cvelistv5 - cve-2016-8339

CVE-2016-8339 (GCVE-0-2016-8339)

Vulnerability from cvelistv5 – Published: 2016-10-28 14:00 – Updated: 2024-08-06 02:20

Summary

A buffer overflow in Redis 3.2.x prior to 3.2.4 causes arbitrary code execution when a crafted command is sent. An out of bounds write vulnerability exists in the handling of the client-output-buffer-limit option during the CONFIG SET command for the Redis data structure store. A crafted CONFIG SET command can lead to an out of bounds write potentially resulting in code execution.

Severity ?

6.6 (Medium)


                        
                          CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

CWE

Arbitrary Code Execution

Assigner

talos

References

URL

	Vendor	Product	Version
	Redis	Redis	Affected: 3.2.x prior to 3.2.4

FKIE_CVE-2016-8339

Vulnerability from fkie_nvd - Published: 2016-10-28 14:59 - Updated: 2025-04-12 10:46

Severity ?

9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
talos-cna@cisco.com	http://www.securityfocus.com/bid/93283	Third Party Advisory, VDB Entry
talos-cna@cisco.com	http://www.talosintelligence.com/reports/TALOS-2016-0206/	Exploit, Third Party Advisory
talos-cna@cisco.com	https://github.com/antirez/redis/commit/6d9f8e2462fc2c426d48c941edeb78e5df7d2977	Patch, Third Party Advisory
talos-cna@cisco.com	https://security.gentoo.org/glsa/201702-16	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/93283	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.talosintelligence.com/reports/TALOS-2016-0206/	Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/antirez/redis/commit/6d9f8e2462fc2c426d48c941edeb78e5df7d2977	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://security.gentoo.org/glsa/201702-16	Third Party Advisory

Impacted products

Vendor	Product	Version
redislabs	redis	3.2.0
redislabs	redis	3.2.1
redislabs	redis	3.2.2
redislabs	redis	3.2.3

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:redislabs:redis:3.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "54063636-8CE2-408B-BF17-6E68977D4028",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redislabs:redis:3.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F4E0B88-C020-47C0-9420-E508B9D196B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redislabs:redis:3.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC52A6CD-A02A-4153-A353-8BA8AD36EDD1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redislabs:redis:3.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "227C8FB9-639D-46BD-9484-24F40B3339C1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A buffer overflow in Redis 3.2.x prior to 3.2.4 causes arbitrary code execution when a crafted command is sent. An out of bounds write vulnerability exists in the handling of the client-output-buffer-limit option during the CONFIG SET command for the Redis data structure store. A crafted CONFIG SET command can lead to an out of bounds write potentially resulting in code execution."
    },
    {
      "lang": "es",
      "value": "Un desbordamiento de b\u00fafer en Redis 3.2.x antes de 3.2.4 provoca ejecuci\u00f3n de c\u00f3digo arbitrario cuando un comando manipulado es enviado. Una vulnerabilidad de escritura fuera de l\u00edmites existe en el manejo de la opci\u00f3n client-output-buffer-limit durante el comando CONFIG SET para la estructura de almac\u00e9n de datos Redis. Un comando CONFIG SET manipulado puede llevar a una escritura fuera de l\u00edmites resultando potencialmente en ejecuci\u00f3n de c\u00f3digo."
    }
  ],
  "id": "CVE-2016-8339",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 6.6,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 0.7,
        "impactScore": 5.9,
        "source": "talos-cna@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2016-10-28T14:59:01.603",
  "references": [
    {
      "source": "talos-cna@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/93283"
    },
    {
      "source": "talos-cna@cisco.com",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "http://www.talosintelligence.com/reports/TALOS-2016-0206/"
    },
    {
      "source": "talos-cna@cisco.com",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/antirez/redis/commit/6d9f8e2462fc2c426d48c941edeb78e5df7d2977"
    },
    {
      "source": "talos-cna@cisco.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.gentoo.org/glsa/201702-16"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/93283"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "http://www.talosintelligence.com/reports/TALOS-2016-0206/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/antirez/redis/commit/6d9f8e2462fc2c426d48c941edeb78e5df7d2977"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.gentoo.org/glsa/201702-16"
    }
  ],
  "sourceIdentifier": "talos-cna@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CNVD-2016-09591

Vulnerability from cnvd - Published: 2016-10-20

Title

Redis越界远程代码执行漏洞

Description

Redis是一套开源的使用ANSI C编写、支持网络、可基于内存亦可持久化的日志型、键值存储数据库，并提供多种语言的API。 Redis中存在远程代码执行漏洞，攻击者可以利用该漏洞在受影响的程序上下文中执行任意代码。

Severity

高

Formal description

目前厂商尚未有解决方案，详情请关注厂商主页或有关网址： http://www.talosintelligence.com/reports/TALOS-2016-0206/

Reference

http://www.securityfocus.com/bid/93283

Impacted products

Name
Redis Redis

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "93283"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2016-8339"
    }
  },
  "description": "Redis\u662f\u4e00\u5957\u5f00\u6e90\u7684\u4f7f\u7528ANSI C\u7f16\u5199\u3001\u652f\u6301\u7f51\u7edc\u3001\u53ef\u57fa\u4e8e\u5185\u5b58\u4ea6\u53ef\u6301\u4e45\u5316\u7684\u65e5\u5fd7\u578b\u3001\u952e\u503c\u5b58\u50a8\u6570\u636e\u5e93\uff0c\u5e76\u63d0\u4f9b\u591a\u79cd\u8bed\u8a00\u7684API\u3002 \r\n\r\nRedis\u4e2d\u5b58\u5728\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u4ee5\u5229\u7528\u8be5\u6f0f\u6d1e\u5728\u53d7\u5f71\u54cd\u7684\u7a0b\u5e8f\u4e0a\u4e0b\u6587\u4e2d\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002",
  "discovererName": "Cory Duplantis of Cisco Talos.",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5c1a\u672a\u6709\u89e3\u51b3\u65b9\u6848\uff0c\u8be6\u60c5\u8bf7\u5173\u6ce8\u5382\u5546\u4e3b\u9875\u6216\u6709\u5173\u7f51\u5740\uff1a\r\nhttp://www.talosintelligence.com/reports/TALOS-2016-0206/",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2016-09591",
  "openTime": "2016-10-20",
  "products": {
    "product": "Redis Redis"
  },
  "referenceLink": "http://www.securityfocus.com/bid/93283",
  "serverity": "\u9ad8",
  "submitTime": "2016-10-13",
  "title": "Redis\u8d8a\u754c\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e"
}

