Filtered by vendor Redislabs
Subscriptions
Filtered by product Redis
Subscriptions
Total
22 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2016-10517 | 1 Redislabs | 1 Redis | 2018-08-08 | N/A |
networking.c in Redis before 3.2.7 allows "Cross Protocol Scripting" because it lacks a check for POST and Host: strings, which are not valid in the Redis protocol (but commonly occur when an attack triggers an HTTP request to the Redis TCP port). | ||||
CVE-2013-7458 | 2 Debian, Redislabs | 2 Debian Linux, Redis | 2018-08-08 | N/A |
linenoise, as used in Redis before 3.2.3, uses world-readable permissions for .rediscli_history, which allows local users to obtain sensitive information by reading the file. |