CVE-2018-11218

Published: Jun 17, 2018

Modified: Aug 5, 2024

PUBLISHED

Description

Memory Corruption was discovered in the cmsgpack library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2 because of stack-based buffer overflows.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

104553

vdb-entry

x_refsource_BID

https://github.com/antirez/redis/issues/5017

x_refsource_MISC

DSA-4230

vendor-advisory

x_refsource_DEBIAN

RHSA-2019:0052

vendor-advisory

x_refsource_REDHAT

https://github.com/antirez/redis/commit/5ccb6f7a791bf3490357b00a898885759d98bab0

x_refsource_MISC

http://antirez.com/news/119

x_refsource_MISC

https://github.com/antirez/redis/commit/52a00201fca331217c3b4b8b634f6a0f57d6b7d3

x_refsource_MISC

RHSA-2019:0094

vendor-advisory

x_refsource_REDHAT

https://raw.githubusercontent.com/antirez/redis/4.0/00-RELEASENOTES

x_refsource_MISC

https://raw.githubusercontent.com/antirez/redis/5.0/00-RELEASENOTES

x_refsource_MISC

https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html

x_refsource_MISC

RHSA-2019:1860

vendor-advisory

x_refsource_REDHAT

GLSA-201908-04

vendor-advisory

x_refsource_GENTOO

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2018-11218

Description

Affected Products

References