SUSE-OU-2020:3291-1

Vulnerability from csaf_suse - Published: 2020-11-11 11:26 - Updated: 2020-11-11 11:26

Summary

Optional update for python-redis and redis

Notes

Title of the patch

Optional update for python-redis and redis

Description of the patch

This optional update for python-redis and redis provides the following fixes python-redis: - Update to version to 3.4.1 (jsc#ECO-2417) * Move the username argument in the Redis and Connection classes to the end of the argument list. This helps those poor souls that specify all their connection options as non-keyword arguments. * Prior to ACL support, redis-py ignored the username component of Connection URLs. With ACL support, usernames are no longer ignored and are used to authenticate against an ACL rule. Some cloud vendors with managed Redis instances (like Heroku) provide connection URLs with a username component pre-ACL that is not intended to be used. Sending that username to Redis servers < 6.0.0 results in an error. Attempt to detect this condition and retry the AUTH command with only the password such that authentication continues to work for these users. * Removed the __eq__ hooks to Redis and ConnectionPool that were added in 3.4.0. This ended up being a bad idea as two separate connection pools be considered equal yet manage a completely separate set of connections. * Allow empty pipelines to be executed if there are WATCHed keys. This is a convenient way to test if any of the watched keys changed without actually running any other commands. * Removed support for end of life Python 3.4. * Added support for all ACL commands in Redis 6. * Pipeline instances now always evaluate to True. Prior to this change, pipeline instances relied on __len__ for boolean evaluation which meant that pipelines with no commands on the stack would be considered False. * Client instances and Connection pools now support a 'client_name' argument. If supplied, all connections created will call CLIENT SETNAME as soon as the connection is opened. * Added the 'ssl_check_hostname' argument to specify whether SSL connections should require the server hostname to match the hostname specified in the SSL cert. By default 'ssl_check_hostname' is False for backwards compatibility. * Added support for the TYPE argument to SCAN. * Better thread and fork safety in ConnectionPool and BlockingConnectionPool. Added better locking to synchronize critical sections rather than relying on CPython-specific implementation details relating to atomic operations. Adjusted how the pools identify and deal with a fork. Added a ChildDeadlockedError exception that is raised by child processes in the very unlikely chance that a deadlock is encountered. * Further fix for the SSLError -> TimeoutError mapping to work on obscure releases of Python 2.7. * Fixed a potential error handling bug for the SSLError -> TimeoutError mapping introduced in 3.3.9. * Mapped Python 2.7 SSLError to TimeoutError where appropriate. Timeouts should now consistently raise TimeoutErrors on Python 2.7 for both unsecured and secured connections. * Fixed MONITOR parsing to properly parse IPv6 client addresses * Fixed a regression introduced in 3.3.0 * Resolve a race condition with the PubSubWorkerThread. * Response callbacks are now case insensitive. * Added support for hiredis-py 1.0.0 encoding error support. * Add READONLY and READWRITE commands. * Added extensive health checks that keep the connections lively. * Many more changes, see upstream changelog. * Add missing build dependency setuptools * Fix SentinelConnectionPool to work in multiprocess/forked environments - Update to 3.2.0 (bsc#1131555) * Added support for `select.poll` to test whether data can be read on a socket. This should allow for significantly more connections to be used with pubsub. * Attempt to guarentee that the ConnectionPool hands out healthy connections. Healthy connections are those that have an established socket connection to the Redis server, are ready to accept a command and have no data available to read. * Use the socket.IPPROTO_TCP constant instead of socket.SOL_TCP. IPPROTO_TCP is available on more interpreters (Jython for instance). * Fixed a regression introduced in 3.0 that mishandles exceptions not derived from the base Exception class. KeyboardInterrupt and gevent.timeout notable. * Significant improvements to handing connections with forked processes. Parent and child processes no longer trample on each others' connections. * PythonParser no longer closes the associated connection's socket. The connection itself will close the socket. * Connection URLs must have one of the following schemes: redis://, rediss://, unix://. * Fixed an issue with retry_on_timeout logic that caused some TimeoutErrors to be retried. * Added support for SNI for SSL. * Fixed ConnectionPool repr for pools with no connections. * Fixed GEOHASH to return a None value when specifying a place that doesn't exist on the server. * Fixed XREADGROUP to return an empty dictionary for messages that have been deleted but still exist in the unacknowledged queue. * Added an owned method to Lock objects. owned returns a boolean indicating whether the current lock instance still owns the lock. * Allow lock.acquire() to accept an optional token argument. If provided, the token argument is used as the unique value used to claim the lock. * Added a reacquire method to Lock objects. reaquire attempts to renew the lock such that the timeout is extended to the same value that the lock was initially acquired with. * Stream names found within XREAD and XREADGROUP responses now properly respect the decode_responses flag. * XPENDING_RANGE now requires the user the specify the min, max and count arguments. Newer versions of Redis prevent count from being infinite so it's left to the user to specify these values explicitly. * ZADD now returns None when xx=True and incr=True and an element is specified that doesn't exist in the sorted set. This matches what the server returns in this case. * Added client_kill_filter that accepts various filters to identify and kill clients. * Fixed a race condition that occurred when unsubscribing and resubscribing to the same channel or pattern in rapid succession. * Added a LockNotOwnedError that is raised when trying to extend or release a lock that is no longer owned. This is a subclass of LockError so previous code should continue to work as expected. * Fixed a bug in GEORADIUS that forced decoding of places without respecting the decode_responses option. * add recommendation for python-hiredis * Fixed regression with UnixDomainSocketConnection caused by 3.0.0. * Fixed an issue with the new asynchronous flag on flushdb and flushall. * Updated Lock.locked() method to indicate whether *any* process has acquired the lock, not just the current one. This is in line with the behavior of threading.Lock. - Update to version 3.0.0: BACKWARDS INCOMPATIBLE