Search CVE reports
1 result
Some fixes available 7 of 14
Redis is an in-memory database that persists on disk. A specially crafted Lua script executing in Redis can trigger a heap overflow in the cjson library, and result with heap corruption and potentially remote code execution. The...
3 affected packages
redis, lua-cjson, lua-cmsgpack
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| redis | Not affected | Fixed | Fixed | Fixed |
| lua-cjson | Vulnerable | Fixed | Fixed | Vulnerable |
| lua-cmsgpack | Not in release | Not in release | — | — |