security/vuxml: Document multiple vulnerabilities in redis
-rw-r--r-- | security/vuxml/vuln/2023.xml | 80 |
1 files changed, 80 insertions, 0 deletions
diff --git a/security/vuxml/vuln/2023.xml b/security/vuxml/vuln/2023.xml index ca093c3ca668..c4535b40ca36 100644 --- a/security/vuxml/vuln/2023.xml +++ b/security/vuxml/vuln/2023.xml @@ -1,3 +1,83 @@ + <vuln vid="6fae2d6c-1f38-11ee-a475-080027f5fec9"> + <topic>redis -- heap overflow in COMMAND GETKEYS and ACL evaluation</topic> + <affects> + <package> + <name>redis</name> + <range><lt>7.0.12</lt></range> + </package> + <package> + <name>redis-devel</name> + <range><lt>7.0.12.20230710</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>Redis core team reports:</p> + <blockquote cite="https://groups.google.com/g/redis-db/c/JDjKS0GubsQ"> + <p> + Extracting key names from a command and a list of + arguments may, in some cases, trigger a heap overflow and + result in reading random heap memory, heap corruption and + potentially remote code execution. Specifically: using + COMMAND GETKEYS* and validation of key names in ACL rules. + </p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2023-36824</cvename> + <url>https://groups.google.com/g/redis-db/c/JDjKS0GubsQ</url> + <url>https://github.com/redis/redis/security/advisories/GHSA-4cfx-h9gq-xpx3</url> + </references> + <dates> + <discovery>2023-07-10</discovery> + <entry>2023-07-10</entry> + </dates> + </vuln> + + <vuln vid="0e254b4a-1f37-11ee-a475-080027f5fec9"> + <topic>redis -- Heap overflow in the cjson and cmsgpack libraries</topic> + <affects> + <package> + <name>redis</name> + <range><lt>7.0.12</lt></range> + </package> + <package> + <name>redis-devel</name> + <range><lt>7.0.12.20230710</lt></range> + </package> + <package> + <name>redis62</name> + <range><lt>6.2.13</lt></range> + </package> + <package> + <name>redis60</name> + <range><lt>6.0.20</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>Redis core team reports:</p> + <blockquote cite="https://groups.google.com/g/redis-db/c/JDjKS0GubsQ"> + <p> + A specially crafted Lua script executing in Redis can + trigger a heap overflow in the cjson and cmsgpack + libraries, and result in heap corruption and potentially + remote code execution. + </p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2022-24834</cvename> + <url>https://groups.google.com/g/redis-db/c/JDjKS0GubsQ</url> + </references> + <dates> + <discovery>2023-07-10</discovery> + <entry>2023-07-10</entry> + </dates> + </vuln> + <vuln vid="8ea24413-1b15-11ee-9331-570525adb7f1"> <topic>gitea -- avoid open HTTP redirects</topic> <affects> |