redis (SUSE:Linux Enterprise Real Time 15 SP3) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Real Time 15 SP3 package redis, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (5)
CVE-2022-24834 — CVSS 7.0 (high): Redis is an in-memory database that persists on disk. A specially crafted Lua script executing in Redis can trigger a heap overflow in the…
CVE-2022-35977 — CVSS 5.5 (medium): Redis is an in-memory database that persists on disk. Authenticated users issuing specially crafted `SETRANGE` and `SORT(_RO)` commands can…
CVE-2022-36021 — CVSS 5.5 (medium): Redis is an in-memory database that persists on disk. Authenticated users can use string matching commands (like `SCAN` or `KEYS`) with a…
CVE-2023-25155 — CVSS 5.5 (medium): Redis is an in-memory database that persists on disk. Authenticated users issuing specially crafted `SRANDMEMBER`, `ZRANDMEMBER`, and…
CVE-2023-28856 — CVSS 5.5 (medium): Redis is an open source, in-memory database that persists on disk. Authenticated users can use the `HINCRBYFLOAT` command to create an…