Attachment #228449 for bug #258935

View | Details | Raw Unified | Return to bug 258935
Collapse All | Expand All




  <vuln vid="9b4806c1-257f-11ec-9db5-0800270512f4">
    <topic>redis -- multiple vulnerabilities</topic>
    <affects>
      <package>
	<name>redis</name>
	<range><lt>6.2.6</lt></range>
      </package>
      <package>
	<name>redis6</name>
	<range><lt>6.0.16</lt></range>
      </package>
      <package>
	<name>redis5</name>
	<range><lt>5.0.14</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
	<p>The Redis Team reports:</p>
	<blockquote cite="https://groups.google.com/g/redis-db/c/GS_9L2KCk9g/m/Q7ZN1R1cDAAJ">
	  <dl>
	    <dt>CVE-2021-41099</dt>
	    <dd>
	      Integer to heap buffer overflow handling certain string commands
	      and network payloads, when proto-max-bulk-len is manually configured.
	    </dd>
	    <dt>CVE-2021-32762</dt>
	    <dd>
	      Integer to heap buffer overflow issue in redis-cli and redis-sentinel
	      parsing large multi-bulk replies on some older and less common platforms.
	    </dd>
	    <dt>CVE-2021-32687</dt>
	    <dd>
	      Integer to heap buffer overflow with intsets, when set-max-intset-entries
	      is manually configured to a non-default, very large value.
	    </dd>
	    <dt>CVE-2021-32675</dt>
	    <dd>
	      Denial Of Service when processing RESP request payloads with a large
	      number of elements on many connections.
	    </dd>
	    <dt>CVE-2021-32672</dt>
	    <dd>
	      Random heap reading issue with Lua Debugger.
	    </dd>
	    <dt>CVE-2021-32628</dt>
	    <dd>
	      Integer to heap buffer overflow handling ziplist-encoded data types,
	      when configuring a large, non-default value for hash-max-ziplist-entries,
	      hash-max-ziplist-value, zset-max-ziplist-entries or zset-max-ziplist-value.
	    </dd>
	    <dt>CVE-2021-32627</dt>
	    <dd>
	      Integer to heap buffer overflow issue with streams, when configuring
	      a non-default, large value for proto-max-bulk-len and
	      client-query-buffer-limit.
	    </dd>
	    <dt>CVE-2021-32626</dt>
	    <dd>
	      Specially crafted Lua scripts may result with Heap buffer overflow.
	    </dd>
	  </dl>
	</blockquote>
      </body>
    </description>
    <references>
      <cvename>CVE-2021-41099</cvename>
      <cvename>CVE-2021-32762</cvename>
      <cvename>CVE-2021-32687</cvename>
      <cvename>CVE-2021-32675</cvename>
      <cvename>CVE-2021-32672</cvename>
      <cvename>CVE-2021-32628</cvename>
      <cvename>CVE-2021-32627</cvename>
      <cvename>CVE-2021-32626</cvename>
      <url>https://groups.google.com/g/redis-db/c/GS_9L2KCk9g</url>
    </references>
    <dates>
      <discovery>2021-10-04</discovery>
      <entry>2021-10-05</entry>
    </dates>
  </vuln>

  <vuln vid="f84ab297-2285-11ec-9e79-08002789875b">
    <topic>mediawiki -- multiple vulnerabilities</topic>
    <affects>
- 

Return to bug 258935

Lines 1-3 Link Here

(-)b/security/vuxml/vuln-2021.xml (-1 / +82 lines)
		1	<vuln vid="9b4806c1-257f-11ec-9db5-0800270512f4">
		2	<topic>redis -- multiple vulnerabilities</topic>
		3	<affects>
		4	<package>
		5	<name>redis</name>
		6	<range><lt>6.2.6</lt></range>
		7	</package>
		8	<package>
		9	<name>redis6</name>
		10	<range><lt>6.0.16</lt></range>
		11	</package>
		12	<package>
		13	<name>redis5</name>
		14	<range><lt>5.0.14</lt></range>
		15	</package>
		16	</affects>
		17	<description>
		18	<body xmlns="http://www.w3.org/1999/xhtml">
		19	<p>The Redis Team reports:</p>
		20	<blockquote cite="https://groups.google.com/g/redis-db/c/GS_9L2KCk9g/m/Q7ZN1R1cDAAJ">
		21	<dl>
		22	<dt>CVE-2021-41099</dt>
		23	<dd>
		24	Integer to heap buffer overflow handling certain string commands
		25	and network payloads, when proto-max-bulk-len is manually configured.
		26	</dd>
		27	<dt>CVE-2021-32762</dt>
		28	<dd>
		29	Integer to heap buffer overflow issue in redis-cli and redis-sentinel
		30	parsing large multi-bulk replies on some older and less common platforms.
		31	</dd>
		32	<dt>CVE-2021-32687</dt>
		33	<dd>
		34	Integer to heap buffer overflow with intsets, when set-max-intset-entries
		35	is manually configured to a non-default, very large value.
		36	</dd>
		37	<dt>CVE-2021-32675</dt>
		38	<dd>
		39	Denial Of Service when processing RESP request payloads with a large
		40	number of elements on many connections.
		41	</dd>
		42	<dt>CVE-2021-32672</dt>
		43	<dd>
		44	Random heap reading issue with Lua Debugger.
		45	</dd>
		46	<dt>CVE-2021-32628</dt>
		47	<dd>
		48	Integer to heap buffer overflow handling ziplist-encoded data types,
		49	when configuring a large, non-default value for hash-max-ziplist-entries,
		50	hash-max-ziplist-value, zset-max-ziplist-entries or zset-max-ziplist-value.
		51	</dd>
		52	<dt>CVE-2021-32627</dt>
		53	<dd>
		54	Integer to heap buffer overflow issue with streams, when configuring
		55	a non-default, large value for proto-max-bulk-len and
		56	client-query-buffer-limit.
		57	</dd>
		58	<dt>CVE-2021-32626</dt>
		59	<dd>
		60	Specially crafted Lua scripts may result with Heap buffer overflow.
		61	</dd>
		62	</dl>
		63	</blockquote>
		64	</body>
65	</description>
66	<references>
67	<cvename>CVE-2021-41099</cvename>
68	<cvename>CVE-2021-32762</cvename>
69	<cvename>CVE-2021-32687</cvename>
70	<cvename>CVE-2021-32675</cvename>
71	<cvename>CVE-2021-32672</cvename>
72	<cvename>CVE-2021-32628</cvename>
73	<cvename>CVE-2021-32627</cvename>
74	<cvename>CVE-2021-32626</cvename>
75	<url>https://groups.google.com/g/redis-db/c/GS_9L2KCk9g</url>
76	</references>
77	<dates>
78	<discovery>2021-10-04</discovery>
79	<entry>2021-10-05</entry>
80	</dates>
81	</vuln>
82
1	<vuln vid="f84ab297-2285-11ec-9e79-08002789875b">	83	<vuln vid="f84ab297-2285-11ec-9e79-08002789875b">
2	<topic>mediawiki -- multiple vulnerabilities</topic>	84	<topic>mediawiki -- multiple vulnerabilities</topic>
3	<affects>	85	<affects>
4	-