CHANGES * When using a Lock as a context manager and the lock fails to be acquired a LockError is now raised. This prevents the code block inside the context manager from being executed if the lock could not be acquired. * Renamed LuaLock to Lock. * Removed the pipeline based Lock implementation in favor of the LuaLock implementation. * Only bytes, strings and numbers (ints, longs and floats) are acceptable for keys and values. Previously redis-py attempted to cast other types to str() and store the result. This caused must confusion and frustration when passing boolean values (cast to 'True' and 'False') or None values (cast to 'None'). It is now the user's responsibility to cast all key names and values to bytes, strings or numbers before passing the value to redis-py. * The StrictRedis class has been renamed to Redis. StrictRedis will continue to exist as an alias of Redis for the forseeable future. * The legacy Redis client class has been removed. It caused much confusion to users. * ZINCRBY arguments 'value' and 'amount' have swapped order to match the the Redis server. The new argument order is: keyname, amount, value. * MGET no longer raises an error if zero keys are passed in. Instead an empty list is returned. * MSET and MSETNX now require all keys/values to be specified in a single dictionary argument named mapping. This was changed to allow for future options to these commands in the future. * ZADD now requires all element names/scores be specified in a single dictionary argument named mapping. This was required to allow the NX, XX, CH and INCR options to be specified. OTHER CHANGES * Added missing DECRBY command. * CLUSTER INFO and CLUSTER NODES respones are now properly decoded to strings. * Added a 'locked()' method to Lock objects. This method returns True if the lock has been acquired and owned by the current process, otherwise False. * EXISTS now supports multiple keys. It's return value is now the number of keys in the list that exist. * Ensure all commands can accept key names as bytes. This fixes issues with BLPOP, BRPOP and SORT. * All errors resulting from bad user input are raised as DataError exceptions. DataError is a subclass of RedisError so this should be transparent to anyone previously catching these. * Added support for NX, XX, CH and INCR options to ZADD * Added support for the MIGRATE command * Added support for the MEMORY USAGE and MEMORY PURGE commands. * Added support for the 'asynchronous' argument to FLUSHDB and FLUSHALL commands. * Added support for the BITFIELD command. * Improved performance on pipeline requests with large chunks of data. * Fixed test suite to not fail if another client is connected to the server the tests are running against. * Added support for SWAPDB. * Added support for all STREAM commands. * SHUTDOWN now accepts the 'save' and 'nosave' arguments. * Added support for ZPOPMAX, ZPOPMIN, BZPOPMAX, BZPOPMIN. * Added support for the 'type' argument in CLIENT LIST. * Added support for CLIENT PAUSE. * Added support for CLIENT ID and CLIENT UNBLOCK. * GEODIST now returns a None value when referencing a place that does not exist. * Added a ping() method to pubsub objects. * Fixed a bug with keys in the INFO dict that contained ':' symbols. * ssl_cert_reqs now has a default value of 'required' by default. This should make connecting to a remote Redis server over SSL more secure. * max_connections is now a valid querystring argument for creating connection pools from URLs. * Added the UNLINK command. * Added socket_type option to Connection for configurability. * Lock.do_acquire now atomically sets acquires the lock and sets the expire value via set(nx=True, px=timeout). * Added 'count' argument to SPOP. * Fixed an issue parsing client_list respones that contained an '='. * Fix rounding issues with geolocation, it is not stable enought to produce pinpoint equal results among 32bit platforms * Run tests by launching redis server * Require redis on runtime redis: - Update to version 6.0.8 (jsc#PM-1615, jsc#PM-1622, jsc#PM-1681, jsc#ECO-2867, jsc#PM-1547, jsc#CAPS-56, jsc#SLE-11578, jsc#SLE-12821) * bug fixes when using with Sentinel * bug fixes when using CONFIG REWRITE * Remove THP warning when set to madvise * Allow EXEC with read commands on readonly replica in cluster * Add masters/replicas options to redis-cli --cluster call command * CONFIG SET could hung the client when arrives during RDB/ROF loading * LPOS command when RANK is greater than matches responded with broken protocol * Add oom-score-adj configuration option to control Linux OOM killer * Show IO threads statistics and status in INFO output * Add optional tls verification mode (see tls-auth-clients) * Fix crash when enabling CLIENT TRACKING with prefix * EXEC always fails with EXECABORT and multi-state is cleared * RESTORE ABSTTL won't store expired keys into the db * redis-cli better handling of non-pritable key names * TLS: Ignore client cert when tls-auth-clients off * Tracking: fix invalidation message on flush * Notify systemd on Sentinel startup * Fix crash on a misuse of STRALGO * Fix a few rare leaks (STRALGO error misuse, Sentinel) * Fix a possible invalid access in defrag of scripts * Add LPOS command to search in a list * Use user+pass for MIGRATE in redis-cli and redis-benchmark in cluster mode * redis-cli support TLS for --pipe, --rdb and --replica options * TLS: Session caching configuration support * Fix handling of speical chars in ACL LOAD * Make Redis Cluster more robust about operation errors that may lead to two clusters to mix together * Revert the sendfile() implementation of RDB transfer * Fix TLS certificate loading for chained certificates * Fix AOF rewirting of KEEPTTL SET option * Fix MULTI/EXEC behavior during -BUSY script errors * fix a severe replication bug introduced in Redis 6 by the 'meaningful offset' feature * fix a crash introduced in 6.0.2 * fix to client side caching when keys are evicted from the tracking table but no notifications are sent * add BR pkgconfig(libsystemd) for the rewritten systemd support and force building with it * XCLAIM AOF/replicas propagation fixed. * Client side caching: new NOLOOP option to avoid getting notified about changes performed by ourselves. * ACL GENPASS now uses HMAC-SHA256 and have an optional 'bits' argument. It means you can use it as a general purpose 'secure random strings' primitive! * Cluster 'SLOTS' subcommand memory optimization. * The LCS command is now a subcommand of STRALGO. * Meaningful offset for replicas as well. More successful partial resynchronizations. * Optimize memory usage of deferred replies. * Faster CRC64 algorithm for faster RDB loading. * XINFO STREAM FULL, a new subcommand to get the whole stream state. * CLIENT KILL USER <username>. * MIGRATE AUTH2 option, for ACL style authentication support. * use libatomic also on ppc * add hash file from redis-hashes and verify it during build

