FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2025-01-20 13:42:49 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
8b20f21a-8113-11ef-b988-08002784c58dredis,valkey -- Multiple vulnerabilities

Redis core team reports:

CVE-2024-31449
Lua library commands may lead to stack overflow and potential RCE.
CVE-2024-31227
Potential Denial-of-service due to malformed ACL selectors.
CVE-2024-31228
Potential Denial-of-service due to unbounded pattern matching.

Discovery 2024-10-02
Entry 2024-10-02
redis
>= 7.4.0 lt 7.4.1

>= 7.2.0 lt 7.2.6

redis72
>= 7.2.0 lt 7.2.6

redis62
>= 6.2.0 lt 6.2.16

valkey
>= 8,0,0 lt 8.0.1

>= 7.2.0 lt 7.2.7

CVE-2024-31449
CVE-2024-31227
CVE-2024-31228
https://github.com/redis/redis/releases/tag/7.4.1
5f19ac58-cc90-11ef-abed-08002784c58dredis,valkey -- Remote code execution valnerability

Redis core team reports:

An authenticated user may use a specially crafted Lua script to manipulate the garbage collector and potentially lead to remote code execution. The problem exists in all versions of Redis with Lua scripting.


Discovery 2025-01-06
Entry 2025-01-10
redis
< 7.4.2

redis72
< 7.2.7

redis62
< 6.2.17

valkey
< 8.0.2

CVE-2024-46981
https://github.com/redis/redis/security/advisories/GHSA-39h2-x6c4-6w4c