FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

redis,valkey -- Multiple vulnerabilities

Affected packages
7.4.0 <= redis < 7.4.1
7.2.0 <= redis < 7.2.6
7.2.0 <= redis72 < 7.2.6
6.2.0 <= redis62 < 6.2.16
8,0,0 <= valkey < 8.0.1
7.2.0 <= valkey < 7.2.7

Details

VuXML ID 8b20f21a-8113-11ef-b988-08002784c58d
Discovery 2024-10-02
Entry 2024-10-02

Redis core team reports:

CVE-2024-31449
Lua library commands may lead to stack overflow and potential RCE.
CVE-2024-31227
Potential Denial-of-service due to malformed ACL selectors.
CVE-2024-31228
Potential Denial-of-service due to unbounded pattern matching.
[source]

References

CVE Name CVE-2024-31227
CVE Name CVE-2024-31228
CVE Name CVE-2024-31449
URL https://github.com/redis/redis/releases/tag/7.4.1

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.