Patchnames

SUSE-2020-3291,SUSE-SLE-Module-Server-Applications-15-SP2-2020-3291

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Optional update for python-redis and redis",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This optional update for python-redis and redis provides the following fixes\n\npython-redis:\n\n- Update to version to 3.4.1 (jsc#ECO-2417)\n  * Move the username argument in the Redis and Connection classes to the end of the argument list. \n    This helps those poor souls that specify all their connection options as non-keyword arguments.\n  * Prior to ACL support, redis-py ignored the username component of Connection URLs. With ACL \n    support, usernames are no longer ignored and are used to authenticate against an ACL rule. \n    Some cloud vendors with managed Redis instances (like Heroku) provide connection URLs with a\n    username component pre-ACL that is not intended to be used. Sending that username to Redis \n    servers \u003c 6.0.0 results in an error. Attempt to detect this condition and retry the AUTH \n    command with only the password such that authentication continues to work for these users.\n  * Removed the __eq__ hooks to Redis and ConnectionPool that were added in 3.4.0. \n    This ended up being a bad idea as two separate connection pools be considered equal yet \n    manage a completely separate set of connections.\n  * Allow empty pipelines to be executed if there are WATCHed keys. This is a convenient \n    way to test if any of the watched keys changed without actually running any other commands. \n  * Removed support for end of life Python 3.4.\n  * Added support for all ACL commands in Redis 6. \n  * Pipeline instances now always evaluate to True. Prior to this change,\n    pipeline instances relied on __len__ for boolean evaluation which\n    meant that pipelines with no commands on the stack would be considered False.\n  * Client instances and Connection pools now support a \u0027client_name\u0027 argument. \n    If supplied, all connections created will call CLIENT SETNAME as soon as the connection is opened. \n  * Added the \u0027ssl_check_hostname\u0027 argument to specify whether SSL connections should require the \n    server hostname to match the hostname specified in the SSL cert. By default \u0027ssl_check_hostname\u0027 \n    is False for backwards compatibility. \n  * Added support for the TYPE argument to SCAN. \n  * Better thread and fork safety in ConnectionPool and BlockingConnectionPool. \n    Added better locking to synchronize critical sections rather than relying on CPython-specific implementation \n    details relating to atomic operations. Adjusted how the pools identify and deal with a fork. \n    Added a ChildDeadlockedError exception that is raised by child processes in the very unlikely chance that \n    a deadlock is encountered. \n  * Further fix for the SSLError -\u003e TimeoutError mapping to work on obscure releases of Python 2.7.\n  * Fixed a potential error handling bug for the SSLError -\u003e\n    TimeoutError mapping introduced in 3.3.9.\n  * Mapped Python 2.7 SSLError to TimeoutError where\n    appropriate. Timeouts should now consistently raise TimeoutErrors\n    on Python 2.7 for both unsecured and secured connections. \n  * Fixed MONITOR parsing to properly parse IPv6 client addresses\n  * Fixed a regression introduced in 3.3.0\n  * Resolve a race condition with the PubSubWorkerThread.\n  * Response callbacks are now case insensitive.\n  * Added support for hiredis-py 1.0.0 encoding error support.\n  * Add READONLY and READWRITE commands.\n  * Added extensive health checks that keep the connections lively.\n  * Many more changes, see upstream changelog.\n  * Add missing build dependency setuptools\n  * Fix SentinelConnectionPool to work in multiprocess/forked environments\n\n- Update to 3.2.0 (bsc#1131555)\n  * Added support for `select.poll` to test whether data can be read on a socket. This should allow for significantly\n    more connections to be used with pubsub. \n  * Attempt to guarentee that the ConnectionPool hands out healthy connections. Healthy connections are those that \n    have an established socket connection to the Redis server, are ready to accept a command and have no data \n    available to read. \n  * Use the socket.IPPROTO_TCP constant instead of socket.SOL_TCP. IPPROTO_TCP is available on \n    more interpreters (Jython for instance).\n  * Fixed a regression introduced in 3.0 that mishandles exceptions not derived from the base Exception class. \n    KeyboardInterrupt and gevent.timeout notable. \n  * Significant improvements to handing connections with forked processes. Parent and child processes no longer \n    trample on each others\u0027 connections.\n  * PythonParser no longer closes the associated connection\u0027s socket. The connection itself will close the socket.\n  * Connection URLs must have one of the following schemes: redis://, rediss://, unix://. \n  * Fixed an issue with retry_on_timeout logic that caused some TimeoutErrors to be retried. \n  * Added support for SNI for SSL. \n  * Fixed ConnectionPool repr for pools with no connections. \n  * Fixed GEOHASH to return a None value when specifying a place that doesn\u0027t exist on the server. \n  * Fixed XREADGROUP to return an empty dictionary for messages that have been deleted but still exist in the \n    unacknowledged queue. \n  * Added an owned method to Lock objects. owned returns a boolean indicating whether the current lock instance \n    still owns the lock.\n  * Allow lock.acquire() to accept an optional token argument. If provided, the token argument is used as the \n    unique value used to claim the lock. \n  * Added a reacquire method to Lock objects. reaquire attempts to renew the lock such that the timeout is \n    extended to the same value that the lock was initially acquired with. \n  * Stream names found within XREAD and XREADGROUP responses now properly respect the decode_responses flag.\n  * XPENDING_RANGE now requires the user the specify the min, max and count arguments. \n    Newer versions of Redis prevent count from being infinite so it\u0027s left to the user to specify these values \n    explicitly.\n  * ZADD now returns None when xx=True and incr=True and an element is specified that doesn\u0027t exist in \n    the sorted set. This matches what the server returns in this case. \n  * Added client_kill_filter that accepts various filters to identify and kill clients. \n  * Fixed a race condition that occurred when unsubscribing and resubscribing to the same channel or pattern\n    in rapid succession.\n  * Added a LockNotOwnedError that is raised when trying to extend or release a lock that is no longer owned. \n    This is a subclass of LockError so previous code should continue to work as expected. \n  * Fixed a bug in GEORADIUS that forced decoding of places without respecting the decode_responses option. \n  * add recommendation for python-hiredis\n  * Fixed regression with UnixDomainSocketConnection caused by 3.0.0.\n  * Fixed an issue with the new asynchronous flag on flushdb and flushall.\n  * Updated Lock.locked() method to indicate whether *any* process has acquired the lock, not just the \n    current one. This is in line with the behavior of threading.Lock. \n\n- Update to version 3.0.0:\n  BACKWARDS INCOMPATIBLE CHANGES\n  * When using a Lock as a context manager and the lock fails to be acquired\n    a LockError is now raised. This prevents the code block inside the context manager from being executed \n    if the lock could not be acquired.\n  * Renamed LuaLock to Lock.\n  * Removed the pipeline based Lock implementation in favor of the LuaLock implementation.\n  * Only bytes, strings and numbers (ints, longs and floats) are acceptable\n    for keys and values. Previously redis-py attempted to cast other types\n    to str() and store the result. This caused must confusion and frustration\n    when passing boolean values (cast to \u0027True\u0027 and \u0027False\u0027) or None values\n    (cast to \u0027None\u0027). It is now the user\u0027s responsibility to cast all\n    key names and values to bytes, strings or numbers before passing the value to redis-py.\n  * The StrictRedis class has been renamed to Redis. StrictRedis will\n    continue to exist as an alias of Redis for the forseeable future.\n  * The legacy Redis client class has been removed. It caused much confusion to users.\n  * ZINCRBY arguments \u0027value\u0027 and \u0027amount\u0027 have swapped order to match the\n    the Redis server. The new argument order is: keyname, amount, value.\n  * MGET no longer raises an error if zero keys are passed in. Instead an empty list is returned.\n  * MSET and MSETNX now require all keys/values to be specified in a single dictionary argument named mapping. \n    This was changed to allow for future options to these commands in the future.\n  * ZADD now requires all element names/scores be specified in a single\n    dictionary argument named mapping. This was required to allow the NX, XX, CH and INCR options to be specified.\n  OTHER CHANGES\n  * Added missing DECRBY command.\n  * CLUSTER INFO and CLUSTER NODES respones are now properly decoded to strings.\n  * Added a \u0027locked()\u0027 method to Lock objects. This method returns True if the lock has been acquired and owned \n    by the current process, otherwise False.\n  * EXISTS now supports multiple keys. It\u0027s return value is now the number of keys in the list that exist.\n  * Ensure all commands can accept key names as bytes. This fixes issues with BLPOP, BRPOP and SORT.\n  * All errors resulting from bad user input are raised as DataError exceptions. DataError is a subclass of \n    RedisError so this should be transparent to anyone previously catching these.\n  * Added support for NX, XX, CH and INCR options to ZADD\n  * Added support for the MIGRATE command\n  * Added support for the MEMORY USAGE and MEMORY PURGE commands. \n  * Added support for the \u0027asynchronous\u0027 argument to FLUSHDB and FLUSHALL commands. \n  * Added support for the BITFIELD command. \n  * Improved performance on pipeline requests with large chunks of data.\n  * Fixed test suite to not fail if another client is connected to the server the tests are running against.\n  * Added support for SWAPDB.\n  * Added support for all STREAM commands.\n  * SHUTDOWN now accepts the \u0027save\u0027 and \u0027nosave\u0027 arguments. \n  * Added support for ZPOPMAX, ZPOPMIN, BZPOPMAX, BZPOPMIN. \n  * Added support for the \u0027type\u0027 argument in CLIENT LIST.