FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

nothing found there

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
cc42db1c-c65f-11ec-ad96-0800270512f4redis -- Multiple vulnerabilities

Aviv Yahav reports:

CVE-2022-24735
By exploiting weaknesses in the Lua script execution environment, an attacker with access to Redis can inject Lua code that will execute with the (potentially higher) privileges of another Redis user.
CVE-2022-24736
An attacker attempting to load a specially crafted Lua script can cause NULL pointer dereference which will result with a crash of the redis-server process.

Discovery 2022-04-27
Entry 2022-04-27
redis
lt 6.2.7

redis-devel
lt 7.0.0.20220428

redis62
lt 6.2.7

CVE-2022-24735
CVE-2022-24736
https://groups.google.com/g/redis-db/c/7iWUlwtoDqU