\n  * Added support for CLIENT PAUSE. \n  * Added support for CLIENT ID and CLIENT UNBLOCK. \n  * GEODIST now returns a None value when referencing a place that does not exist. \n  * Added a ping() method to pubsub objects. \n  * Fixed a bug with keys in the INFO dict that contained \u0027:\u0027 symbols.\n  * ssl_cert_reqs now has a default value of \u0027required\u0027 by default. This should make connecting to a remote \n    Redis server over SSL more secure.\n  * max_connections is now a valid querystring argument for creating connection pools from URLs. \n  * Added the UNLINK command.\n  * Added socket_type option to Connection for configurability.\n  * Lock.do_acquire now atomically sets acquires the lock and sets the expire value via set(nx=True, px=timeout).\n  * Added \u0027count\u0027 argument to SPOP.\n  * Fixed an issue parsing client_list respones that contained an \u0027=\u0027.\n  * Fix rounding issues with geolocation, it is not stable enought to produce pinpoint equal \n    results among 32bit platforms\n  * Run tests by launching redis server\n  * Require redis on runtime\n\nredis:\n\n- Update to version 6.0.8 \n    (jsc#PM-1615, jsc#PM-1622, jsc#PM-1681, jsc#ECO-2867, jsc#PM-1547, jsc#CAPS-56, jsc#SLE-11578, jsc#SLE-12821)\n  * bug fixes when using with Sentinel\n  * bug fixes when using CONFIG REWRITE\n  * Remove THP warning when set to madvise\n  * Allow EXEC with read commands on readonly replica in cluster\n  * Add masters/replicas options to redis-cli --cluster call command\n  * CONFIG SET could hung the client when arrives during RDB/ROF loading\n  * LPOS command when RANK is greater than matches responded with broken protocol\n  * Add oom-score-adj configuration option to control Linux OOM killer\n  * Show IO threads statistics and status in INFO output \n  * Add optional tls verification mode (see tls-auth-clients)\n  * Fix crash when enabling CLIENT TRACKING with prefix\n  * EXEC always fails with EXECABORT and multi-state is cleared\n  * RESTORE ABSTTL won\u0027t store expired keys into the db\n  * redis-cli better handling of non-pritable key names\n  * TLS: Ignore client cert when tls-auth-clients off\n  * Tracking: fix invalidation message on flush\n  * Notify systemd on Sentinel startup\n  * Fix crash on a misuse of STRALGO\n  * Fix a few rare leaks (STRALGO error misuse, Sentinel)\n  * Fix a possible invalid access in defrag of scripts\n  * Add LPOS command to search in a list\n  * Use user+pass for MIGRATE in redis-cli and redis-benchmark in cluster mode\n  * redis-cli support TLS for --pipe, --rdb and --replica options\n  * TLS: Session caching configuration support\n  * Fix handling of speical chars in ACL LOAD\n  * Make Redis Cluster more robust about operation errors that may lead to two clusters to mix together\n  * Revert the sendfile() implementation of RDB transfer\n  * Fix TLS certificate loading for chained certificates\n  * Fix AOF rewirting of KEEPTTL SET option\n  * Fix MULTI/EXEC behavior during -BUSY script errors\n  * fix a severe replication bug introduced in Redis 6 by the \u0027meaningful offset\u0027 feature\n  * fix a crash introduced in 6.0.2\n  * fix to client side caching when keys are evicted from the tracking table but no notifications are sent\n  * add BR pkgconfig(libsystemd) for the rewritten systemd support and force building with it\n  * XCLAIM AOF/replicas propagation fixed.\n  * Client side caching: new NOLOOP option to avoid getting notified about changes performed by ourselves.\n  * ACL GENPASS now uses HMAC-SHA256 and have an optional \u0027bits\u0027 argument.  It means you can use it as a general \n    purpose \u0027secure random strings\u0027 primitive!\n  * Cluster \u0027SLOTS\u0027 subcommand memory optimization.\n  * The LCS command is now a subcommand of STRALGO.\n  * Meaningful offset for replicas as well. More successful partial resynchronizations.\n  * Optimize memory usage of deferred replies.\n  * Faster CRC64 algorithm for faster RDB loading.\n  * XINFO STREAM FULL, a new subcommand to get the whole stream state.\n  * CLIENT KILL USER \u003cusername\u003e.\n  * MIGRATE AUTH2 option, for ACL style authentication support.\n  * use libatomic also on ppc\n  * add hash file from redis-hashes and verify it during build\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-2020-3291,SUSE-SLE-Module-Server-Applications-15-SP2-2020-3291",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-ou-2020_3291-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-OU-2020:3291-1",
        "url": "https://www.suse.com/support/update/announcement//suse-ou-20203291-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-OU-2020:3291-1",
        "url": "https://lists.suse.com/pipermail/sle-updates/2020-November/016846.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1002351",
        "url": "https://bugzilla.suse.com/1002351"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1047218",
        "url": "https://bugzilla.suse.com/1047218"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1061967",
        "url": "https://bugzilla.suse.com/1061967"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1064980",
        "url": "https://bugzilla.suse.com/1064980"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1097430",
        "url": "https://bugzilla.suse.com/1097430"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1131555",
        "url": "https://bugzilla.suse.com/1131555"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 798455",
        "url": "https://bugzilla.suse.com/798455"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 835815",
        "url": "https://bugzilla.suse.com/835815"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 991250",
        "url": "https://bugzilla.suse.com/991250"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-7458 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-7458/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-8080 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-8080/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-10517 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-10517/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-8339 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-8339/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-15047 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-15047/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-11218 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-11218/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-11219 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-11219/"
      }
    ],
    "title": "Optional update for python-redis and redis",
    "tracking": {
      "current_release_date": "2020-11-11T11:26:43Z",
      "generator": {
        "date": "2020-11-11T11:26:43Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-OU-2020:3291-1",
      "initial_release_date": "2020-11-11T11:26:43Z",
      "revision_history": [
        {
          "date": "2020-11-11T11:26:43Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "redis-6.0.8-1.3.1.aarch64",
                "product": {
                  "name": "redis-6.0.8-1.3.1.aarch64",
                  "product_id": "redis-6.0.8-1.3.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "redis-6.0.8-1.3.1.i586",
                "product": {
                  "name": "redis-6.0.8-1.3.1.i586",
                  "product_id": "redis-6.0.8-1.3.1.i586"
                }
              }
            ],
            "category": "architecture",
            "name": "i586"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "python2-redis-3.4.1-3.3.1.noarch",
                "product": {
                  "name": "python2-redis-3.4.1-3.3.1.noarch",
                  "product_id": "python2-redis-3.4.1-3.3.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "python3-redis-3.4.1-3.3.1.noarch",
                "product": {
                  "name": "python3-redis-3.4.1-3.3.1.noarch",
                  "product_id": "python3-redis-3.4.1-3.3.1.noarch"
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "redis-6.0.8-1.3.1.ppc64le",
                "product": {
                  "name": "redis-6.0.8-1.3.1.ppc64le",
                  "product_id": "redis-6.0.8-1.3.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "redis-6.0.8-1.3.1.s390x",
                "product": {
                  "name": "redis-6.0.8-1.3.1.s390x",
                  "product_id": "redis-6.0.8-1.3.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "redis-6.0.8-1.3.1.x86_64",
                "product": {
                  "name": "redis-6.0.8-1.3.1.x86_64",
                  "product_id": "redis-6.0.8-1.3.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Module for Server Applications 15 SP2",
                "product": {
                  "name": "SUSE Linux Enterprise Module for Server Applications 15 SP2",
                  "product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP2",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-module-server-applications:15:sp2"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "redis-6.0.8-1.3.1.aarch64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP2",
          "product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.aarch64"
        },
        "product_reference": "redis-6.0.8-1.3.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "redis-6.0.8-1.3.1.ppc64le as component of SUSE Linux Enterprise Module for Server Applications 15 SP2",
          "product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.ppc64le"
        },
        "product_reference": "redis-6.0.8-1.3.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "redis-6.0.8-1.3.1.s390x as component of SUSE Linux Enterprise Module for Server Applications 15 SP2",
          "product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.s390x"
        },
        "product_reference": "redis-6.0.8-1.3.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "redis-6.0.8-1.3.1.x86_64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP2",
          "product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.x86_64"
        },
        "product_reference": "redis-6.0.8-1.3.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP2"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2013-7458",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-7458"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "linenoise, as used in Redis before 3.2.3, uses world-readable permissions for .rediscli_history, which allows local users to obtain sensitive information by reading the file.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.aarch64",
          "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.ppc64le",
          "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.s390x",
          "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-7458",
          "url": "https://www.suse.com/security/cve/CVE-2013-7458"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 991250 for CVE-2013-7458",
          "url": "https://bugzilla.suse.com/991250"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 991387 for CVE-2013-7458",
          "url": "https://bugzilla.suse.com/991387"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.aarch64",
            "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.ppc64le",
            "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.s390x",
            "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.aarch64",
            "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.ppc64le",
            "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.s390x",
            "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2020-11-11T11:26:43Z",
          "details": "low"
        }
      ],
      "title": "CVE-2013-7458"
    },
    {
      "cve": "CVE-2015-8080",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-8080"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Integer overflow in the getnum function in lua_struct.c in Redis 2.8.x before 2.8.24 and 3.0.x before 3.0.6 allows context-dependent attackers with permission to run Lua code in a Redis session to cause a denial of service (memory corruption and application crash) or possibly bypass intended sandbox restrictions via a large number, which triggers a stack-based buffer overflow.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.aarch64",
          "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.ppc64le",
          "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.s390x",
          "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-8080",
          "url": "https://www.suse.com/security/cve/CVE-2015-8080"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1173018 for CVE-2015-8080",
          "url": "https://bugzilla.suse.com/1173018"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 954199 for CVE-2015-8080",
          "url": "https://bugzilla.suse.com/954199"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.aarch64",
            "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.ppc64le",
            "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.s390x",
            "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.aarch64",
            "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.ppc64le",
            "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.s390x",
            "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2020-11-11T11:26:43Z",
          "details": "important"
        }
      ],
      "title": "CVE-2015-8080"
    },
    {
      "cve": "CVE-2016-10517",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-10517"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "networking.c in Redis before 3.2.7 allows \"Cross Protocol Scripting\" because it lacks a check for POST and Host: strings, which are not valid in the Redis protocol (but commonly occur when an attack triggers an HTTP request to the Redis TCP port).",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.aarch64",
          "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.ppc64le",
          "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.s390x",
          "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-10517",
          "url": "https://www.suse.com/security/cve/CVE-2016-10517"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1064980 for CVE-2016-10517",
          "url": "https://bugzilla.suse.com/1064980"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.aarch64",
            "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.ppc64le",
            "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.s390x",
            "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.aarch64",
            "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.ppc64le",
            "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.s390x",
            "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2020-11-11T11:26:43Z",
          "details": "important"
        }
      ],
      "title": "CVE-2016-10517"
    },
    {
      "cve": "CVE-2016-8339",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-8339"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A buffer overflow in Redis 3.2.x prior to 3.2.4 causes arbitrary code execution when a crafted command is sent. An out of bounds write vulnerability exists in the handling of the client-output-buffer-limit option during the CONFIG SET command for the Redis data structure store. A crafted CONFIG SET command can lead to an out of bounds write potentially resulting in code execution.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.aarch64",
          "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.ppc64le",
          "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.s390x",
          "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-8339",
          "url": "https://www.suse.com/security/cve/CVE-2016-8339"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1002351 for CVE-2016-8339",
          "url": "https://bugzilla.suse.com/1002351"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.aarch64",
            "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.ppc64le",
            "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.s390x",
            "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.aarch64",
            "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.ppc64le",
            "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.s390x",
            "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2020-11-11T11:26:43Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2016-8339"
    },
    {
      "cve": "CVE-2017-15047",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-15047"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The clusterLoadConfig function in cluster.c in Redis 4.0.2 allows attackers to cause a denial of service (out-of-bounds array index and application crash) or possibly have unspecified other impact by leveraging \"limited access to the machine.\"",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.aarch64",
          "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.ppc64le",
          "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.s390x",
          "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-15047",
          "url": "https://www.suse.com/security/cve/CVE-2017-15047"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1061967 for CVE-2017-15047",
          "url": "https://bugzilla.suse.com/1061967"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.aarch64",
            "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.ppc64le",
            "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.s390x",
            "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.aarch64",
            "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.ppc64le",
            "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.s390x",
            "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2020-11-11T11:26:43Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2017-15047"
    },
    {
      "cve": "CVE-2018-11218",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-11218"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Memory Corruption was discovered in the cmsgpack library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2 because of stack-based buffer overflows.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.aarch64",
          "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.ppc64le",
          "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.s390x",
          "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-11218",
          "url": "https://www.suse.com/security/cve/CVE-2018-11218"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1097430 for CVE-2018-11218",
          "url": "https://bugzilla.suse.com/1097430"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1097768 for CVE-2018-11218",
          "url": "https://bugzilla.suse.com/1097768"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.aarch64",
            "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.ppc64le",
            "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.s390x",
            "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.aarch64",
            "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.ppc64le",
            "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.s390x",
            "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2020-11-11T11:26:43Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2018-11218"
    },
    {
      "cve": "CVE-2018-11219",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-11219"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An Integer Overflow issue was discovered in the struct library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2, leading to a failure of bounds checking.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.aarch64",
          "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.ppc64le",
          "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.s390x",
          "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-11219",
          "url": "https://www.suse.com/security/cve/CVE-2018-11219"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1097430 for CVE-2018-11219",
          "url": "https://bugzilla.suse.com/1097430"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1097768 for CVE-2018-11219",
          "url": "https://bugzilla.suse.com/1097768"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.aarch64",
            "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.ppc64le",
            "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.s390x",
            "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.aarch64",
            "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.ppc64le",
            "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.s390x",
            "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2020-11-11T11:26:43Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2018-11219"
    }
  ]
}

GSD-2016-8339

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Aliases

CVE-2016-8339

Aliases

CVE-2016-8339

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2016-8339",
    "description": "A buffer overflow in Redis 3.2.x prior to 3.2.4 causes arbitrary code execution when a crafted command is sent. An out of bounds write vulnerability exists in the handling of the client-output-buffer-limit option during the CONFIG SET command for the Redis data structure store. A crafted CONFIG SET command can lead to an out of bounds write potentially resulting in code execution.",
    "id": "GSD-2016-8339",
    "references": [
      "https://www.suse.com/security/cve/CVE-2016-8339.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2016-8339"
      ],
      "details": "A buffer overflow in Redis 3.2.x prior to 3.2.4 causes arbitrary code execution when a crafted command is sent. An out of bounds write vulnerability exists in the handling of the client-output-buffer-limit option during the CONFIG SET command for the Redis data structure store. A crafted CONFIG SET command can lead to an out of bounds write potentially resulting in code execution.",
      "id": "GSD-2016-8339",
      "modified": "2023-12-13T01:21:22.764925Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "talos-cna@cisco.com",
        "ID": "CVE-2016-8339",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Redis",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "3.2.x prior to 3.2.4"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Redis"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "A buffer overflow in Redis 3.2.x prior to 3.2.4 causes arbitrary code execution when a crafted command is sent. An out of bounds write vulnerability exists in the handling of the client-output-buffer-limit option during the CONFIG SET command for the Redis data structure store. A crafted CONFIG SET command can lead to an out of bounds write potentially resulting in code execution."
          }
        ]
      },
      "impact": {
        "cvss": {
          "baseScore": 6.6,
          "baseSeverity": "Medium",
          "vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        }
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "Arbitrary Code Execution"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "93283",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/93283"
          },
          {
            "name": "GLSA-201702-16",
            "refsource": "GENTOO",
            "url": "https://security.gentoo.org/glsa/201702-16"
          },
          {
            "name": "https://github.com/antirez/redis/commit/6d9f8e2462fc2c426d48c941edeb78e5df7d2977",
            "refsource": "MISC",
            "url": "https://github.com/antirez/redis/commit/6d9f8e2462fc2c426d48c941edeb78e5df7d2977"
          },
          {
            "name": "http://www.talosintelligence.com/reports/TALOS-2016-0206/",
            "refsource": "MISC",
            "url": "http://www.talosintelligence.com/reports/TALOS-2016-0206/"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:redislabs:redis:3.2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:redislabs:redis:3.2.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:redislabs:redis:3.2.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:redislabs:redis:3.2.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "talos-cna@cisco.com",
          "ID": "CVE-2016-8339"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "A buffer overflow in Redis 3.2.x prior to 3.2.4 causes arbitrary code execution when a crafted command is sent. An out of bounds write vulnerability exists in the handling of the client-output-buffer-limit option during the CONFIG SET command for the Redis data structure store. A crafted CONFIG SET command can lead to an out of bounds write potentially resulting in code execution."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-787"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/antirez/redis/commit/6d9f8e2462fc2c426d48c941edeb78e5df7d2977",
              "refsource": "MISC",
              "tags": [
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://github.com/antirez/redis/commit/6d9f8e2462fc2c426d48c941edeb78e5df7d2977"
            },
            {
              "name": "http://www.talosintelligence.com/reports/TALOS-2016-0206/",
              "refsource": "MISC",
              "tags": [
                "Exploit",
                "Third Party Advisory"
              ],
              "url": "http://www.talosintelligence.com/reports/TALOS-2016-0206/"
            },
            {
              "name": "93283",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/93283"
            },
            {
              "name": "GLSA-201702-16",
              "refsource": "GENTOO",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://security.gentoo.org/glsa/201702-16"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2023-01-30T19:50Z",
      "publishedDate": "2016-10-28T14:59Z"
    }
  }
}

GHSA-33P7-CJFG-8VC5

Vulnerability from github – Published: 2022-05-13 01:01 – Updated: 2025-04-12 13:06

Details

Severity ?

9.8 (Critical)


                  
                    CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2016-8339"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-119",
      "CWE-787"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2016-10-28T14:59:00Z",
    "severity": "CRITICAL"
  },
  "details": "A buffer overflow in Redis 3.2.x prior to 3.2.4 causes arbitrary code execution when a crafted command is sent. An out of bounds write vulnerability exists in the handling of the client-output-buffer-limit option during the CONFIG SET command for the Redis data structure store. A crafted CONFIG SET command can lead to an out of bounds write potentially resulting in code execution.",
  "id": "GHSA-33p7-cjfg-8vc5",
  "modified": "2025-04-12T13:06:05Z",
  "published": "2022-05-13T01:01:11Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8339"
    },
    {
      "type": "WEB",
      "url": "https://github.com/antirez/redis/commit/6d9f8e2462fc2c426d48c941edeb78e5df7d2977"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/201702-16"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/93283"
    },
    {
      "type": "WEB",
      "url": "http://www.talosintelligence.com/reports/TALOS-2016-0206"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

OPENSUSE-SU-2024:10552-1

Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00

Summary

redis-3.2.4-1.1 on GA media

Notes

Title of the patch

redis-3.2.4-1.1 on GA media

Description of the patch

These are all security issues fixed in the redis-3.2.4-1.1 package on the GA media of openSUSE Tumbleweed.

Patchnames

openSUSE-Tumbleweed-2024-10552

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "redis-3.2.4-1.1 on GA media",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "These are all security issues fixed in the redis-3.2.4-1.1 package on the GA media of openSUSE Tumbleweed.",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "openSUSE-Tumbleweed-2024-10552",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_10552-1.json"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-7458 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-7458/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-8339 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-8339/"
      }
    ],
    "title": "redis-3.2.4-1.1 on GA media",
    "tracking": {
      "current_release_date": "2024-06-15T00:00:00Z",
      "generator": {
        "date": "2024-06-15T00:00:00Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "openSUSE-SU-2024:10552-1",
      "initial_release_date": "2024-06-15T00:00:00Z",
      "revision_history": [
        {
          "date": "2024-06-15T00:00:00Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "redis-3.2.4-1.1.aarch64",
                "product": {
                  "name": "redis-3.2.4-1.1.aarch64",
                  "product_id": "redis-3.2.4-1.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "redis-3.2.4-1.1.ppc64le",
                "product": {
                  "name": "redis-3.2.4-1.1.ppc64le",
                  "product_id": "redis-3.2.4-1.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "redis-3.2.4-1.1.s390x",
                "product": {
                  "name": "redis-3.2.4-1.1.s390x",
                  "product_id": "redis-3.2.4-1.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "redis-3.2.4-1.1.x86_64",
                "product": {
                  "name": "redis-3.2.4-1.1.x86_64",
                  "product_id": "redis-3.2.4-1.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "openSUSE Tumbleweed",
                "product": {
                  "name": "openSUSE Tumbleweed",
                  "product_id": "openSUSE Tumbleweed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:tumbleweed"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "redis-3.2.4-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:redis-3.2.4-1.1.aarch64"
        },
        "product_reference": "redis-3.2.4-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "redis-3.2.4-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:redis-3.2.4-1.1.ppc64le"
        },
        "product_reference": "redis-3.2.4-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "redis-3.2.4-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:redis-3.2.4-1.1.s390x"
        },
        "product_reference": "redis-3.2.4-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "redis-3.2.4-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:redis-3.2.4-1.1.x86_64"
        },
        "product_reference": "redis-3.2.4-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2013-7458",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-7458"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "linenoise, as used in Redis before 3.2.3, uses world-readable permissions for .rediscli_history, which allows local users to obtain sensitive information by reading the file.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:redis-3.2.4-1.1.aarch64",
          "openSUSE Tumbleweed:redis-3.2.4-1.1.ppc64le",
          "openSUSE Tumbleweed:redis-3.2.4-1.1.s390x",
          "openSUSE Tumbleweed:redis-3.2.4-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-7458",
          "url": "https://www.suse.com/security/cve/CVE-2013-7458"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 991250 for CVE-2013-7458",
          "url": "https://bugzilla.suse.com/991250"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 991387 for CVE-2013-7458",
          "url": "https://bugzilla.suse.com/991387"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:redis-3.2.4-1.1.aarch64",
            "openSUSE Tumbleweed:redis-3.2.4-1.1.ppc64le",
            "openSUSE Tumbleweed:redis-3.2.4-1.1.s390x",
            "openSUSE Tumbleweed:redis-3.2.4-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:redis-3.2.4-1.1.aarch64",
            "openSUSE Tumbleweed:redis-3.2.4-1.1.ppc64le",
            "openSUSE Tumbleweed:redis-3.2.4-1.1.s390x",
            "openSUSE Tumbleweed:redis-3.2.4-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "low"
        }
      ],
      "title": "CVE-2013-7458"
    },
    {
      "cve": "CVE-2016-8339",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-8339"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A buffer overflow in Redis 3.2.x prior to 3.2.4 causes arbitrary code execution when a crafted command is sent. An out of bounds write vulnerability exists in the handling of the client-output-buffer-limit option during the CONFIG SET command for the Redis data structure store. A crafted CONFIG SET command can lead to an out of bounds write potentially resulting in code execution.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:redis-3.2.4-1.1.aarch64",
          "openSUSE Tumbleweed:redis-3.2.4-1.1.ppc64le",
          "openSUSE Tumbleweed:redis-3.2.4-1.1.s390x",
          "openSUSE Tumbleweed:redis-3.2.4-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-8339",
          "url": "https://www.suse.com/security/cve/CVE-2016-8339"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1002351 for CVE-2016-8339",
          "url": "https://bugzilla.suse.com/1002351"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:redis-3.2.4-1.1.aarch64",
            "openSUSE Tumbleweed:redis-3.2.4-1.1.ppc64le",
            "openSUSE Tumbleweed:redis-3.2.4-1.1.s390x",
            "openSUSE Tumbleweed:redis-3.2.4-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:redis-3.2.4-1.1.aarch64",
            "openSUSE Tumbleweed:redis-3.2.4-1.1.ppc64le",
            "openSUSE Tumbleweed:redis-3.2.4-1.1.s390x",
            "openSUSE Tumbleweed:redis-3.2.4-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2016-8339"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2016-8339 (GCVE-0-2016-8339)

FKIE_CVE-2016-8339

CNVD-2016-09591

SUSE-OU-2020:3291-1

GSD-2016-8339

GHSA-33P7-CJFG-8VC5

OPENSUSE-SU-2024:10552-1

Tags

Sightings

Nomenclature